last executing test programs:

10.203004196s ago: executing program 3:
keyctl$restrict_keyring(0x3, 0xfffffffffffffffb, 0x0, 0x0)
request_key(&(0x7f0000000200)='asymmetric\x00', &(0x7f0000000240)={'syz', 0x0}, &(0x7f0000000280)='!-/\x00', 0x0)

10.134269626s ago: executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x7, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000480)=@newqdisc={0x24, 0x1a, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xfff1}}}, 0x24}}, 0x0)

9.055129581s ago: executing program 3:
mkdirat(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ff007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_usb_connect(0x0, 0xdb8, &(0x7f0000000c00)=ANY=[@ANYBLOB="1201500290cd0c1008160c000920010203010902a60d03de0480050904e3080e56a93203"], &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})

8.429359877s ago: executing program 3:
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48)
r0 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
gettid()
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)={0x20000014})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r5 = dup(r4)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000280)={0xbe, 0x0, 0x1})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000008"])
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000000)={0xa0000001})
ppoll(&(0x7f0000000040)=[{r3, 0x1}], 0x1, 0x0, 0x0, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)

4.226932982s ago: executing program 2:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000202070250000000000202d437b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000008c0)='sys_enter\x00', r0}, 0x10)
nanosleep(0x0, 0x0)

4.096719442s ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)

