last executing test programs: 5.599872015s ago: executing program 0 (id=5252): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, &(0x7f0000000400)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000406c256d0000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0) mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000040000000000080000100850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r2}, 0x10) getsockname$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000380)={'ip_vti0\x00', &(0x7f0000000840)={'sit0\x00', r3, 0x7, 0x7800, 0xfffffffc, 0x0, {{0x38, 0x4, 0x3, 0x3c, 0xe0, 0x66, 0x0, 0x2, 0x4, 0x0, @multicast1, @private=0xa010102, {[@timestamp_prespec={0x44, 0x24, 0xfd, 0x3, 0xc, [{@private=0xa010101, 0x3}, {@remote}, {@remote, 0x4}, {@local, 0x4}]}, @noop, @timestamp_prespec={0x44, 0x4c, 0xf4, 0x3, 0xd, [{@loopback, 0x9}, {@multicast1, 0x2000}, {@broadcast, 0xd}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x1000}, {@multicast2, 0x7fff}, {@empty, 0x5}, {@dev={0xac, 0x14, 0x14, 0x1a}, 0xfd}, {@rand_addr=0x64010100, 0x100}, {@loopback, 0x9}]}, @timestamp_prespec={0x44, 0xc, 0xec, 0x3, 0xb, [{@rand_addr=0x64010100, 0x8000}]}, @timestamp_prespec={0x44, 0x4, 0x24, 0x3, 0xd}, @generic={0x82, 0x12, "d4bda2bc8fc13b825e6a512908e70fbd"}, @ra={0x94, 0x4, 0x1}, @timestamp={0x44, 0x10, 0xd4, 0x0, 0x1, [0x3, 0x7, 0x2]}, @ssrr={0x89, 0x1f, 0xe8, [@multicast2, @multicast1, @loopback, @empty, @multicast1, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x11}]}, @ra={0x94, 0x4}]}}}}}) r4 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x213) sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_getaddr={0x18, 0x16, 0x205, 0x0, 0x0, {0xa, 0x0, 0x0, 0xfe}}, 0x18}}, 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) syz_usb_control_io(r1, &(0x7f0000000540)={0x2c, &(0x7f0000000200)={0x0, 0x0, 0x5, {0x5, 0x0, "a8c6df"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r1, &(0x7f00000002c0)={0x24, 0x0, &(0x7f0000000580)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0}, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48) ioctl$SNAPSHOT_ATOMIC_RESTORE(0xffffffffffffffff, 0x3304) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000b8e9850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00'}, 0x10) creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) syz_usb_control_io(r1, &(0x7f0000001780)={0x2c, 0x0, &(0x7f00000005c0)={0x0, 0x3, 0xf0, @string={0xf0, 0x3, "d2ef06c4e5d5432f23618361508f38a95255ac2f917acce239150e8b33f450c100031de52698ea0f8eac8bcf09d6c7007483a72de30e8d19549a277b9d47dca7392306055e04a019d2c73b198b7b7bb1c9a80fde4c113750cb728ce745be63c94d3ca2cd69cc4ff7927a78d1089265e5ee62dd514b4df179e2751c3290fe9219ac57b6726e88fbe82656c761b431fb5dbc67d680519f32650955a6ce111fb7ed7101546e2f96642d5e077dd63e9f945e73bc834ed4293aa03a9684fb20c6900900c4d03180486e1174442507fcd34632bbfea1f5961f3bba3d00c3fbe9270a77cbcb2951c642c132ee93656034ce"}}, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r1, &(0x7f00000003c0)={0x24, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000312000000"], 0x0, 0x0}, 0x0) 4.939773518s ago: executing program 4 (id=5255): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000010000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x7, 0x0, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) syz_emit_ethernet(0x46, &(0x7f0000000540)={@link_local, @remote, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x10, 0x11, 0x0, @empty, @mcast2, {[], {0x0, 0x0, 0x10, 0x0, @gue={{0x2}}}}}}}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) getpid() bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount(0x0, 0x0, 0x0, 0x0, 0x0) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x8) bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000140)={0x0, 0x8b}, 0x0) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) madvise(&(0x7f000056f000/0x2000)=nil, 0x2000, 0x1) r3 = gettid() process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x15) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0) socket$key(0xf, 0x3, 0x2) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) socket$packet(0x11, 0x0, 0x300) ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, 0x0) ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCSARP(r4, 0x8955, &(0x7f0000000a80)={{0x2, 0x8000, @dev={0xac, 0x14, 0x14, 0x2a}}, {0x306, @random="0000a85d4f76"}, 0x1c, {0x2, 0x0, @loopback}, 'veth0\x00'}) syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00') 4.816037378s ago: executing program 4 (id=5256): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8000000}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10) ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0}) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, &(0x7f0000000080), 0x0}, 0x20) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r4, &(0x7f00000000c0), 0x0, 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$inet(r6, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000a80)=[{&(0x7f0000000440)="7d717c1f8428280ab55a04c6325d699064905ef93ebd77e2efec9f53dda482c9ee2e65a7f14fb8c8ba86e1a48d2b6b6afa2f0b4ec3e4f1113ef51e3ee2e89096948f4605cb79bde9e3c35e2e8c5656e7f4e2839f750dbc54845ec35a6540a0ac354fc844277715dc45a624629d82528a3e868dc2152570c88ba2157e21a3fd45974bfeb026194d440b5318f8bc08da0d365fd550f1ddb920ad905618a7289482f74bc2e81ec9c0abf25663403ca2ad939860eef39a36235f55b27706f0bbf4a7596f3c713b3b5e96c8186e508bac854c98bcae2a79234c8f125fd1199bcc52695fe06ba43c32a91f2cabaec6291285220c54819496843f", 0xf7}, {&(0x7f0000002c40)="a8cd2d813f93de411347b7e95837c2aabffe0b7b65d0e0b26f745be5e6d0b3922693df6cc0cebc6876df2ecaa9526da6fceb40d3e1bea9965161b1e791dfe31f3866993e88c67caca52292d312a39b062ac94e28acaad6860caa052f97a18e7efba653088adfc2c92903b2f074e394bf677df822e1f77fed4df7546c3b3786a047d9b08b42aca4ce1e0b084f40eb5fc21f9117b8b1a6c1fa488d599ac611955a6c02dbf23746d52330a3b8490c96ba007278d501d1d6ebe1c5404604cb08435d7de624ca034f8ac6a84ac9f69afea2d691b501c94b84d39b86b94f92601ee47e6d42c0d72991536e907151f9bfcfe92b53ffae33e352f973b1e6ef28e7892fbe24630571fe96c7a044e3d811c2737fe07985b00e0c4e1408123e705c6ed21ece20f5323205955f653000920ca1c46a0c191e457d70f0ae4b78f28455e22ad565a1715f0c88f43aa27a4e975af860d88b63bccd9ebdfb6c1270a734cb7545b01ca5f84c1d202a1c53a590d22e394cfb93452d04bd99ef6f21c267c02ad364cf341344217aeccf25e4953e470d34f5be6844d4041cf63ddcb01de1f0f9617fe17d00017aa74e4636080013071783a9d5f388f85931da2b2958c3a6b1759e91f57e5ad8b876ad0726b325ecb75be010af67bf1b68775542d61888be703abf26a1b755b259fe0fe3d0d24cacd29cd76b71fc76294b9be460f029be814f0b196d604044fb2742b6db9dbb5bd0b0b0d4d9df92ff6006b30597f7b593de19fb701726f7e66a40a4b566be51794e79cff337ea8c1eaca1b77f9e510e8faa23de9cb3233c26b4eb98e7d0d019efb4242e750fd6832cca83e52e9549bb3711d2d6a0ae758058903d0d319b3c7f5927908d0337ef6f1ab073b2ed00dc8bc70076b9ffecdf2226249ac58b5657e600f032697c400acc2054180239956576464626d9ec1714f7cede138de272ea81d2b0b5029dfd850c474f2a275225cc42b306429eb81228d19adb01e4109cf5525b7596265932515cfb53fa9a6d2cf573ab7a58f39367b1f64170a6ab24f911f423900eb0251ee8c0496d6a0ba5d1dd1860a64698ae6cc5deff511c83e1ba8421cd77cb5ca1d46ed2b819fcf919a2bc63fca2d47bb817375d79232b0903905d9f005dd4b4fa12edb7ade8338c298901440ac9e1d9edd7b558cfdf83cb48d30ce280e1a3e2ae85df773bd4e8ceeae0438200dfdd0cb7a4cdfae7323c827bf6358d9f0f22954a208eee06089e4a5c46a34fbdca84ff5f210510644ce379484d660d8b590c177e69f9f8406ca20bb639a1cfd88546159452a6ab3e7f61a1f77338e0c4dda01f39c5a278b39c7cd0894e845a28077c2a484d1a2a04946c4a516e7871d286347bebb4a56dff9e999ad380bdb7ba1ba0698a286765a11ccde66a92118ab2f3888de951cff6cb458d9de900a92ed6148a702f079ce9c2c414b951dbdade2b67bdc942835f4dd75983f6af0b1247c77eec69ee9752c9ab7190aa004056e24fb3fdb48c687ff778e29a804cdaa8e65e709793da9bca436a07e6436ff95b4ef0dd65b8455ed42c821b7a682b39fccb64cfecbc4f0fc5237362179faa889c9f52b08fb1e69637cc5bede6421972acc96bb90b92ac7017755847ad54b01a971d9d379977364aae24bc050462179a5bf6b7ae38a8cba2a51fad2c0489db86539184fdb3bc246ad6d276c2648f36412f70f197b441cdae46fb09f1a9ae6cc5cede82b9947f6237bc34db78475a4b2efa3f7249403368cbd6cc91996424f12a66bea8ed851da994f587b9ba1f077cd00957d1d8cc75a4fd489ed4dfd36f0fd3817bdf8c16276db413e438eceb67de1e1e8de46d0675dc6a55fa29d83d9493a45d6dbd5ea4459c3ff44d1ca50bfdd7f6b4015da8a7901b3d5fc0671f8ebe7a5dcecc776c21bdb2c35c14b0d4128c144d11bbf4377513240a3dd47e9f9e5c22af5ac9422f2c8e90bee27e3d6f5b314166ec9841272c48c91df4b1f086f7e9d27712ad27406d05a59a27c55d8cd4d7ddb25fa2e77e10864feba27e0440d04c35237ddbd75b91e72eab1ae1f396fbef691e09537062096b60f265bd04b344e0866ccecf7f132cff615b9c4c04a83b05f410158ba806b8f3a168482081bef190a7b13b85997e61be9d62c4173933a41a5e92fa3f43ef02196f4f4033071b5b177ab5b0ce3572f7053b4776fc3a51b05cbe942da9825bb75f7487df1779a4373cd5568ff11319e9f12981d75499c3731115505c18895dc82e6e03a5966aea8c7690e88066f4e53590e2eb332a06f5bc77be238ca5e001dc50c44fac1ed8c58e6468ee2c3d22b101b8978458142e01964d6734f622472e991a25e2878defce195c7198483b4c3edcb8b149146c938a0743c37a5d701ebed448a170dd91cc44cf43d13800507f4c3756e5241725997ea8fc8632eee1abc318e1f6f3cf8d430b35a57806bd5b040014ef0298bfc1abeaf55e5232363a888ba5d97079d0f593b1fceb208b2eb3c2417eef3e4f8d04268621082a02a7f334d2272d60428172433dbd7fa1b2237f3cf7ab26844522b6f56caa9158aa25a166eab3c5b481437fede3ff1c228d73b06317da199630bcba8fc0ff826ad096023a534c52bdff4e69edfde8643c7c0e05050f7a72c3638b5f5089f109469a40523ec15bda8e2b89080ad965cc4b3f9f6b32f7284a05d734e40bc32c6d82867b10aa2827dd22ec7f82ed6c9629f1c5a2b381ec73355a1930a332fbccf0522599a5e4f3cff8f610097c8b214881a19247d4dd3f7c870bfd848d66dfd0e391e2f3f487f55f5c6022f895c437dbcbace0fb3111d751a89fd8710dfc9f3c770b649efe823048dd0df649af48a2d4c7d665df5d7af6904b73983e2d816788d99d7f2d1531d3c8cddae1ce9145f7d3572ca7de7f4fc5ba55d87a2375083f2d279eaa0594e146620c19ea03276a3a4c31fe2779a5b493ea142051cd472728e9f32d37181bb61c0a7c82df513e798050a634a65530809c11e9b48217879d911747f736bb52f40729eac20397927aaba16cbef66975c436c696220427c359ba36246078e922c7e9569cd2e5eead89420002c312778f29941a515ff9411845617dab7a4edd2c11491be139ffb09a8ebf715cd9d38b8e8b1a83b2e32a3b1071479807a52d3828d6ba9040d6b71c5d53f54338d2be2016a689adf7e1b93727975a854300a302435faaf1778b276661db16fbae0f54a0eb3d5ee9f9272263dc3a4fe6984234d6fe1c4f3f32bb512a0b7150ab5a119ecfad616929adf1f2066710eef359891b88894267a7b149a70767803de4a52d5c060a94f53665a4d8abae125f989f64346102305a6c5a8df04661f82313097f5beadb5d340b49cc0fe478c49b897ba9dc998a03a8c9722c35f45ac55a11b9f91bb6f849a02eae30e5ba8cfe253dfa16e498cf6077fb7b17658314a759d758b1d3294d39a203edcd8e9f7e6d88c56ad25a14b2e276e6d851ad632e152ec6b9278953e33b8cbcde45c55f00247fc9b7f71925ca4fe6f411dd6c3245ead614e34745996a20fe0495180b9c28217f62c6bf4dcfca3fce66cfe3603c24932d847608a2568430d3e04c91bbca995ca7064ed3a9f984df0d56e00a319eeefe83d1872a8a08b43d98d64a3040df90ea42343d3d059357a2c1c58acfea88cb9febb9a039844c9961940f4789bbb40406bdb5f00acc5a883bdcd3435bee88f451e6276f044491dcf9c1a6e0f2cc1ec7c881fdb189ad711cae2502e62a9aa0296f97f2b522885be850bdfea2ec50aafc9af282af63ffaf973eacac4898330c24c64b563b21908a4d624a8b1ccce4acab3c914c0490c9efdf69441e85cd1ecd19ffbe2ffa11288b954ef4609a5a683500c02d75bef0e3db48eb65767ee2dc57d9acc5eb88ae618fe901167c171604308b0020fa745c31676053779bd77a07b8256b228126d837ddf85e591fc6c92578828610d9fec4e6cf68cd4bb5194b41565958cd04df215f38859e62bf3a0a45411036968a77b562b2df6ecdd9ad024d9e32862d7b06fb5d1c3ae04fb9a64306111f26242eb9433cc8ac44530b9b6ef01c901a026bc445aab798e724d6fb66becac243377e69a3db42ad2c38f461311cd7901874db0e50595ad386d8d2f4d83002b01763f07bd0ab129e4ff76e474af4b82b3a7f98af0b6909438d7511512144e21f835feaba708393baa8cfa5190c1245a5ce509bcc607ba44d14748dea94b19792b48839d9d6aab28e3d18678dd04ec3fa5bd1e66ed9a6db25e81913a6639c6956ffeabf026c4630ef61fc91937d9918d8e5d779ac48857ea103566468661a8525ae308d5480edeac06f453270742c538db04cca008718c90bf4892afadeab417ad82284fbf9472a876b93749ca63c8b2ce74a7ad2bc4fcdd2dd7363f1b89e75bfb1e8f43a54ca275b08471e9d06802ba54daa9b375c9ac0f87f249f9c573989783721503f6e3f2f96a53e05e12c04adc84515bfa9f3ac8f7f46028324a211adc2d24cb21814e3b0fd954b62a1de60fca19bd0032a001d4573325f3ef803fef8bfe8f070a27c66f2442061b96d3fa9383405abcfefff015f8d7c4eaf98e52bda0e27cb02247ad2985372175ab78534da0629a63e5c613293024b3cba54dd7a4b5decdd80496d893d1ad29562acda70c130a15526e193f693933aec185e782944556932dc0a753865e7e521db3187333485e4dd2b9e7c0c8238b5d0df8cd9a92c14bb250bbae46360b5706a080cd73684ee40c4aa325c88302b9ee7ab8aa0d7c88b4de2bfd70323af2149794adef870c4e0e1330ecc7231c386b4270de7c27e02b1b527a9601d2b028e43343eebddad92e1453b01729ea6c4cef965790f266e15e35fd08c750ca68bfd4d1fb08671404333f04d52ad76301d914c4ef2a6a8f08022c6ca8a4667c8c98ac73efaace81f8f13c153b5b54c33ffda69f65c1f2c0a6c7c6c841472ca41af8bc570afe1b4bdbbf28303da527ed5a51e2b450b33e887e4f26a1a220f0774d0e3fab983044896a686dc858c8cb377cccb8fe3e783f1bd8f458f8c10966426b13b63e0062570becf13a504fe3c861a857a5c730c6fe31ec5e90d1db701482f9ac0511c5dafdb9ca387e5a194e460bf8848cf83116ca9408d83d800c617798d789127307b2824b9afad63c68e085d81c5b377aee1b0f97e9672116e888fb95cf233cbe7988113150cb2fe80283178e736f7186e2f1d961f286b03ca37fab9c82e2f626e011f4cb29afc2edaa249c4d9796970b0116825e600f51ce488a7789d8b26d86bebf826d395cecd6101e6e128c048ae66da51e67197c634129223f47ccaa4196ed78823d9d3b2922b2e081e59c0f68e499451f362808e3f351cef362fd23a6a8de6e994e42980c26d45222c4de8034239b1870341558e764c2708f2a5bbec2c4851272d29f195f05f7b0f98c4b32d8a13", 0xf0a}], 0x2}}, {{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f00000002c0)="80", 0x1}], 0x1}}], 0x2, 0x0) splice(r5, 0x0, r4, 0x0, 0x10000008ebc, 0x0) splice(r3, 0x0, r6, 0x0, 0x25a5, 0x0) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 4.815373769s ago: executing program 4 (id=5258): r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) write$P9_RAUTH(r0, &(0x7f0000000140)={0x14, 0x67, 0x2, {0x20, 0x2, 0x5}}, 0x14) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_buf(r3, 0x0, 0x8008000000010, &(0x7f0000000000)="170000000200010000ffbe8c5ee17688120033000201000a000002a257fce46d0a00d65ad90200bb6a880000d6c8db0000dba67e06020000e28900000200df01800a000000fc0607bdff59100ac45761547ae81f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dfc060115003901000000000000ea000000000000000062068f5ee50ce5af9b1c568311ffff02ff030000ba000840024f0298e9e90539062a80e605007f71174aa951f3c63e5a", 0xb5) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4}, 0x10) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r6, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) r7 = dup(r6) write$FUSE_BMAP(r7, &(0x7f00000001c0)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r7, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[], [], 0x6b}}) chdir(&(0x7f0000000040)='./file0\x00') syz_mount_image$fuse(0x0, &(0x7f0000006340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) creat(&(0x7f00000003c0)='./file0\x00', 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001b40)={&(0x7f0000000080)='jbd2_handle_stats\x00', r2}, 0x10) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f00000000c0)) r8 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0) syz_usb_control_io$hid(r8, &(0x7f0000000240)={0x24, &(0x7f00000002c0)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io(r8, 0x0, &(0x7f0000000180)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r8, 0x0, 0x0) syz_usb_control_io(r8, 0x0, &(0x7f0000001200)={0x84, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x20, 0x0, 0x4, {0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r8, 0x0, 0x0) syz_usb_control_io(r8, 0x0, 0x0) syz_usb_control_io$hid(r8, &(0x7f0000000480)={0x24, &(0x7f0000000580)={0x30, 0xb, 0xd8, {0xd8, 0x4, "85adad841b899818f5bf0da69435894f8e833f0f83be3fe82c586ab044515f9e98731bd0d30b3057332aa1f7c5016193f5d9f951cfb5d7087dbf11bf700c52dd1faec88ded9a69d66ecd191562f673391db588606e0125bc446ebcca9649bd97e0ec893bbfb12bd0a03d74b8e36f8019ee3f85431c0fbbfddc12bd9cf9eec931766b554b8f94b1aae1d03137d2fb4fb9be4fd38959c77573b98a22f903d1ae09a34e9ac173e5b9803b55251887480f247efecf836542ef5a32bbe73c43bc05c25d072cce43aec11ce7b58827f678af77731ad15086a7"}}, &(0x7f0000000680)={0x0, 0x3, 0x6a, @string={0x6a, 0x3, "31d94bb04eb6b19e580cdc210ed256b1228e87e9b8d1e712d42b90d2357edc1b8028ea7b9a7f473ce47a10c61959109bd0363ccd5adaee5aca1184ca5a0b1143fa23e399f036eafb2bac12eb2bede3fbc63ab5a36f3e04d8c642079bf575b2d878a7dd205a492af3"}}, &(0x7f0000000380)={0x0, 0x22, 0x3, {[@local=@item_012={0x2, 0x2, 0xa, "b29a"}]}}, &(0x7f0000000400)={0x0, 0x21, 0x9, {0x9, 0x21, 0x7, 0x4, 0x1, {0x22, 0xce1}}}}, &(0x7f00000008c0)={0x2c, &(0x7f0000000700)={0x40, 0x30, 0x8f, "2f1b097734f4bc00a8218c423527283ca06c8e70e12a8b64ccdd864fc68e730458e3fc251516deffa2e6320e37502b2cde5f48e941c2c5252f1e5796eb79c4e95402c5cc95ecb3fd3d19c09ff5d7fa92e00b8bc6d9f08ffb495fb0085a1f1a21104155e20288711025a03dbd9de7e1d16d7801aa65bc52ba6c194e7d1a423e3b7cf589cd34996067993f4f904893a5"}, &(0x7f00000007c0)={0x0, 0xa, 0x1, 0x6}, &(0x7f0000000800)={0x0, 0x8, 0x1, 0x9}, &(0x7f0000000840)={0x20, 0x1, 0x1, "9d"}, &(0x7f0000000880)={0x20, 0x3, 0x1, 0x81}}) syz_pidfd_open(0x0, 0x0) 2.288155384s ago: executing program 3 (id=5263): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRESHEX], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfffffffffffffd5f) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) (async) r2 = socket$packet(0x11, 0x0, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040), 0x4) (async) setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f0000000100)={0x0, 0x0}, 0x10) (async) clock_gettime(0x0, 0x0) syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x3000cd0, &(0x7f0000000440)=ANY=[], 0x1, 0x1509, &(0x7f0000002d40)="$eJzs3Am4TmX3MPC17vveHDI8Sea97rV5kuEmSUJJMiRJEpI5IUmSJEkcMiUhCRlPkjlkTicd8zxkTjp5JUkSkinc33VUn7f3fft6p//n/b9n/a5rX+deZ++1nrXPup7z7L2v65xvuwyt1rB65XrMDP8M/esCf/6SCAAJADAAALIDQAAAZXKUyZG2P5PGxH/qRcT/kPrTr3YH4mqS+advMv/0Teafvsn80zeZf/om80/fZP7pm8xfiHRtZt5rZUu/mzz//19O/SvJ8vmfLuDv7ZD5/7fR/9DRMv/0Teafvsn80zeZf/pz5RYsuKp9iKtP3v/pm8xfiHTt3/5Mef3Zq/1MW7Z/YBNCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIf4/OOuvMADw6/pq9yWEEEIIIYQQQoh/H//+1e5ACCGEEEIIIYQQ//MQFGgwEEAGyAgJkAkywzWQBbJCNsgOMbgWcsB1kBOuh1yQG/JAXsgH+aEAhEBggSGCglAI4nADFIYboQgUhWJQHByUgJJwE5SCm6E03AJl4FYoC7dBOSh/+TXT3AmV4C6oDHdDFagK1aA63AM14F6oCfdBLbgfasMDUAcehLrwENSD+tAAHoaG8Ag0gsbQBJpCM2gOLf4gPyn738p/EbrDS9ADekIi9ILe8DL0gb7QD/rDAHgFBsKrMAheg8EwBIbC6zAM3oDh8CaMgJEwCt6C0TAGxsI4GA8TIAnehonwDkyCdx/JClNgKkyD6TADZsJ7MAtmwxx4H+bCPJgPSZkWwiJYDB/AEvgQkuEjWAofQwosg+WwAlbCKlgNa2AtrIP1sAE2wibYDFtgK3wC22A77ICdsAt2wx74FPbCZ7APPodU/OIfzD/z23zoioCAChUaNJgBM2ACJmBmzIxZMAtmw2wYwxjmwByYE3NiLsyFeTAPJmI+LIAFkJCQkbEgFsQ4xrEwFsYiWASLYTF06LAklsRSeNF7XxrLYBksi2WxHJbH8ng73o4VsSJWwkpYGStjFayC1bAa3oP34L1YE2tiLayFtbE21sE6WBfrYj2shw2wATbEhtgIG2ETbILNsBm2wBbYEltiK2yFbbANtsW22A7bYXtsjx2wA3bEjtgJO2Fn7IxdsAt2xRfwBXwRX8SX8CXsiVVUL+yNvbEP9sF+2B/74ys4EF/FV/E1HIxDcCi+jq/jGzgcT+MIHImjcBRWVGNwLI5DVhMwCZMwI0zESTgJJ+MUnILTcDrOwJk4E2fhbJyN7+NcnIfzcAEuwEW4GBfjEvwQkzEZl+IZTMFluBxX4EpchStxDa7FNbgeN+B63ISbcAtuwU/wE9yO23En7sTduBs/xU/xM/wMB2MqpuJ+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8gSfxBJ7CU3gaz+BZADiP5/ECXsBLeCntza/SGGVUBpVBJagElVllVllUFpVNZVMxFVM5VA6VU+VUuVQulUflUflUPlVAFVCkSLGKVEFVUMVVXBVWhVURVUQVU8WUU06VVCVVKVVKlValVRl1qyqrblPlVHnV2t2ublcVVRtXSd2lKqvKqoqqqqqp6qq6qqFqqJqqpqqlaqnaqraqox5UdVUv7If1VdpkGqoh2EgNxSaqqWqmmqs38FHVUg3HVqq1aqMeVyNxBLZTLV179ZTqoMZiR/WMGofPqs5qAnZRz6uu6gXVTb2ouqtWrofqqSZjL9VbTcM+qq/qp/qrWVhVpU2smnpNvZhxiBqqXleL8A01XL2pRqiRapR6S41WY9RYNU6NVxNUknpbTVTvqEnqXTVZTVFT1TQ1Xc1QM9V7apaareao99VcNU+DWqAWqkVqsfpALVEfqmT1kVqqPlYpaplarlaolWqVWq3WqLVqnVqvNqiNapParLaoreoTtU1tVzvUTrVL7VZ71Kdqr/pM7VOfq1T1hdqv/qQOqC/VQfWVOqS+VofVN+qI+lYdVd+pY+p7dVydUCfVD+qU+lGdVmfUWXVOnVc/qQvqorqkvAKNWmmtjQ50Bp1RJ+hMOrO+RmfRWXU2nV3H9LU6h75O59TX61w6t85j8up8Or8uoENN2mrWkS6oC+m4vkEX1jfqIrqoLqaLa6dL6JL6Jl1K36xL61t0GX2rLqtv0+V0eV3Bg75DV9R36kr6Ll1Z362r6Kq6mq6u79E19L26pr5P19L369r6AV1HP6jr6od0PV1fN9AP64b6Ed1IN9ZNdFPdTDfXLfSjuqV+TLfSrXUb/bhuq5/Q7fSTur1+SnfQT+uO+hndST+rO+vndBf9vO6qX9Dd9EV9SXvdQ/fUibqX7q1f1n10X91P99cD9Ct6oH5VD9Kv6cF6iB6qX9fD9Bt6uH5Tj9Aj9Sj9lh6tx+ixepweryfoJP22nqjf0ZP0u3qynqKn6ml6up6h+/1Sac7fkf/O38gfdPnVt+it+hO9TW/XO/ROvUvv1nv0Hr1X79X79D6dqlP1fr1fH9AH9EF9UB/Sh/RhfVgf0Uf0UX1UH9PH9HF9Qp/TP+hT+kd9Wp/RZ/Q5fV6f1xd++RmAQaOMNsYEJoPJaBJMJpPZXGOymKwmm8luYuZak8NcZ3Ka600uk9vkMXlNPpPfFDChIWMNm8gUNIVM3NxgCpsbTRFT1BQzxY0zJUxJc9O/nP9H/bUwLUxL09K0Mq1MG9PGtDVtTTvTzrQ37U0H08F0NB1NJ9PJdDadTRfTxXQ1XU030810N91ND9PDJJpE09u8bPqYvqaf6W8GmFfMQDPQDDKDzGAz2Aw1Q80wM8wMN8PNCDPCjDKjzGgz2ow1Y814M94k+exmoploJplJZrKZbKYOyG6mm+lmpplpZplZZo6ZY+aauWa+mW8WmoVmsVlslpglJtkkm6VmqUkxy8wys8KsMKvMKrPGrDHrzDqzwWwwm8wmk2K2mq1mm9lmdpgdZpfZZfaYPWav2Wv2mX0m1aSa/Wa/OWAOmIPmoDlkDpnD5rA5Yo6Yo+aoOWaOmePmuDlpTppT5pQ5bU6bs+asOW/OmwvmgrlkLqVd9gUqUIEJTJAhyBAkBAlB5iBzkCXIEmQLsgWxIBbkCHIEOYPrg1xB7iBPkDfIF+QPCgRhQIENOIiCgkGhIB7cEBQObgyKBEWDYkHxwAUlgpLBTUGp4OagdHBLUCa4NSgb3BaUC8oHFYLbgzuCisGdQaXgrqBycHdQJagaVAuqB/cENYJ7g5rBfUGt4P6gdvBAUCd4MKgbPBTUC+oHDYKHg4bBI0GjoHHQJGgaNAuaBy3+rfW9P537Mdcj7Bkmhr3C3uHLYZ+wb9gv7B8OCF8JB4avhoPC18LB4ZBwaPh6OCx8IxwevhmOCEeGo8K3wtHhmHBsOC4cH04Ik8K3w4nhO+Gk8N1wcjglnBpMC6eHM8KZ4XvhrHB2OCd8P5wbzgvnhwvCheGiEH++JIbk8KNwafhxmBIuC5eHK8KV4apwdbgmXBuuC9eHG8KN4aYyA38+NNwWbg93hDvDXeHucE/4abg3/CzcF34epoZfhPvDP4UHwi/Dg+FX4aHw6/Bw+E14JPw2PBp+Fx4Lvw+PhyfCk+EP4anwx/B0eCY8G54Lz4c/hRfCi+Gl0Kdd3Kd9vJMhQxkoAyVQAmWmzJSFslA2ykYxilEOykE5KSflolyUh/JQPspHBagApWFiKkgFKU5xKkyFqQgVoWJUjBw5KkklqRSVotJUmspQGSpLZakclaMKVIHuoDvoTrqT7qK76G66m6pSVapO1akG1aCaVJNqUS2qTbWpDtWhulSX6lE9akANqCE1pEbUiJpQE2pGzagFtaCW1JJaUStqQ22oLbWldtSO2lN76kAdqCN1pE7UiTpTZ+pCXagrdaVu1I26U3fqQT0okRKpN/WmPtSH+lE/GkADaCANpEE0iAbTYBpKQ2kYDaPhNJxG0EgaRW/RaBpDY2kcjacJlERJNJEm0iSaRJNpMk2lqTSdptNMmkmzaBbNoTk0l+bSfJpPC2khLabFtISWUDIl01JaSimUQstpOa2klbSaVtNaWkvraT1tpI20mTbTVtpK22gb7aAdtIt20R7aQ3tpL+2jfZRKqbSf9tMBOkAH6SAdokN0mA7TETpCR+koHaNjdJyO00k6SafoFJ2m03SWztJ5+oku0EW6RJ4SbCab2V5js9isNpvNbv8yzmPz2nw2vy1gQ5vL5v5NTNbaIraoLWaLW2dL2JL2pr+Ky9nytoK93d5hK9o7bSVbzmaCP49r2HttTXufrWXvt9XtPb+Ja9sHbB37iK1rG9t6tqltYJvbhvYR28g2tk1sU9vMNrdt7RO2nX3StrdPJXSwT/95bNPiJfZDu9aus+vtBrvXfmbP2nP2iP3Wnrc/2R62px1gX7ED7at2kH3NDrZDfhsD2FH2LTvajrFj7Tg73k74q3iqnWan2xl2pn3PzrKz/ypebD+wc22ynW8X2IV20eU4radk+5Fdaj+2KXaZXW5X2JV2lV1t1/zfXlfYTXaz3WL32E/tNrvd7rA77S67+3Kcdh777Oc21X5hD9tv7AH7pT1oj9pD9uvLcdr5HbXf2WP2e3vcnrAn7Q/2lP3RnrZnLp9/2rn/YC/aS9ZbYGTFmg0HnIEzcgJn4sx8DWfhrJyNs3OMr+UcfB3n5Os5F+fmPJyX83F+LsAhE1tmjrggF+I438CF+UYuwkW5GBdnxyW4JN/EpfhmLs23cBm+lcvybVyOy3MFvp3v4Ip8J1fiu7gy381VuCpX4+p8D9fge7km38e1+H6uzQ9wHX6Q6/JDXI/rcwN+mBvyI9yIG3MTbsrNuDm34Ee5JT/Grbg1t+HHuS0/we34SW7PT3EHfpo78jPciZ/lzvwcd+HnuSu/wN34Re7OL3EP7smJ3It788vch/tyP+7PA/gVHsiv8iB+jQfzEB7Kr/MwfoOH85s8gkfyKH6LR/MYHsvjeDxP4CR+myfyOzyJ3+XJPIWn8jSezjN4Jr/Hs3g2z+H3eS7P4/m8gBfyIl7MH/AS/pCT+SNeyh9zCi/j5byCV/IqXs1reC2v4/W8gTfyJt7MW3grf8LbeDvv4J28i3fzHv6U9/JnvI8/51T+gvfzn/gAf8kH+Ss+xF/zYf6Gj/C3fJS/42P8PR/nE3ySf+BT/COf5jN8ls/xef6JL/BFvsSeIcJIRToyURBliDJGCVGmKHN0TZQlyhpli7JHsejaKEd0XZQzuj7KFeWO8kR5o3xR/qhAFEYU2YijKCoYFYri0Q1R4ejGqEhUNCoWFY9cVCIqGd0UlYpujkpHt0RlolujstFtUbmofFQhuj26I6oY3RlViu6KKkd3R1WiqlG1qHp0T1QjujeqGd0X1Yruj0pHD0R1ogejutFDUb2oftQgejhqGD0SNYoaR02iplGzqHnUIno0ahk9FrWKWkdtosejttETUbvoyah99FTUIXr6yv6iwc+fpn+xPzHqFelfnpDdpxfGF8UXxz+IL4l/GE+OfxRfGv84nhJfFl8eXxFfGV8VXx1fE18bXxdfH98Q3xjfFN8c3xL3vnpGcJh2IwzGBS6Dy+gSXCaX2V3jsrisLpvL7mLuWpfDXedyuutdLpfb5XF5XT6X3xVwoSNnHbvIFXSFXNzd4Aq7G10RV9QVc8WdcyVcSdfctXAtXEv3mGvlWrs27nH3uHvCPeGeTPilcdfRPeM6uWddZ/ece84977q6F1w396Lr7l5yPVxPl+gSXW/X2/VxfVw/188NcAPcQDfQDXKD3GA32A11Q90wN8wNd8PdCDfCjXKj3Gg32o11Y914N94luSQ30U10k9wkN9lNdlPdVDfdTXcz3Uw3y81yc9wcN9fNdfPdfLfQLXSL3WK3xC1xyS7ZLXVLXYpLccvdcrfSrXSr3Wq31q116916t9FtdJvdZrfVbXXb3Da3w+1wu9wut8ftcXvdXrfP7XOpLtXtd/vdAXfAHXRfuUPua3fYfeOOuG/dUfedO+a+d8fdCXfSeX3K/ehOuzPurDvnzruf3AV30V1y3iXF3o5NjL0TmxR7NzY5NiU2NTYtNj02IzYz9l5sVmx2bE7s/djc2LzY/NiC2MLYotji2AexJbEPY8mxj2JLYx/HUmLLYstjK2IrY6ti3uffFvmCvpCP+xt8YX+jL+KL+mK+uHe+hC/pb/Kl/M2+tL/Fl/G3+rL+Nl/Ol/cVfGPfxDf1zXxz38I/6lv6x3wr39q38Y/7tv4J384/6dv7p3wH/7Tv6J/xnfyzvrN/znfxz8/7Zcq+u3/J9/A9faLv5Xv7l30f39f38/39AP+KH+hf9YP8a36wH+KH+tf9MP+GH+7f9CP8SD/Kv+VH+zF+rB/nx/sJPsm/7Sf6d/wk/66f7Kf4qX6an+5n+Jn+PT/Lz/Zz/Pt+rp/n5/sFfqFf5Bf7D/wS/6FP9h/5pf5jn+KX+eV+hV/pV/nVfo1f69f59X6D3+g3+c1+i9/qP/Hb/Ha/w+/0u/xuv8d/6vf6z/w+/7lP9V/4/f5P/oD/0h/0X/lD/mt/2H/jj/hv/VH/nT/mv/fH/Ql/0v/gT/kf/Wl/xp/15/x5/5O/4C/6S/I3a0IIIYQQfxf9B/t7/Y3vqV+2NL0BIOv2vIf+subGXD+v+6q9HWIA8FTPLvV/3erXT0xM/OXYFA1BoQUAELuSnwGuxMugDTwB7aE1lPqb/fVVFS5f9/2/6sdvBcgMkOnXnLTbo1/jK/Vv/p36jT/g362/7Of6CwCKFLqSk1b41/hK/dK/U39329+vf7n/TF8mAbT6s5wscCW+Ur8kPAZPQ/vfHCmEEEIIIYQQQvysrzrf9Q/uPy/fn+czv837Nf6j+/M/UOlf7V8IIYQQQgghhBB/7NkXuj35aPv2rTv9Ny8y/me08R+wQAD4D2hDFv/5i6v9m0kIIYQQQgjx73blov9qdyKEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQqRf//x/CFN/98FX+xyFEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKIq+3/BAAA//+0FVXr") (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfffffffffffffd87) (async) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async, rerun: 64) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) (async, rerun: 64) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x1b, 0x2, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) (async) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r6}, 0x0, &(0x7f00000002c0)}, 0x20) (async) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10) mount$incfs(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x0, 0x0) utimensat(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', &(0x7f0000000280)={{}, {0x77359400}}, 0x0) (async) socket$inet6(0xa, 0x2, 0x0) (async) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0) (async) syz_usb_connect(0x3, 0x36, &(0x7f0000000080)=ANY=[@ANYRES32], 0x0) (async) r8 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42000, 0x73) ioctl$LOOP_SET_FD(r8, 0x4c00, r1) 2.237841448s ago: executing program 3 (id=5265): syz_btf_id_by_name$bpf_lsm(0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = epoll_create(0x2) epoll_pwait(r2, &(0x7f00000003c0)=[{}, {}, {}, {}], 0x4, 0x6, &(0x7f0000000400)={[0x4]}, 0x8) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000280)={'wg2\x00'}) geteuid() getresgid(&(0x7f00000023c0), 0x0, &(0x7f0000002440)) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000040)={'wg2\x00', @multicast}) r7 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r8}, 0x10) pwrite64(r7, &(0x7f0000000080)='h', 0x1, 0x0) 1.485863589s ago: executing program 4 (id=5268): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8000000}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10) ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0}) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, &(0x7f0000000080), 0x0}, 0x20) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r4, &(0x7f00000000c0), 0x0, 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$inet(r6, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000a80)=[{&(0x7f0000000440)="7d717c1f8428280ab55a04c6325d699064905ef93ebd77e2efec9f53dda482c9ee2e65a7f14fb8c8ba86e1a48d2b6b6afa2f0b4ec3e4f1113ef51e3ee2e89096948f4605cb79bde9e3c35e2e8c5656e7f4e2839f750dbc54845ec35a6540a0ac354fc844277715dc45a624629d82528a3e868dc2152570c88ba2157e21a3fd45974bfeb026194d440b5318f8bc08da0d365fd550f1ddb920ad905618a7289482f74bc2e81ec9c0abf25663403ca2ad939860eef39a36235f55b27706f0bbf4a7596f3c713b3b5e96c8186e508bac854c98bcae2a79234c8f125fd1199bcc52695fe06ba43c32a91f2cabaec6291285220c54819496843f", 0xf7}, {&(0x7f0000002c40)="a8cd2d813f93de411347b7e95837c2aabffe0b7b65d0e0b26f745be5e6d0b3922693df6cc0cebc6876df2ecaa9526da6fceb40d3e1bea9965161b1e791dfe31f3866993e88c67caca52292d312a39b062ac94e28acaad6860caa052f97a18e7efba653088adfc2c92903b2f074e394bf677df822e1f77fed4df7546c3b3786a047d9b08b42aca4ce1e0b084f40eb5fc21f9117b8b1a6c1fa488d599ac611955a6c02dbf23746d52330a3b8490c96ba007278d501d1d6ebe1c5404604cb08435d7de624ca034f8ac6a84ac9f69afea2d691b501c94b84d39b86b94f92601ee47e6d42c0d72991536e907151f9bfcfe92b53ffae33e352f973b1e6ef28e7892fbe24630571fe96c7a044e3d811c2737fe07985b00e0c4e1408123e705c6ed21ece20f5323205955f653000920ca1c46a0c191e457d70f0ae4b78f28455e22ad565a1715f0c88f43aa27a4e975af860d88b63bccd9ebdfb6c1270a734cb7545b01ca5f84c1d202a1c53a590d22e394cfb93452d04bd99ef6f21c267c02ad364cf341344217aeccf25e4953e470d34f5be6844d4041cf63ddcb01de1f0f9617fe17d00017aa74e4636080013071783a9d5f388f85931da2b2958c3a6b1759e91f57e5ad8b876ad0726b325ecb75be010af67bf1b68775542d61888be703abf26a1b755b259fe0fe3d0d24cacd29cd76b71fc76294b9be460f029be814f0b196d604044fb2742b6db9dbb5bd0b0b0d4d9df92ff6006b30597f7b593de19fb701726f7e66a40a4b566be51794e79cff337ea8c1eaca1b77f9e510e8faa23de9cb3233c26b4eb98e7d0d019efb4242e750fd6832cca83e52e9549bb3711d2d6a0ae758058903d0d319b3c7f5927908d0337ef6f1ab073b2ed00dc8bc70076b9ffecdf2226249ac58b5657e600f032697c400acc2054180239956576464626d9ec1714f7cede138de272ea81d2b0b5029dfd850c474f2a275225cc42b306429eb81228d19adb01e4109cf5525b7596265932515cfb53fa9a6d2cf573ab7a58f39367b1f64170a6ab24f911f423900eb0251ee8c0496d6a0ba5d1dd1860a64698ae6cc5deff511c83e1ba8421cd77cb5ca1d46ed2b819fcf919a2bc63fca2d47bb817375d79232b0903905d9f005dd4b4fa12edb7ade8338c298901440ac9e1d9edd7b558cfdf83cb48d30ce280e1a3e2ae85df773bd4e8ceeae0438200dfdd0cb7a4cdfae7323c827bf6358d9f0f22954a208eee06089e4a5c46a34fbdca84ff5f210510644ce379484d660d8b590c177e69f9f8406ca20bb639a1cfd88546159452a6ab3e7f61a1f77338e0c4dda01f39c5a278b39c7cd0894e845a28077c2a484d1a2a04946c4a516e7871d286347bebb4a56dff9e999ad380bdb7ba1ba0698a286765a11ccde66a92118ab2f3888de951cff6cb458d9de900a92ed6148a702f079ce9c2c414b951dbdade2b67bdc942835f4dd75983f6af0b1247c77eec69ee9752c9ab7190aa004056e24fb3fdb48c687ff778e29a804cdaa8e65e709793da9bca436a07e6436ff95b4ef0dd65b8455ed42c821b7a682b39fccb64cfecbc4f0fc5237362179faa889c9f52b08fb1e69637cc5bede6421972acc96bb90b92ac7017755847ad54b01a971d9d379977364aae24bc050462179a5bf6b7ae38a8cba2a51fad2c0489db86539184fdb3bc246ad6d276c2648f36412f70f197b441cdae46fb09f1a9ae6cc5cede82b9947f6237bc34db78475a4b2efa3f7249403368cbd6cc91996424f12a66bea8ed851da994f587b9ba1f077cd00957d1d8cc75a4fd489ed4dfd36f0fd3817bdf8c16276db413e438eceb67de1e1e8de46d0675dc6a55fa29d83d9493a45d6dbd5ea4459c3ff44d1ca50bfdd7f6b4015da8a7901b3d5fc0671f8ebe7a5dcecc776c21bdb2c35c14b0d4128c144d11bbf4377513240a3dd47e9f9e5c22af5ac9422f2c8e90bee27e3d6f5b314166ec9841272c48c91df4b1f086f7e9d27712ad27406d05a59a27c55d8cd4d7ddb25fa2e77e10864feba27e0440d04c35237ddbd75b91e72eab1ae1f396fbef691e09537062096b60f265bd04b344e0866ccecf7f132cff615b9c4c04a83b05f410158ba806b8f3a168482081bef190a7b13b85997e61be9d62c4173933a41a5e92fa3f43ef02196f4f4033071b5b177ab5b0ce3572f7053b4776fc3a51b05cbe942da9825bb75f7487df1779a4373cd5568ff11319e9f12981d75499c3731115505c18895dc82e6e03a5966aea8c7690e88066f4e53590e2eb332a06f5bc77be238ca5e001dc50c44fac1ed8c58e6468ee2c3d22b101b8978458142e01964d6734f622472e991a25e2878defce195c7198483b4c3edcb8b149146c938a0743c37a5d701ebed448a170dd91cc44cf43d13800507f4c3756e5241725997ea8fc8632eee1abc318e1f6f3cf8d430b35a57806bd5b040014ef0298bfc1abeaf55e5232363a888ba5d97079d0f593b1fceb208b2eb3c2417eef3e4f8d04268621082a02a7f334d2272d60428172433dbd7fa1b2237f3cf7ab26844522b6f56caa9158aa25a166eab3c5b481437fede3ff1c228d73b06317da199630bcba8fc0ff826ad096023a534c52bdff4e69edfde8643c7c0e05050f7a72c3638b5f5089f109469a40523ec15bda8e2b89080ad965cc4b3f9f6b32f7284a05d734e40bc32c6d82867b10aa2827dd22ec7f82ed6c9629f1c5a2b381ec73355a1930a332fbccf0522599a5e4f3cff8f610097c8b214881a19247d4dd3f7c870bfd848d66dfd0e391e2f3f487f55f5c6022f895c437dbcbace0fb3111d751a89fd8710dfc9f3c770b649efe823048dd0df649af48a2d4c7d665df5d7af6904b73983e2d816788d99d7f2d1531d3c8cddae1ce9145f7d3572ca7de7f4fc5ba55d87a2375083f2d279eaa0594e146620c19ea03276a3a4c31fe2779a5b493ea142051cd472728e9f32d37181bb61c0a7c82df513e798050a634a65530809c11e9b48217879d911747f736bb52f40729eac20397927aaba16cbef66975c436c696220427c359ba36246078e922c7e9569cd2e5eead89420002c312778f29941a515ff9411845617dab7a4edd2c11491be139ffb09a8ebf715cd9d38b8e8b1a83b2e32a3b1071479807a52d3828d6ba9040d6b71c5d53f54338d2be2016a689adf7e1b93727975a854300a302435faaf1778b276661db16fbae0f54a0eb3d5ee9f9272263dc3a4fe6984234d6fe1c4f3f32bb512a0b7150ab5a119ecfad616929adf1f2066710eef359891b88894267a7b149a70767803de4a52d5c060a94f53665a4d8abae125f989f64346102305a6c5a8df04661f82313097f5beadb5d340b49cc0fe478c49b897ba9dc998a03a8c9722c35f45ac55a11b9f91bb6f849a02eae30e5ba8cfe253dfa16e498cf6077fb7b17658314a759d758b1d3294d39a203edcd8e9f7e6d88c56ad25a14b2e276e6d851ad632e152ec6b9278953e33b8cbcde45c55f00247fc9b7f71925ca4fe6f411dd6c3245ead614e34745996a20fe0495180b9c28217f62c6bf4dcfca3fce66cfe3603c24932d847608a2568430d3e04c91bbca995ca7064ed3a9f984df0d56e00a319eeefe83d1872a8a08b43d98d64a3040df90ea42343d3d059357a2c1c58acfea88cb9febb9a039844c9961940f4789bbb40406bdb5f00acc5a883bdcd3435bee88f451e6276f044491dcf9c1a6e0f2cc1ec7c881fdb189ad711cae2502e62a9aa0296f97f2b522885be850bdfea2ec50aafc9af282af63ffaf973eacac4898330c24c64b563b21908a4d624a8b1ccce4acab3c914c0490c9efdf69441e85cd1ecd19ffbe2ffa11288b954ef4609a5a683500c02d75bef0e3db48eb65767ee2dc57d9acc5eb88ae618fe901167c171604308b0020fa745c31676053779bd77a07b8256b228126d837ddf85e591fc6c92578828610d9fec4e6cf68cd4bb5194b41565958cd04df215f38859e62bf3a0a45411036968a77b562b2df6ecdd9ad024d9e32862d7b06fb5d1c3ae04fb9a64306111f26242eb9433cc8ac44530b9b6ef01c901a026bc445aab798e724d6fb66becac243377e69a3db42ad2c38f461311cd7901874db0e50595ad386d8d2f4d83002b01763f07bd0ab129e4ff76e474af4b82b3a7f98af0b6909438d7511512144e21f835feaba708393baa8cfa5190c1245a5ce509bcc607ba44d14748dea94b19792b48839d9d6aab28e3d18678dd04ec3fa5bd1e66ed9a6db25e81913a6639c6956ffeabf026c4630ef61fc91937d9918d8e5d779ac48857ea103566468661a8525ae308d5480edeac06f453270742c538db04cca008718c90bf4892afadeab417ad82284fbf9472a876b93749ca63c8b2ce74a7ad2bc4fcdd2dd7363f1b89e75bfb1e8f43a54ca275b08471e9d06802ba54daa9b375c9ac0f87f249f9c573989783721503f6e3f2f96a53e05e12c04adc84515bfa9f3ac8f7f46028324a211adc2d24cb21814e3b0fd954b62a1de60fca19bd0032a001d4573325f3ef803fef8bfe8f070a27c66f2442061b96d3fa9383405abcfefff015f8d7c4eaf98e52bda0e27cb02247ad2985372175ab78534da0629a63e5c613293024b3cba54dd7a4b5decdd80496d893d1ad29562acda70c130a15526e193f693933aec185e782944556932dc0a753865e7e521db3187333485e4dd2b9e7c0c8238b5d0df8cd9a92c14bb250bbae46360b5706a080cd73684ee40c4aa325c88302b9ee7ab8aa0d7c88b4de2bfd70323af2149794adef870c4e0e1330ecc7231c386b4270de7c27e02b1b527a9601d2b028e43343eebddad92e1453b01729ea6c4cef965790f266e15e35fd08c750ca68bfd4d1fb08671404333f04d52ad76301d914c4ef2a6a8f08022c6ca8a4667c8c98ac73efaace81f8f13c153b5b54c33ffda69f65c1f2c0a6c7c6c841472ca41af8bc570afe1b4bdbbf28303da527ed5a51e2b450b33e887e4f26a1a220f0774d0e3fab983044896a686dc858c8cb377cccb8fe3e783f1bd8f458f8c10966426b13b63e0062570becf13a504fe3c861a857a5c730c6fe31ec5e90d1db701482f9ac0511c5dafdb9ca387e5a194e460bf8848cf83116ca9408d83d800c617798d789127307b2824b9afad63c68e085d81c5b377aee1b0f97e9672116e888fb95cf233cbe7988113150cb2fe80283178e736f7186e2f1d961f286b03ca37fab9c82e2f626e011f4cb29afc2edaa249c4d9796970b0116825e600f51ce488a7789d8b26d86bebf826d395cecd6101e6e128c048ae66da51e67197c634129223f47ccaa4196ed78823d9d3b2922b2e081e59c0f68e499451f362808e3f351cef362fd23a6a8de6e994e42980c26d45222c4de8034239b1870341558e764c2708f2a5bbec2c4851272d29f195f05f7b0f98c4b32d8a13", 0xf0a}], 0x2}}, {{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f00000002c0)="80", 0x1}], 0x1}}], 0x2, 0x0) splice(r5, 0x0, r4, 0x0, 0x10000008ebc, 0x0) splice(r3, 0x0, r6, 0x0, 0x25a5, 0x0) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 1.411710555s ago: executing program 4 (id=5269): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2000002, &(0x7f0000000280)={[{@user_xattr}]}, 0x9, 0x537, &(0x7f0000000fc0)="$eJzs3c9vI1cdAPCvJ4mTbtNmF3qACtgFCgtarb3xtlHVC90LCFWVEIgD4rANiTcKseMQO1UTIpH+DXDgCn8CByQOSD1x4MYRiQNCKgekBSLQBgkkoxlPUm/idL2Nf0D8+UijmTfPM9/3ksy8mefJvAAm1o2IOIiIYkS8FREL+fpCPsXrnSn93KPD/ZWjw/2VQrTb3/pbIctP10XXNqln833ORcQ3vxbxvcLZuM3dvY3lWq26nafLrfpWubm7d3u9vrxWXatuVipLi0t3Xr37SmVgdb1e/8XDr66/8e1f/+rT7//u4Ms/TIs1n+d112OQOlWfOYmTmo6IN4YRbAym8nlxzOXgo0ki4mMR8bns+F+IqeyvEwC4zNrthWgvdKcBgMsuyfrACkkp7wuYjyQplTp9eC/ElaTWaLZuPWjsbK52+squxkzyYL1WvXNt9g8/yK4YZgppejHLy/KzdOVU+m5EXIuIn8w+k6VLK43a6vguewBgoj17qv3/52yn/e9Dj2/1AID/G3PjLgAAMHLafwCYPNp/AJg8fbT/+Zf9B0MvCwAwGk9x/58MsxwAwOjo/weAyaP9B4CJ8o0330yn9lH+/uvVt3d3Nhpv316tNjdK9Z2V0kpje6u01misZe/sqT9pf7VGY2vx5dh5p9yqNlvl5u7e/XpjZ7N1P3uv9/3qzEhqBQB8mGvX3/t9ISIOXnsmm6JrLAdtNVxunueByeUlfjC5jPYFk6v/e/zfDrUcwPj0vA+Y67n4uJ8+RRDPGcH/lJuf7L//3xjPcLno/4fJNfWRtpodeDmA0dP/D5Or3S6cHvO/eJIFAFxKF3jGv/2jQV2EAGP1pOeAB/L9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwy8xHx/SgkpXws8PlIklIp4rmIuBozhQfrteqdiHg+rkfEzGyaXhx3oQGAC0r+UsjH/7q58NL86dxi4V/ZYP/FtPXP120vpuv/frJ+9nj4sMoH211gXEEAYMDeWW61tiv5vOtG/tHh/srxNMryPLwX/8mHIl45OtzPpk7OdExn87nsWuLKPwp5ujMW6YsRMTWA+AfvRsQnetW/kPWNXM1HPu2OH3ns50YaP3ksfpLldebpxdfHB1AWmDTv3YuI13sdf0ncyOa9j/+57Ax1cQ/vdXZ2fO47OtwvHsc/Pv9N9YifHvM3+o3x8m++fmZle6GT927Ei9OPxT85/xzHL5wT/6U+4//xU5/58VfOyWv/LOJm9I7fHavcqm+Vm7t7t9fry2vVtepmpbK0uHTn1buvVMpZH3X5uKf6rL++duv588qW1v/KOfHneta/eLLtF/qs/8///dZ3P/sh8b/0+V7xk3ihZ/yOtE38Yp/xl6/88tzhu9P4q+fU/0m//1t9xn//z3urfX4UABiB5u7exnKtVt2+0EJ6FzqI/ZxZSIs40B32WCh2Ff5PMdxYT7UwM6yf6tAXpk+uFQe75++kexxxdZKB1+JCC49GFWu85yVg+D446MddEgAAAAAAAAAAAAAA4Dyj+NelcdcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAy+u/AQAA//9xkcaD") setxattr$security_capability(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, 0x0, 0x0) mkdir(0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xffffffffffffffc9) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x9a) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) setresuid(0x0, 0x0, 0x0) ioprio_get$uid(0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="6e6f00000000170000026261636b67726f756e645f67633d73796e6300800000000000006f635f6d6f64653d72657573652c696e6c696e655f78617474722c64697361626c655f726f6c6c5f666f727761726c2c6261636b67726f756e645f67633d6fe6eb5be537e2dc5e0e52191470c09c6e2c6e6f757365725f78617474722c6e6f666c7573685f6d657267652c757365725f7861747472466673796e635f6d6f64653d7374726963742c6d6f64653d61646170746976652c6a71666d743d7666736f6c642c6e6f"], 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S") bpf$MAP_CREATE(0x0, 0x0, 0x0) open$dir(0x0, 0x2202, 0x101) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) 1.382590737s ago: executing program 1 (id=5270): r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_ext={0x1c, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000004000000000000811f0000851000ffff95000005000000005cd791286b6c1ecf6403b8511e7daaa38ae027f3e902c7140a6eed3a8caed36aa2e69c6800755d606ecefa824b0c4c7c3f8bbefa732ae40212c54be3ac2a91"], &(0x7f0000000400)='syzkaller\x00', 0x8, 0x94, &(0x7f0000000740)=""/148, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000800)={0x3, 0x1, 0x6, 0x3cac}, 0x10, 0x0, 0xffffffffffffffff, 0x2, &(0x7f0000000840)=[0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000880)=[{0x2, 0x0, 0x4, 0x3}, {0x5, 0x5, 0x0, 0x5}], 0x10, 0x2}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="0aecb3d93170d58ebb881df028939ead53eb30a5b006c77c7924bbf7840613e08079a8ea619dad5022e5e3d97ba94f87873fea1fdee055c738ccd8b2519e40261965982f", @ANYRES32, @ANYRESDEC=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800010}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$inet_icmp(0x2, 0x2, 0x1) getsockopt$IPT_SO_GET_ENTRIES(r5, 0x0, 0x41, 0x0, &(0x7f0000000000)) bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@bloom_filter={0x1e, 0x8, 0x9, 0x80057d6, 0x58, 0xffffffffffffffff, 0x40, '\x00', 0x0, r2, 0x4, 0x0, 0x0, 0x8}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0xfd87) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) r6 = socket$inet6_udp(0xa, 0x2, 0x0) sendmsg$inet6(r6, &(0x7f0000000240)={&(0x7f0000000000)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1400000000000000290000003e00000000000000000000e42300000000000000290000003200000000000000000000000000ffffac14143e", @ANYRES32=0x0, @ANYBLOB="0000000018"], 0x58}, 0x0) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xfb, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r8 = socket$nl_route(0x10, 0x3, 0x0) r9 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'erspan0\x00', 0x0}) sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r10}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @erspan={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_ERSPAN_VER={0x5}]}}}]}, 0x3c}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES16=r8], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 1.340175181s ago: executing program 3 (id=5271): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1400000010000100129067355f0000000000000a20000000000a00000000000000000000000000000900010073797a300000000058000000090a000000000000000000000000000008000a40000000000900020073797a39000000000900010073797a300000000008000540000000001c001180090001006d657461000000000c00028008000240"], 0xa0}}, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'erspan0\x00', 0x0}) sched_setaffinity(0x0, 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x6}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r6, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018400110800395032303030"], 0x15) r7 = dup(r6) write$FUSE_BMAP(r7, &(0x7f0000000080)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r7, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX=r6]) lchown(&(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="48000000100005040000005f596da40000880900", @ANYRES32=r2, @ANYBLOB="0000000000000000280012800b00010065727370616e000018000280060011004e23000004001200080015"], 0x48}}, 0x0) 1.286497725s ago: executing program 3 (id=5272): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = userfaultfd(0x80001) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000001c0)={0xaa, 0x214}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) syz_io_uring_setup(0x200000, &(0x7f00000000c0), &(0x7f0000c57000), 0x0) ioctl$UFFDIO_COPY(r2, 0x8010aa01, &(0x7f0000000000)={&(0x7f0000c27000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x3000}) 1.179764344s ago: executing program 2 (id=5274): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=@ipv4_getroute={0x1c, 0x1a, 0x200, 0x70bd25, 0x25dfdbfe, {0x2, 0x14, 0x14, 0x40, 0xfd, 0x3, 0xc8, 0x2, 0x1000}, ["", "", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000054}, 0x40) r1 = gettid() r2 = syz_open_procfs$pagemap(r1, &(0x7f0000000100)) r3 = syz_open_procfs$userns(r1, &(0x7f0000000140)) lstat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) quotactl_fd$Q_SETINFO(r3, 0xffffffff80000601, r4, &(0x7f0000000240)={0x6, 0x9, 0x0, 0x3}) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0x7, &(0x7f0000000280)={0x5, 0x4, 0x1c9, 0xfffffff7}, 0x10) r5 = open_tree(0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', 0x8000) quotactl_fd$Q_GETNEXTQUOTA(r5, 0xffffffff80000900, r4, &(0x7f0000000300)) ioctl$BINDER_GET_NODE_INFO_FOR_REF(r5, 0xc018620c, &(0x7f0000000380)={0x3}) r6 = socket$vsock_stream(0x28, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000003c0)={'syzkaller0\x00'}) sched_rr_get_interval(r1, &(0x7f0000000400)) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(r7, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x14, 0x0, 0x4, 0x70bd25, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x1) inotify_init() ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000580)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_GET_WOWLAN(r7, &(0x7f0000000640)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x1c, 0x0, 0x10, 0x70bd2b, 0x25dfdbfe, {{}, {@void, @val={0x8, 0x3, r8}, @void}}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0xc010}, 0x85) ioctl$BTRFS_IOC_SCRUB_CANCEL(r6, 0x941c, 0x0) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r5, 0x0, 0x61, &(0x7f0000000680)={'filter\x00', 0x4}, 0x68) fcntl$getflags(r3, 0x3) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000700)={'wg1\x00'}) fchdir(0xffffffffffffffff) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), r7) sendmsg$NL80211_CMD_STOP_AP(r5, &(0x7f0000000840)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x1c, r9, 0x2, 0x70bd25, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r8}, @void}}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0xc88301f8165a11a5}, 0x4000000) r10 = syz_genetlink_get_family_id$tipc2(&(0x7f00000008c0), r5) sendmsg$TIPC_NL_MON_SET(r7, &(0x7f0000000980)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x28, r10, 0x8, 0x70bd2d, 0x25dfdbfc, {}, [@TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4000000}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x40}, 0x24040040) ioctl$AUTOFS_IOC_PROTOSUBVER(r3, 0x80049367, &(0x7f00000009c0)) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000b40)={&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000000a00)=""/188, 0xbc, 0x0, &(0x7f0000000ac0)=""/93, 0x5d}, &(0x7f0000000b80)=0x40) 962.110371ms ago: executing program 3 (id=5275): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x0, 0xff, 0x0, 0x1}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x10) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000440)='blkio.throttle.io_serviced\x00', 0x0, 0x0) write$cgroup_devices(0xffffffffffffffff, 0x0, 0x8) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x19) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="890704", 0x3) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x19, &(0x7f0000000500)=@raw={'raw\x00', 0x8, 0x3, 0x328, 0x0, 0xa, 0x148, 0x190, 0x10, 0x3e8, 0x2a8, 0x2a8, 0x3e8, 0x2a8, 0x3, 0x0, {[{{@ip={@rand_addr, @multicast1, 0x0, 0x0, 'syz_tun\x00', 'rose0\x00'}, 0x0, 0x120, 0x190, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'dummy0\x00', {0x0, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@inet=@hashlimit1={{0x58}, {'pim6reg0\x00', {0x0, 0x0, 0x10001, 0x0, 0x8, 0x6, 0xa359e000}}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f2f7b90ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378bc0d27efd6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @multicast2, 0x0, 0x0, 'pimreg1\x00', 'veth0_to_team\x00'}, 0x0, 0x98, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz1\x00'}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x388) 884.563398ms ago: executing program 0 (id=5276): openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x110000}) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000001800)=[@text64={0x40, &(0x7f0000001840)="f3470fbc06c74424000600007848b800280000000000000f23c00f21f835030004000f23f8c7442406000000000f0114246aa2450f0012124424001afa0000c744240216383d27c7442406000000000f011c2466b8f0000f00d0400f060f00e4c4a1c1edba2500000066baa00066b8000066ef66b82f008ed0", 0x79}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000440)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r0, 0xae9a) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000040)="3e660f015f000fc7a82b000f01ca0fc7ac17ceba6100b08dee3e0fec020fc71b66b9800000c00f326635004000000f300f011e0133bad004b0cfee", 0x3b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0x4, &(0x7f0000000100)=ANY=[@ANYRESHEX=r1, @ANYRES32=r1], 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) r3 = inotify_init1(0x0) fcntl$setown(r3, 0x8, 0xffffffffffffffff) fcntl$getownex(r3, 0x10, &(0x7f0000000140)={0x0, 0x0}) r5 = syz_open_procfs(r4, &(0x7f0000000600)='fd/4\x00') ioctl$EXT4_IOC_GROUP_EXTEND(r5, 0x40305829, &(0x7f0000000240)) 823.957723ms ago: executing program 0 (id=5277): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = syz_btf_id_by_name$bpf_lsm(&(0x7f0000000940)='bpf_lsm_ipc_permission\x00') bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0xc, &(0x7f0000000800)=ANY=[], 0x0, 0x0, 0x63, 0x0, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f00000007c0)={'wg2\x00'}) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x1}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000020008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) timer_settime(0x0, 0x0, &(0x7f0000000840)={{0x77359400}, {0x0, 0x3938700}}, &(0x7f0000000880)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000001ac0)='ext4_request_blocks\x00', r4}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) sendmsg$inet(r6, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f0000000140)="be38", 0x2}], 0x1, &(0x7f0000000c80)=ANY=[@ANYRES32=0x0, @ANYBLOB], 0x40}, 0x0) ioctl$UI_SET_RELBIT(r6, 0x40045566, 0x5) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10) r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00') writev(r8, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f0000000740)='block_rq_requeue\x00', r8}, 0x10) r9 = gettid() getpgrp(r9) timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @thr={&(0x7f0000000cc0)="d04b68fccb187549d70235dd91bbd08621bb1ea9729a06e493ada57f1c7338bd5bfe0650491fd4178fbabc1eca23eea51ee173b08eed96a5b35c9744018d5a57a8a296cd5a2358120658e4451df686ba05a8597cf0c7141d384040aff941da3e3091d2b2a8d12ddf2d3c439d7e0a5ee8eefd698f905448703d09d261b015e49fc260a042778478da8bd026f0174f9efbef1bde02c1c0056efe4ef6c70dee80c2e4687dee462e62eb9a46c0bb16456ee7750e7876e9b450fe5fecde40a5d86000662fca858b5389589f0e7a", &(0x7f0000001b00)="f6dec840118c54488a522a4322a179b42aafcc1dc0703b0040f194e1ff38d90f4c06a2f4476b1fc3818255b27961231efeb601b45373d198e2f18dc2e97d66bca2d9c85c921d0d38d6bdafb231ca752494a4a646e6161d96b133a86c300d4ea72cdd507c65a1f06a92a5b0edb696bef1c345e89d4967b67abd4a6e8cb175965adaadf36a42e335a3321a4c59d2d1f65769f48b7b20995d55b0a74f38c751db8992adb918103dc300557578da623d550b924a816c86cc03db030e46d5aef757301cbb262cbca84b294b30cca637c7a21e56b8d0345fa308300958d3280f95eb5ac0869bd8f15f522d6e02d4b30d95b1ae63d6958c8a5e5e1cd999160a332a8d6c2ce6cf99828e3dd15297b5d824168be84344799638c9ebb0998ef4073a2239bf54b8ad7bd9af80a86f751633b4209932e15dff27f37c85ec1ae676f42d2dbe10651a14eadfbf449dd2cbb526e633d9ed4ebe947d78bd380d8821dbbe1425b4be5a369c46ab23642cf9b3680180e404cb0854972514b1d3aa1aff308780a275eb5526f384b1bcc323e4d71f047cf1cd5726abf95b670dfcaaec0a1d8136638cc6dd8ab0a924923463394455f5b7e4c41347eeacbf68595d9717e53034f82d6144b0b12cf41d15b99981b66bde1ab084b187c55ebcf917cba33c5188b1eb54bd29d95c6129b04f6a1c4d419813d808d6c698f0176d8b9931800c9b3e18508c9f0f9752d4ff1c1ab3a68c17a2e86ce340710cee476fdcfa13b5abdd67dcc93b652ae333605898fa89f01e97dcebcf4810ba8239212a6a1fdde2940abcd7eecb660719566b789edc31d6ea7ad35534d2061e10cb4ade706b13cef672da2f7721e3cfcb17fea60acd05c360b265fd608edadf6d27535cb7e723a51e8d94683a59f351d2aa48de913475542c70b1a9e9a4c074a156db46f78354a51472990881e3ad7030ee088c797446d2689cbd4e4cac88206b83d196c04229e597e2b18602068cf0f1976a126059c4ef3cc8d3e7cbb71e248a994f765cd39076e4ef431c54b10a5f5f7b2fa0a02fbbfebe88ab5b82e2ab271d64d781c20ea51bc49d796065b3926973520828ab4e9a86f68576a155a698325a18be5bcb1ff6b6b5d3ed51e0c3145c2d321a031827235ee677839ea36b59bce2b367bffca12a9248f2c0eb81baa2d1401e11128abd4c4ce568bdca6da079c9deafe3f6d6fcf80b6f0185067fc23f3205e065cd6dad3c6565ac4afe450309261445ad376ff57d9e5154b9a01f9a4e2f971aa32c0c378f931a35c14888d38cd5aed2d23b5b17208f3ba364dfd7a7b4268fb541ba063c212771c999803b5ad0fc2ec56c8049b282cff3435ad174016ae35608ca7db9256f2298ffe3316a07d2944588bd7ec33303dfef6d50538940a3744b7d1d003220f6754e03f3c00e2208310a58d796ae9cdaa708db0ae2be0fa889b2cd0efc14f671df5f199231442ac7d9572011718208e5b26c26ba6eceb6ea48e4860ddb7085b9776c20b2080264759b218bef141be3cb60b06f286ff36194331843dd180f66be78d3e00698f457803bc1588c9cacbc3d59e724810e570daf101bb3aeff108aa3852212e9f1e9bf334b204c5041c78063e743cd881439ab2dec59749e4632f8e69b352d4088e83054d168b9450d4cea1a239dd70db014eedba52c1a4a70178ced0b0a0ef899b1ddc6c5f1da94b1251a0b17994bf910a11f2a9c132d6b764d4e75e2825940bb604ee0d80aaa658164ddca8eb02d681d8b5e58a43f8d674fb338882f4fa1173af74ab544cb26c4158387c50be7e70c75a3bc92381f12e4500bf56f4243c52a568e4730140c8363ce3f3ddc08c110a09538d01bb871c13272cb46f8227b3f0d8526eddb74e233fc69af01fc9d66b03d06b90cc4d517502c8f44d6e289e85bcaab519e88b298f0c5a026b58282154d416b4c87c1f48dca8037ea464233de5dc5d7b4ef3f0929da0e7a1f064058591064c9b5fd1b607e3b506868ebdf495ec76c2c80936710a0c0349be75c8b2e8df519c1438a0194ef79cbd0ca9936ff8c5aa17a508eb8ba550f10216d10975d0c8f15775bf110cba557a7015f617f70c4e3493e14aa453ee2c065da6ccaecc6373bf95f55ae7e78f3add771b9f470e5c37276f1f01733077711c9c267d4c8c4d3b380eee1ac7045fa0ce0ca52a5ae37d5806748d074b8c1fe8b932e028dc563859e979f58f92a861cd6011df3ae607508a4420a9d0a6560412f40f5a6ce25e890cb9397c6c96126f200342f89a5764aa15a704b28c13ece2defe7db2c1e7eeb65f33d88bbfa273a80a6edd9979894e19ca87f8595136018149f3c0240d0f8af5998cc938e9f37249036b67fffd87dad780b18662e2a993dec6d506b4c344b8fb887375f8e15c680547dd84301a5d55f0f938d0e19c3c6c3ec7b16778c07f21d230d68f887ff9ed36d030e20ab1096ba6ff680fe378f3d3117f6996e82c249c33e4df882e942979eb3810697d3526622f477c4e190a97fe63138ba235bd4170dbcd0228ae0ccbd6021c182e14f55dfd2d2cb4d32cca871621f8fbe06e45dbc4782cf910867fa11cbef6902e17c787047bcc659f8ee38d23531815866fabe3c11a271c2ce69f5afa4eda87ef42e2efe7589a7068be27b0e2d4db615b8b64fb15e31aed01307bafa5de1123ff2d09b61c2b08f49ccd0eb0f34bee4742c1773a155f23d3db756b0ccd2da4611074938f273ee661df38169131a588da06581fb76e45db612d173f300b18d19fd95422ebd34ea833388fe16c75e71191dfff98428eaac50ffda95dab8538e6db300becf3bd07be9e41ce7c709c8ad7c7d2d27eb69f0cad4c036fc52f0bb6d675e0159610ca78baa7a78155152375fe71ceef45e81f3170e39086c923e6f5ffd0985bd92d4a4675e4b72189886126f31e2eff2e6b2ec62e743a923dc7317bac6911d6864ce812bcb0da5b3ac39f48c54446fac693fa782b526afa66cb1c5e209f3125a6ba300831862b3e59dfd26b6b76be5c8f6f3d1280996e83752c109392e81685d648687de99f6a188c07cf8e97440428095fee760482ea1c5fb722b0bc00268da77e9aafa3447dac2bb110e011b3bb7d66f20823f82fee4bde290061a8cbc290bf745183fcd023a93b1c12ea075f429b4c1192227270bee83265148045ef2b4978d65c5932cd694eef6f3ccf2cb6ff3d0b67e9469487c72bc1feb9afe63fb7d06a598e2fce23aef61968fdd29bdd3aa35a5f0c52fc20a088ddcd1a7b4382b1e94c9be9187a51c53cb32562bea7575958dafb0f7b2d056d272b76bf3167d518d0089a122e2e2e67a38600e8b0d533513e0b1280ccf234df7e84a4bec7593ec18c2128b331f4796b6582652e2fe9d2d4fe6727860d0a5a3427fa3fd1ee83899ba3aa8c9c69d763b6290a9b5e198f73466c51aac085670a25e9b998b6b62ec56bdbbf0ddbaadba401cda9830a3ad6426fd2717888b1bbc02b1d07260feb77f0f6ae6d5e4aa2a450de05fcb10ddbd30447379bc5677c710e10af48d0fa340e067c5c41583cab271f4dcd9925b102d798b0a2839e35802d0e42c45bac8ce1204d3b92cc32a6dfb873bfedccf3943279fc97d787d8af5980eb4ade261471df6275316d8f3dadb48624b091e553a42c0d23724a2bdb46ae28680b12e8485e4989d763364c8802be196ed3e9a7c7f196f93ab797969796bf6a219e3cd291c7bf36c558f75ec59b3b7499b63483a82aad49181e0774306a341584f02499795b2e00722eae1ba17e0be1c17bcda05b66c4fca288ba1ed942baee11f5f3f04c16fa729159dca949bd7d46415550bd58e17bfa65b0226fa98606fd369e7898b5d12aca1768168ca170ca47e70e84fce9916b62265d760daa70db3c02e453321d5490b3e98a1d800443411bdb169ca7086f8188123e85bc3fde312e113bad74bbe66d030e2668112e3dd8d4aaba6e856c9c9e94ebcaa284d466aeff96bf8e06dd654d0e4c8d474be96c9c39a48485fa48fe892eb5007d7f11601035450ce2f709e3fa0b387cfb208824797b81b6ea7215078b0089147eae35ce9735e09a95e85167e7d6b10b21e114b754e31917a795d064638c7168b3465b28975c151293f19e237e200b015aa35d58d495eac1b349fc28028559daf9991b2c9b115ee897346f9cceaa1582814420f770e945b57c04d90cfc3dd3df54ff2a06bfa225cfea056c203aaacbf1d15b22eb7a7068ac20ddb6e5bb0daf15cf4e12ae8b147c0ef8c4cec814e4fdda0802aa04583ef23beeee9026d4140a45ebc84099ba4b31c4d0356dce8e56e3fded8387daa9e53fdee5207ef6ccaf72d097d0a9dfe9a90fc7c1949558049f8b8a37f0df770b0fddacbc4f14b938414584291ca365ddaa4a53dd56e47d0c8fab1151c5abcc873f7312a618a80cbb92cbdb008956085187be561286ff0627c83c1bd0b15515871af5ce57997c93e1d46e8892fa807e48402de74dbc17bfd6d8bdeef7e0e41fbebc0ca707e7a5ca2091a2552d25ea0b714c90fda9fba845b1e9e88027719bd935f9e538805f35f6860961bd1918eae061a27782981dcc8833b186cb2e2a8a658b49685a439220097952c8c36611b567010f709d359a38e4e63d3c4d2170bc2e904c9039bf442b93c4c76db7f8d14564e26a24f63c3b059aa9757dd6ff2575cddffba092722916e9c8f417065d87098ed7e073a8779af1a9c0d417895d49416427c0a784b4ab25f0ca3aed0197d261aab30de420dec993a56d11cb63042d5ff471a8b0e6fae5c675f51ebe30cd8193ecea986b1087520f150fb9c923fc2eb73edd0c422ceb7f239d9b1382dea0b517f4152dca83d534feb9922e61a5d48c572ca7fcc4a3e186aa90ee8bd93b6e19510444f3c8ffae01cbafd5691e9d75b55a537702f37b6fbf0323464afe673e5d40331f16947b10e1c71dcd4714839e3dd04fc37aba2f1878723014b51a3a11894321c1a05c0c5be1b5ae3974542366b36a9a0cebc133e731c23b6a300825d64c9d473fef25377e2ed0ea4dea49ff0c29d8b65e382fa0fb1537f1c87d44c2d6293c257ff5bb8aa7ee59519484e5f8518062840f409ca4862e80bcb76ff9d6d77ff7cc88a3dfa05983733ae5b804f50441d6b9e9b539c31f6ef077c97767b72b54b70a4fb37d912c58a454dce90c9bb4556c4dc22a7750310648cbc4729a50f4960ea0e7dcc403b170d7282d269dbadf702c12f3e2ca76d2e9ee270ae7b28ab287e224c6f240920ac603b710899d3af119d5e833b8066f18561e874291341f16dbbdbbdb355906026eb53afb8256df188372d74e04d4fc149d75a8f23bdfa78e1ebc188ff16207db30284908d294122af59901edde5763e401bbd64fdbd9815950beebd69dd96b3f8f77842542c02fa77225c3412517b586a41566f3af976317e70a4a58c5bab7bec7ad7ba34f4872fd608eb77ee8400f1cd7f7c2a45d585c0a16e763838fddd24ecf0376e9e3ad2b4783ae881918ed9ef4752737f243700dc659a6b9241eab660e14f999ed375e56dca1129705e045efca43426d58e3ff6a22cdd4443e45d2fefb22b009afdc0bf7aa460a26719f6188bed76191531a28358d312aef20d813a940768f5b48d64ab6b8128c63dd87d93b87d14c08c5deba6abc94f6b080aed89dc1277b1e410bb5303dde0a9ab82d52448535fc504e7e510784207788051898aa21035717d753d1a423d53b540544a5438e85c106d4e21df22b7c09edf5b6ddf575bfa1814f5e794f36b3a435eeda19492a42b2cdcf23a9fe8cf7b534e9e5a038a75dc1e2b"}}, &(0x7f0000bbdffc)) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000800)='./file0\x00', 