3.993418728s ago: executing program 0:
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$udambuf(0xffffffffffffff9c, 0x0, 0x2)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$hfsplus(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', 0xa00010, &(0x7f0000000700)=ANY=[@ANYBLOB='nodecompose,decompose,nobfrrier,gid=', @ANYRESHEX=0xee01, @ANYBLOB="2c6e6c733d69736f383835392d310000000072726965722c00bcd0f0b5c4e2957974ff5d7ea3c3dcee087e4983684e8a4c4e4e87b134e30ce77162b12885b964b3506ff3eae0f3599447b17861d19be78079e5dd7bdc7f1eb36e31ac14de48349767164f5f6431bbdeaef96a4f2bce64b5cfa76ce3a2c4302374bc5535d7e2eb8dfb2e5d58a37b7e37836597c21f51bcdf6df4cad825cfd9ef5ee9e89e04b15cd3cea9e152d67b9a7eedc5dfe6d85a3ce7c342da8cc969b552197cb8bcc4a1009f38f4a85b7c742101ba5bc03115feca2b994c699812"], 0x6, 0x635, &(0x7f0000000c80)="$eJzs3c1rHOcdB/DvrFZryQVHSezELYGKGNJSUVsvKK16iVtK0SGUkB56FrYcC6+VIClFCaWo79BTD/kD0oNuPRV6N6Tn9parjoFCLznppjKzs9LaWil6s1ZqPx/z7PM888w888xvZ2Zndi0mwP+t+Yk0n6TI/MTb62V9a3OmvbU5c6Vubicpy42k2clSLCfFZ8nddFK+Xk6s5y8OWs8nS3Pvfv7l1hedWrNO1fyNw5Y7mo06ZTzJUJ0/o/Wn4/Q33CmU/dzr398xFLtbWAbsVjdwMGg7+2wcZ/FTHrfARVB0Pjf3GUuuJhmprwNSnx0a5zu6s3essxwAAABcUi9sZzvruTbocQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBlUj//v6hTo1seT9F9/n+rnpa6fKk9GfQAAAAAAAAAAOAMfHM721nPtW59p6h+83+9qlyvXr+WD7OaxazkdtazkLWsZSVTScZ6OmqtL6ytrUwdYcnpvktOn8/2AgAAAAAAAMD/qN9kfu/3fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGKShOi86xaJO17vlsTSaSUaStMr5NpJ/dcuXRNFv4pPzHwcAAACcysgJlnlhO9tZz7Vufaeo7vlfqe6XR/JhlrOWpaylncXcr++hy7v+xtbmTHtrc+Zxmfb3+8P/HGsYVY+7X0P0W/PNao7RPMhSNeV27lWDuZ9GtWTpZnc8/cf163JMxVu1I47sfp2XK/vzQd8iDMRYFZHh3YhM1mMro/Hi4ZH4yneneeiaptLY/ebn+nOI+dU6L7fnDxcz5o1UkZju2fteOTwSybf+/tefP2wvP3r4YHXi4mzSCT27T8z0ROLVSx2J5jHnn6wicWO3Pp+f5GeZyHjeyUqW8ossZC2L2anbF+r9uXwdOzxSd5+qvfNVI2nV70vnLHqUMY3nx1VpIa9Xy17LUoq8n/tZzJvVv+lM5XuZzWzmet7hGweOu9q26qhvHO+ov/XtujCa5I91Pmidj9Qyri/2xLX3nDtWtfVO2YvSS2d/bmx+oy6U6/htnV8Mz0ZiqicSLx8eib9Ux8Zqe/nRysOFDw7of+OZ+ht1Xu5xv79QnxLl/vJSRuozydN7R9n28u5Z5ul4tepfXDptjX1tN6q2ougeqT898Eht1ddw+3uartpe7ds2U7Xd7Gl76nor76e9ez0EwAV29TtXW6P/Hv3n6Kejvxt9OPr2yI+ufP/Ka60M/2P4B83JoTcarxV/y6f51d79PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHKrH338aKHdXlzpX2gc3HS2haJ+kM95rEth0IXuQwRP3eHdC7E5l7owlKRfU/0WneThosClcGft8Qd3Vj/6+LtLjxfeW3xvcXl4dnZucm72zZk7D5bai5Od10GPEnge9j70+7cXF+oBmwAAAAAAAAAAAECO9vc2O/X//zvxXxoMehsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAy21+Is0nKTI1eXuyrG9tzrTL1C3vzdlM0mgkxS+T4rPkbjopYz3dFW8dsJ5Plube/fzLrS/2+mpW85ed1vkpbNQp40mG6vys+rt36v6K3S0sA3arGzgYtP8GAAD//+IHAOM=")
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
getdents64(r0, &(0x7f0000002f40)=""/4098, 0x1002)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpu.stat\x00', 0x275a, 0x0)
openat$cgroup_type(r4, &(0x7f0000000040), 0x2, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000000, 0x10, r4, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800, &(0x7f0000000040)=ANY=[], 0x1, 0x66e, &(0x7f0000000cc0)="$eJzs3c1vHGcdB/DvrDd2Ni2p2yZtQJVqNRIgLBK/yAVzISCEfKhQVQ6crcRprGzSYrvIrRB1eL320D+gHHxBnJC4RyocuMCtN+RjJSQuvWBOi3Z2dr1Zv2TdNl6nfD7R7PPM88w883t+szP7YkUb4P/W0nTq91NkafqVzfb6zvZ8c2d7/k63nmQiyVZST1JLUvyn1Wp9mFxLit4wxUC5z/uri6999MnOx521erWU29eO2m9Atd3WQPNWt20qyVhVfgYPjHf9M49X9CK/luRyVcLInUnSesBP//Zkr6dP46C9z55IjMCjVXReN1O9HvdMJueqC739PqD7yls7+QiHMzHkdoPvIAAAAOBxM8xn4Kd2s5vN4vwJhAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfCFt7v/9fVEutW59K0f39//GqLVX9dHnxeJvff1RxAAAAAAAAAMAJenE3u9nM+e56qyj/5v9SuXKhfHwib2U9K1nLlWxmORvZyFpmk0z2DTS+ubyxsTY7xJ5zB+4595BAJ6qy8fnMGwAAAAAAAAC+YH6Zpb2//wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGlQJGOdIsW9vubJ1OpJziYZbzdsJf/o1h9n90cdAAAAAJyAp3azm82c7663ilxI8lz5HcDZvJW72chqNtLMSm6U3wt0PvXXdrbnmzvb83fay/5xv/fvY4VRjpjOdw8HH/lSuUUjN7NatlzJ9byRZm6kVu7ZdqmKpzvqQFz32jEV360MGdmNqmzP/L2q3OfdY032MMf8MmWyzMiZXkZmqtja2Xi6e2YOPkPHPDuDR5pNrRfshYEjDUziU+X8XFW25/Pbw3I+EoOZmOt79j13dM6Tr/35jz+ZqeqnZ0rDGavKVvnY2J+J+b5MPD9MJm41796+dXN9+nHLxD4zZSYu9taX8sP8ONOZyqtZy2p+luVsZCVT+UFZW65OftF3yR+SqWsPrL36sEjGq2do52QdL6aXyn3PZzU/yhu5kZW8XP6by2y+lYUsZLHvDF88+gyXV33tkKu+9aUDg7/89arSSPK7qjzQoR2PSjuvT/fltf+eO1n29bfsZemZIbJ0zHtj/StVpX2MX1Xl6TCYidm+TDx7dCZ+X95W1pt3b6/dWn5zuMM9815VaV9HvzlVt9T28+WZ9skq1x58drT7nj2wb7bsu9Drq+3ru9jr61ypW4deqePVe7j9I82Vfc8f2Ddf9l3q6zvo/RYAp965b5wbb/yr8ffGB41fN241Xjn7/YlvT7wwnjN/OfOd+szYV2svFH/KB/nF3ud/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg01t/+53by83mytpApdVqvXtI10lX6g8JdV8lU/98or1Dt6WVXlf358xOcBZffjIZeQ5HXvlvq9WqWopDtvnDX09NolqVU5G6EVVGd08CTsbVjTtvXl1/+51vrt5Zfn3l9ZW7iwsLizOLCy/PX7252lyZ6TyOOkrgUdh70R91JAAAAAAAAAAAAMCwTuK/E4x6jgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDjbWk69fspMjtzZaa9vrM932wv3frelvUktSTFz5Piw+RaOksm+4YrDjvO+6uLr330yc7He2PVu9vXjtpvOFvVkqkkY53y3uc13vWqPFJx1BSK3gzbCbvcTRyM2v8CAAD///IHB5c=")
open(&(0x7f0000000180)='./bus\x00', 0x4a37e, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6}]})
syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x14113e, 0x0)
unlink(&(0x7f0000000300)='./bus\x00')
write$char_usb(r5, &(0x7f00000002c0)="9f", 0x1)