0x41, &(0x7f00000008c0)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@noquota}, {@abort}, {@noload}, {@noload}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV") quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000380)=@loop={'/dev/loop', 0x0}, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) sendmsg$unix(r10, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000100)="ae", 0x1}], 0x1}, 0x0) 817.596974ms ago: executing program 2 (id=5278): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x7f}]}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000200)) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_ENABLE(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16, @ANYBLOB="01000000000000000000030000005800018044000400200001000a000000000000003a00000000000000400000000000002d00000000200002000a00000000000000fc010000000000000000000000000000000000000d0001007564703a73"], 0x6c}}, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0079ddfacafdc62ec2e07700ea673087568af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10) sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be38", 0xffe7}], 0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaac14140000000b001400000000000000000000000700000007038b0100000000"], 0x38}, 0x0) 624.514349ms ago: executing program 2 (id=5279): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8000000}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10) ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0}) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, &(0x7f0000000080), 0x0}, 0x20) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r4, &(0x7f00000000c0)=[{0x0}], 0x1, 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$inet(r6, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000a80)=[{&(0x7f0000000440)="7d717c1f8428280ab55a04c6325d699064905ef93ebd77e2efec9f53dda482c9ee2e65a7f14fb8c8ba86e1a48d2b6b6afa2f0b4ec3e4f1113ef51e3ee2e89096948f4605cb79bde9e3c35e2e8c5656e7f4e2839f750dbc54845ec35a6540a0ac354fc844277715dc45a624629d82528a3e868dc2152570c88ba2157e21a3fd45974bfeb026194d440b5318f8bc08da0d365fd550f1ddb920ad905618a7289482f74bc2e81ec9c0abf25663403ca2ad939860eef39a36235f55b27706f0bbf4a7596f3c713b3b5e96c8186e508bac854c98bcae2a79234c8f125fd1199bcc52695fe06ba43c32a91f2cabaec6291285220c54819496843f", 0xf7}, {&(0x7f0000002c40)="a8cd2d813f93de411347b7e95837c2aabffe0b7b65d0e0b26f745be5e6d0b3922693df6cc0cebc6876df2ecaa9526da6fceb40d3e1bea9965161b1e791dfe31f3866993e88c67caca52292d312a39b062ac94e28acaad6860caa052f97a18e7efba653088adfc2c92903b2f074e394bf677df822e1f77fed4df7546c3b3786a047d9b08b42aca4ce1e0b084f40eb5fc21f9117b8b1a6c1fa488d599ac611955a6c02dbf23746d52330a3b8490c96ba007278d501d1d6ebe1c5404604cb08435d7de624ca034f8ac6a84ac9f69afea2d691b501c94b84d39b86b94f92601ee47e6d42c0d72991536e907151f9bfcfe92b53ffae33e352f973b1e6ef28e7892fbe24630571fe96c7a044e3d811c2737fe07985b00e0c4e1408123e705c6ed21ece20f5323205955f653000920ca1c46a0c191e457d70f0ae4b78f28455e22ad565a1715f0c88f43aa27a4e975af860d88b63bccd9ebdfb6c1270a734cb7545b01ca5f84c1d202a1c53a590d22e394cfb93452d04bd99ef6f21c267c02ad364cf341344217aeccf25e4953e470d34f5be6844d4041cf63ddcb01de1f0f9617fe17d00017aa74e4636080013071783a9d5f388f85931da2b2958c3a6b1759e91f57e5ad8b876ad0726b325ecb75be010af67bf1b68775542d61888be703abf26a1b755b259fe0fe3d0d24cacd29cd76b71fc76294b9be460f029be814f0b196d604044fb2742b6db9dbb5bd0b0b0d4d9df92ff6006b30597f7b593de19fb701726f7e66a40a4b566be51794e79cff337ea8c1eaca1b77f9e510e8faa23de9cb3233c26b4eb98e7d0d019efb4242e750fd6832cca83e52e9549bb3711d2d6a0ae758058903d0d319b3c7f5927908d0337ef6f1ab073b2ed00dc8bc70076b9ffecdf2226249ac58b5657e600f032697c400acc2054180239956576464626d9ec1714f7cede138de272ea81d2b0b5029dfd850c474f2a275225cc42b306429eb81228d19adb01e4109cf5525b7596265932515cfb53fa9a6d2cf573ab7a58f39367b1f64170a6ab24f911f423900eb0251ee8c0496d6a0ba5d1dd1860a64698ae6cc5deff511c83e1ba8421cd77cb5ca1d46ed2b819fcf919a2bc63fca2d47bb817375d79232b0903905d9f005dd4b4fa12edb7ade8338c298901440ac9e1d9edd7b558cfdf83cb48d30ce280e1a3e2ae85df773bd4e8ceeae0438200dfdd0cb7a4cdfae7323c827bf6358d9f0f22954a208eee06089e4a5c46a34fbdca84ff5f210510644ce379484d660d8b590c177e69f9f8406ca20bb639a1cfd88546159452a6ab3e7f61a1f77338e0c4dda01f39c5a278b39c7cd0894e845a28077c2a484d1a2a04946c4a516e7871d286347bebb4a56dff9e999ad380bdb7ba1ba0698a286765a11ccde66a92118ab2f3888de951cff6cb458d9de900a92ed6148a702f079ce9c2c414b951dbdade2b67bdc942835f4dd75983f6af0b1247c77eec69ee9752c9ab7190aa004056e24fb3fdb48c687ff778e29a804cdaa8e65e709793da9bca436a07e6436ff95b4ef0dd65b8455ed42c821b7a682b39fccb64cfecbc4f0fc5237362179faa889c9f52b08fb1e69637cc5bede6421972acc96bb90b92ac7017755847ad54b01a971d9d379977364aae24bc050462179a5bf6b7ae38a8cba2a51fad2c0489db86539184fdb3bc246ad6d276c2648f36412f70f197b441cdae46fb09f1a9ae6cc5cede82b9947f6237bc34db78475a4b2efa3f7249403368cbd6cc91996424f12a66bea8ed851da994f587b9ba1f077cd00957d1d8cc75a4fd489ed4dfd36f0fd3817bdf8c16276db413e438eceb67de1e1e8de46d0675dc6a55fa29d83d9493a45d6dbd5ea4459c3ff44d1ca50bfdd7f6b4015da8a7901b3d5fc0671f8ebe7a5dcecc776c21bdb2c35c14b0d4128c144d11bbf4377513240a3dd47e9f9e5c22af5ac9422f2c8e90bee27e3d6f5b314166ec9841272c48c91df4b1f086f7e9d27712ad27406d05a59a27c55d8cd4d7ddb25fa2e77e10864feba27e0440d04c35237ddbd75b91e72eab1ae1f396fbef691e09537062096b60f265bd04b344e0866ccecf7f132cff615b9c4c04a83b05f410158ba806b8f3a168482081bef190a7b13b85997e61be9d62c4173933a41a5e92fa3f43ef02196f4f4033071b5b177ab5b0ce3572f7053b4776fc3a51b05cbe942da9825bb75f7487df1779a4373cd5568ff11319e9f12981d75499c3731115505c18895dc82e6e03a5966aea8c7690e88066f4e53590e2eb332a06f5bc77be238ca5e001dc50c44fac1ed8c58e6468ee2c3d22b101b8978458142e01964d6734f622472e991a25e2878defce195c7198483b4c3edcb8b149146c938a0743c37a5d701ebed448a170dd91cc44cf43d13800507f4c3756e5241725997ea8fc8632eee1abc318e1f6f3cf8d430b35a57806bd5b040014ef0298bfc1abeaf55e5232363a888ba5d97079d0f593b1fceb208b2eb3c2417eef3e4f8d04268621082a02a7f334d2272d60428172433dbd7fa1b2237f3cf7ab26844522b6f56caa9158aa25a166eab3c5b481437fede3ff1c228d73b06317da199630bcba8fc0ff826ad096023a534c52bdff4e69edfde8643c7c0e05050f7a72c3638b5f5089f109469a40523ec15bda8e2b89080ad965cc4b3f9f6b32f7284a05d734e40bc32c6d82867b10aa2827dd22ec7f82ed6c9629f1c5a2b381ec73355a1930a332fbccf0522599a5e4f3cff8f610097c8b214881a19247d4dd3f7c870bfd848d66dfd0e391e2f3f487f55f5c6022f895c437dbcbace0fb3111d751a89fd8710dfc9f3c770b649efe823048dd0df649af48a2d4c7d665df5d7af6904b73983e2d816788d99d7f2d1531d3c8cddae1ce9145f7d3572ca7de7f4fc5ba55d87a2375083f2d279eaa0594e146620c19ea03276a3a4c31fe2779a5b493ea142051cd472728e9f32d37181bb61c0a7c82df513e798050a634a65530809c11e9b48217879d911747f736bb52f40729eac20397927aaba16cbef66975c436c696220427c359ba36246078e922c7e9569cd2e5eead89420002c312778f29941a515ff9411845617dab7a4edd2c11491be139ffb09a8ebf715cd9d38b8e8b1a83b2e32a3b1071479807a52d3828d6ba9040d6b71c5d53f54338d2be2016a689adf7e1b93727975a854300a302435faaf1778b276661db16fbae0f54a0eb3d5ee9f9272263dc3a4fe6984234d6fe1c4f3f32bb512a0b7150ab5a119ecfad616929adf1f2066710eef359891b88894267a7b149a70767803de4a52d5c060a94f53665a4d8abae125f989f64346102305a6c5a8df04661f82313097f5beadb5d340b49cc0fe478c49b897ba9dc998a03a8c9722c35f45ac55a11b9f91bb6f849a02eae30e5ba8cfe253dfa16e498cf6077fb7b17658314a759d758b1d3294d39a203edcd8e9f7e6d88c56ad25a14b2e276e6d851ad632e152ec6b9278953e33b8cbcde45c55f00247fc9b7f71925ca4fe6f411dd6c3245ead614e34745996a20fe0495180b9c28217f62c6bf4dcfca3fce66cfe3603c24932d847608a2568430d3e04c91bbca995ca7064ed3a9f984df0d56e00a319eeefe83d1872a8a08b43d98d64a3040df90ea42343d3d059357a2c1c58acfea88cb9febb9a039844c9961940f4789bbb40406bdb5f00acc5a883bdcd3435bee88f451e6276f044491dcf9c1a6e0f2cc1ec7c881fdb189ad711cae2502e62a9aa0296f97f2b522885be850bdfea2ec50aafc9af282af63ffaf973eacac4898330c24c64b563b21908a4d624a8b1ccce4acab3c914c0490c9efdf69441e85cd1ecd19ffbe2ffa11288b954ef4609a5a683500c02d75bef0e3db48eb65767ee2dc57d9acc5eb88ae618fe901167c171604308b0020fa745c31676053779bd77a07b8256b228126d837ddf85e591fc6c92578828610d9fec4e6cf68cd4bb5194b41565958cd04df215f38859e62bf3a0a45411036968a77b562b2df6ecdd9ad024d9e32862d7b06fb5d1c3ae04fb9a64306111f26242eb9433cc8ac44530b9b6ef01c901a026bc445aab798e724d6fb66becac243377e69a3db42ad2c38f461311cd7901874db0e50595ad386d8d2f4d83002b01763f07bd0ab129e4ff76e474af4b82b3a7f98af0b6909438d7511512144e21f835feaba708393baa8cfa5190c1245a5ce509bcc607ba44d14748dea94b19792b48839d9d6aab28e3d18678dd04ec3fa5bd1e66ed9a6db25e81913a6639c6956ffeabf026c4630ef61fc91937d9918d8e5d779ac48857ea103566468661a8525ae308d5480edeac06f453270742c538db04cca008718c90bf4892afadeab417ad82284fbf9472a876b93749ca63c8b2ce74a7ad2bc4fcdd2dd7363f1b89e75bfb1e8f43a54ca275b08471e9d06802ba54daa9b375c9ac0f87f249f9c573989783721503f6e3f2f96a53e05e12c04adc84515bfa9f3ac8f7f46028324a211adc2d24cb21814e3b0fd954b62a1de60fca19bd0032a001d4573325f3ef803fef8bfe8f070a27c66f2442061b96d3fa9383405abcfefff015f8d7c4eaf98e52bda0e27cb02247ad2985372175ab78534da0629a63e5c613293024b3cba54dd7a4b5decdd80496d893d1ad29562acda70c130a15526e193f693933aec185e782944556932dc0a753865e7e521db3187333485e4dd2b9e7c0c8238b5d0df8cd9a92c14bb250bbae46360b5706a080cd73684ee40c4aa325c88302b9ee7ab8aa0d7c88b4de2bfd70323af2149794adef870c4e0e1330ecc7231c386b4270de7c27e02b1b527a9601d2b028e43343eebddad92e1453b01729ea6c4cef965790f266e15e35fd08c750ca68bfd4d1fb08671404333f04d52ad76301d914c4ef2a6a8f08022c6ca8a4667c8c98ac73efaace81f8f13c153b5b54c33ffda69f65c1f2c0a6c7c6c841472ca41af8bc570afe1b4bdbbf28303da527ed5a51e2b450b33e887e4f26a1a220f0774d0e3fab983044896a686dc858c8cb377cccb8fe3e783f1bd8f458f8c10966426b13b63e0062570becf13a504fe3c861a857a5c730c6fe31ec5e90d1db701482f9ac0511c5dafdb9ca387e5a194e460bf8848cf83116ca9408d83d800c617798d789127307b2824b9afad63c68e085d81c5b377aee1b0f97e9672116e888fb95cf233cbe7988113150cb2fe80283178e736f7186e2f1d961f286b03ca37fab9c82e2f626e011f4cb29afc2edaa249c4d9796970b0116825e600f51ce488a7789d8b26d86bebf826d395cecd6101e6e128c048ae66da51e67197c634129223f47ccaa4196ed78823d9d3b2922b2e081e59c0f68e499451f362808e3f351cef362fd23a6a8de6e994e42980c26d45222c4de8034239b1870341558e764c2708f2a5bbec2c4851272d29f195f05f7b0f98c4b32d8a13", 0xf0a}], 0x2}}, {{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f00000002c0)="80", 0x1}], 0x1}}], 0x2, 0x0) splice(r5, 0x0, r4, 0x0, 0x10000008ebc, 0x0) splice(r3, 0x0, r6, 0x0, 0x25a5, 0x0) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 517.640068ms ago: executing program 2 (id=5280): mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15) r2 = dup(r1) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="b0"], 0xb0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) mount$9p_fd(0x801, &(0x7f0000000400)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000d00)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 453.177163ms ago: executing program 0 (id=5281): r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f00000007c0)=ANY=[@ANYBLOB="85000000110000003500000000000000850000002a0000009500000000000000f4670880271efa95b2c8c037c5a142c9a8d76287066c51adde96fcc309926fa397fabd5f9810e81ae0b737126ea6f7be39cd34d5ae35de38dde54704d25c79949c00a7c09cc28d7673294f42a5f0a8320e13fecd45c0f8612c10b100000000b0d3712c7e93363af3c075ff1e23166a32d95433008000000000000051e1cc4c45d576090c4867a7b62a7e73a0c14e97dc30fd4b393e366c6386d5ec7209d031f40f3012e9576e51a7f578602f07785b92e544fc46c744ae6af3e4195cc037102124d85cec074c6949e1298901ebb39522f6649dd76d067a82f5fe47fe5f17f9ab800f4104dbaba46aa43a815a1e5c6d1d224b64be6c4d7f47ef21eb7e46f9aa4a9779f8555eaea768c1f2c221c410ef4b253d110ee282ab7894de93d928cf95846be6277c04b48556c870814ec532b66a696a623cd8a4f8dc8dcba00b1b2d2747c45b0c52087b5efabf8496b9a951667d510ba0e3c4c00356ffebfb19a34268335648e1f844ce328c10752a42dca52fb98c1452b6518a6ef7297f7b3d0cd46dafc6ac5500f53e5309ec91d83cf4fbd775d9c07d8d591a4d8c60ff000000b78863e629b3b200000000000000000000000000008b00000000449c810d3174c87e080000003126af7a8b20744ea9875b9cba735b9594aa904e5a4bb2c3dfa80564e3e7000860000000004a2147c1128c697d9966b3c9f0e9e203911a3fac921a4fc6e625247510bc24e20ad88d3442a5d143c3047dd08e56a1b9764270c6ab800451b95e22f30a85f5681ca300000000af89a79b92a2c6743e478bd799415b6000f51168b71714bada12041752e2fcf95c1ced98fdc4f4bf2157b261380307d943b34c489734d55c4e15bbda5f5e31371c5330d920b71fbaaabd57ae73201b47f2c7e5e69a798f3c14f969fab1005e8ccedd9c46c3e39f949dd4c87ae724ef73e2abdb4485027139e9445f77e8dd3af90248ede241b408a320e069f6becd0b8405d24f0000000000000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0xe0, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffc1a}, 0x15) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r0, 0xfffff002, 0xe, 0x2f, &(0x7f00000000c0)="61df712bc884fed5722780b6c2a7", 0x0, 0x8000}, 0x28) 452.895463ms ago: executing program 2 (id=5282): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1400000010000100129067355f0000000000000a20000000000a00000000000000000000000000000900010073797a300000000058000000090a000000000000000000000000000008000a40000000000900020073797a39000000000900010073797a300000000008000540000000001c001180090001006d657461000000000c00028008000240"], 0xa0}}, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'erspan0\x00', 0x0}) sched_setaffinity(0x0, 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x6}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r6, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018400110800395032303030"], 0x15) r7 = dup(r6) write$FUSE_BMAP(r7, &(0x7f0000000080)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r7, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX=r6]) lchown(&(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="48000000100005040000005f596da40000880900", @ANYRES32=r2, @ANYBLOB="0000000000000000280012800b00010065727370616e000018000280060011004e23000004001200080015"], 0x48}}, 0x0) 452.674153ms ago: executing program 2 (id=5283): r0 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) mkdir(&(0x7f0000000140)='./control\x00', 0x0) close(r0) inotify_init1(0x0) fcntl$setstatus(r0, 0x4, 0x2c00) r1 = gettid() fcntl$setown(r0, 0x8, r1) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r2}, 0x10) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) rt_sigtimedwait(&(0x7f0000000040)={[0xffffffffffff7ff8]}, 0x0, 0x0, 0x8) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000180)='./control\x00', 0xa4000960) rmdir(&(0x7f0000000100)='./control\x00') 312.125485ms ago: executing program 1 (id=5284): syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x1, 0x0, &(0x7f0000000440)) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018400110800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000080)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) lchown(&(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x0) r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) write$P9_RGETATTR(r2, &(0x7f0000000340)={0xa0}, 0xa0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10) getdents64(r3, 0x0, 0x0) 311.959894ms ago: executing program 1 (id=5285): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = userfaultfd(0x80001) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000001c0)={0xaa, 0x214}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) syz_io_uring_setup(0x200000, &(0x7f00000000c0), &(0x7f0000c57000), 0x0) ioctl$UFFDIO_COPY(r2, 0x8010aa01, &(0x7f0000000000)={&(0x7f0000c27000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x3000}) 264.870659ms ago: executing program 0 (id=5286): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0xfff, 0x5, 0x1878, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x3}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000c00)="89e7ee2c7cdad9b4b47381c988a8", 0xe}, {0x0}], 0x2) 245.67074ms ago: executing program 1 (id=5287): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f0000001940)=ANY=[@ANYRES32, @ANYRES64, @ANYBLOB="2fead216f86ab81b9266e156d57baccc1979f021d790ef0e9c90611a189ba0cae982161780a5ebe9147760f7a363570961b9bbfac3ae53e9d6f967be1d50129b8904d5a145b1018139ec9fd1b64e6b8eda3cd1a70972f41e25b8923f0b371f24a65cbcfd28a2fae65bab228e3e7a48d85a68ff58925a5f1718eb69722c252974fd9f2e7dd43a405fc6be296e7d3a77f66ad8996ce471ce42a15fa26b4ae12ce0dfd3a1c4f8431de1b4cdd2a2a175f8561eb164ae700688efe7ec2ae5cad2e8cb8713adb82b092831970077407b43ddbce8c7909911d1d78ef5057a17d8015a33ec571826bec325751c72c6f08c1b122fe7b60d1337a1fe40e9f9b6952f9ffeff27f66806a93da400ab82ee8be6ee418ca9f53140a81512350536b6e6e537bdf93cea62c0bc04bba22bfabb7becb11c3e09e6027212a7691f73e6e99bfefbabd2b555c837c96407a7412094ba18f6a3e4ccd05a09851df33c10a4de95e0c5e372f7ca9e84e792873c831824b98727080676deb7f8fa492b38be4ca1549300dd3b55274f1a981c505a0803b44339d81125389ce7ce47ee9d0587e47197f477d590013d5a88c1a328fe901a99f707b533bf48948b25aa718a94c395b33d032b92ca263b79328edfe0bfb87017e1ce164e0ceec9eab5fc1afbbfa35d0b74b3da3b27d0752ed586fd99acc4ee232e7d5279a224372e0c70733ac11a0624ec3948591799cb71c0e8ebf9cd709d57d9ced2de5c91c0caef4777ccfb6b8b4a99f514a50f921801332dce3b20ae526f36b804bff4bab0db12a38d85ac72636837a9aabef392b49fd83cd0c49defccedf133b067707633c46c666a9e2f036814b763ebc4d2cf9fe753743e3886a2f1fab4118c91fcece8ec7515d7a024cce4333c5528f2f2898df6389ee5333faf1e4445b7ea093ff4112112c8ec06265470c2d1934c749a290e3d2c7f496fd6f227b528e55f05afccd3e564fab6c24eb62259a42e27dada1c0491b3c8a557e63fe524f2b74b03ec3325940b8ceef7f8ab22e34306f78a4cab1d46beef3c7ac17ecdcc88ae2bd0a50069e1134755403b0c66596e10a9325975c6fc26508e55ee8eeda8c562329f78c9fe7ae2c771dbe0b99a8321acb69d65703f79f5f870a863fce2ccc5ddd3d08ed623b11204055d3125296948371237ab4cd3d799d5c802a21e3853f452bcd9a5a99fc8d7793a10ad96a5621c9132af8e67de3a6ea90b6b4ab1f2f3fba6a4776dc700df906986743ebd59d7e0ebce86cde74fa8a879d079cc1f886020ed7166fbd88bff08e00705a72598b9424063bdbf95bc49ea77d0934747e82bdbc73730416b8417c34973867f7bd0bc96edc9d2fc796a58cdf682f34566dadce1cb372d50b8d4fd8cfdf3dd1532e13ab7f29586591483402d28dd49fffb60651d1c181cc3e893ec8ead8c4202a5f064c0ff83bbd1e35af1a3b66f54d055a55d602344697aed01eba697db221884422aacf1f5fdc5b4423009c1a7319451d17c5138fac38c2e5af47510f4304cc10757809f19faa00405f938109eb121204958e69ab1b55be37adf470d0f891da842258d3dacd472711b60b0c37208814bee7e30ef6f8e414f31cd82e67607d6d6fc8be80f4cb40a86c9340d5ea5a622902d8f90e4aac3417dc3614c35ff7dec2f87bf0acaab65f8b078633bd8a4a4f574128aedf3a7d433f35a28af55150097af5b9f8fc68c0900e053d78b0182f928717584cd237ec5bee566e06da497a6bf2a9a17310abd29b6ddae0c9c7231328d347626f2a1fcd57b6a359608192e049d70be31f96991b346d126c06bd71c6234295a184a20043287a4c8beec5978bd0af2af498c87fe1e867f7eb5b44ceec161fda834e2f7f5e131eb494ebdf8b99fdcb634158348c2466faa7519e4b28ab5af198e8f05ab6fbefa0ae618408d50d9bd8879b76990cd0a2b21dfa130d662fe180a510888c0dd259d70ebfd27229f52c11cce102ae78cd5ff81c927c6f38fda03b9a2c169bcdfdb8b2e37db3912bcd6cc4cf976c7a21c561015555d371438a29b25827c12c6a4500f98784fdc76e9523b9ad62f1b1fa3363c122ec8d2bbc160b289a35646343ef9d101c0e3411175c0b7824956709ca94bad0d8e0e5a3e1e63c5478bba04a371b90241ddb7eda378d95826edb967565fbb6a38b4200dd9ad754b859b9af9309ad21ecae9e90adf5e9cdd05e6f10513f201acf2fc95b56e4cbe24e5cf9015c3b54ed75a7d0bb2a82a04f342386027787e4ef6b42b77779a41b89b3c1c52319b65862f029604c670f48d5b9f7e4e8e886641a255fc89cfb0e1202e63e6dadbadfa48f72c0d86380bf97a825a34fdf97dbea3dae0a1f5bfce5333a492981f4825aa190359753f38ba23db9b0a10226182b680df912770ecd7c4ddf615a4e011795777398bf49d6a479e554ade4a10babe9b17c22af829134e7e6b9d2919071e8baee4856de0b0af48c29836ae158c6592e949809a35ce42e6b89851e412d93b1a60ebc9706fda445abb0a924d079585b0086a697aa4199091486d4d6bb1dbac0e2a93afc561637623d94525a7252b60853a9ab372a274ea8cd9860d538ab31483d9b1e612d36a394d140ce9befd009bd3ed6b2c8567197de4dbb73869692a01234df9b92b4a3491a59edf29596e16bbc34eab5855c202dce3d329b6b6b7c96f93bbeee66a14e8e3486eec13dead7262d9cb81c876e2c2d227cc5b782b8e17f5ee5fef8e242f5eed786d2fead9a71c670b6b19c379725af1c370d2f5299a16ced141b18bc5a967fe3cb0826670cd0d71de838299192c2573cc45b65f9ce7d3d197e43888ae271f4bb2a140876c3a43eeab60ad654e95a7a33e22c552d8707e48456d7577b8766ee1febd84e44b5ad97b577171001ecea6ef7dfc573015c9195c29011802e2ca81907ae48307249acdfa4f4567a5dd8d331f38838ccfc8fd6c5f9f7f0c9b7455e385604d900956aafa50bdcf86bf75212da858b0da54747901a30c8cefac0a3d54bdf5bd33de2523d08060dfb8326d4c580e3f1bea65c4f3674655966d76413ecce13a7fb12f9ca7bddd619468e1e3ffc9562f0692d2e26fc2361728a3db4581946afc2bc09db08bb68f733d55a3ba9ba6f82e31086c072bd9b7cc919b1c597d38cae650cb717478289f3412e306874e7817e05ddfe64c4aa9bb6c267bafa79f65306c47c810949ae0508f3abe1829a3e7ed9ee645d2208b826999c46407db8dcd62c719bed063fbd100ffc64d069f286245a5dcb399892b6b52d3cfabfcf5bb38ed8dd347367b2683d8f740c342fa0bddcf0ee582ad202cb958a933cad5868d3c7ce1d0b93ae45563fe48e8ffa7d14297c93ef99f751b2fe615b1a998f72e506687636343285c0afeb1ac76f66a5123cee605620b9e8f01cfdfabf38e7d93d1c37be88440918bef54ec81f049df18b52959bac18c05b950bb40b6137b7bb44d39176b3cf051cfe30a9623825528435fff7945b4632a07da8dd9dd6df681eeef2c4b970e5a62da1de69c0678e9f0de5b591b9e100681293de7bc5a23f94d1a7031c085cc71bd93bead8287edeef1916a718cfdc7c0f49fac8fcfaf7ec9e34787905f5aced01f793cf38dd4b388de79357f90d29a0fe76a79c9a242b05112b006269ff628422467979d4ad65669c4291a2f05334433e31d4ef71abd2fc9716a195790714e6deee7641b64b95799196a2e317b9fa72292aa639da96cbd60b71d3f239586c2deeacff5ab3d8622a9b7c5d53fe484ba9359f1756628b2c478d834d2b348cb896a30395cfc1e2412996b0bc7f0fbfe7453098ff74ff46b8d8bbd35fc3b89a74bcae3b0b4a178103dd2f09ce1f591c7469164cad1871622132f5f66981cf4377992894dd75beeb896a064cd47fd6b6681731f5642643c3274ee2b2fab3d939b503fa328e61a4950c304dc4de3c761c7189f542c56f5c4ab2ac8347326d46eb7bd657080553c030c0422837eed80bf91633ad84a52f4c01f70cfe15bb20065e09e0c83609318fdb525b6d961291e07fcd50e8e6f10520970510611638e4a9b4dfb55c77dfd9e86557c48f2145107f577b7218d7a6acdb4291e5e75a73890f9955d77868d7c649c70bac4ffe08085c9723a5c67153b477e0d321f9e73fec3cdb7cbf00e7f744e5e69760773e412a2c22e4d378b5cf2b5a552eee720f94843d1cbb8af385ef3f697dd6b345dffcdc6798346c0e51396c95221a9350141036959f50b6eed6ec982338d197d8182347f22574218218a1cb606e24613333590c2e5f0a712ff0fab2fe52c7c5406e05804f7542855f8f4e327d15ccc3eb82a86fb329db76a6e3736ec184600530c9372a01a221be76c4b0e2f197102851172ab3917cdebc615f531effb380960ae3db5ce9f75e72035c0474f7321af73d04a93eaa4d36e93a14d1c93d9f65f42977bd51b47630df0f4740dcd4e051e5f8f79a5b162c448d69aca6df7a268b1fcd7aa26c96393a445e2ff561fa64dc2cc7406061f7cf1b45fc3feb3851ed577f648b9a204f612eaae0d5c768f0b8d32e7718d3ba314119b3c1eef77576ffcec08524e2bc3e279ee4a599bfc9d63553d22529d23634d3b61308fdabed45075cb60fbd780e7ed1388645f62d5f135f706f1b253357d4aacc272517e863bda187cb21ffa268cc15a43b1a1f65e9f9b73b83a89031ce2ab421e0b06ac955c370f2fbdda9a1f18c2792f1c3540be4d0e2c765fb9a5b067d794b5a53444a6fce7af116753586f17a098410a1c58596e226f26348f597a4869efb48b481cdb91a036258cc0b411f4b1bd73c2bff742e03f03bf93b6be5044d305c97e704ab010d95328a1de7df96442c5ff2021edbf2e17123893578aab8baa029f27a5761854d5cc039c2e9d250d1c520042ced451bcf66fdb8859d7033e51f267b22c0bfbfde587d524fcc394311acb3229b788bc2b818d5a61af8adf24583ff074d7d600990d1d1a3d02d222ecd58897c946cb223de182946ad3f99a4e9eb80496e4d4b1335aabff79d6c5f6f8ab98e34dce44332c8ec9009dab673ef8587a097b0f95ecf67d06a8163a56c99665f202041e9c76e87ee04530fede03790dcee71c8bfec3f2db28aaf7e1ed24d3bf1aacd62f51faaddf2ec3449ce41b550747ab4119c8873f9b9fc32d15e85e729d9145ad7f2c44aded6c74deb647af44926927e2f9f6e45b273f56cb27285e6b66eeec36c97e79c981dcd9391489b610322e8c151552ddba662073e7d10d584b019122d5e8edc58b75843fd4e6c188c9e18ae5a28fea672ab255b273042ff24ba15ee25c263ad9490303e6659da174f6f562a2cdf425805f943389320cd55343b7fd84d3742df6a6e6cfea8e4309f19fde89e75bc7f95140125879dd2375fe9160886712f25b64bcc18c93700711680a0947d5023c459ca2287bd152ecd62b207146c463170c32504bbb29fab35db916d2c72292dfdc71c75e4a4141077ec5f18d9633477f61eff8eae1195c4b176a6e7f818cfd55b68dd4c65ce1e23fc370dcaf4af84d37776722b354d94d3032ca0ab4bc9d4c5a15897bbd1c2a4f78d56072bdc1865c22b844f2879d9e1070d79036ff1c93217a707b617992432d9284a056a97438a86d6fc0002a8d5503414b56c23bb61d6bf1c47e66c19b10ff89f7b63986554ca59ad1cba62e71e968325473c5506bdc53a6d64ab29d2ba5c4e29706b7bcf582c3bbb4539771cdc6e1bcb861fd4557252a498c82cb72ea6b182c69170df1dfcbb52f19b547b0ede1d3b427b34f84c73b941eed59494397b19033", @ANYRES32, @ANYRESHEX], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) socket$netlink(0x10, 0x3, 0x0) (async) unshare(0x22020600) (async) r1 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000005c0)={[{@usrjquota}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@discard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x1ff}}, {@quota}, {@grpjquota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x26e1, 0x0) (async) openat$tun(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) (async) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x200000, &(0x7f0000000180), 0xfc, 0x57c, &(0x7f00000013c0)="$eJzs3U1rG9caAOB3xnbifNxrB0K4t4tiyKIpaaTY7kcKXaTL0oYG2n0qbMUEy1Gw5BC7gSaLZtNNCYVSGijtvvsuQ/9Af0WgDYQSTLvoxmXkkaPEki078kei54Gxz5kZ+ZxXM+/xGY2EAuhbY9mPNOL/EfF1EjHSsm0w8o1jq/stP745lS1JrKx88mcSSb6uuX+S/z6SV/4XEb9+GXE6Xd9ubXFptlSplOfzejGSa8Xa4tKZK3OlmfJM+erE5OS5tyYn3n3n7Z7F+vrFv7/7+P4H5746ufztzw+P3U3ifBzNt7XG8RxutVbGYix/Tobi/DM7jvegsf0k2esOsC0DeZ4PRTYGjMRAnvVtrYzsZteAHfZFltZAn0rkP/Sp5jygeW3fo+vgF8aj91cvgNbHP7j62kgMN66NDi8nT10ZZde7oz1oP2vjlz/u3c2W6N3rEACbunU7Is4ODq4f/5J8/Nu+s13s82wbxj/YPfez+c8b7eY/6dr8J9rMf460yd3t2Dz/04c9aKajbP73Xtv579pNq9GBvPafxpxvKLl8pVLOxrb/RsSpGDqY1Te4n/NZuvxgpdPG1vlftmTtN+eCeT8eDh58+jHTpXrpuYJu8eh2xCtt57/J2vFP2hz/7Pm42GUbJ8r3Xu20bfP4d9bKjxGvtT3+T+5oZaVifa7T/cli43woNs+K9f66c+K3Tu3vdfzZ8T+8cfyjSev92trW2/hh+J9yp23bPf8PJJ82ygfydTdK9fr8eMSB5KP16yeePLZZb+6fxX/q5MbjX7vz/1CW2F3Gf+f4ndZdh7cW/87K4p/e0vHfeuHBh59/36n97o7/m43SqXxNN+Nftx18nucOAAAAAAAA9ps0Io5GkhbWymlaKKy+v+N4HE4r1Vr99OXqwtXpaHxWdjSG0uad7pGW90OM5++HbdYnnqlPRsSxiPhm4FCjXpiqVqb3OngAAAAAAAAAAAAAAAAAAADYJ45EDLf7/H/m94G97h2w4zb4ym/gJdc5//MtvfimJ2Bfas3/g3vYD2D3mf9D/+oi/9Pd6Aew+/z/h/4l/6F/yX/oX/If+tdW8v+nCzvYEQAAAAAAAAAAAAAAAAAAAAAAAAAAAHg5XLxwIVtWlh/fnMrq09cXF2ar189Ml2uzhbmFqcJUdf5aYaZanamUC1PVuc3+XqVavTY+EQs3ivVyrV6sLS5dmqsuXK1fujJXmilfKg/tSlQAAAAAAAAAAAAAAAAAAADwYqktLs2WKpXyvILCtgqD+6MbnQppfqLvl/68MIU9HpgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMW/AQAA//+LGzah") (async) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0) (async) r3 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0) (async) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f00000001c0)) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@bloom_filter={0x1e, 0x9, 0x0, 0xd, 0x1000, r2, 0x8, '\x00', 0x0, r2, 0x1, 0x2, 0x1, 0x6}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r4, @ANYRES8=r1], 0x0, 0x0, 0x0, 0x0, 0xafb7eed03be4d455, 0x60, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000180)={{r4}, &(0x7f0000000040), &(0x7f0000000080)='%pS \x00'}, 0x20) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10) mknodat$null(0xffffffffffffff9c, 0x0, 0x0, 0x103) mount(&(0x7f00000004c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r6 = open(&(0x7f0000000000)='./bus\x00', 0x14113e, 0x0) write$binfmt_script(r6, &(0x7f0000000280), 0x208e24b) (async) r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) pwritev2(r7, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0x7500}], 0x1, 0x0, 0x0, 0x0) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) r9 = getpid() sched_setscheduler(r9, 0x2, &(0x7f0000000200)=0x4) (async) prlimit64(r9, 0x8, &(0x7f0000000140)={0x1, 0x6}, 0x0) (async) write$cgroup_pid(r8, &(0x7f0000000980)=r9, 0x12) r10 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') setns(r10, 0x0) 127.96033ms ago: executing program 3 (id=5288): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000280)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c0000001a000100000000000000000002000000000000000000000008000100ac1414aa080002006401010108000300", @ANYRES32=r2], 0x3c}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x5, 0x0, &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', r2, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x90) prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) r5 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r5, 0x1, 0x2a, &(0x7f0000000000), 0x4) getpgrp(0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000a6eb38110b1c1048a35cb1d5dbc5562c81dd3203afa6d13f780db17ce0844c6b29a5813446cc6c6b72d0fedc155e5f52298415a86d5ad6181fdb7e647d0de009bed5b91ef3f6b294137669175cc6c4844cdfd86c4ba2af7d0c84bc866dc8aabd501d1dcfb08511dbed1204950637e2", @ANYBLOB="2b80e1b8caff563803ca58ace4d3378091ecfacf1216edd27cdbcd7e22ed5b49d779e789e3f4bae4e042c7605623b6b0d61503f397b82b38e7186c819fb8fa179563617258d5e47de34fbf78bbb67f766e61f6c2fc07dd0ddad90e007f810ca50d53a0abcd5138225c8230d9b53c47cd8832910f2ffe9de0443934ea5fc546c3d61bf6c1778cfdceb54c87a5b46485e99ebbc7a2172b36ae2fc05e634ba980023a", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0xfff, 0x7, 0x1004}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00'}, 0x10) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000280)={[], [{@fowner_lt}]}, 0x0, 0x4d7, &(0x7f0000001000)="$eJzs3c9vG1kdAPDvTJImDdlNFvYACNiy7FJQVTtxt1HVU7mAUFUJUXHi0IbEjaLYdRQ7pQk9pP8BByQqcYI/gQMSB6SeuHODG5dyQCpQgRokDkYzHqdOGzeBZOM2/nyk0bwfsb/v2Zr37JdkXgBD61xEbEfEmYi4HRHTRXlSHHGtc2Q/9/zZg8WdZw8Wk2i3b/49yeuzsuh5TOYzxXNORMT3vxPxo+TVuM3NrdWFWq26XuTLrfpaubm5dXGlvrBcXa7erVTm5+Znr1y6XDm2vn5Q//XTb69c/8HvfvvlJ3/Y/uZPsmZNFXW9/egaO4aYSfFMUz1loxFxvbf6LTZS9OfMoBvC/yWNiM9GxIf59T8dI/m7CQCcZu32dLSne/MAwGmX5mtgSVoq1gKmIk1Lpc4a3vsxmdYazdaFO42Nu0udtbKZGEvvrNSqs8Va4UyMJVl+Lk+/yFdeyl+KiPci4mfjZ/N8abFRWxrkBx8AGGLZPD818SL/r/HO/A8AnHITg24AAHDizP8AMHwOMf/7iAAAp4zJHQCGj/kfAIaP+R8Ahk+/+X/7hNsBAJyI7924kR3tneL+10v3NjdWG/cuLlWbq6X6xmJpsbG+VlpuNJbze/bUD3q+WqOxNvdJbNwvt6rNVrm5uXWr3riWdiqrt6p77ql9HDfYBgD+Z+998PhPSfZV/+rZ/IievRxMz3C6pYNuADAwI4NuADAwdvuC4eU7PnDQRrR9/0T40VGinj3Kg4EjOv8F6/8wrKz/w/Cy/g/Dy/o/DK92O7HnPwAMGWv8wGB+/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABvt6n8SNJSsRf4VKRpqRTxTkTMxFhyZ6VWnY2IdyPij+Nj41l+btCNBgCOKP1rUuz/dX76o6mXa88k/x7PzxHx41/c/Pn9hVZrfS4r/8dueetRUV7plgAAb5LuPN2dx7ueP3uw2D1Osj1Pv9XZXDSLu1McnZrRGM3PEzEWEZP/TIp8R/Z5ZeQY4m8/jIjP79f/JF8bmSl2Pn05fhb7nRONn+6Jn+Z1nXP2WnzuGNoCw+ZxNv5c2+/6S+Ncft7/+p/IR6ij645/O6+Mf+nu+DfSZ/w7d9gYn/z+u33rHkZ8cXS/+Mlu/KRP/I8OGf/PX/rKh3tLPv5pu91JtX8ZcT72j98bq9yqr5Wbm1sXV+oLy9Xl6t1KZX5ufvbKpcuVcr5GXe6uVOf2fAn929UL776u/5O98UdiN/7EAf3/+JD9/9V/bv/wq6+J/42v7f/+v/+a+Nmc+PVDxl+Y/E3f7buz+Et9Xv+D3v8Lh4z/5C9bSz3Z47hsAIAjaG5urS7UatV1CYlTkph4M5qxf2K8uPDelPb0TQx4YAI+dS8u+kG3BAAAAAAAAAAAAAAA6Ock/p1o0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg9PpvAAAA///vEtQr") bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x0, 0x16, &(0x7f0000000540)=ANY=[], 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r7 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x6) 127.72465ms ago: executing program 0 (id=5289): socket$packet(0x11, 0x0, 0x300) syz_usb_connect(0x0, 0x5d, &(0x7f0000000b00)=ANY=[@ANYBLOB="12010000551b8920b822276080c20102030109024b0001000100000904000000020a0000052406"], 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001fd8)=ANY=[@ANYBLOB="850000002a00000084000000000000009500000000000000"], &(0x7f0000000180)='GPL\x00'}, 0x48) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000040)=r3, 0x4) write$binfmt_misc(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="72b9800007"], 0xd) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000000)={0x0, &(0x7f00000000c0)}) r4 = open(&(0x7f0000000180)='./bus\x00', 0x14957e, 0x0) readahead(r4, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) 77.137994ms ago: executing program 1 (id=5290): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8000000}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10) ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0}) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, &(0x7f0000000080), 0x0}, 0x20) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r4, &(0x7f00000000c0)=[{0x0}], 0x1, 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$inet(r6, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000a80)=[{&(0x7f0000000440)="7d717c1f8428280ab55a04c6325d699064905ef93ebd77e2efec9f53dda482c9ee2e65a7f14fb8c8ba86e1a48d2b6b6afa2f0b4ec3e4f1113ef51e3ee2e89096948f4605cb79bde9e3c35e2e8c5656e7f4e2839f750dbc54845ec35a6540a0ac354fc844277715dc45a624629d82528a3e868dc2152570c88ba2157e21a3fd45974bfeb026194d440b5318f8bc08da0d365fd550f1ddb920ad905618a7289482f74bc2e81ec9c0abf25663403ca2ad939860eef39a36235f55b27706f0bbf4a7596f3c713b3b5e96c8186e508bac854c98bcae2a79234c8f125fd1199bcc52695fe06ba43c32a91f2cabaec6291285220c54819496843f", 0xf7}, {&(0x7f0000002c40)="a8cd2d813f93de411347b7e95837c2aabffe0b7b65d0e0b26f745be5e6d0b3922693df6cc0cebc6876df2ecaa9526da6fceb40d3e1bea9965161b1e791dfe31f3866993e88c67caca52292d312a39b062ac94e28acaad6860caa052f97a18e7efba653088adfc2c92903b2f074e394bf677df822e1f77fed4df7546c3b3786a047d9b08b42aca4ce1e0b084f40eb5fc21f9117b8b1a6c1fa488d599ac611955a6c02dbf23746d52330a3b8490c96ba007278d501d1d6ebe1c5404604cb08435d7de624ca034f8ac6a84ac9f69afea2d691b501c94b84d39b86b94f92601ee47e6d42c0d72991536e907151f9bfcfe92b53ffae33e352f973b1e6ef28e7892fbe24630571fe96c7a044e3d811c2737fe07985b00e0c4e1408123e705c6ed21ece20f5323205955f653000920ca1c46a0c191e457d70f0ae4b78f28455e22ad565a1715f0c88f43aa27a4e975af860d88b63bccd9ebdfb6c1270a734cb7545b01ca5f84c1d202a1c53a590d22e394cfb93452d04bd99ef6f21c267c02ad364cf341344217aeccf25e4953e470d34f5be6844d4041cf63ddcb01de1f0f9617fe17d00017aa74e4636080013071783a9d5f388f85931da2b2958c3a6b1759e91f57e5ad8b876ad0726b325ecb75be010af67bf1b68775542d61888be703abf26a1b755b259fe0fe3d0d24cacd29cd76b71fc76294b9be460f029be814f0b196d604044fb2742b6db9dbb5bd0b0b0d4d9df92ff6006b30597f7b593de19fb701726f7e66a40a4b566be51794e79cff337ea8c1eaca1b77f9e510e8faa23de9cb3233c26b4eb98e7d0d019efb4242e750fd6832cca83e52e9549bb3711d2d6a0ae758058903d0d319b3c7f5927908d0337ef6f1ab073b2ed00dc8bc70076b9ffecdf2226249ac58b5657e600f032697c400acc2054180239956576464626d9ec1714f7cede138de272ea81d2b0b5029dfd850c474f2a275225cc42b306429eb81228d19adb01e4109cf5525b7596265932515cfb53fa9a6d2cf573ab7a58f39367b1f64170a6ab24f911f423900eb0251ee8c0496d6a0ba5d1dd1860a64698ae6cc5deff511c83e1ba8421cd77cb5ca1d46ed2b819fcf919a2bc63fca2d47bb817375d79232b0903905d9f005dd4b4fa12edb7ade8338c298901440ac9e1d9edd7b558cfdf83cb48d30ce280e1a3e2ae85df773bd4e8ceeae0438200dfdd0cb7a4cdfae7323c827bf6358d9f0f22954a208eee06089e4a5c46a34fbdca84ff5f210510644ce379484d660d8b590c177e69f9f8406ca20bb639a1cfd88546159452a6ab3e7f61a1f77338e0c4dda01f39c5a278b39c7cd0894e845a28077c2a484d1a2a04946c4a516e7871d286347bebb4a56dff9e999ad380bdb7ba1ba0698a286765a11ccde66a92118ab2f3888de951cff6cb458d9de900a92ed6148a702f079ce9c2c414b951dbdade2b67bdc942835f4dd75983f6af0b1247c77eec69ee9752c9ab7190aa004056e24fb3fdb48c687ff778e29a804cdaa8e65e709793da9bca436a07e6436ff95b4ef0dd65b8455ed42c821b7a682b39fccb64cfecbc4f0fc5237362179faa889c9f52b08fb1e69637cc5bede6421972acc96bb90b92ac7017755847ad54b01a971d9d379977364aae24bc050462179a5bf6b7ae38a8cba2a51fad2c0489db86539184fdb3bc246ad6d276c2648f36412f70f197b441cdae46fb09f1a9ae6cc5cede82b9947f6237bc34db78475a4b2efa3f7249403368cbd6cc91996424f12a66bea8ed851da994f587b9ba1f077cd00957d1d8cc75a4fd489ed4dfd36f0fd3817bdf8c16276db413e438eceb67de1e1e8de46d0675dc6a55fa29d83d9493a45d6dbd5ea4459c3ff44d1ca50bfdd7f6b4015da8a7901b3d5fc0671f8ebe7a5dcecc776c21bdb2c35c14b0d4128c144d11bbf4377513240a3dd47e9f9e5c22af5ac9422f2c8e90bee27e3d6f5b314166ec9841272c48c91df4b1f086f7e9d27712ad27406d05a59a27c55d8cd4d7ddb25fa2e77e10864feba27e0440d04c35237ddbd75b91e72eab1ae1f396fbef691e09537062096b60f265bd04b344e0866ccecf7f132cff615b9c4c04a83b05f410158ba806b8f3a168482081bef190a7b13b85997e61be9d62c4173933a41a5e92fa3f43ef02196f4f4033071b5b177ab5b0ce3572f7053b4776fc3a51b05cbe942da9825bb75f7487df1779a4373cd5568ff11319e9f12981d75499c3731115505c18895dc82e6e03a5966aea8c7690e88066f4e53590e2eb332a06f5bc77be238ca5e001dc50c44fac1ed8c58e6468ee2c3d22b101b8978458142e01964d6734f622472e991a25e2878defce195c7198483b4c3edcb8b149146c938a0743c37a5d701ebed448a170dd91cc44cf43d13800507f4c3756e5241725997ea8fc8632eee1abc318e1f6f3cf8d430b35a57806bd5b040014ef0298bfc1abeaf55e5232363a888ba5d97079d0f593b1fceb208b2eb3c2417eef3e4f8d04268621082a02a7f334d2272d60428172433dbd7fa1b2237f3cf7ab26844522b6f56caa9158aa25a166eab3c5b481437fede3ff1c228d73b06317da199630bcba8fc0ff826ad096023a534c52bdff4e69edfde8643c7c0e05050f7a72c3638b5f5089f109469a40523ec15bda8e2b89080ad965cc4b3f9f6b32f7284a05d734e40bc32c6d82867b10aa2827dd22ec7f82ed6c9629f1c5a2b381ec73355a1930a332fbccf0522599a5e4f3cff8f610097c8b214881a19247d4dd3f7c870bfd848d66dfd0e391e2f3f487f55f5c6022f895c437dbcbace0fb3111d751a89fd8710dfc9f3c770b649efe823048dd0df649af48a2d4c7d665df5d7af6904b73983e2d816788d99d7f2d1531d3c8cddae1ce9145f7d3572ca7de7f4fc5ba55d87a2375083f2d279eaa0594e146620c19ea03276a3a4c31fe2779a5b493ea142051cd472728e9f32d37181bb61c0a7c82df513e798050a634a65530809c11e9b48217879d911747f736bb52f40729eac20397927aaba16cbef66975c436c696220427c359ba36246078e922c7e9569cd2e5eead89420002c312778f29941a515ff9411845617dab7a4edd2c11491be139ffb09a8ebf715cd9d38b8e8b1a83b2e32a3b1071479807a52d3828d6ba9040d6b71c5d53f54338d2be2016a689adf7e1b93727975a854300a302435faaf1778b276661db16fbae0f54a0eb3d5ee9f9272263dc3a4fe6984234d6fe1c4f3f32bb512a0b7150ab5a119ecfad616929adf1f2066710eef359891b88894267a7b149a70767803de4a52d5c060a94f53665a4d8abae125f989f64346102305a6c5a8df04661f82313097f5beadb5d340b49cc0fe478c49b897ba9dc998a03a8c9722c35f45ac55a11b9f91bb6f849a02eae30e5ba8cfe253dfa16e498cf6077fb7b17658314a759d758b1d3294d39a203edcd8e9f7e6d88c56ad25a14b2e276e6d851ad632e152ec6b9278953e33b8cbcde45c55f00247fc9b7f71925ca4fe6f411dd6c3245ead614e34745996a20fe0495180b9c28217f62c6bf4dcfca3fce66cfe3603c24932d847608a2568430d3e04c91bbca995ca7064ed3a9f984df0d56e00a319eeefe83d1872a8a08b43d98d64a3040df90ea42343d3d059357a2c1c58acfea88cb9febb9a039844c9961940f4789bbb40406bdb5f00acc5a883bdcd3435bee88f451e6276f044491dcf9c1a6e0f2cc1ec7c881fdb189ad711cae2502e62a9aa0296f97f2b522885be850bdfea2ec50aafc9af282af63ffaf973eacac4898330c24c64b563b21908a4d624a8b1ccce4acab3c914c0490c9efdf69441e85cd1ecd19ffbe2ffa11288b954ef4609a5a683500c02d75bef0e3db48eb65767ee2dc57d9acc5eb88ae618fe901167c171604308b0020fa745c31676053779bd77a07b8256b228126d837ddf85e591fc6c92578828610d9fec4e6cf68cd4bb5194b41565958cd04df215f38859e62bf3a0a45411036968a77b562b2df6ecdd9ad024d9e32862d7b06fb5d1c3ae04fb9a64306111f26242eb9433cc8ac44530b9b6ef01c901a026bc445aab798e724d6fb66becac243377e69a3db42ad2c38f461311cd7901874db0e50595ad386d8d2f4d83002b01763f07bd0ab129e4ff76e474af4b82b3a7f98af0b6909438d7511512144e21f835feaba708393baa8cfa5190c1245a5ce509bcc607ba44d14748dea94b19792b48839d9d6aab28e3d18678dd04ec3fa5bd1e66ed9a6db25e81913a6639c6956ffeabf026c4630ef61fc91937d9918d8e5d779ac48857ea103566468661a8525ae308d5480edeac06f453270742c538db04cca008718c90bf4892afadeab417ad82284fbf9472a876b93749ca63c8b2ce74a7ad2bc4fcdd2dd7363f1b89e75bfb1e8f43a54ca275b08471e9d06802ba54daa9b375c9ac0f87f249f9c573989783721503f6e3f2f96a53e05e12c04adc84515bfa9f3ac8f7f46028324a211adc2d24cb21814e3b0fd954b62a1de60fca19bd0032a001d4573325f3ef803fef8bfe8f070a27c66f2442061b96d3fa9383405abcfefff015f8d7c4eaf98e52bda0e27cb02247ad2985372175ab78534da0629a63e5c613293024b3cba54dd7a4b5decdd80496d893d1ad29562acda70c130a15526e193f693933aec185e782944556932dc0a753865e7e521db3187333485e4dd2b9e7c0c8238b5d0df8cd9a92c14bb250bbae46360b5706a080cd73684ee40c4aa325c88302b9ee7ab8aa0d7c88b4de2bfd70323af2149794adef870c4e0e1330ecc7231c386b4270de7c27e02b1b527a9601d2b028e43343eebddad92e1453b01729ea6c4cef965790f266e15e35fd08c750ca68bfd4d1fb08671404333f04d52ad76301d914c4ef2a6a8f08022c6ca8a4667c8c98ac73efaace81f8f13c153b5b54c33ffda69f65c1f2c0a6c7c6c841472ca41af8bc570afe1b4bdbbf28303da527ed5a51e2b450b33e887e4f26a1a220f0774d0e3fab983044896a686dc858c8cb377cccb8fe3e783f1bd8f458f8c10966426b13b63e0062570becf13a504fe3c861a857a5c730c6fe31ec5e90d1db701482f9ac0511c5dafdb9ca387e5a194e460bf8848cf83116ca9408d83d800c617798d789127307b2824b9afad63c68e085d81c5b377aee1b0f97e9672116e888fb95cf233cbe7988113150cb2fe80283178e736f7186e2f1d961f286b03ca37fab9c82e2f626e011f4cb29afc2edaa249c4d9796970b0116825e600f51ce488a7789d8b26d86bebf826d395cecd6101e6e128c048ae66da51e67197c634129223f47ccaa4196ed78823d9d3b2922b2e081e59c0f68e499451f362808e3f351cef362fd23a6a8de6e994e42980c26d45222c4de8034239b1870341558e764c2708f2a5bbec2c4851272d29f195f05f7b0f98c4b32d8a13", 0xf0a}], 0x2}}, {{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f00000002c0)="80", 0x1}], 0x1}}], 0x2, 0x0) splice(r5, 0x0, r4, 0x0, 0x10000008ebc, 0x0) splice(r3, 0x0, r6, 0x0, 0x25a5, 0x0) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 60.041865ms ago: executing program 1 (id=5291): bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) unshare(0x0) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000200)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x7}, @ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='ext4_allocate_inode\x00'}, 0x10) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) bind$netlink(r5, &(0x7f0000000180)={0x10, 0x68, 0x0, 0x1000490}, 0xc) 0s ago: executing program 4 (id=5292): openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x110000}) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000001800)=[@text64={0x40, &(0x7f0000001840)="f3470fbc06c74424000600007848b800280000000000000f23c00f21f835030004000f23f8c7442406000000000f0114246aa2450f0012124424001afa0000c744240216383d27c7442406000000000f011c2466b8f0000f00d0400f060f00e4c4a1c1edba2500000066baa00066b8000066ef66b82f008ed0", 0x79}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000440)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r0, 0xae9a) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000040)="3e660f015f000fc7a82b000f01ca0fc7ac17ceba6100b08dee3e0fec020fc71b66b9800000c00f326635004000000f300f011e0133bad004b0cfee", 0x3b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0x4, &(0x7f0000000100)=ANY=[@ANYRESHEX=r1, @ANYRES32=r1], 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000}, 0x90) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) r3 = inotify_init1(0x0) fcntl$setown(r3, 0x8, 0xffffffffffffffff) fcntl$getownex(r3, 0x10, &(0x7f0000000140)={0x0, 0x0}) r5 = syz_open_procfs(r4, &(0x7f0000000600)='fd/4\x00') r6 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r6, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000400)=@ethtool_ringparam={0xd, 0x0, 0x20040001, 0x0, 0x1}}) write$hidraw(r5, &(0x7f00000001c0)="e6b5804b3db3782ffe2eb2823d5a79135c9b3e642437ae953d767278dbe59d14625a44", 0x23) ioctl$EXT4_IOC_GROUP_EXTEND(r1, 0x40086607, &(0x7f0000000200)=0x8) kernel console output (not intermixed with test programs): type=1326 audit(1720968897.820:5937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19434 comm="syz.4.5046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=75 compat=0 ip=0x7f0e0a6b0bd9 code=0x7ffc0000 [ 935.373132][ T30] audit: type=1326 audit(1720968897.820:5938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19434 comm="syz.4.5046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e0a6b0bd9 code=0x7ffc0000 [ 935.396608][ T7760] usb 4-1: config 0 has an invalid descriptor of length 1, skipping remainder of the config [ 935.413199][ T7760] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 9 [ 935.438940][ T7760] usb 4-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00 [ 935.456242][ T7760] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 935.466323][ T9223] wacom 0003:056A:0094.0047: unknown main item tag 0x0 [ 935.473044][ T9223] wacom 0003:056A:0094.0047: unknown main item tag 0x0 [ 935.496520][ T7760] usb 4-1: config 0 descriptor?? [ 935.501376][ T9223] wacom 0003:056A:0094.0047: unknown main item tag 0x0 [ 935.508290][ T9223] wacom 0003:056A:0094.0047: unknown main item tag 0x0 [ 935.515374][ T9223] wacom 0003:056A:0094.0047: unknown main item tag 0x0 [ 935.522208][ T9223] wacom 0003:056A:0094.0047: unknown main item tag 0x0 [ 935.524232][T19439] loop0: detected capacity change from 0 to 40427 [ 935.529400][ T9223] wacom 0003:056A:0094.0047: unknown main item tag 0x0 [ 935.542640][ T9223] wacom 0003:056A:0094.0047: Using device in hidraw-only mode [ 935.553841][ T9223] wacom 0003:056A:0094.0047: hidraw0: USB HID v0.00 Device [HID 056a:0094] on usb-dummy_hcd.2-1/input0 [ 935.625038][T19439] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 935.638762][T19439] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 935.648113][T19439] F2FS-fs (loop0): invalid crc value [ 935.655054][T19439] F2FS-fs (loop0): Found nat_bits in checkpoint [ 935.674274][ T9223] usb 3-1: USB disconnect, device number 64 [ 935.698123][T19439] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 935.705085][T19439] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 935.728204][T19439] attempt to access beyond end of device [ 935.728204][T19439] loop0: rw=2049, want=45224, limit=40427 [ 935.744334][T19439] overlayfs: './bus' not a directory [ 935.756789][ T2109] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 935.765930][ T2109] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 936.044840][T12643] usb 2-1: new high-speed USB device number 64 using dummy_hcd [ 936.166387][T19453] FAULT_INJECTION: forcing a failure. [ 936.166387][T19453] name failslab, interval 1, probability 0, space 0, times 0 [ 936.178888][T19453] CPU: 1 PID: 19453 Comm: syz.0.5051 Tainted: G W 5.15.151-syzkaller-00415-gdb06c48ab67e #0 [ 936.190972][T19453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 936.200869][T19453] Call Trace: [ 936.203991][T19453] [ 936.206852][T19453] dump_stack_lvl+0x151/0x1b7 [ 936.211366][T19453] ? io_uring_drop_tctx_refs+0x190/0x190 [ 936.216872][T19453] dump_stack+0x15/0x17 [ 936.220824][T19453] should_fail+0x3c6/0x510 [ 936.225078][T19453] __should_failslab+0xa4/0xe0 [ 936.229677][T19453] should_failslab+0x9/0x20 [ 936.234054][T19453] slab_pre_alloc_hook+0x37/0xd0 [ 936.238791][T19453] ? tipc_get_err_tlv+0x41/0x340 [ 936.243563][T19453] __kmalloc_track_caller+0x6c/0x260 [ 936.248684][T19453] ? tipc_get_err_tlv+0x41/0x340 [ 936.253457][T19453] ? tipc_get_err_tlv+0x41/0x340 [ 936.258319][T19453] __alloc_skb+0x10c/0x550 [ 936.262585][T19453] tipc_get_err_tlv+0x41/0x340 [ 936.267198][T19453] tipc_nl_compat_recv+0xc7d/0x13e0 [ 936.272219][T19453] ? tipc_netlink_compat_stop+0x20/0x20 [ 936.277600][T19453] ? tipc_nl_compat_link_reset_stats+0x260/0x260 [ 936.283762][T19453] ? tipc_nametbl_stop+0x12b0/0x12b0 [ 936.289141][T19453] ? tipc_nl_compat_name_table_dump_header+0x1f0/0x1f0 [ 936.295828][T19453] ? mutex_lock+0xb6/0x1e0 [ 936.300093][T19453] ? radix_tree_lookup+0x23a/0x290 [ 936.305110][T19453] ? genl_family_rcv_msg_attrs_parse+0x144/0x290 [ 936.311363][T19453] genl_rcv_msg+0xfb0/0x1490 [ 936.315916][T19453] ? genl_bind+0x370/0x370 [ 936.320167][T19453] ? stack_trace_save+0x113/0x1c0 [ 936.325027][T19453] ? stack_trace_snprint+0xf0/0xf0 [ 936.329992][T19453] ? __stack_depot_save+0x34/0x470 [ 936.334920][T19453] ? down_read+0xa9b/0x1360 [ 936.339258][T19453] ? tipc_netlink_compat_stop+0x20/0x20 [ 936.344640][T19453] ? ____sys_sendmsg+0x59e/0x8f0 [ 936.349413][T19453] ? ___sys_sendmsg+0x252/0x2e0 [ 936.354226][T19453] ? __se_sys_sendmsg+0x19a/0x260 [ 936.359157][T19453] ? __x64_sys_sendmsg+0x7b/0x90 [ 936.363854][T19453] ? do_syscall_64+0x3d/0xb0 [ 936.368288][T19453] netlink_rcv_skb+0x1cf/0x410 [ 936.372883][T19453] ? genl_bind+0x370/0x370 [ 936.377147][T19453] ? netlink_ack+0xb10/0xb10 [ 936.381564][T19453] ? __netlink_lookup+0x37b/0x3a0 [ 936.386423][T19453] genl_rcv+0x28/0x40 [ 936.390248][T19453] netlink_unicast+0x8df/0xac0 [ 936.395017][T19453] ? netlink_detachskb+0x90/0x90 [ 936.399790][T19453] ? security_netlink_send+0x7b/0xa0 [ 936.404911][T19453] netlink_sendmsg+0xa0a/0xd20 [ 936.409784][T19453] ? netlink_getsockopt+0x560/0x560 [ 936.414803][T19453] ? kasan_set_track+0x5d/0x70 [ 936.419495][T19453] ? security_socket_sendmsg+0x82/0xb0 [ 936.424785][T19453] ? netlink_getsockopt+0x560/0x560 [ 936.429827][T19453] ____sys_sendmsg+0x59e/0x8f0 [ 936.434424][T19453] ? __sys_sendmsg_sock+0x40/0x40 [ 936.439283][T19453] ? import_iovec+0xe5/0x120 [ 936.443794][T19453] ___sys_sendmsg+0x252/0x2e0 [ 936.448785][T19453] ? __sys_sendmsg+0x260/0x260 [ 936.453899][T19453] ? __fdget+0x1bc/0x240 [ 936.458054][T19453] __se_sys_sendmsg+0x19a/0x260 [ 936.462738][T19453] ? __x64_sys_sendmsg+0x90/0x90 [ 936.467502][T19453] ? ksys_write+0x260/0x2c0 [ 936.471927][T19453] ? debug_smp_processor_id+0x17/0x20 [ 936.477131][T19453] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 936.483157][T19453] __x64_sys_sendmsg+0x7b/0x90 [ 936.487909][T19453] do_syscall_64+0x3d/0xb0 [ 936.492160][T19453] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 936.497889][T19453] RIP: 0033:0x7f3250dd5bd9 [ 936.502142][T19453] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 936.521581][T19453] RSP: 002b:00007f3250015048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 936.530001][T19453] RAX: ffffffffffffffda RBX: 00007f3250f64110 RCX: 00007f3250dd5bd9 [ 936.537812][T19453] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000008 [ 936.545916][T19453] RBP: 00007f32500150a0 R08: 0000000000000000 R09: 0000000000000000 [ 936.553726][T19453] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 936.561538][T19453] R13: 000000000000006e R14: 00007f3250f64110 R15: 00007ffcea446058 [ 936.569354][T19453] [ 936.608052][T19455] loop4: detected capacity change from 0 to 512 [ 936.640879][T19455] EXT4-fs (loop4): orphan cleanup on readonly fs [ 936.647651][T19455] EXT4-fs error (device loop4): ext4_ext_check_inode:501: inode #4: comm syz.4.5052: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 936.691074][T19455] EXT4-fs error (device loop4): ext4_quota_enable:6369: comm syz.4.5052: Bad quota inode: 4, type: 1 [ 936.704787][T19455] EXT4-fs warning (device loop4): ext4_enable_quotas:6410: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 936.719491][T19455] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 936.726664][T19455] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 936.746855][T19455] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 936.894680][T12643] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 936.914512][T19424] loop3: detected capacity change from 0 to 131072 [ 936.915171][T12643] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 936.968883][T19424] F2FS-fs (loop3): Invalid log sectorsize (67108873) [ 936.981793][T19424] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 937.006416][T19424] F2FS-fs (loop3): Unrecognized mount option "sys_enter" or missing value [ 937.064684][T12643] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 937.074057][T12643] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 937.101317][T12643] usb 2-1: SerialNumber: syz [ 937.417700][T19455] EXT4-fs warning (device loop4): ext4_multi_mount_protect:340: MMP startup interrupted, failing mount [ 937.417700][T19455] [ 937.666686][T19449] UDC core: couldn't find an available UDC or it's busy: -16 [ 937.695687][T19473] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3564 sclass=netlink_route_socket pid=19473 comm=syz.2.5056 [ 937.721725][T19449] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 937.745270][T19449] netlink: 19 bytes leftover after parsing attributes in process `syz.1.5050'. [ 937.908472][T19477] UDC core: couldn't find an available UDC or it's busy: -16 [ 937.924729][T19477] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 938.073330][T19483] FAULT_INJECTION: forcing a failure. [ 938.073330][T19483] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 938.087310][T19483] CPU: 0 PID: 19483 Comm: Tainted: G W 5.15.151-syzkaller-00415-gdb06c48ab67e #0 [ 938.098074][T19483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 938.108606][T19483] Call Trace: [ 938.111904][T19483] [ 