3.984319889s ago: executing program 2:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$sock(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000002080)="8cdbfc912b2f5015cd4201ad9746ee95213affe23f8c35e5170be0abd5b03507e79012189e1e64b37f4ad974f59fc51fa1f54dbbe9965a2263f8f27e9eb7c8f3da6b8a2ceaaf2e4d39ce3ac31c9fd63f148369fdf5ab93ba0d574effb74d9045ef022dc492d3f44d5dea22c7b841fcc04eb1c49289f206be0479e83bc738a0c0b4af8078e4196fc461319ad63eb307ce25e4478809f34c4d4260eb8dd2de61ea8ec9b3b1492a881c74ca76df5cfb77002aa143f9eed0d0522867d652a3d8550aabeae3d042976bbc2880b947e381f251002b954397afa87388aac2fc96f97a64ab4ff907ae1529ef438006380d08fa0bb3467af1fb531998277792cdf3074d910a636d341e5d398b46e771cfef2599b8639f8e59ab3d5836457eff22ff2c65569eaa99e255c40f18b952f20d020e7d687bc41142b2a31e82cb45a7e0988dc1b6f261944fd46ca54c067f4ad6d9fcaa2e336148d28e22c5f23714c7a66a18faa639baa7eaffed706242859815cda57d2b4b09", 0x172}], 0x1}, 0x0)
sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x7, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})

3.810675075s ago: executing program 2:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x83000000}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='block_plug\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0x43400)