938.114713][T19483] dump_stack_lvl+0x151/0x1b7 [ 938.119198][T19483] ? io_uring_drop_tctx_refs+0x190/0x190 [ 938.124843][T19483] ? arch_stack_walk+0xf3/0x140 [ 938.129711][T19483] dump_stack+0x15/0x17 [ 938.134030][T19483] should_fail+0x3c6/0x510 [ 938.138513][T19483] should_fail_alloc_page+0x5a/0x80 [ 938.143532][T19483] prepare_alloc_pages+0x15c/0x700 [ 938.148816][T19483] ? __alloc_pages_bulk+0xe40/0xe40 [ 938.154096][T19483] __alloc_pages+0x18c/0x8f0 [ 938.158653][T19483] ? prep_new_page+0x110/0x110 [ 938.163222][T19483] ? __kasan_check_read+0x11/0x20 [ 938.168090][T19483] ? __vm_enough_memory+0x119/0x2f0 [ 938.173117][T19483] shmem_alloc_and_acct_page+0x4bd/0xa80 [ 938.178599][T19483] ? shmem_swapin_page+0x1520/0x1520 [ 938.183704][T19483] ? get_page_from_freelist+0x3550/0x35d0 [ 938.189431][T19483] ? xas_start+0x2bd/0x3f0 [ 938.193680][T19483] ? xas_load+0x2a9/0x2d0 [ 938.197856][T19483] ? pagecache_get_page+0xdc2/0xeb0 [ 938.202895][T19483] ? page_cache_prev_miss+0x410/0x410 [ 938.208086][T19483] ? _raw_spin_lock_irqsave+0x210/0x210 [ 938.213709][T19483] ? lru_cache_add+0x279/0x540 [ 938.218318][T19483] shmem_getpage_gfp+0x1388/0x23c0 [ 938.223361][T19483] ? shmem_getpage+0xa0/0xa0 [ 938.227780][T19483] ? fault_in_safe_writeable+0x240/0x240 [ 938.233341][T19483] shmem_write_begin+0xca/0x1b0 [ 938.238111][T19483] generic_perform_write+0x2bc/0x5a0 [ 938.243233][T19483] ? grab_cache_page_write_begin+0xa0/0xa0 [ 938.248873][T19483] ? file_remove_privs+0x610/0x610 [ 938.253818][T19483] ? rwsem_write_trylock+0x15b/0x290 [ 938.258945][T19483] ? rwsem_mark_wake+0x6b0/0x6b0 [ 938.263712][T19483] __generic_file_write_iter+0x25b/0x4b0 [ 938.269190][T19483] generic_file_write_iter+0xaf/0x1c0 [ 938.275118][T19483] vfs_write+0xd5d/0x1110 [ 938.279375][T19483] ? file_end_write+0x1c0/0x1c0 [ 938.284055][T19483] ? switch_fpu_return+0x1ed/0x3d0 [ 938.289008][T19483] ? __fdget_pos+0x209/0x3a0 [ 938.294416][T19483] ? ksys_write+0x77/0x2c0 [ 938.299011][T19483] ksys_write+0x199/0x2c0 [ 938.303171][T19483] ? __ia32_sys_read+0x90/0x90 [ 938.307768][T19483] __x64_sys_write+0x7b/0x90 [ 938.312192][T19483] do_syscall_64+0x3d/0xb0 [ 938.316531][T19483] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 938.322259][T19483] RIP: 0033:0x7f3250dd475f [ 938.326513][T19483] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48 [ 938.346298][T19483] RSP: 002b:00007f3250014e00 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 938.355404][T19483] RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007f3250dd475f [ 938.363396][T19483] RDX: 0000000000020000 RSI: 00007f3247bf5000 RDI: 0000000000000008 [ 938.371206][T19483] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000299 [ 938.379007][T19483] R10: 00000000000003c6 R11: 0000000000000293 R12: 0000000000000008 [ 938.386825][T19483] R13: 00007f3250014f00 R14: 00007f3250014ec0 R15: 00007f3247bf5000 [ 938.394636][T19483] [ 938.694235][T19482] loop3: detected capacity change from 0 to 512 [ 938.818720][T19482] EXT4-fs warning (device loop3): ext4_multi_mount_protect:326: fsck is running on the filesystem [ 938.832662][T19482] EXT4-fs warning (device loop3): ext4_multi_mount_protect:326: MMP failure info: last update time: 1669132786, last update node: dvyukov-desk.muc.corp.google.com, last update device: loop4 [ 938.933838][T19501] syz.1.5064[19501] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 938.933928][T19501] syz.1.5064[19501] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 938.954987][T12643] cdc_ether 2-1:1.0: invalid descriptor buffer length [ 939.044469][T12643] cdc_ether: probe of 2-1:1.0 failed with error -22 [ 939.053073][T12643] usb 2-1: USB disconnect, device number 64 [ 939.174591][ T7760] usb 1-1: new high-speed USB device number 63 using dummy_hcd [ 939.338171][T19503] loop1: detected capacity change from 0 to 40427 [ 939.414659][ T7760] usb 1-1: Using ep0 maxpacket: 32 [ 939.449061][T19503] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 939.464867][T19503] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 939.481976][T19503] F2FS-fs (loop1): Found nat_bits in checkpoint [ 939.562979][T19503] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 939.570126][T19503] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 939.574693][ T7760] usb 1-1: unable to get BOS descriptor or descriptor too short [ 939.664718][ T7760] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 939.673465][ T7760] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 939.684029][ T7760] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 939.729112][ T9229] usb 4-1: USB disconnect, device number 81 [ 939.844804][ T7760] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 939.855350][ T7760] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 939.863397][ T7760] usb 1-1: Product: syz [ 939.867715][ T7760] usb 1-1: Manufacturer: syz [ 939.872265][ T7760] usb 1-1: SerialNumber: syz [ 940.194825][ T7760] usb 1-1: cannot find UAC_HEADER [ 940.200241][ T7760] snd-usb-audio: probe of 1-1:1.0 failed with error -22 [ 940.207253][ T9229] usb 4-1: new high-speed USB device number 82 using dummy_hcd [ 940.228192][ T7760] usb 1-1: USB disconnect, device number 63 [ 940.300795][T19546] incfs: mount failed -22 [ 940.464687][ T9229] usb 4-1: Using ep0 maxpacket: 16 [ 940.551548][ T30] kauditd_printk_skb: 24 callbacks suppressed [ 940.551565][ T30] audit: type=1326 audit(1720968903.340:5963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19555 comm="syz.4.5079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e0a6b0bd9 code=0x7ffc0000 [ 940.591940][ T30] audit: type=1326 audit(1720968903.370:5964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19555 comm="syz.4.5079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f0e0a6b0bd9 code=0x7ffc0000 [ 940.614701][ T9229] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 940.626285][ T30] audit: type=1326 audit(1720968903.370:5965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19555 comm="syz.4.5079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e0a6b0bd9 code=0x7ffc0000 [ 940.642864][ T9229] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 940.667230][ T9229] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40 [ 940.681652][ T9229] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 940.694833][ T30] audit: type=1326 audit(1720968903.370:5966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19555 comm="syz.4.5079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f0e0a6af6bc code=0x7ffc0000 [ 940.723714][ T9229] usb 4-1: config 0 descriptor?? [ 940.731220][ T30] audit: type=1326 audit(1720968903.380:5967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19555 comm="syz.4.5079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e0a6b0bd9 code=0x7ffc0000 [ 940.755735][ T30] audit: type=1326 audit(1720968903.380:5968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19555 comm="syz.4.5079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f0e0a6af6bc code=0x7ffc0000 [ 940.788282][ T30] audit: type=1326 audit(1720968903.380:5969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19555 comm="syz.4.5079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e0a6b0bd9 code=0x7ffc0000 [ 940.812827][ T30] audit: type=1326 audit(1720968903.380:5970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19555 comm="syz.4.5079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0e0a6b0bd9 code=0x7ffc0000 [ 940.836685][ T30] audit: type=1326 audit(1720968903.380:5971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19555 comm="syz.4.5079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e0a6b0bd9 code=0x7ffc0000 [ 940.867311][ T30] audit: type=1326 audit(1720968903.380:5972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19555 comm="syz.4.5079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=75 compat=0 ip=0x7f0e0a6b0bd9 code=0x7ffc0000 [ 941.227034][T19570] loop0: detected capacity change from 0 to 512 [ 941.315160][T19570] EXT4-fs (loop0): corrupt root inode, run e2fsck [ 941.323695][T19570] EXT4-fs (loop0): mount failed [ 941.417977][T19570] loop0: detected capacity change from 0 to 256 [ 941.450477][T19570] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 941.607263][T19575] FAULT_INJECTION: forcing a failure. [ 941.607263][T19575] name failslab, interval 1, probability 0, space 0, times 0 [ 941.619995][T19575] CPU: 0 PID: 19575 Comm: syz.4.5085 Tainted: G W 5.15.151-syzkaller-00415-gdb06c48ab67e #0 [ 941.631199][T19575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 941.641094][T19575] Call Trace: [ 941.644216][T19575] [ 941.647003][T19575] dump_stack_lvl+0x151/0x1b7 [ 941.651509][T19575] ? io_uring_drop_tctx_refs+0x190/0x190 [ 941.656989][T19575] ? ida_alloc_range+0x9fd/0xa80 [ 941.661759][T19575] dump_stack+0x15/0x17 [ 941.665742][T19575] should_fail+0x3c6/0x510 [ 941.669995][T19575] __should_failslab+0xa4/0xe0 [ 941.674593][T19575] ? getname_kernel+0x59/0x2e0 [ 941.679283][T19575] should_failslab+0x9/0x20 [ 941.683708][T19575] slab_pre_alloc_hook+0x37/0xd0 [ 941.688483][T19575] ? getname_kernel+0x59/0x2e0 [ 941.693078][T19575] kmem_cache_alloc+0x44/0x200 [ 941.697683][T19575] getname_kernel+0x59/0x2e0 [ 941.702107][T19575] kern_path+0x23/0x1a0 [ 941.706100][T19575] incfs_mount_fs+0x2ce/0xa30 [ 941.710615][T19575] ? incfs_unlink+0x90/0x90 [ 941.714954][T19575] ? vfs_parse_fs_string+0x18c/0x220 [ 941.720075][T19575] ? cap_capable+0x1d2/0x270 [ 941.724507][T19575] legacy_get_tree+0xf1/0x190 [ 941.729011][T19575] ? incfs_unlink+0x90/0x90 [ 941.733354][T19575] vfs_get_tree+0x88/0x290 [ 941.737608][T19575] do_new_mount+0x2ba/0xb30 [ 941.741949][T19575] ? do_move_mount_old+0x160/0x160 [ 941.746891][T19575] ? security_capable+0x87/0xb0 [ 941.751583][T19575] ? ns_capable+0x89/0xe0 [ 941.755745][T19575] path_mount+0x671/0x1070 [ 941.760000][T19575] __se_sys_mount+0x2c4/0x3b0 [ 941.764511][T19575] ? fput+0x1a/0x20 [ 941.768154][T19575] ? ksys_write+0x260/0x2c0 [ 941.772497][T19575] ? __x64_sys_mount+0xd0/0xd0 [ 941.777098][T19575] ? debug_smp_processor_id+0x17/0x20 [ 941.782538][T19575] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 941.788382][T19575] __x64_sys_mount+0xbf/0xd0 [ 941.792807][T19575] do_syscall_64+0x3d/0xb0 [ 941.793204][T19563] loop1: detected capacity change from 0 to 131072 [ 941.797059][T19575] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 941.797082][T19575] RIP: 0033:0x7f0e0a6b0bd9 [ 941.813379][T19575] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 941.832811][T19575] RSP: 002b:00007f0e09932048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 941.841146][T19575] RAX: ffffffffffffffda RBX: 00007f0e0a83ef60 RCX: 00007f0e0a6b0bd9 [ 941.848962][T19575] RDX: 0000000020000180 RSI: 00000000200000c0 RDI: 0000000020000080 [ 941.856790][T19575] RBP: 00007f0e099320a0 R08: 0000000000000000 R09: 0000000000000000 [ 941.864577][T19575] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 941.872534][T19575] R13: 000000000000000b R14: 00007f0e0a83ef60 R15: 00007ffefba33d68 [ 941.880409][T19575] [ 941.884024][T19575] incfs: Error accessing: ./file0. [ 941.892886][T19575] incfs: mount failed -12 [ 941.898086][T19563] F2FS-fs (loop1): Invalid log_blocksize (32), supports only 12 [ 941.908118][T19563] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 942.207187][T19589] Â: renamed from pim6reg1 [ 942.483568][T19595] loop1: detected capacity change from 0 to 256 [ 942.518272][T19595] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d) [ 942.542346][T19595] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 942.702581][T19594] loop0: detected capacity change from 0 to 40427 [ 942.731473][T19594] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 942.741192][T19594] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 942.752077][T19594] F2FS-fs (loop0): Unrecognized mount option "18446744073709551615" or missing value [ 942.934667][ T9229] usbhid 4-1:0.0: can't add hid device: -71 [ 942.940686][ T9229] usbhid: probe of 4-1:0.0 failed with error -71 [ 942.973348][ T9229] usb 4-1: USB disconnect, device number 82 [ 943.109998][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready [ 943.121365][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 943.284340][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready [ 943.382135][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 943.426124][T19594] loop0: detected capacity change from 0 to 512 [ 943.433028][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 943.450556][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 943.459488][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 943.468777][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 943.483377][T19594] EXT4-fs (loop0): 1 orphan inode deleted [ 943.489958][T19594] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 943.501697][T19594] ext4 filesystem being mounted at /177/file1 supports timestamps until 2038 (0x7fffffff) [ 943.517665][T19594] syz.0.5091[19594] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 943.517752][T19594] syz.0.5091[19594] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 944.258456][T19642] loop2: detected capacity change from 0 to 1024 [ 944.283411][T19646] loop4: detected capacity change from 0 to 1024 [ 944.316883][T19646] EXT4-fs (loop4): Ignoring removed nobh option [ 944.324705][T19646] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled [ 944.336164][T19642] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 944.339688][T19646] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,lazytime,errors=continue,noinit_itable,nobh,jqfmt=vfsold,usrquota,errors=continue,,errors=continue. Quota mode: writeback. [ 944.356298][T19642] FAULT_INJECTION: forcing a failure. [ 944.356298][T19642] name failslab, interval 1, probability 0, space 0, times 0 [ 944.382222][T19642] CPU: 0 PID: 19642 Comm: syz.2.5105 Tainted: G W 5.15.151-syzkaller-00415-gdb06c48ab67e #0 [ 944.393435][T19642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 944.403414][T19642] Call Trace: [ 944.406538][T19642] [ 944.409316][T19642] dump_stack_lvl+0x151/0x1b7 [ 944.413827][T19642] ? io_uring_drop_tctx_refs+0x190/0x190 [ 944.419565][T19642] ? security_inode_rename+0x1f0/0x290 [ 944.424960][T19642] ? do_syscall_64+0x3d/0xb0 [ 944.429374][T19642] dump_stack+0x15/0x17 [ 944.433369][T19642] should_fail+0x3c6/0x510 [ 944.437623][T19642] __should_failslab+0xa4/0xe0 [ 944.442236][T19642] ? audit_log_start+0x42f/0xa80 [ 944.447008][T19642] should_failslab+0x9/0x20 [ 944.451333][T19642] slab_pre_alloc_hook+0x37/0xd0 [ 944.456190][T19642] ? audit_log_start+0x42f/0xa80 [ 944.460969][T19642] kmem_cache_alloc+0x44/0x200 [ 944.465568][T19642] audit_log_start+0x42f/0xa80 [ 944.470170][T19642] ? audit_serial+0x30/0x30 [ 944.474595][T19642] ? rcu_gp_kthread_wake+0x90/0x90 [ 944.479559][T19642] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 944.484831][T19642] ? kfree+0xc8/0x220 [ 944.488653][T19642] ? slow_avc_audit+0x3c0/0x3c0 [ 944.493340][T19642] common_lsm_audit+0xd8/0x18b0 [ 944.498024][T19642] ? avc_audit_pre_callback+0x2b0/0x2b0 [ 944.503507][T19642] ? ipv6_skb_to_auditdata+0xd90/0xd90 [ 944.508787][T19642] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 944.514427][T19642] ? avc_update_node+0x2f9/0xd50 [ 944.519207][T19642] slow_avc_audit+0x26c/0x3c0 [ 944.523716][T19642] ? avc_get_hash_stats+0x180/0x180 [ 944.528749][T19642] ? avc_has_perm_noaudit+0x2dd/0x430 [ 944.533964][T19642] ? avc_has_perm_noaudit+0x2dd/0x430 [ 944.539258][T19642] avc_has_perm+0x1f5/0x260 [ 944.543598][T19642] ? avc_has_perm_noaudit+0x430/0x430 [ 944.548801][T19642] ? selinux_inode_permission+0x43b/0x660 [ 944.554355][T19642] selinux_inode_rename+0x514/0xb90 [ 944.559405][T19642] ? selinux_inode_mknod+0xa0/0xa0 [ 944.564337][T19642] ? inode_permission+0xf8/0x460 [ 944.569120][T19642] security_inode_rename+0x1f0/0x290 [ 944.574235][T19642] vfs_rename+0x70e/0x10e0 [ 944.578573][T19642] ? __ia32_sys_link+0x90/0x90 [ 944.583167][T19642] ? lookup_one_qstr_excl+0x151/0x290 [ 944.588385][T19642] do_renameat2+0xb28/0x1480 [ 944.592810][T19642] ? fsnotify_move+0x460/0x460 [ 944.597406][T19642] ? __check_object_size+0x2ec/0x3d0 [ 944.602526][T19642] ? strncpy_from_user+0x18e/0x2d0 [ 944.607477][T19642] ? getname_flags+0x1fd/0x520 [ 944.612074][T19642] __x64_sys_rename+0x86/0x90 [ 944.616592][T19642] do_syscall_64+0x3d/0xb0 [ 944.620834][T19642] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 944.626477][T19642] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 944.632203][T19642] RIP: 0033:0x7f145c56bbd9 [ 944.636461][T19642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 944.655988][T19642] RSP: 002b:00007f145b7ed048 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 944.664230][T19642] RAX: ffffffffffffffda RBX: 00007f145c6f9f60 RCX: 00007f145c56bbd9 [ 944.673246][T19642] RDX: 0000000000000000 RSI: 0000000020000540 RDI: 0000000020000080 [ 944.681047][T19642] RBP: 00007f145b7ed0a0 R08: 0000000000000000 R09: 0000000000000000 [ 944.688990][T19642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 944.696794][T19642] R13: 000000000000000b R14: 00007f145c6f9f60 R15: 00007ffe86a460a8 [ 944.704702][T19642] [ 944.888295][T19660] loop2: detected capacity change from 0 to 2048 [ 944.956669][T19660] loop2: p3 < > p4 < > [ 944.960973][T19660] loop2: partition table partially beyond EOD, truncated [ 944.969379][T19660] loop2: p3 start 4284289 is beyond EOD, truncated [ 945.018108][ T100] loop2: p3 < > p4 < > [ 945.022338][ T100] loop2: partition table partially beyond EOD, truncated [ 945.031139][ T100] loop2: p3 start 4284289 is beyond EOD, truncated [ 945.349368][ T914] udevd[914]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 945.827577][T19680] loop2: detected capacity change from 0 to 40427 [ 946.790501][T19695] loop1: detected capacity change from 0 to 256 [ 946.837016][T19680] loop2: detected capacity change from 0 to 512 [ 946.856337][T19680] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e01c, mo2=0002] [ 946.864298][T19680] System zones: 1-12 [ 946.868849][T19680] EXT4-fs error (device loop2): dx_probe:822: inode #2: comm syz.2.5118: Directory hole found for htree index block [ 946.881226][T19695] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 946.881653][T19680] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117 [ 946.903199][T19680] EXT4-fs error (device loop2): dx_probe:822: inode #2: comm syz.2.5118: Directory hole found for htree index block [ 946.912002][T19695] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 946.925345][T19680] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 946.933669][T19680] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpjquota=Jdebug,jqfmt=vfsold,noquota,bsdgroups,usrjquota=",,errors=continue. Quota mode: writeback. [ 946.956822][T19680] EXT4-fs (loop2): re-mounted. Opts: (null). Quota mode: writeback. [ 946.968558][ T30] kauditd_printk_skb: 60 callbacks suppressed [ 946.968574][ T30] audit: type=1400 audit(1720968909.760:6031): avc: denied { search } for pid=19679 comm="syz.2.5118" name="/" dev="configfs" ino=12450 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 946.969210][T19680] EXT4-fs error (device loop2): dx_probe:822: inode #2: comm syz.2.5118: Directory hole found for htree index block [ 946.974985][ T30] audit: type=1400 audit(1720968909.760:6032): avc: denied { setattr } for pid=19679 comm="syz.2.5118" name="/" dev="configfs" ino=12450 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 947.195884][T19712] loop4: detected capacity change from 0 to 256 [ 947.264834][T19712] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 947.277308][T19712] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 947.594357][ T30] audit: type=1326 audit(1720968910.370:6033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19716 comm="syz.1.5128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e86e79bd9 code=0x7ffc0000 [ 947.674109][ T30] audit: type=1326 audit(1720968910.370:6034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19716 comm="syz.1.5128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f2e86e79bd9 code=0x7ffc0000 [ 947.715340][ T30] audit: type=1326 audit(1720968910.370:6035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19716 comm="syz.1.5128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e86e79bd9 code=0x7ffc0000 [ 947.744995][ T30] audit: type=1326 audit(1720968910.370:6036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19716 comm="syz.1.5128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f2e86e786bc code=0x7ffc0000 [ 947.780244][ T30] audit: type=1326 audit(1720968910.370:6037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19716 comm="syz.1.5128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e86e79bd9 code=0x7ffc0000 [ 947.804872][ T30] audit: type=1326 audit(1720968910.370:6038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19716 comm="syz.1.5128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f2e86e786bc code=0x7ffc0000 [ 947.831316][ T30] audit: type=1326 audit(1720968910.370:6039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19716 comm="syz.1.5128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e86e79bd9 code=0x7ffc0000 [ 947.855026][ T30] audit: type=1326 audit(1720968910.370:6040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19716 comm="syz.1.5128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2e86e79bd9 code=0x7ffc0000 [ 948.334613][ T9229] usb 2-1: new high-speed USB device number 65 using dummy_hcd [ 948.702344][T19739] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5135'. [ 948.724953][ T9229] usb 2-1: Using ep0 maxpacket: 8 [ 948.764736][ T9229] usb 2-1: too many configurations: 39, using maximum allowed: 8 [ 948.844659][ T9229] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 948.856622][ T9229] usb 2-1: config 1 has 0 interfaces, different from the descriptor's value: 3 [ 948.926130][T19748] FAULT_INJECTION: forcing a failure. [ 948.926130][T19748] name failslab, interval 1, probability 0, space 0, times 0 [ 948.938649][T19748] CPU: 1 PID: 19748 Comm: syz.0.5137 Tainted: G W 5.15.151-syzkaller-00415-gdb06c48ab67e #0 [ 948.949767][T19748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 948.959661][T19748] Call Trace: [ 948.962796][T19748] [ 948.965571][T19748] dump_stack_lvl+0x151/0x1b7 [ 948.970077][T19748] ? io_uring_drop_tctx_refs+0x190/0x190 [ 948.975543][T19748] ? _parse_integer_limit+0x19b/0x1e0 [ 948.980757][T19748] dump_stack+0x15/0x17 [ 948.984753][T19748] should_fail+0x3c6/0x510 [ 948.989008][T19748] __should_failslab+0xa4/0xe0 [ 948.993600][T19748] should_failslab+0x9/0x20 [ 948.997939][T19748] slab_pre_alloc_hook+0x37/0xd0 [ 949.002721][T19748] ? match_int+0xd9/0x1f0 [ 949.006888][T19748] __kmalloc_track_caller+0x6c/0x260 [ 949.011995][T19748] ? match_int+0xd9/0x1f0 [ 949.016166][T19748] kmemdup_nul+0x2a/0xa0 [ 949.020249][T19748] match_int+0xd9/0x1f0 [ 949.024239][T19748] ? match_token+0x660/0x660 [ 949.028664][T19748] parse_opts+0x281/0x690 [ 949.032841][T19748] ? p9_fd_show_options+0x1b0/0x1b0 [ 949.037892][T19748] ? debug_smp_processor_id+0x17/0x20 [ 949.043101][T19748] ? kasan_quarantine_put+0x34/0x1a0 [ 949.048189][T19748] ? kfree+0xc8/0x220 [ 949.052015][T19748] p9_fd_create+0x8c/0x510 [ 949.056262][T19748] ? p9_fd_create_unix+0x430/0x430 [ 949.061207][T19748] ? p9_client_create+0x737/0x1130 [ 949.066248][T19748] ? kfree+0xc8/0x220 [ 949.070061][T19748] p9_client_create+0x81b/0x1130 [ 949.074925][T19748] ? p9_parse_header+0x6c0/0x6c0 [ 949.079696][T19748] ? __kasan_kmalloc+0x9/0x10 [ 949.084208][T19748] ? kstrdup+0x4f/0x70 [ 949.088118][T19748] ? __kasan_check_write+0x14/0x20 [ 949.093061][T19748] v9fs_session_init+0x1fa/0x19b0 [ 949.097939][T19748] ? v9fs_show_options+0x570/0x570 [ 949.102959][T19748] ? __kasan_kmalloc+0x9/0x10 [ 949.107470][T19748] ? v9fs_mount+0x5f/0x7f0 [ 949.111721][T19748] v9fs_mount+0x75/0x7f0 [ 949.114685][ T9229] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 949.115811][T19748] legacy_get_tree+0xf1/0x190 [ 949.115838][T19748] ? incfs_get_verity_signature+0x420/0x420 [ 949.115861][T19748] vfs_get_tree+0x88/0x290 [ 949.134452][ T9229] usb 2-1: config 1 has 0 interfaces, different from the descriptor's value: 3 [ 949.135938][T19748] do_new_mount+0x2ba/0xb30 [ 949.135970][T19748] ? do_move_mount_old+0x160/0x160 [ 949.135991][T19748] ? path_mount+0x659/0x1070 [ 949.162681][T19748] path_mount+0x671/0x1070 [ 949.166932][T19748] __se_sys_mount+0x2c4/0x3b0 [ 949.171444][T19748] ? __x64_sys_mount+0xd0/0xd0 [ 949.176165][T19748] ? __kasan_check_read+0x11/0x20 [ 949.181021][T19748] __x64_sys_mount+0xbf/0xd0 [ 949.185451][T19748] do_syscall_64+0x3d/0xb0 [ 949.189702][T19748] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 949.195426][T19748] RIP: 0033:0x7f3250dd5bd9 [ 949.199679][T19748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 949.219478][T19748] RSP: 002b:00007f3250015048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 949.224709][ T9229] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 949.227716][T19748] RAX: ffffffffffffffda RBX: 00007f3250f64110 RCX: 00007f3250dd5bd9 [ 949.227739][T19748] RDX: 0000000020000200 RSI: 0000000020000000 RDI: 0000000000000000 [ 949.239542][ T9229] usb 2-1: config 1 has 0 interfaces, different from the descriptor's value: 3 [ 949.245524][T19748] RBP: 00007f32500150a0 R08: 0000000020000600 R09: 0000000000000000 [ 949.245545][T19748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 949.245558][T19748] R13: 000000000000006e R14: 00007f3250f64110 R15: 00007ffcea446058 [ 949.245580][T19748] [ 949.246677][T19748] 9pnet: Insufficient options for proto=fd [ 949.384725][ T9229] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 949.395433][ T9229] usb 2-1: config 1 has 0 interfaces, different from the descriptor's value: 3 [ 949.427664][ T7760] kernel read not supported for file /newroot/33/file0 (pid: 7760 comm: kworker/0:9) [ 949.484674][ T9229] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 949.503025][ T9229] usb 2-1: config 1 has 0 interfaces, different from the descriptor's value: 3 [ 949.507363][T19760] loop4: detected capacity change from 0 to 512 [ 949.730800][T19760] EXT4-fs (loop4): Mount option "nouser_xattr" will be removed by 3.5 [ 949.730800][T19760] Contact linux-ext4@vger.kernel.org if you think we should keep it. [ 949.730800][T19760] [ 949.849726][T19760] EXT4-fs (loop4): 1 orphan inode deleted [ 949.855761][T19760] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000006,nodiscard,nodelalloc,init_itable,stripe=0x0000000000000003,resgid=0x0000000000000000,sysvgroups,nouser_xattr,usrquota,,errors=continue. Quota mode: writeback. [ 949.880501][T19760] ext4 filesystem being mounted at /34/file1 supports timestamps until 2038 (0x7fffffff) [ 949.881186][ T9229] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 949.907221][ T9229] usb 2-1: config 1 has 0 interfaces, different from the descriptor's value: 3 [ 949.994675][ T9229] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 950.005625][ T9229] usb 2-1: config 1 has 0 interfaces, different from the descriptor's value: 3 [ 950.069545][T19779] FAULT_INJECTION: forcing a failure. [ 950.069545][T19779] name failslab, interval 1, probability 0, space 0, times 0 [ 950.084719][T19779] CPU: 0 PID: 19779 Comm: syz.4.5147 Tainted: G W 5.15.151-syzkaller-00415-gdb06c48ab67e #0 [ 950.097194][T19779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 950.109859][T19779] Call Trace: [ 950.113602][T19779] [ 950.116592][T19779] dump_stack_lvl+0x151/0x1b7 [ 950.121803][T19779] ? io_uring_drop_tctx_refs+0x190/0x190 [ 950.127865][T19779] dump_stack+0x15/0x17 [ 950.133136][T19779] should_fail+0x3c6/0x510 [ 950.137877][T19779] __should_failslab+0xa4/0xe0 [ 950.142888][T19779] should_failslab+0x9/0x20 [ 950.147388][T19779] slab_pre_alloc_hook+0x37/0xd0 [ 950.153071][T19779] ? sidtab_sid2str_get+0x12b/0x2a0 [ 950.159825][T19779] __kmalloc_track_caller+0x6c/0x260 [ 950.165266][T19779] ? sidtab_sid2str_get+0x12b/0x2a0 [ 950.171303][T19779] kmemdup+0x24/0x50 [ 950.175717][T19779] sidtab_sid2str_get+0x12b/0x2a0 [ 950.180636][T19779] security_sid_to_context_core+0x2b5/0x490 [ 950.186662][T19779] security_sid_to_context+0x33/0x40 [ 950.192827][T19779] selinux_secid_to_secctx+0x2a/0x40 [ 950.198126][T19779] security_secid_to_secctx+0x74/0xb0 [ 950.203419][T19779] audit_log_task_context+0x122/0x350 [ 950.208878][T19779] ? audit_log_key+0x1d0/0x1d0 [ 950.213478][T19779] audit_log_task+0x18c/0x2e0 [ 950.217983][T19779] ? audit_core_dumps+0x100/0x100 [ 950.222850][T19779] ? migrate_enable+0x1c1/0x2a0 [ 950.227539][T19779] ? slab_post_alloc_hook+0x72/0x2c0 [ 950.232648][T19779] ? security_file_alloc+0x29/0x120 [ 950.237788][T19779] audit_seccomp+0x7a/0x1e0 [ 950.242197][T19779] __seccomp_filter+0xc08/0x1c60 [ 950.246977][T19779] ? errseq_sample+0x44/0x70 [ 950.251398][T19779] ? __secure_computing+0x300/0x300 [ 950.256432][T19779] ? alloc_file_pseudo+0x280/0x2f0 [ 950.261468][T19779] ? alloc_fd+0x4c6/0x590 [ 950.265640][T19779] __secure_computing+0xf0/0x300 [ 950.270505][T19779] syscall_enter_from_user_mode+0xd5/0x1b0 [ 950.276151][T19779] do_syscall_64+0x1e/0xb0 [ 950.280391][T19779] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 950.286036][T19779] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 950.291762][T19779] RIP: 0033:0x7f0e0a6af6bc [ 950.296107][T19779] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 950.315894][T19779] RSP: 002b:00007f0e09932040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 950.324685][T19779] RAX: ffffffffffffffda RBX: 00007f0e0a83ef60 RCX: 00007f0e0a6af6bc [ 950.334990][T19779] RDX: 000000000000000f RSI: 00007f0e099320b0 RDI: 0000000000000008 [ 950.343088][T19779] RBP: 00007f0e099320a0 R08: 0000000000000000 R09: 0000000000000000 [ 950.351009][T19779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 950.359393][T19779] R13: 000000000000000b R14: 00007f0e0a83ef60 R15: 00007ffefba33d68 [ 950.367397][T19779] [ 950.371483][ T9229] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 950.382199][ T9229] usb 2-1: config 1 has 0 interfaces, different from the descriptor's value: 3 [ 950.624219][ T9229] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 950.638583][ T9229] usb 2-1: New USB device strings: Mfr=137, Product=106, SerialNumber=129 [ 950.890966][ T9229] usb 2-1: Product: syz [ 950.895859][ T9229] usb 2-1: Manufacturer: syz [ 950.900432][ T9229] usb 2-1: SerialNumber: syz [ 950.984657][ T9229] usb 2-1: can't set config #1, error -71 [ 951.001918][ T9229] usb 2-1: USB disconnect, device number 65 [ 951.284615][ T7760] usb 4-1: new high-speed USB device number 83 using dummy_hcd [ 951.535428][T12644] usb 1-1: new high-speed USB device number 64 using dummy_hcd [ 951.619695][ T9229] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready [ 951.628117][ T9229] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 951.636910][ T9229] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready [ 951.645477][ T9229] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 951.758024][ T7760] usb 4-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 951.831245][ T9229] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 951.839009][ T7760] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 951.852312][ T9229] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 951.860493][ T9229] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 951.868210][ T7760] usb 4-1: New USB device found, idVendor=056a, idProduct=00d5, bcdDevice= 0.00 [ 951.879247][ T9229] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 951.887698][ T7760] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 951.905945][ T7760] usb 4-1: config 0 descriptor?? [ 952.184812][T12644] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 952.196056][T12644] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 952.205899][T12644] usb 1-1: New USB device found, idVendor=056a, idProduct=00d0, bcdDevice= 0.00 [ 952.217002][T12644] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 952.225624][T12644] usb 1-1: config 0 descriptor?? [ 952.462535][T19858] loop1: detected capacity change from 0 to 16 [ 952.624116][T19858] erofs: (device loop1): mounted with root inode @ nid 36. [ 952.734667][T12644] wacom 0003:056A:00D0.0048: unknown main item tag 0x0 [ 952.815162][T12644] wacom 0003:056A:00D0.0048: Unknown device_type for 'HID 056a:00d0'. Assuming pen. [ 952.825937][T12644] wacom 0003:056A:00D0.0048: hidraw0: USB HID v0.00 Device [HID 056a:00d0] on usb-dummy_hcd.0-1/input0 [ 952.837941][T12644] input: Wacom Bamboo 2FG Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:056A:00D0.0048/input/input38 [ 953.105839][T19866] loop2: detected capacity change from 0 to 40427 [ 953.133319][T19866] F2FS-fs (loop2): Found nat_bits in checkpoint [ 953.184897][T19866] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 953.318821][ T30] kauditd_printk_skb: 82 callbacks suppressed [ 953.318837][ T30] audit: type=1326 audit(1720968916.110:6122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19874 comm="syz.4.5175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e0a6b0bd9 code=0x7ffc0000 [ 953.349267][ T30] audit: type=1326 audit(1720968916.110:6123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19874 comm="syz.4.5175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f0e0a6b0bd9 code=0x7ffc0000 [ 953.374562][ T30] audit: type=1326 audit(1720968916.110:6124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19874 comm="syz.4.5175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e0a6b0bd9 code=0x7ffc0000 [ 953.399260][ T30] audit: type=1326 audit(1720968916.110:6125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19874 comm="syz.4.5175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0e0a6b0bd9 code=0x7ffc0000 [ 953.454630][T19878] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 953.476356][ T30] audit: type=1326 audit(1720968916.110:6126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19874 comm="syz.4.5175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e0a6b0bd9 code=0x7ffc0000 [ 953.502434][ T30] audit: type=1326 audit(1720968916.110:6127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19874 comm="syz.4.5175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=75 compat=0 ip=0x7f0e0a6b0bd9 code=0x7ffc0000 [ 953.540130][ T30] audit: type=1326 audit(1720968916.110:6128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19874 comm="syz.4.5175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e0a6b0bd9 code=0x7ffc0000 [ 953.780187][T18319] F2FS-fs (loop2): Inconsistent error blkaddr:5633, sit bitmap:0 [ 953.788825][T18319] CPU: 0 PID: 18319 Comm: syz-executor Tainted: G W 5.15.151-syzkaller-00415-gdb06c48ab67e #0 [ 953.800219][T18319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 953.810107][T18319] Call Trace: [ 953.813229][T18319] [ 953.816004][T18319] dump_stack_lvl+0x151/0x1b7 [ 953.820518][T18319] ? io_uring_drop_tctx_refs+0x190/0x190 [ 953.826083][T18319] ? arch_stack_walk+0xf3/0x140 [ 953.830892][T18319] dump_stack+0x15/0x17 [ 953.834872][T18319] f2fs_is_valid_blkaddr+0xc87/0x12d0 [ 953.840082][T18319] f2fs_map_blocks+0x1631/0x3ac0 [ 953.844857][T18319] ? __stack_depot_save+0x34/0x470 [ 953.849816][T18319] ? f2fs_do_map_lock+0x70/0x70 [ 953.854493][T18319] ? debug_smp_processor_id+0x17/0x20 [ 953.859699][T18319] ? try_charge_memcg+0x213/0x1550 [ 953.864646][T18319] f2fs_mpage_readpages+0xc94/0x2160 [ 953.869767][T18319] ? xas_start+0x32c/0x3f0 [ 953.874023][T18319] ? dquot_release_reservation_block+0xa0/0xa0 [ 953.880006][T18319] ? workingset_activation+0x3f0/0x3f0 [ 953.885311][T18319] f2fs_readahead+0xfd/0x250 [ 953.890073][T18319] ? blk_start_plug+0x5a/0x170 [ 953.894799][T18319] read_pages+0x15e/0xb00 [ 953.898928][T18319] ? lru_cache_add+0x279/0x540 [ 953.903528][T18319] ? page_cache_ra_unbounded+0x920/0x920 [ 953.908995][T18319] ? add_to_page_cache_lru+0x225/0x2c0 [ 953.914291][T18319] ? add_to_page_cache_locked+0x40/0x40 [ 953.919671][T18319] ? __stack_depot_save+0x34/0x470 [ 953.924620][T18319] page_cache_ra_unbounded+0x6cb/0x920 [ 953.930009][T18319] ? read_cache_pages_invalidate_pages+0x1c0/0x1c0 [ 953.936337][T18319] ? _raw_spin_unlock+0x4d/0x70 [ 953.941031][T18319] ? wp_page_reuse+0xff/0x120 [ 953.945629][T18319] ondemand_readahead+0x9c8/0xfa0 [ 953.950486][T18319] ? handle_pte_fault+0x7c0/0x24d0 [ 953.955430][T18319] ? page_cache_sync_ra+0x4d0/0x4d0 [ 953.960461][T18319] ? fault_around_bytes_set+0xc0/0xc0 [ 953.965672][T18319] page_cache_sync_ra+0x2e9/0x4d0 [ 953.970534][T18319] ? force_page_cache_ra+0x420/0x420 [ 953.975655][T18319] ? do_handle_mm_fault+0x17e1/0x23a0 [ 953.980950][T18319] f2fs_readdir+0x52d/0xba0 [ 953.985294][T18319] ? f2fs_fill_dentries+0xd50/0xd50 [ 953.990323][T18319] ? avc_policy_seqno+0x1b/0x70 [ 953.995006][T18319] ? __kasan_check_read+0x11/0x20 [ 953.998776][T19891] loop1: detected capacity change from 0 to 40427 [ 953.999862][T18319] ? fsnotify_perm+0x470/0x5d0 [ 953.999892][T18319] ? security_file_permission+0x86/0xb0 [ 954.016106][T18319] iterate_dir+0x265/0x610 [ 954.020349][T18319] ? f2fs_fill_dentries+0xd50/0xd50 [ 954.025815][T18319] __se_sys_getdents64+0x1c1/0x460 [ 954.030888][T18319] ? __x64_sys_getdents64+0x90/0x90 [ 954.036004][T18319] ? filldir+0x680/0x680 [ 954.040090][T18319] __x64_sys_getdents64+0x7b/0x90 [ 954.045125][T18319] do_syscall_64+0x3d/0xb0 [ 954.049482][T18319] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 954.055290][T18319] RIP: 0033:0x7f145c59dc73 [ 954.059543][T18319] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 e2 44 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8 [ 954.079264][T18319] RSP: 002b:00007ffe86a44188 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9 [ 954.087586][T18319] RAX: ffffffffffffffda RBX: 0000555556c844e0 RCX: 00007f145c59dc73 [ 954.095397][T18319] RDX: 0000000000008000 RSI: 0000555556c844e0 RDI: 0000000000000005 [ 954.103294][T18319] RBP: 0000555556c844b4 R08: 0000000000000000 R09: 0000000000000000 [ 954.111198][T18319] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8 [ 954.119008][T18319] R13: 0000000000000010 R14: 0000555556c844b0 R15: 00000000000e8a37 [ 954.127087][T18319] [ 954.149383][T18319] F2FS-fs (loop2): Inconsistent error blkaddr:5633, sit bitmap:0 [ 954.158957][ T321] usb 1-1: USB disconnect, device number 64 [ 954.163487][T19891] F2FS-fs (loop1): Invalid Fs Meta Ino: node(1) meta(262146) root(3) [ 954.166875][ T7760] usb 4-1: string descriptor 0 read error: -71 [ 954.172643][T19891] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 954.187964][T18319] CPU: 1 PID: 18319 Comm: syz-executor Tainted: G W 5.15.151-syzkaller-00415-gdb06c48ab67e #0 [ 954.199344][T18319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 954.202487][ T7760] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 954.209330][T18319] Call Trace: [ 954.209340][T18319] [ 954.209350][T18319] dump_stack_lvl+0x151/0x1b7 [ 954.209376][T18319] ? io_uring_drop_tctx_refs+0x190/0x190 [ 954.209400][T18319] dump_stack+0x15/0x17 [ 954.234808][ T7760] usb 4-1: USB disconnect, device number 83 [ 954.236571][T18319] f2fs_is_valid_blkaddr+0xc87/0x12d0 [ 954.247687][T18319] f2fs_get_read_data_page+0x4be/0x7e0 [ 954.253243][T18319] ? f2fs_get_block+0x1b0/0x1b0 [ 954.257933][T18319] ? force_page_cache_ra+0x420/0x420 [ 954.263048][T18319] f2fs_find_data_page+0x19c/0x420 [ 954.268000][T18319] f2fs_readdir+0x53a/0xba0 [ 954.272336][T18319] ? f2fs_fill_dentries+0xd50/0xd50 [ 954.277369][T18319] ? avc_policy_seqno+0x1b/0x70 [ 954.282157][T18319] ? __kasan_check_read+0x11/0x20 [ 954.287015][T18319] ? fsnotify_perm+0x470/0x5d0 [ 954.291615][T18319] ? security_file_permission+0x86/0xb0 [ 954.295900][T19891] F2FS-fs (loop1): Found nat_bits in checkpoint [ 954.296993][T18319] iterate_dir+0x265/0x610 [ 954.307335][T18319] ? f2fs_fill_dentries+0xd50/0xd50 [ 954.312358][T18319] __se_sys_getdents64+0x1c1/0x460 [ 954.317315][T18319] ? __x64_sys_getdents64+0x90/0x90 [ 954.322484][T18319] ? filldir+0x680/0x680 [ 954.326524][T18319] __x64_sys_getdents64+0x7b/0x90 [ 954.331478][T18319] do_syscall_64+0x3d/0xb0 [ 954.335723][T18319] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 954.341617][T18319] RIP: 0033:0x7f145c59dc73 [ 954.344013][T19891] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0 [ 954.345867][T18319] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 e2 44 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8 [ 954.345887][T18319] RSP: 002b:00007ffe86a44188 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9 [ 954.345910][T18319] RAX: ffffffffffffffda RBX: 0000555556c844e0 RCX: 00007f145c59dc73 [ 954.345926][T18319] RDX: 0000000000008000 RSI: 0000555556c844e0 RDI: 0000000000000005 [ 954.352986][T19891] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 954.372277][T18319] RBP: 0000555556c844b4 R08: 0000000000000000 R09: 0000000000000000 [ 954.372295][T18319] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8 [ 954.372309][T18319] R13: 0000000000000010 R14: 0000555556c844b0 R15: 00000000000e8a37 [ 954.372330][T18319] [ 954.457489][ T8] attempt to access beyond end of device [ 954.457489][ T8] loop2: rw=2049, want=41000, limit=40427 [ 954.469946][T18281] attempt to access beyond end of device [ 954.469946][T18281] loop1: rw=524288, want=45072, limit=40427 [ 954.488136][T18281] attempt to access beyond end of device [ 954.488136][T18281] loop1: rw=0, want=45072, limit=40427 [ 954.521655][ T426] attempt to access beyond end of device [ 954.521655][ T426] loop1: rw=1, want=45104, limit=40427 [ 954.538243][ T426] attempt to access beyond end of device [ 954.538243][ T426] loop1: rw=2049, want=40992, limit=40427 [ 954.703368][ T7760] usb 4-1: new high-speed USB device number 84 using dummy_hcd [ 955.034845][T19912] FAULT_INJECTION: forcing a failure. [ 955.034845][T19912] name failslab, interval 1, probability 0, space 0, times 0 [ 955.065027][T19912] CPU: 0 PID: 19912 Comm: syz.4.5189 Tainted: G W 5.15.151-syzkaller-00415-gdb06c48ab67e #0 [ 955.076418][T19912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 955.086400][T19912] Call Trace: [ 955.089538][T19912] [ 955.092355][T19912] dump_stack_lvl+0x151/0x1b7 [ 955.096826][T19912] ? io_uring_drop_tctx_refs+0x190/0x190 [ 955.102288][T19912] dump_stack+0x15/0x17 [ 955.106268][T19912] should_fail+0x3c6/0x510 [ 955.110530][T19912] __should_failslab+0xa4/0xe0 [ 955.115123][T19912] should_failslab+0x9/0x20 [ 955.119461][T19912] slab_pre_alloc_hook+0x37/0xd0 [ 955.124235][T19912] ? v9fs_session_init+0xab/0x19b0 [ 955.129189][T19912] __kmalloc_track_caller+0x6c/0x260 [ 955.134485][T19912] ? ____kasan_kmalloc+0xed/0x110 [ 955.139337][T19912] ? v9fs_session_init+0xab/0x19b0 [ 955.144282][T19912] ? kmem_cache_alloc_trace+0x115/0x210 [ 955.149661][T19912] kstrdup+0x34/0x70 [ 955.153592][T19912] v9fs_session_init+0xab/0x19b0 [ 955.158462][T19912] ? v9fs_show_options+0x570/0x570 [ 955.163404][T19912] ? __kasan_kmalloc+0x9/0x10 [ 955.167924][T19912] ? v9fs_mount+0x5f/0x7f0 [ 955.172167][T19912] v9fs_mount+0x75/0x7f0 [ 955.176270][T19912] legacy_get_tree+0xf1/0x190 [ 955.180759][T19912] ? incfs_get_verity_signature+0x420/0x420 [ 955.186488][T19912] vfs_get_tree+0x88/0x290 [ 955.190846][T19912] do_new_mount+0x2ba/0xb30 [ 955.195185][T19912] ? do_move_mount_old+0x160/0x160 [ 955.200137][T19912] ? security_capable+0x87/0xb0 [ 955.204825][T19912] ? ns_capable+0x89/0xe0 [ 955.208987][T19912] path_mount+0x671/0x1070 [ 955.213259][T19912] __se_sys_mount+0x2c4/0x3b0 [ 955.217749][T19912] ? fput+0x1a/0x20 [ 955.221469][T19912] ? __x64_sys_mount+0xd0/0xd0 [ 955.226286][T19912] ? debug_smp_processor_id+0x17/0x20 [ 955.231592][T19912] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 955.237491][T19912] __x64_sys_mount+0xbf/0xd0 [ 955.241914][T19912] do_syscall_64+0x3d/0xb0 [ 955.246166][T19912] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 955.251892][T19912] RIP: 0033:0x7f0e0a6b0bd9 [ 955.256196][T19912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 955.276085][T19912] RSP: 002b:00007f0e09932048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 955.284293][T19912] RAX: ffffffffffffffda RBX: 00007f0e0a83ef60 RCX: 00007f0e0a6b0bd9 [ 955.292103][T19912] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 955.299911][T19912] RBP: 00007f0e099320a0 R08: 0000000020000300 R09: 0000000000000000 [ 955.307722][T19912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 955.315541][T19912] R13: 000000000000000b R14: 00007f0e0a83ef60 R15: 00007ffefba33d68 [ 955.323439][T19912] [ 955.391029][ T7760] usb 4-1: Using ep0 maxpacket: 32 [ 955.440123][T19913] bridge0: port 1(bridge_slave_0) entered blocking state [ 955.447619][T19913] bridge0: port 1(bridge_slave_0) entered disabled state [ 955.457750][T19913] device bridge_slave_0 entered promiscuous mode [ 955.488999][T19913] bridge0: port 2(bridge_slave_1) entered blocking state [ 955.496044][T19913] bridge0: port 2(bridge_slave_1) entered disabled state [ 955.513554][T19913] device bridge_slave_1 entered promiscuous mode [ 955.590449][ T320] device bridge_slave_1 left promiscuous mode [ 955.599622][ T320] bridge0: port 2(bridge_slave_1) entered disabled state [ 955.615207][ T320] device bridge_slave_0 left promiscuous mode [ 955.625171][T19923] loop0: detected capacity change from 0 to 40427 [ 955.631600][ T320] bridge0: port 1(bridge_slave_0) entered disabled state [ 955.646772][T19923] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(262146) root(3) [ 955.651328][T19920] loop4: detected capacity change from 0 to 40427 [ 955.661211][ T320] device veth1_macvtap left promiscuous mode [ 955.661510][T19923] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 955.672704][ T320] device veth0_vlan left promiscuous mode [ 955.680988][ T7760] usb 4-1: New USB device found, idVendor=0ace, idProduct=2011, bcdDevice= 1.01 [ 955.689048][T19923] F2FS-fs (loop0): Found nat_bits in checkpoint [ 955.690483][ T7760] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 955.704178][ T7760] usb 4-1: Product: syz [ 955.708622][ T7760] usb 4-1: Manufacturer: syz [ 955.710773][T19920] F2FS-fs (loop4): Found nat_bits in checkpoint [ 955.713105][ T7760] usb 4-1: SerialNumber: syz [ 955.724637][ T7760] usb 4-1: config 0 descriptor?? [ 955.759418][T19923] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 955.765229][ T7760] usb-storage 4-1:0.0: USB Mass Storage device detected [ 955.767303][T19923] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 955.795325][ T7760] usb-storage 4-1:0.0: device ignored [ 955.801134][T19920] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 955.927645][T16247] attempt to access beyond end of device [ 955.927645][T16247] loop0: rw=524288, want=45072, limit=40427 [ 955.939494][T16247] attempt to access beyond end of device [ 955.939494][T16247] loop0: rw=0, want=45072, limit=40427 [ 955.994215][ T2109] attempt to access beyond end of device [ 955.994215][ T2109] loop0: rw=1, want=45104, limit=40427 [ 956.067865][T19937] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 956.137209][T19894] UDC core: couldn't find an available UDC or it's busy: -16 [ 956.163823][ T2109] attempt to access beyond end of device [ 956.163823][ T2109] loop0: rw=2049, want=40992, limit=40427 [ 956.189061][T19915] bridge0: port 1(bridge_slave_0) entered blocking state [ 956.211854][T19894] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 956.219973][T19915] bridge0: port 1(bridge_slave_0) entered disabled state [ 956.227543][T19915] device bridge_slave_0 entered promiscuous mode [ 956.234802][T19915] bridge0: port 2(bridge_slave_1) entered blocking state [ 956.242154][T19915] bridge0: port 2(bridge_slave_1) entered disabled state [ 956.252265][T19894] loop3: detected capacity change from 0 to 256 [ 956.259536][T19915] device bridge_slave_1 entered promiscuous mode [ 956.283374][T19259] F2FS-fs (loop4): Inconsistent error blkaddr:5633, sit bitmap:0 [ 956.293270][T19259] CPU: 0 PID: 19259 Comm: syz-executor Tainted: G W 5.15.151-syzkaller-00415-gdb06c48ab67e #0 [ 956.304644][T19259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 956.314634][T19259] Call Trace: [ 956.317757][T19259] [ 956.320566][T19259] dump_stack_lvl+0x151/0x1b7 [ 956.325130][T19259] ? io_uring_drop_tctx_refs+0x190/0x190 [ 956.330594][T19259] ? arch_stack_walk+0xf3/0x140 [ 956.335282][T19259] dump_stack+0x15/0x17 [ 956.339272][T19259] f2fs_is_valid_blkaddr+0xc87/0x12d0 [ 956.344481][T19259] f2fs_map_blocks+0x1631/0x3ac0 [ 956.349351][T19259] ? __stack_depot_save+0x34/0x470 [ 956.354293][T19259] ? f2fs_do_map_lock+0x70/0x70 [ 956.358995][T19259] ? debug_smp_processor_id+0x17/0x20 [ 956.364182][T19259] ? try_charge_memcg+0x213/0x1550 [ 956.369325][T19259] f2fs_mpage_readpages+0xc94/0x2160 [ 956.374424][T19259] ? xas_start+0x32c/0x3f0 [ 956.378681][T19259] ? dquot_release_reservation_block+0xa0/0xa0 [ 956.384662][T19259] ? workingset_activation+0x3f0/0x3f0 [ 956.389964][T19259] f2fs_readahead+0xfd/0x250 [ 956.394384][T19259] ? blk_start_plug+0x5a/0x170 [ 956.399080][T19259] read_pages+0x15e/0xb00 [ 956.403389][T19259] ? lru_cache_add+0x279/0x540 [ 956.407984][T19259] ? page_cache_ra_unbounded+0x920/0x920 [ 956.413450][T19259] ? add_to_page_cache_lru+0x225/0x2c0 [ 956.418747][T19259] ? add_to_page_cache_locked+0x40/0x40 [ 956.424226][T19259] ? __stack_depot_save+0x34/0x470 [ 956.429206][T19259] page_cache_ra_unbounded+0x6cb/0x920 [ 956.434469][T19259] ? read_cache_pages_invalidate_pages+0x1c0/0x1c0 [ 956.440792][T19259] ? _raw_spin_unlock+0x4d/0x70 [ 956.445478][T19259] ? wp_page_reuse+0xff/0x120 [ 956.450078][T19259] ondemand_readahead+0x9c8/0xfa0 [ 956.454939][T19259] ? handle_pte_fault+0x7c0/0x24d0 [ 956.459886][T19259] ? page_cache_sync_ra+0x4d0/0x4d0 [ 956.464934][T19259] ? fault_around_bytes_set+0xc0/0xc0 [ 956.470127][T19259] page_cache_sync_ra+0x2e9/0x4d0 [ 956.474998][T19259] ? force_page_cache_ra+0x420/0x420 [ 956.480106][T19259] ? do_handle_mm_fault+0x17e1/0x23a0 [ 956.485320][T19259] f2fs_readdir+0x52d/0xba0 [ 956.489762][T19259] ? f2fs_fill_dentries+0xd50/0xd50 [ 956.494790][T19259] ? avc_policy_seqno+0x1b/0x70 [ 956.499478][T19259] ? __kasan_check_read+0x11/0x20 [ 956.504336][T19259] ? fsnotify_perm+0x470/0x5d0 [ 956.508939][T19259] ? security_file_permission+0x86/0xb0 [ 956.514321][T19259] iterate_dir+0x265/0x610 [ 956.518745][T19259] ? f2fs_fill_dentries+0xd50/0xd50 [ 956.523865][T19259] __se_sys_getdents64+0x1c1/0x460 [ 956.528814][T19259] ? __x64_sys_getdents64+0x90/0x90 [ 956.533869][T19259] ? filldir+0x680/0x680 [ 956.537943][T19259] __x64_sys_getdents64+0x7b/0x90 [ 956.542787][T19259] do_syscall_64+0x3d/0xb0 [ 956.547039][T19259] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 956.553309][T19259] RIP: 0033:0x7f0e0a6e2c73 [ 956.557553][T19259] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 e2 44 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8 [ 956.577263][T19259] RSP: 002b:00007ffefba31e48 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9 [ 956.586349][T19259] RAX: ffffffffffffffda RBX: 00005555569d04e0 RCX: 00007f0e0a6e2c73 [ 956.594261][T19259] RDX: 0000000000008000 RSI: 00005555569d04e0 RDI: 0000000000000005 [ 956.602289][T19259] RBP: 00005555569d04b4 R08: 0000000000000000 R09: 0000000000000000 [ 956.610265][T19259] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8 [ 956.618324][T19259] R13: 0000000000000010 R14: 00005555569d04b0 R15: 00000000000e93b9 [ 956.626337][T19259] [ 956.630064][T19259] F2FS-fs (loop4): Inconsistent error blkaddr:5633, sit bitmap:0 [ 956.634086][T19894] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb69a62dc, utbl_chksum : 0xe619d30d) [ 956.639004][T19259] CPU: 1 PID: 19259 Comm: syz-executor Tainted: G W 5.15.151-syzkaller-00415-gdb06c48ab67e #0 [ 956.661080][T19259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 956.666978][T19894] UDC core: couldn't find an available UDC or it's busy: -16 [ 956.671145][T19259] Call Trace: [ 956.671156][T19259] [ 956.671164][T19259] dump_stack_lvl+0x151/0x1b7 [ 956.680156][T19894] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 956.681478][T19259] ? io_uring_drop_tctx_refs+0x190/0x190 [ 956.693234][ T2175] usb 4-1: USB disconnect, device number 84 [ 956.696059][T19259] dump_stack+0x15/0x17 [ 956.696085][T19259] f2fs_is_valid_blkaddr+0xc87/0x12d0 [ 956.716540][T19259] f2fs_get_read_data_page+0x4be/0x7e0 [ 956.721851][T19259] ? f2fs_get_block+0x1b0/0x1b0 [ 956.726689][T19259] ? force_page_cache_ra+0x420/0x420 [ 956.731810][T19259] f2fs_find_data_page+0x19c/0x420 [ 956.736858][T19259] f2fs_readdir+0x53a/0xba0 [ 956.742606][T19259] ? f2fs_fill_dentries+0xd50/0xd50 [ 956.747941][T19259] ? avc_policy_seqno+0x1b/0x70 [ 956.752609][T19259] ? __kasan_check_read+0x11/0x20 [ 956.757476][T19259] ? fsnotify_perm+0x470/0x5d0 [ 956.762092][T19259] ? security_file_permission+0x86/0xb0 [ 956.767458][T19259] iterate_dir+0x265/0x610 [ 956.771702][T19259] ? f2fs_fill_dentries+0xd50/0xd50 [ 956.776741][T19259] __se_sys_getdents64+0x1c1/0x460 [ 956.781780][T19259] ? __x64_sys_getdents64+0x90/0x90 [ 956.786801][T19259] ? filldir+0x680/0x680 [ 956.790898][T19259] __x64_sys_getdents64+0x7b/0x90 [ 956.796022][T19259] do_syscall_64+0x3d/0xb0 [ 956.800378][T19259] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 956.806420][T19259] RIP: 0033:0x7f0e0a6e2c73 [ 956.810877][T19259] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 e2 44 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8 [ 956.830569][T19259] RSP: 002b:00007ffefba31e48 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9 [ 956.838989][T19259] RAX: ffffffffffffffda RBX: 00005555569d04e0 RCX: 00007f0e0a6e2c73 [ 956.846910][T19259] RDX: 0000000000008000 RSI: 00005555569d04e0 RDI: 0000000000000005 [ 956.854734][T19259] RBP: 00005555569d04b4 R08: 0000000000000000 R09: 0000000000000000 [ 956.862870][T19259] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8 [ 956.872278][T19259] R13: 0000000000000010 R14: 00005555569d04b0 R15: 00000000000e93b9 [ 956.880176][T19259] [ 956.903876][ T8] attempt to access beyond end of device [ 956.903876][ T8] loop4: rw=2049, want=41000, limit=40427 [ 