3.605905677s ago: executing program 2:
r0 = syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x10, &(0x7f00000014c0), 0x1, 0x793, &(0x7f0000001700)="$eJzs3c1rXFUbAPDnTpKmb9r3TV4QbF0FBA2UTkyNrYKLigsRLBR0bTtMpqFmkimZSWlCoBYR3AhaXAi66dqPunPrx1b/Bd2ISEvVtFhxISN3PjqTZiadtvloze8Htz3n3jM595l77zln5h7mBrBjjab/ZCL2R8R7ScRwY30SEQO1VH/E0Xq5myvL+XRJolp99bekVubGynI+2l6T2tPI7IuIb96OOJBZW295cWkmVywW5hv58crsmfHy4tLB07O56cJ0Ye7wxOTkoSPPHBncuFj/+H5p79X3X3ry86N/vfXo5Xe/TeJo7G1sa49jo4zGaOM9GUjfwlVe3OjKtlmy3TvAPUkvzb76VR77Yzj6aqne9F4SAHiQnI+IKgCwwyT6fwDYYZrfA9xYWc6nS/X89n4fsdWuvRARu+vxN+9v1rf0N+7Z7a7dBx26kay635FExMgG1D8aER9/+fqn6RKbdB8SoJM3L0TEyZHRZvvfan+SNXMW6nqfkPFUD2VGb8tr/2DrfJWOf55tjf9a11/m1vgnOox/Bjtcu/diNGJXe37t9Z+5sgHVdJWO/54faM1tu9kWf8NIXyP339qYbyA5dbpYSNu2/0XEWAwMpvmJdeoYu/739VUr+lrJ9vHf7xff+CStP/2/VSJzpf+2JncqV8ndb9xN1y5EPNbfKf7k1vFPuox/j/dYx8vPvfNRt21p/Gm8zWV1/Js/q6x6KeKJ6Bx/U7Le/MTD47XTYbx5UnTwxU8fDnWrv/34p0taf/OzwFZIj//Q+vGPJO3zNct3X8d3l4a/7rbtzvF3Pv93Ja/V0s3G41yuUpmfiNiVvLJ2/aHWa5v5Zvk0/rHHO1//653/6WfCkz3G33/118/uPf7NlcY/dVfH/+4Tl2/O9HWrv7fjP1lLjTXW9NL+9bqD9/PeAQAAAAAAAAAAAAAAAAAAAAAAAECvMhGxN5JM9lY6k8lm68/wfiSGMsVSuXLgVGlhbipqz8oeiYFM86cuh9t+D3Wi8Xv4zfyh2/JPR8T/I+KDwf/U8tl8qTi13cEDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMOeLs//T/0yuN17BwBsmt13LHG9sCU7AgBsmTv3/wDAv43+HwB2Hv0/AOw8+n8A2Hn0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGyy48eOpUv1z5XlfJqfOru4MFM6e3CqUJ7Jzi7ks/nS/JnsdKk0XSxk86XZtpf+0OnvFUulM5Mxt3BuvFIoV8bLi0snZksLc5UTp2dz04UThYEtiwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeldeXJrJFYuFeYmHJVEdrh+6B2V/Nj/x88Ef961X5qLTeOMT290yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwc/gkAAP//skMoxA==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = open(&(0x7f0000007fc0)='./bus\x00', 0x60142, 0x0)
r6 = open(&(0x7f0000000380)='./file1\x00', 0x42042, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000004000000000000000000850000002300000095"], &(0x7f0000000180)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143}, 0x80)
write$binfmt_script(r3, &(0x7f0000000000)={'#! ', './file1', [{0x20, '#/'}, {0x20, '&&-(\'[&'}, {0x20, 'ext4\x00'}, {0x20, '\'+{.,@!{$]$(/&\'--{-:--+]\\+\xf3$/W!@[+-]-!.'}], 0xa, "5390855290da0d17c376df8ee155a95399664ccd161b"}, 0x5a)
r7 = socket(0x10, 0x80002, 0x4)
sendmmsg$unix(r4, &(0x7f00000011c0)=[{{0x0, 0x0, &(0x7f0000000c80)=[{&(0x7f0000000940)}, {0x0}, {&(0x7f0000000a80)="0318c0b1e8091814c001c94da73a3915f701032dedd88f071286b4f7b15181cd1bf8b6e4065fe5c4d4b5bb2cd045d051cd840c18cc1a48618bb0957c408aa59b4a7dd982e7914015cc6aa0", 0x4b}, {&(0x7f0000000b00)="6455089ab9075e64c4bedb2b941533bc71ec4be38eeb5e2e6c9ecdda0c6ed7bd4706c3fb85575d0034077bb770e214219d50542e7e671050c17a8022b175ce074558fe4e94f15f588cb4a56928bae137f84d9f7f993e8d1456ed86b60133edc2903c9f6bdf9a3620f7577841abe2e06fef85eb3ee0091a527f0977e3ba534f7fa31caf7465d30df85587b36f219c23d089bbff7e259bffa1157b2393f0", 0x9d}], 0x4, &(0x7f0000000800)=ANY=[@ANYBLOB="28000000000000000100000001000000b5376e51ab324160b1445009bfc3f82936bb8364a6e2f1156c4edfa76c8fd8a62c975d37d61c58094e0f4f8a9c48d4e621360d15ca9ab3e8ffa4ab41ed51e8cda603426f09bdeed81216d158e19abc17785c9854077c81c9", @ANYRESHEX=r5, @ANYRES32=r6, @ANYRES32=r5, @ANYRES32, @ANYBLOB="18000000000000000100000001000000", @ANYRES8, @ANYRES32=r0, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES8, @ANYRESHEX, @ANYRES32, @ANYRES32, @ANYRES32=r0, @ANYRES32=r7], 0xa8, 0x40040}}], 0x1, 0x4000)