957.085706][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 957.096808][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 957.136311][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 957.145342][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 957.153901][T12644] bridge0: port 1(bridge_slave_0) entered blocking state [ 957.160889][T12644] bridge0: port 1(bridge_slave_0) entered forwarding state [ 957.176550][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 957.195787][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 957.204790][T12644] bridge0: port 2(bridge_slave_1) entered blocking state [ 957.211666][T12644] bridge0: port 2(bridge_slave_1) entered forwarding state [ 957.219061][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 957.226930][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 957.234417][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 957.244506][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 957.252719][T12644] bridge0: port 1(bridge_slave_0) entered blocking state [ 957.259615][T12644] bridge0: port 1(bridge_slave_0) entered forwarding state [ 957.267308][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 957.275856][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 957.284171][T12644] bridge0: port 2(bridge_slave_1) entered blocking state [ 957.291191][T12644] bridge0: port 2(bridge_slave_1) entered forwarding state [ 957.298459][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 957.306432][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 957.314606][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 957.322167][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 957.367209][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 957.375934][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 957.383735][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 957.391821][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 957.431719][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 957.440464][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 957.451168][T19913] device veth0_vlan entered promiscuous mode [ 957.480493][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 957.488472][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 957.503704][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 957.511089][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 957.524211][T19915] device veth0_vlan entered promiscuous mode [ 957.538580][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 957.547490][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 957.556043][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 957.563818][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 957.577354][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 957.584800][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 957.596797][T19952] bridge0: port 1(bridge_slave_0) entered blocking state [ 957.603710][T19952] bridge0: port 1(bridge_slave_0) entered disabled state [ 957.611257][T19952] device bridge_slave_0 entered promiscuous mode [ 957.618509][T19952] bridge0: port 2(bridge_slave_1) entered blocking state [ 957.625533][T19952] bridge0: port 2(bridge_slave_1) entered disabled state [ 957.632836][T19952] device bridge_slave_1 entered promiscuous mode [ 957.647369][T19954] bridge0: port 1(bridge_slave_0) entered blocking state [ 957.654276][T19954] bridge0: port 1(bridge_slave_0) entered disabled state [ 957.661752][T19954] device bridge_slave_0 entered promiscuous mode [ 957.669303][T19954] bridge0: port 2(bridge_slave_1) entered blocking state [ 957.676335][T19954] bridge0: port 2(bridge_slave_1) entered disabled state [ 957.683805][T19954] device bridge_slave_1 entered promiscuous mode [ 957.759890][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 957.773835][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 957.783797][T19913] device veth1_macvtap entered promiscuous mode [ 957.795483][T19915] device veth1_macvtap entered promiscuous mode [ 957.815477][ T7760] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 957.823836][ T7760] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 957.832318][ T7760] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 957.840585][ T7760] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 957.874083][ T353] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 957.882747][ T353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 957.891147][ T353] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 957.899385][ T353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 957.950852][ T353] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 957.959237][ T353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 957.968347][ T353] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 957.976534][ T353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 958.069448][ T30] audit: type=1326 audit(1720968920.860:6129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19967 comm="syz.2.5192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b33a1ebd9 code=0x7ffc0000 [ 958.119134][ T7760] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 958.127835][ T7760] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 958.142430][ T7760] bridge0: port 1(bridge_slave_0) entered blocking state [ 958.149359][ T7760] bridge0: port 1(bridge_slave_0) entered forwarding state [ 958.162568][T12644] usb 4-1: new high-speed USB device number 85 using dummy_hcd [ 958.170590][ T30] audit: type=1326 audit(1720968920.860:6130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19967 comm="syz.2.5192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b33a1ebd9 code=0x7ffc0000 [ 958.194397][ T30] audit: type=1326 audit(1720968920.860:6131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19967 comm="syz.2.5192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5b33a1ebd9 code=0x7ffc0000 [ 958.243207][ T2175] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 958.414625][T12644] usb 4-1: Using ep0 maxpacket: 32 [ 958.428146][T12643] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 958.453700][T12643] bridge0: port 2(bridge_slave_1) entered blocking state [ 958.460622][T12643] bridge0: port 2(bridge_slave_1) entered forwarding state [ 958.545001][T12644] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 62, changing to 9 [ 958.564514][ T30] kauditd_printk_skb: 8 callbacks suppressed [ 958.571851][ T30] audit: type=1326 audit(1720968921.350:6140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19980 comm="syz.2.5207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b33a1ebd9 code=0x7ffc0000 [ 958.603787][T12644] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 50931, setting to 1024 [ 958.687271][T12644] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 958.718352][ T30] audit: type=1326 audit(1720968921.390:6141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19980 comm="syz.2.5207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5b33a1ebd9 code=0x7ffc0000 [ 958.767123][ T30] audit: type=1326 audit(1720968921.390:6142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19980 comm="syz.2.5207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b33a1ebd9 code=0x7ffc0000 [ 958.791596][ T320] device bridge_slave_1 left promiscuous mode [ 958.798061][ T30] audit: type=1326 audit(1720968921.390:6143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19980 comm="syz.2.5207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5b33a1ebd9 code=0x7ffc0000 [ 958.817414][T12644] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 958.824747][ T320] bridge0: port 2(bridge_slave_1) entered disabled state [ 958.837821][ T30] audit: type=1326 audit(1720968921.390:6144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19980 comm="syz.2.5207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b33a1ebd9 code=0x7ffc0000 [ 958.838055][ T320] device bridge_slave_0 left promiscuous mode [ 958.841448][T12644] usb 4-1: config 0 descriptor?? [ 958.872345][ T30] audit: type=1326 audit(1720968921.390:6145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19980 comm="syz.2.5207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=75 compat=0 ip=0x7f5b33a1ebd9 code=0x7ffc0000 [ 958.874928][ T320] bridge0: port 1(bridge_slave_0) entered disabled state [ 958.896229][ T30] audit: type=1326 audit(1720968921.390:6146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19980 comm="syz.2.5207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b33a1ebd9 code=0x7ffc0000 [ 958.902821][T19963] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 958.944890][ T320] device macsec0 left promiscuous mode [ 958.950450][ T320] bridge0: port 3(macsec0) entered disabled state [ 958.967985][ T320] device bridge_slave_1 left promiscuous mode [ 958.983467][T19988] FAULT_INJECTION: forcing a failure. [ 958.983467][T19988] name failslab, interval 1, probability 0, space 0, times 0 [ 958.985348][T12644] hub 4-1:0.0: USB hub found [ 959.004649][ T320] bridge0: port 2(bridge_slave_1) entered disabled state [ 959.015188][T19988] CPU: 0 PID: 19988 Comm: syz.1.5209 Tainted: G W 5.15.151-syzkaller-00415-gdb06c48ab67e #0 [ 959.026957][T19988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 959.036840][T19988] Call Trace: [ 959.039978][T19988] [ 959.042732][T19988] dump_stack_lvl+0x151/0x1b7 [ 959.047246][T19988] ? io_uring_drop_tctx_refs+0x190/0x190 [ 959.052714][T19988] ? dev_queue_xmit+0x20/0x20 [ 959.057228][T19988] dump_stack+0x15/0x17 [ 959.061223][T19988] should_fail+0x3c6/0x510 [ 959.065564][T19988] __should_failslab+0xa4/0xe0 [ 959.070164][T19988] ? skb_clone+0x1d1/0x360 [ 959.074411][T19988] should_failslab+0x9/0x20 [ 959.078754][T19988] slab_pre_alloc_hook+0x37/0xd0 [ 959.083645][T19988] ? skb_clone+0x1d1/0x360 [ 959.087905][T19988] kmem_cache_alloc+0x44/0x200 [ 959.092493][T19988] skb_clone+0x1d1/0x360 [ 959.096576][T19988] bpf_clone_redirect+0xa6/0x390 [ 959.101350][T19988] bpf_prog_b36a1f39e2fdd4f4+0x56/0x39c [ 959.106728][T19988] ? trace_event_raw_event_sys_enter+0x50/0x130 [ 959.112802][T19988] ? __stack_depot_save+0x34/0x470 [ 959.117749][T19988] ? __kasan_slab_alloc+0xc3/0xe0 [ 959.122606][T19988] ? __kasan_slab_alloc+0xb1/0xe0 [ 959.127468][T19988] ? slab_post_alloc_hook+0x53/0x2c0 [ 959.132588][T19988] ? kmem_cache_alloc+0xf5/0x200 [ 959.137363][T19988] ? __build_skb+0x2a/0x300 [ 959.141706][T19988] ? build_skb+0x25/0x1f0 [ 959.145874][T19988] ? bpf_prog_test_run_skb+0x38e/0x1420 [ 959.151251][T19988] ? bpf_prog_test_run+0x3b0/0x630 [ 959.156196][T19988] ? __sys_bpf+0x525/0x760 [ 959.160459][T19988] ? __x64_sys_bpf+0x7c/0x90 [ 959.164875][T19988] ? do_syscall_64+0x3d/0xb0 [ 959.169316][T19988] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 959.175210][T19988] ? __kasan_check_read+0x11/0x20 [ 959.180063][T19988] ? bpf_test_timer_continue+0x140/0x460 [ 959.185541][T19988] ? kvm_sched_clock_read+0x18/0x40 [ 959.190567][T19988] ? sched_clock+0x9/0x10 [ 959.194732][T19988] bpf_test_run+0x678/0xa10 [ 959.199080][T19988] ? convert___skb_to_skb+0x570/0x570 [ 959.204280][T19988] ? eth_type_trans+0x2c6/0x600 [ 959.208978][T19988] ? eth_get_headlen+0x240/0x240 [ 959.213745][T19988] ? bpf_prog_test_run_skb+0x7bd/0x1420 [ 959.219122][T19988] ? convert___skb_to_skb+0x44/0x570 [ 959.224328][T19988] ? memcpy+0x56/0x70 [ 959.224654][T12644] hub 4-1:0.0: 1 port detected [ 959.228146][T19988] bpf_prog_test_run_skb+0xb41/0x1420 [ 959.237955][T19988] ? __kasan_check_write+0x14/0x20 [ 959.242921][T19988] ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0 [ 959.248631][T19988] ? __kasan_check_write+0x14/0x20 [ 959.253665][T19988] ? fput_many+0x160/0x1b0 [ 959.257931][T19988] ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0 [ 959.263671][T19988] bpf_prog_test_run+0x3b0/0x630 [ 959.268420][T19988] ? bpf_prog_query+0x220/0x220 [ 959.273102][T19988] ? selinux_bpf+0xd2/0x100 [ 959.277445][T19988] ? security_bpf+0x82/0xb0 [ 959.281784][T19988] __sys_bpf+0x525/0x760 [ 959.285894][T19988] ? fput_many+0x160/0x1b0 [ 959.290287][T19988] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 959.295503][T19988] ? debug_smp_processor_id+0x17/0x20 [ 959.300706][T19988] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 959.306608][T19988] __x64_sys_bpf+0x7c/0x90 [ 959.310859][T19988] do_syscall_64+0x3d/0xb0 [ 959.315111][T19988] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 959.320946][T19988] RIP: 0033:0x7fc1c3f6ebd9 [ 959.325652][T19988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 959.345417][T19988] RSP: 002b:00007fc1c31f0048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 959.353744][T19988] RAX: ffffffffffffffda RBX: 00007fc1c40fcf60 RCX: 00007fc1c3f6ebd9 [ 959.361553][T19988] RDX: 0000000000000048 RSI: 0000000020000040 RDI: 000000000000000a [ 959.369367][T19988] RBP: 00007fc1c31f00a0 R08: 0000000000000000 R09: 0000000000000000 [ 959.377178][T19988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 959.384990][T19988] R13: 000000000000000b R14: 00007fc1c40fcf60 R15: 00007fff5a8856f8 [ 959.392806][T19988] [ 959.399054][ T320] device bridge_slave_0 left promiscuous mode [ 959.406287][ T320] bridge0: port 1(bridge_slave_0) entered disabled state [ 959.414992][ T320] device bridge_slave_1 left promiscuous mode [ 959.421243][ T320] bridge0: port 2(bridge_slave_1) entered disabled state [ 959.429013][ T320] device bridge_slave_0 left promiscuous mode [ 959.435187][ T320] bridge0: port 1(bridge_slave_0) entered disabled state [ 959.444424][ T320] device veth1_macvtap left promiscuous mode [ 959.450344][ T320] device veth0_vlan left promiscuous mode [ 959.456245][ T320] device veth1_macvtap left promiscuous mode [ 959.462273][ T320] device veth0_vlan left promiscuous mode [ 959.468317][ T320] device veth1_macvtap left promiscuous mode [ 959.474267][ T320] device veth0_vlan left promiscuous mode [ 959.604297][ T30] audit: type=1400 audit(1720968922.390:6147): avc: denied { read write } for pid=19999 comm="syz.1.5212" name="raw-gadget" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 959.646410][ T30] audit: type=1400 audit(1720968922.430:6148): avc: denied { open } for pid=19999 comm="syz.1.5212" path="/dev/raw-gadget" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 959.678250][ T30] audit: type=1400 audit(1720968922.430:6149): avc: denied { ioctl } for pid=19999 comm="syz.1.5212" path="/dev/raw-gadget" dev="devtmpfs" ino=162 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 959.904612][ T321] usb 2-1: new high-speed USB device number 66 using dummy_hcd [ 959.953974][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 959.962000][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 959.969759][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 959.979418][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 959.987714][T12645] bridge0: port 1(bridge_slave_0) entered blocking state [ 959.994601][T12645] bridge0: port 1(bridge_slave_0) entered forwarding state [ 960.008223][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 960.008610][T20003] loop2: detected capacity change from 0 to 512 [ 960.016669][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 960.030619][T12645] bridge0: port 2(bridge_slave_1) entered blocking state [ 960.037662][T12645] bridge0: port 2(bridge_slave_1) entered forwarding state [ 960.045159][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 960.053101][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 960.061035][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 960.069066][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 960.085751][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 960.097704][T20003] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 960.099800][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 960.115704][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 960.123652][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 960.132325][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 960.147520][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 960.155939][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 960.156489][T20003] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 960.176833][T19954] device veth0_vlan entered promiscuous mode [ 960.186361][T20003] EXT4-fs (loop2): 1 truncate cleaned up [ 960.191925][T20003] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 960.200939][T19954] device veth1_macvtap entered promiscuous mode [ 960.213140][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 960.222806][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 960.231470][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 960.240026][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 960.250718][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 960.259104][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 960.267333][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 960.275687][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 960.283220][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 960.292749][T19952] device veth0_vlan entered promiscuous mode [ 960.299342][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 960.304687][ T321] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 960.307782][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 960.317981][ T321] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 960.326123][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 960.342521][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 960.351045][ T321] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 960.361117][ T321] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 960.375342][ T353] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 960.376807][ T321] usb 2-1: config 0 descriptor?? [ 960.383595][ T353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 960.405055][ T2175] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 960.423430][ T2175] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 960.445227][ T9222] usb 4-1: USB disconnect, device number 85 [ 960.455085][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 960.463537][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 960.476180][T19952] device veth1_macvtap entered promiscuous mode [ 960.510398][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 960.519294][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 960.528124][T12645] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 960.557777][ T353] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 960.566036][T20013] loop0: detected capacity change from 0 to 512 [ 960.569345][ T353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 960.584122][T20014] loop4: detected capacity change from 0 to 512 [ 960.631318][T20009] loop2: detected capacity change from 0 to 40427 [ 960.659171][T20013] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.5206: inode #1: comm syz.0.5206: iget: illegal inode # [ 960.672607][T20013] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.5206: error while reading EA inode 1 err=-117 [ 960.685490][T20013] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.5206: inode #1: comm syz.0.5206: iget: illegal inode # [ 960.690855][T20009] F2FS-fs (loop2): Small segment_count (9 < 1 * 24) [ 960.713453][T20009] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 960.720313][T20013] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.5206: error while reading EA inode 1 err=-117 [ 960.735238][T20013] EXT4-fs (loop0): 1 orphan inode deleted [ 960.741003][T20013] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue. Quota mode: writeback. [ 960.742955][T20009] F2FS-fs (loop2): Found nat_bits in checkpoint [ 960.819103][T20009] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 960.826650][T20009] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 960.853117][T19915] attempt to access beyond end of device [ 960.853117][T19915] loop2: rw=524288, want=45072, limit=40427 [ 960.865338][T19915] attempt to access beyond end of device [ 960.865338][T19915] loop2: rw=0, want=45072, limit=40427 [ 960.884840][ T321] hid (null): bogus close delimiter [ 960.916600][T19915] attempt to access beyond end of device [ 960.916600][T19915] loop2: rw=2049, want=45120, limit=40427 [ 961.094741][ T321] usb 2-1: language id specifier not provided by device, defaulting to English [ 961.574828][T20032] bridge0: port 1(bridge_slave_0) entered blocking state [ 961.591003][T20032] bridge0: port 1(bridge_slave_0) entered disabled state [ 961.604332][T20032] device bridge_slave_0 entered promiscuous mode [ 961.632317][T20000] UDC core: couldn't find an available UDC or it's busy: -16 [ 961.643553][T20000] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 961.657613][T20032] bridge0: port 2(bridge_slave_1) entered blocking state [ 961.664484][T20032] bridge0: port 2(bridge_slave_1) entered disabled state [ 961.672229][T20032] device bridge_slave_1 entered promiscuous mode [ 961.684650][ T321] uclogic 0003:256C:006D.0049: failed retrieving string descriptor #200: -71 [ 961.693392][ T321] uclogic 0003:256C:006D.0049: failed retrieving pen parameters: -71 [ 961.701379][ T321] uclogic 0003:256C:006D.0049: failed probing pen v2 parameters: -71 [ 962.150666][ T321] uclogic 0003:256C:006D.0049: failed probing parameters: -71 [ 962.158113][ T321] uclogic: probe of 0003:256C:006D.0049 failed with error -71 [ 962.172481][ T321] usb 2-1: USB disconnect, device number 66 [ 962.313183][ T320] device bridge_slave_1 left promiscuous mode [ 962.319893][ T320] bridge0: port 2(bridge_slave_1) entered disabled state [ 962.327787][ T320] device bridge_slave_0 left promiscuous mode [ 962.334019][ T320] bridge0: port 1(bridge_slave_0) entered disabled state [ 962.346299][ T320] device veth1_macvtap left promiscuous mode [ 962.352154][ T320] device veth0_vlan left promiscuous mode [ 962.405177][T20059] loop4: detected capacity change from 0 to 128 [ 962.416997][T20059] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 962.479148][T20061] loop4: detected capacity change from 0 to 256 [ 962.505800][T20061] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 962.514433][T20061] FAT-fs (loop4): Filesystem has been set read-only [ 962.522531][T20061] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 962.531359][T20061] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 962.540438][T20061] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 962.549303][T20061] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 962.558124][T20061] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 962.567486][T20061] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 962.576287][T20061] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 962.585100][T20061] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 962.593724][T20061] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 962.612472][T20061] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 962.621207][T20061] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 962.714690][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 962.772380][T12644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 962.823114][T20067] FAULT_INJECTION: forcing a failure. [ 962.823114][T20067] name failslab, interval 1, probability 0, space 0, times 0 [ 962.835937][T20067] CPU: 0 PID: 20067 Comm: syz.4.5228 Tainted: G W 5.15.151-syzkaller-00415-gdb06c48ab67e #0 [ 962.847137][T20067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 962.855627][T12646] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 962.857027][T20067] Call Trace: [ 962.857035][T20067] [ 962.865713][T12646] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 962.868049][T20067] dump_stack_lvl+0x151/0x1b7 [ 962.871052][T12646] bridge0: port 1(bridge_slave_0) entered blocking state [ 962.878637][T20067] ? io_uring_drop_tctx_refs+0x190/0x190 [ 962.878664][T20067] dump_stack+0x15/0x17 [ 962.878681][T20067] should_fail+0x3c6/0x510 [ 962.883155][T12646] bridge0: port 1(bridge_slave_0) entered forwarding state [ 962.890005][T20067] __should_failslab+0xa4/0xe0 [ 962.890030][T20067] ? getname_flags+0xba/0x520 [ 962.897020][T12646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 962.899468][T20067] should_failslab+0x9/0x20 [ 962.904163][T12646] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 962.910750][T20067] slab_pre_alloc_hook+0x37/0xd0 [ 962.910779][T20067] ? getname_flags+0xba/0x520 [ 962.910806][T20067] kmem_cache_alloc+0x44/0x200 [ 962.910828][T20067] getname_flags+0xba/0x520 [ 962.916266][T12646] bridge0: port 2(bridge_slave_1) entered blocking state [ 962.919865][T20067] getname+0x19/0x20 [ 962.927808][T12646] bridge0: port 2(bridge_slave_1) entered forwarding state [ 962.932097][T20067] do_sys_openat2+0xd7/0x830 [ 962.940844][T12646] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 962.944989][T20067] ? wait_for_completion_killable_timeout+0x10/0x10 [ 962.945026][T20067] ? __mutex_lock_slowpath+0x10/0x10 [ 962.945047][T20067] ? do_sys_open+0x220/0x220 [ 962.945064][T20067] ? __kasan_check_write+0x14/0x20 [ 962.945087][T20067] ? ksys_write+0x260/0x2c0 [ 962.945107][T20067] __x64_sys_creat+0x11f/0x160 [ 962.945125][T20067] ? __x64_compat_sys_openat+0x290/0x290 [ 962.950087][T12646] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 962.954207][T20067] ? debug_smp_processor_id+0x17/0x20 [ 962.960185][T12646] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 962.965493][T20067] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 962.965527][T20067] ? exit_to_user_mode_prepare+0x39/0xa0 [ 962.965552][T20067] do_syscall_64+0x3d/0xb0 [ 962.965573][T20067] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 963.072270][T20067] RIP: 0033:0x7f8eaa166bd9 [ 963.076522][T20067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 963.097794][T20067] RSP: 002b:00007f8ea93c7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 963.106068][T20067] RAX: ffffffffffffffda RBX: 00007f8eaa2f5038 RCX: 00007f8eaa166bd9 [ 963.113849][T20067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000200 [ 963.121817][T20067] RBP: 00007f8ea93c70a0 R08: 0000000000000000 R09: 0000000000000000 [ 963.130658][T20067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 963.139334][T20067] R13: 000000000000006e R14: 00007f8eaa2f5038 R15: 00007ffcf1301b68 [ 963.148398][T20067] [ 963.184857][ T7760] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 963.210004][T20032] device veth0_vlan entered promiscuous mode [ 963.390300][T20032] device veth1_macvtap entered promiscuous mode [ 963.552649][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 963.560775][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 963.568286][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 963.576303][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 963.584678][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 963.593384][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 963.601743][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 963.610109][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 963.680304][ T30] kauditd_printk_skb: 98 callbacks suppressed [ 963.680322][ T30] audit: type=1400 audit(1720968926.470:6248): avc: denied { getopt } for pid=20084 comm="syz.0.5235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 963.749311][T20073] bridge0: port 1(bridge_slave_0) entered blocking state [ 963.760878][ T30] audit: type=1400 audit(1720968926.500:6249): avc: denied { create } for pid=20084 comm="syz.0.5235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 963.762754][T20073] bridge0: port 1(bridge_slave_0) entered disabled state [ 963.790603][T20073] device bridge_slave_0 entered promiscuous mode [ 963.802450][T20073] bridge0: port 2(bridge_slave_1) entered blocking state [ 963.809410][T20073] bridge0: port 2(bridge_slave_1) entered disabled state [ 963.824186][T20073] device bridge_slave_1 entered promiscuous mode [ 963.833652][T20098] FAULT_INJECTION: forcing a failure. [ 963.833652][T20098] name failslab, interval 1, probability 0, space 0, times 0 [ 963.853969][T20100] loop3: detected capacity change from 0 to 256 [ 963.861176][T20098] CPU: 0 PID: 20098 Comm: syz.0.5239 Tainted: G W 5.15.151-syzkaller-00415-gdb06c48ab67e #0 [ 963.872391][T20098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 963.882277][T20098] Call Trace: [ 963.885414][T20098] [ 963.888176][T20098] dump_stack_lvl+0x151/0x1b7 [ 963.888590][ T30] audit: type=1400 audit(1720968926.500:6250): avc: denied { write } for pid=20084 comm="syz.0.5235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 963.892685][T20098] ? io_uring_drop_tctx_refs+0x190/0x190 [ 963.918591][T20098] dump_stack+0x15/0x17 [ 963.922578][T20098] should_fail+0x3c6/0x510 [ 963.926843][T20098] __should_failslab+0xa4/0xe0 [ 963.931438][T20098] ? __alloc_skb+0xbe/0x550 [ 963.935773][T20098] should_failslab+0x9/0x20 [ 963.940199][T20098] slab_pre_alloc_hook+0x37/0xd0 [ 963.944977][T20098] ? __alloc_skb+0xbe/0x550 [ 963.949570][T20098] kmem_cache_alloc+0x44/0x200 [ 963.954170][T20098] __alloc_skb+0xbe/0x550 [ 963.958336][T20098] audit_log_start+0x456/0xa80 [ 963.960884][ T30] audit: type=1400 audit(1720968926.500:6251): avc: denied { nlmsg_read } for pid=20084 comm="syz.0.5235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 963.963068][T20098] ? ____kasan_slab_free+0x131/0x160 [ 963.988914][T20098] ? audit_serial+0x30/0x30 [ 963.993252][T20098] ? migrate_enable+0x1c1/0x2a0 [ 963.998021][T20098] ? proc_fail_nth_read+0x210/0x210 [ 964.003055][T20098] ? fsnotify_perm+0x6a/0x5d0 [ 964.007571][T20098] audit_seccomp+0x61/0x1e0 [ 964.011908][T20098] ? migrate_disable+0xd9/0x190 [ 964.013592][ T30] audit: type=1400 audit(1720968926.530:6252): avc: denied { audit_write } for pid=20087 comm="syz.3.5236" capability=29 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 964.016941][T20098] __seccomp_filter+0xc08/0x1c60 [ 964.016967][T20098] ? file_end_write+0x1c0/0x1c0 [ 964.016987][T20098] ? __secure_computing+0x300/0x300 [ 964.017006][T20098] ? mutex_unlock+0xb2/0x260 [ 964.056959][T20098] ? wait_for_completion_killable_timeout+0x10/0x10 [ 964.063493][T20098] ? __mutex_lock_slowpath+0x10/0x10 [ 964.064171][ T30] audit: type=1107 audit(1720968926.530:6253): pid=20087 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 964.068670][T20098] ? __kasan_check_write+0x14/0x20 [ 964.068704][T20098] ? fput_many+0x160/0x1b0 [ 964.068726][T20098] ? ksys_write+0x260/0x2c0 [ 964.095692][T20098] __secure_computing+0xf0/0x300 [ 964.099389][ T30] audit: type=1400 audit(1720968926.610:6254): avc: denied { name_bind } for pid=20095 comm="syz.0.5237" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 964.100547][T20098] syscall_enter_from_user_mode+0xd5/0x1b0 [ 964.127715][T20098] do_syscall_64+0x1e/0xb0 [ 964.131965][T20098] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 964.137690][T20098] RIP: 0033:0x7fcb39776bd9 [ 964.141947][T20098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 964.144960][ T30] audit: type=1400 audit(1720968926.610:6255): avc: denied { node_bind } for pid=20095 comm="syz.0.5237" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 964.161652][T20098] RSP: 002b:00007fcb389f8048 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 964.161685][T20098] RAX: ffffffffffffffda RBX: 00007fcb39904f60 RCX: 00007fcb39776bd9 [ 964.161701][T20098] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000017 [ 964.161715][T20098] RBP: 00007fcb389f80a0 R08: 0000000000000001 R09: 0000000000000000 [ 964.161727][T20098] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001 [ 964.161741][T20098] R13: 000000000000000b R14: 00007fcb39904f60 R15: 00007ffc992eb1d8 [ 964.232504][T20098] [ 964.242518][T20088] FAULT_INJECTION: forcing a failure. [ 964.242518][T20088] name failslab, interval 1, probability 0, space 0, times 0 [ 964.269591][T20088] CPU: 1 PID: 20088 Comm: syz.4.5231 Tainted: G W 5.15.151-syzkaller-00415-gdb06c48ab67e #0 [ 964.281115][T20088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 964.284571][ T30] audit: type=1326 audit(1720968926.620:6256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20097 comm="syz.0.5239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb39776bd9 code=0x7ffc0000 [ 964.291093][T20088] Call Trace: [ 964.291103][T20088] [ 964.291112][T20088] dump_stack_lvl+0x151/0x1b7 [ 964.325140][T20088] ? io_uring_drop_tctx_refs+0x190/0x190 [ 964.330603][T20088] ? stack_trace_save+0x1c0/0x1c0 [ 964.335470][T20088] ? __kernel_text_address+0x9b/0x110 [ 964.339494][ T30] audit: type=1326 audit(1720968926.620:6257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20097 comm="syz.0.5239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcb39775610 code=0x7ffc0000 [ 964.340845][T20088] dump_stack+0x15/0x17 [ 964.368491][T20088] should_fail+0x3c6/0x510 [ 964.372732][T20088] __should_failslab+0xa4/0xe0 [ 964.377325][T20088] ? __d_alloc+0x2d/0x6c0 [ 964.381494][T20088] should_failslab+0x9/0x20 [ 964.385832][T20088] slab_pre_alloc_hook+0x37/0xd0 [ 964.390605][T20088] ? __d_alloc+0x2d/0x6c0 [ 964.394768][T20088] kmem_cache_alloc+0x44/0x200 [ 964.399370][T20088] __d_alloc+0x2d/0x6c0 [ 964.403361][T20088] ? stack_trace_save+0x1c0/0x1c0 [ 964.408224][T20088] d_alloc_parallel+0xe6/0x12e0 [ 964.412907][T20088] ? arch_stack_walk+0xf3/0x140 [ 964.417598][T20088] ? d_hash_and_lookup+0x1e0/0x1e0 [ 964.422537][T20088] ? memcpy+0x56/0x70 [ 964.426359][T20088] ? __down_common+0x550/0x550 [ 964.430958][T20088] ? __kasan_check_write+0x14/0x20 [ 964.435903][T20088] ? lockref_get_not_dead+0xc3/0x180 [ 964.441025][T20088] __lookup_slow+0x154/0x400 [ 964.445453][T20088] ? lookup_one_len+0x2c0/0x2c0 [ 964.450137][T20088] ? lookup_fast+0x306/0x7b0 [ 964.454574][T20088] ? handle_dots+0x1030/0x1030 [ 964.459167][T20088] ? selinux_inode_permission+0x43b/0x660 [ 964.464754][T20088] lookup_slow+0x5a/0x80 [ 964.469146][T20088] walk_component+0x48c/0x610 [ 964.473763][T20088] ? nd_alloc_stack+0xf0/0xf0 [ 964.478619][T20088] ? security_inode_permission+0xb0/0xf0 [ 964.484091][T20088] link_path_walk+0x642/0xd90 [ 964.488607][T20088] ? handle_lookup_down+0x130/0x130 [ 964.493660][T20088] path_openat+0x271/0x2f40 [ 964.497976][T20088] ? stack_trace_snprint+0xf0/0xf0 [ 964.502925][T20088] ? kmem_cache_free+0x116/0x2e0 [ 964.507708][T20088] ? __kasan_slab_alloc+0xb1/0xe0 [ 964.512555][T20088] ? slab_post_alloc_hook+0x53/0x2c0 [ 964.517677][T20088] ? kmem_cache_alloc+0xf5/0x200 [ 964.522450][T20088] ? getname_flags+0xba/0x520 [ 964.526975][T20088] ? __x64_sys_openat+0x243/0x290 [ 964.531824][T20088] ? do_filp_open+0x460/0x460 [ 964.536343][T20088] do_filp_open+0x21c/0x460 [ 964.540677][T20088] ? vfs_tmpfile+0x2c0/0x2c0 [ 964.545109][T20088] do_sys_openat2+0x13f/0x830 [ 964.549615][T20088] ? __kasan_check_write+0x14/0x20 [ 964.554658][T20088] ? mutex_unlock+0xb2/0x260 [ 964.559075][T20088] ? wait_for_completion_killable_timeout+0x10/0x10 [ 964.565498][T20088] ? do_sys_open+0x220/0x220 [ 964.569932][T20088] ? __kasan_check_write+0x14/0x20 [ 964.574871][T20088] ? fput_many+0x160/0x1b0 [ 964.579126][T20088] ? fput+0x1a/0x20 [ 964.582779][T20088] __x64_sys_openat+0x243/0x290 [ 964.587549][T20088] ? __ia32_sys_open+0x270/0x270 [ 964.592429][T20088] ? debug_smp_processor_id+0x17/0x20 [ 964.597635][T20088] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 964.603551][T20088] ? exit_to_user_mode_prepare+0x39/0xa0 [ 964.609005][T20088] do_syscall_64+0x3d/0xb0 [ 964.613254][T20088] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 964.618983][T20088] RIP: 0033:0x7f8eaa166bd9 [ 964.623236][T20088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 964.643005][T20088] RSP: 002b:00007f8ea93e8048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 964.651242][T20088] RAX: ffffffffffffffda RBX: 00007f8eaa2f4f60 RCX: 00007f8eaa166bd9 [ 964.659053][T20088] RDX: 0000000000000000 RSI: 0000000020000300 RDI: ffffffffffffff9c [ 964.666868][T20088] RBP: 00007f8ea93e80a0 R08: 0000000000000000 R09: 0000000000000000 [ 964.674763][T20088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 964.682593][T20088] R13: 000000000000000b R14: 00007f8eaa2f4f60 R15: 00007ffcf1301b68 [ 964.690391][T20088] [ 964.727891][T20100] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 964.738398][T20100] FAT-fs (loop3): Filesystem has been set read-only [ 964.745270][T20100] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 964.753952][T20100] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 964.762990][T20100] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 964.772319][T20100] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 964.781099][T20100] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 964.802190][T20100] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 964.821016][T20100] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 964.846632][T20106] loop0: detected capacity change from 0 to 2048 [ 964.852921][T20100] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 964.866537][T20100] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 964.875633][T20106] EXT4-fs (loop0): Ignoring removed bh option [ 964.881676][T20106] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option [ 964.894343][T20106] EXT4-fs (loop0): Ignoring removed nobh option [ 964.916634][T20106] EXT4-fs (loop0): mounted filesystem without journal. Opts: abort,bh,nomblk_io_submit,stripe=0x000000000004ffff,norecovery,minixdf,nobh,,errors=continue. Quota mode: none. [ 964.957806][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 964.965595][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 965.018291][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 965.037153][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 965.074934][ T321] bridge0: port 1(bridge_slave_0) entered blocking state [ 965.081840][ T321] bridge0: port 1(bridge_slave_0) entered forwarding state [ 965.108688][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 965.129336][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 965.149334][ T321] bridge0: port 2(bridge_slave_1) entered blocking state [ 965.156428][ T321] bridge0: port 2(bridge_slave_1) entered forwarding state [ 965.207432][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 965.225346][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 965.462146][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 965.528405][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 965.539949][T20073] device veth0_vlan entered promiscuous mode [ 965.558873][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 965.570882][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 965.585013][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 965.607994][T20073] device veth1_macvtap entered promiscuous mode [ 965.618646][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 965.645149][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 965.940738][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 965.949465][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 966.108029][ T320] device bridge_slave_1 left promiscuous mode [ 966.114137][ T320] bridge0: port 2(bridge_slave_1) entered disabled state [ 966.132259][ T320] device bridge_slave_0 left promiscuous mode [ 966.145954][ T320] bridge0: port 1(bridge_slave_0) entered disabled state [ 966.262371][ T320] device veth1_macvtap left promiscuous mode [ 966.889831][T20114] loop0: detected capacity change from 0 to 40427 [ 966.944696][ T320] device veth0_vlan left promiscuous mode [ 966.986417][T20135] loop3: detected capacity change from 0 to 512 [ 967.035287][T20135] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 967.050790][T20135] EXT4-fs (loop3): 1 orphan inode deleted [ 967.056570][T20135] EXT4-fs (loop3): 1 truncate cleaned up [ 967.061962][T20135] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,nodelalloc,debug_want_extra_isize=0x000000000000002e,inode_readahead_blks=0x0000000000010000,block_validity,quota,. Quota mode: writeback. [ 967.084481][T20135] EXT4-fs error (device loop3): ext4_search_dir:1548: inode #12: block 7: comm syz.3.5248: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=784, size=56 fake=0 [ 967.103216][T20135] EXT4-fs (loop3): Remounting filesystem read-only [ 967.270063][T20141] FAULT_INJECTION: forcing a failure. [ 967.270063][T20141] name failslab, interval 1, probability 0, space 0, times 0 [ 967.282514][T20141] CPU: 0 PID: 20141 Comm: syz.2.5249 Tainted: G W 5.15.151-syzkaller-00415-gdb06c48ab67e #0 [ 967.293785][T20141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 967.297829][T20114] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20114 comm=syz.0.5244 [ 967.304030][T20141] Call Trace: [ 967.304044][T20141] [ 967.322334][T20141] dump_stack_lvl+0x151/0x1b7 [ 967.326942][T20141] ? io_uring_drop_tctx_refs+0x190/0x190 [ 967.332405][T20141] dump_stack+0x15/0x17 [ 967.336523][T20141] should_fail+0x3c6/0x510 [ 967.340787][T20141] __should_failslab+0xa4/0xe0 [ 967.345377][T20141] ? radix_tree_node_alloc+0x198/0x3c0 [ 967.351086][T20141] should_failslab+0x9/0x20 [ 967.355372][T20141] slab_pre_alloc_hook+0x37/0xd0 [ 967.360153][T20141] ? radix_tree_node_alloc+0x198/0x3c0 [ 967.365440][T20141] kmem_cache_alloc+0x44/0x200 [ 967.370042][T20141] radix_tree_node_alloc+0x198/0x3c0 [ 967.375165][T20141] idr_get_free+0x2b6/0xa90 [ 967.379504][T20141] idr_alloc+0x1a0/0x2f0 [ 967.383582][T20141] ? idr_alloc_u32+0x320/0x320 [ 967.388181][T20141] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 967.393303][T20141] ? debug_smp_processor_id+0x17/0x20 [ 967.398593][T20141] ? __radix_tree_preload+0x351/0x3d0 [ 967.403806][T20141] p9_client_prepare_req+0x5b9/0xb20 [ 967.409017][T20141] p9_client_rpc+0x159/0x13a0 [ 967.412224][T20117] loop4: detected capacity change from 0 to 131072 [ 967.413517][T20141] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 967.425502][T20141] ? add_wait_queue+0x189/0x1c0 [ 967.430185][T20141] ? p9_fid_create+0x280/0x280 [ 967.434782][T20141] ? pipe_poll+0x368/0x4d0 [ 967.439038][T20141] ? pipe_write+0x1930/0x1930 [ 967.443549][T20141] ? __kasan_check_write+0x14/0x20 [ 967.448498][T20141] ? p9_conn_create+0x4d0/0x560 [ 967.453183][T20141] ? p9_fd_create+0x3d5/0x510 [ 967.457802][T20141] ? p9_fd_create_unix+0x430/0x430 [ 967.462919][T20141] ? p9_client_create+0x737/0x1130 [ 967.467860][T20141] ? kfree+0xc8/0x220 [ 967.471680][T20141] p9_client_create+0x9be/0x1130 [ 967.476457][T20141] ? p9_parse_header+0x6c0/0x6c0 [ 967.481231][T20141] ? __kasan_kmalloc+0x9/0x10 [ 967.485737][T20141] ? kstrdup+0x4f/0x70 [ 967.489646][T20141] ? __kasan_check_write+0x14/0x20 [ 967.494592][T20141] v9fs_session_init+0x1fa/0x19b0 [ 967.499462][T20141] ? v9fs_show_options+0x570/0x570 [ 967.504407][T20141] ? __kasan_kmalloc+0x9/0x10 [ 967.508997][T20141] ? v9fs_mount+0x5f/0x7f0 [ 967.513254][T20141] v9fs_mount+0x75/0x7f0 [ 967.517335][T20141] legacy_get_tree+0xf1/0x190 [ 967.521849][T20141] ? incfs_get_verity_signature+0x420/0x420 [ 967.527582][T20141] vfs_get_tree+0x88/0x290 [ 967.531827][T20141] do_new_mount+0x2ba/0xb30 [ 967.536599][T20141] ? do_move_mount_old+0x160/0x160 [ 967.541556][T20141] ? security_capable+0x87/0xb0 [ 967.546242][T20141] ? ns_capable+0x89/0xe0 [ 967.550400][T20141] path_mount+0x671/0x1070 [ 967.554660][T20141] __se_sys_mount+0x2c4/0x3b0 [ 967.559185][T20141] ? fput+0x1a/0x20 [ 967.562811][T20141] ? __x64_sys_mount+0xd0/0xd0 [ 967.567413][T20141] ? debug_smp_processor_id+0x17/0x20 [ 967.572617][T20141] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 967.578519][T20141] __x64_sys_mount+0xbf/0xd0 [ 967.582947][T20141] do_syscall_64+0x3d/0xb0 [ 967.587302][T20141] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 967.593014][T20141] RIP: 0033:0x7fc36dde3bd9 [ 967.597270][T20141] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 967.616709][T20141] RSP: 002b:00007fc36d065048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 967.624953][T20141] RAX: ffffffffffffffda RBX: 00007fc36df71f60 RCX: 00007fc36dde3bd9 [ 967.632764][T20141] RDX: 0000000020000140 RSI: 0000000020000400 RDI: 0000000000000000 [ 967.640787][T20141] RBP: 00007fc36d0650a0 R08: 0000000020000d00 R09: 0000000000000000 [ 967.648595][T20141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 967.656407][T20141] R13: 000000000000000b R14: 00007fc36df71f60 R15: 00007ffd05cf97f8 [ 967.664226][T20141] [ 967.667665][ T2175] usb 2-1: new high-speed USB device number 67 using dummy_hcd [ 968.050229][T20155] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 968.074716][ T2175] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 968.086061][ T2175] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1b3e, bcdDevice= 0.00 [ 968.095160][ T2175] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 968.104406][ T2175] usb 2-1: config 0 descriptor?? [ 968.110917][T12644] usb 1-1: new high-speed USB device number 65 using dummy_hcd [ 968.204164][T20157] loop4: detected capacity change from 0 to 256 [ 968.281835][T20157] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 968.290909][T20157] FAT-fs (loop4): Filesystem has been set read-only [ 968.297874][T20157] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 968.306536][T20157] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 968.315352][T20157] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 968.324128][T20157] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 968.332971][T20157] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 968.341663][T20157] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 968.350840][T20157] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 968.359644][T20157] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 968.368389][T20157] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 968.379053][T20157] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 968.387681][T20157] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 968.474869][T12644] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 968.486585][T12644] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 968.496223][T12644] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 968.505060][T12644] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 968.536211][T12644] usb 1-1: config 0 descriptor?? [ 968.577087][ T2175] hid-generic 0003:1B1C:1B3E.004A: hidraw0: USB HID v0.00 Device [HID 1b1c:1b3e] on usb-dummy_hcd.1-1/input0 [ 969.874967][ T30] kauditd_printk_skb: 90 callbacks suppressed [ 970.305343][ T30] audit: type=1400 audit(1720968932.340:6346): avc: denied { read write } for pid=20167 comm="syz.3.5259" name="fuse" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 970.432489][ T30] audit: type=1400 audit(1720968932.340:6347): avc: denied { open } for pid=20167 comm="syz.3.5259" path="/dev/fuse" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 970.457255][ T30] audit: type=1400 audit(1720968932.690:6348): avc: denied { name_bind } for pid=20167 comm="syz.3.5259" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 970.696367][T12644] hid (null): bogus close delimiter [ 970.753634][ T30] audit: type=1400 audit(1720968933.540:6349): avc: denied { create } for pid=20178 comm="syz.3.5261" dev="anon_inodefs" ino=137035 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 970.914658][T12644] usb 1-1: language id specifier not provided by device, defaulting to English [ 970.991065][ T30] audit: type=1400 audit(1720968933.570:6350): avc: denied { ioctl } for pid=20178 comm="syz.3.5261" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=137035 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 971.059539][T12646] usb 2-1: USB disconnect, device number 67 [ 971.084792][ T2175] usb 5-1: new high-speed USB device number 67 using dummy_hcd [ 971.116255][ T30] audit: type=1326 audit(1720968933.910:6351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20196 comm="syz.1.5266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6817905bd9 code=0x7ffc0000 [ 971.144236][T20197] loop1: detected capacity change from 0 to 256 [ 971.151992][ T30] audit: type=1326 audit(1720968933.930:6352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20196 comm="syz.1.5266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6817905bd9 code=0x7ffc0000 [ 971.175775][ T30] audit: type=1326 audit(1720968933.930:6353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20196 comm="syz.1.5266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f6817905bd9 code=0x7ffc0000 [ 971.207947][ T30] audit: type=1326 audit(1720968933.930:6354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20196 comm="syz.1.5266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6817905bd9 code=0x7ffc0000 [ 971.232815][ T30] audit: type=1326 audit(1720968933.930:6355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20196 comm="syz.1.5266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6817905bd9 code=0x7ffc0000 [ 971.292270][T20197] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 971.311151][T20197] FAT-fs (loop1): Filesystem has been set read-only [ 971.329154][T20197] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 971.338318][T20197] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 971.347201][T20197] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 971.357602][T12644] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.004B/input/input41 [ 971.371023][T20197] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 971.381775][T12644] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.004B/input/input42 [ 971.390590][T20197] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 971.402756][T20197] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 971.409650][T12644] uclogic 0003:256C:006D.004B: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.0-1/input0 [ 971.415492][T20197] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 971.433077][ T2175] usb 5-1: Using ep0 maxpacket: 32 [ 971.433235][T20197] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 971.447004][T20197] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 971.477599][T20197] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 971.487780][T20197] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 971.544922][T20203] device wg2 entered promiscuous mode [ 971.951896][T20207] loop4: detected capacity change from 0 to 512 [ 971.962170][T12646] usb 1-1: USB disconnect, device number 65 [ 972.014622][ T2175] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 972.022205][ T2175] usb 5-1: can't read configurations, error -71 [ 972.080708][T20207] EXT4-fs (loop4): mounted filesystem without journal. Opts: user_xattr,,errors=continue. Quota mode: writeback. [ 972.094470][T20207] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038 (0x7fffffff) [ 972.550960][T20231] SELinux: Context Ü is not valid (left unmapped). [ 972.561355][T20231] loop0: detected capacity change from 0 to 512 [ 972.710815][T20231] EXT4-fs (loop0): orphan cleanup on readonly fs [ 972.735975][T20231] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.5277: bg 0: block 248: padding at end of block bitmap is not set [ 972.751344][T20231] EXT4-fs (loop0): 1 truncate cleaned up [ 972.764336][T20231] EXT4-fs (loop0): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,noload,,errors=continue. Quota mode: writeback. [ 973.066285][T20225] syz.3.5275[20225] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 973.066373][T20225] syz.3.5275[20225] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 973.109591][T20259] loop1: detected capacity change from 0 to 512 [ 973.138105][T20259] EXT4-fs (loop1): Invalid want_extra_isize 511 [ 973.178568][T20261] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5288'. [ 973.235691][T20257] loop1: detected capacity change from 0 to 1024 SYZFAIL: bad allocate request allocated=0 size=1266725846/1266725848 (errno 11: Resource temporarily unavailable) [ 973.384327][T20261] loop3: detected capacity change from 0 to 512 [ 973.464902][ T321] usb 1-1: new high-speed USB device number 66 using dummy_hcd [ 973.477259][T20261] EXT4-fs (loop3): Unrecognized mount option "fowner<00000000000000000000" or missing value [ 974.275569][ T426] device bridge_slave_1 left promiscuous mode [ 974.281584][ T426] bridge0: port 2(bridge_slave_1) entered disabled state [ 974.289199][ T426] device bridge_slave_0 left promiscuous mode [ 974.295269][ T426] bridge0: port 1(bridge_slave_0) entered disabled state [ 974.303332][ T426] device veth1_macvtap left promiscuous mode [ 974.309215][ T426] device veth0_vlan left promiscuous mode [ 975.835955][ T426] device bridge_slave_1 left promiscuous mode [ 975.841920][ T426] bridge0: port 2(bridge_slave_1) entered disabled state [ 975.849404][ T426] device bridge_slave_0 left promiscuous mode [ 975.855453][ T426] bridge0: port 1(bridge_slave_0) entered disabled state [ 975.863380][ T426] device bridge_slave_1 left promiscuous mode [ 975.869401][ T426] bridge0: port 2(bridge_slave_1) entered disabled state [ 975.876935][ T426] device bridge_slave_0 left promiscuous mode [ 975.882868][ T426] bridge0: port 1(bridge_slave_0) entered disabled state [ 975.890914][ T426] device bridge_slave_1 left promiscuous mode [ 975.896934][ T426] bridge0: port 2(bridge_slave_1) entered disabled state [ 975.904396][ T426] device bridge_slave_0 left promiscuous mode [ 975.910460][ T426] bridge0: port 1(bridge_slave_0) entered disabled state [ 975.918348][ T426] device bridge_slave_1 left promiscuous mode [ 975.924275][ T426] bridge0: port 2(bridge_slave_1) entered disabled state [ 975.931782][ T426] device bridge_slave_0 left promiscuous mode [ 975.937841][ T426] bridge0: port 1(bridge_slave_0) entered disabled state [ 975.946432][ T426] device veth1_macvtap left promiscuous mode [ 975.952250][ T426] device veth0_vlan left promiscuous mode [ 975.958135][ T426] device veth1_macvtap left promiscuous mode [ 975.963949][ T426] device veth0_vlan left promiscuous mode [ 975.969861][ T426] device veth1_macvtap left promiscuous mode [ 975.975807][ T426] device veth0_vlan left promiscuous mode [ 975.981916][ T426] device veth1_macvtap left promiscuous mode [ 975.987953][ T426] device veth0_vlan left promiscuous mode