3.442999992s ago: executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r0}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6}]})

3.277545307s ago: executing program 1:
close(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0)
r3 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001f40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002940)=ANY=[@ANYBLOB="18000000f5a136bcccf2e62f469953fc0000000200000083eeb54e40ca014c52cffe81f510044960d14340cb581c7da931b676e3f2dd184986a1ece5b075b241497ce04d25a5feb4d60900b1e6dfadb79bc3afc267b4d5c0ab12dba33f0f70f02a366b724176530a946db272752df15f156dce4a1c203695bb79fc09fe2485bdbd5cbc34d45ce1f53c6ac3c316b8518aad98edbadf4194db4d9fe7fa0af4cff44f7965e992cd8790292d9b23767fb97a34926ecc4bd1a2b84f0af8ce1ff8de51298bfe70d23974af43cb6e7bdca7105833a4914ac6b115b44f159e5028d9bdbed2afe62523f061808463f8287c994639fdc7693ddc836e0541aa9bbc7bdcc8077e1615637dcc0500df3f33cb2336b0851928eaa7b760fcf6aef1c7a5c75dd983781c5b7d095755c5e2be8d9b0ae9b1d3e5486b7985b34423ee75a370a2cfe3fc3e50ab40e0454698f7386fd97dd886b0fc7125ca3d48060b", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB="180000000100000002000000", @ANYRES32, @ANYRES32, @ANYRESOCT, @ANYRESOCT, @ANYRES32, @ANYBLOB="180000000100000802000000", @ANYBLOB="f06a1e5fc4fc1e6982455f73956d89f6689ddf9cc476b241558d5de60327a5be9829b4cfc6546270599254b0ccc5b3389d7df88db571945eaecce163654687ac9606bd2d99a92844fe11c0b6914bb3d777d308ba4d3ea773742b34d1834dbc4e4351cedaa735e8f3b39d781e406c43fd6d3ca6102d09f06f820384a2eea4b91252b9a0090a4b98a09cecabb838fb120be04cd13ad32e760d84e31c472675dcfad56a7369a4ee4d3a6ef8db2705120006b58a66702f6e6fd02ec0dc6061f896f1ccc2b926ca3866d554473a86d1f4512325443c", @ANYRES32=0x0, @ANYBLOB="180000000100003bb25e5d8f", @ANYRES32, @ANYRES32, @ANYRESHEX, @ANYBLOB="1c3b2a634b00000001000000ea80a43a9c5c67dc83134f1825e5e2da7eb6f994259850cddef4a1b87cd9fe729faf6555a6929e48a9467b4f4fbd2f75a309f4cb60313487820ec3701b5267626b1ba374458da4e578568b1a9140d4437a13438353124a3e94c808dd43969824c3ccfaedf7667aeed8356ad3c0e5653a838cc87a60fe8dc794a30e4d5578dd6299205351798efa566a44f83ddf0b35d075e2e0c834395d98a1fae916", @ANYRES32, @ANYRES32, @ANYBLOB="3a0000000e6f90759522fd4c5ba72d310000ffff08000000a8cedb1e0f13829bf3daeda343d3cd42332488016d851538b1520a458e6fc7658fabee81be04fa6c3208ad1b52e7b7946e99faa97d0a1164d865138e2c02bf69fea4f14eb363b241c0a1b1b48e4a2fa21c062e5ad3c79fc218698c6e8c6162acd1ec07a6bd8c1f33b79aee16ec19d9710e894febeb3efd7e1c0f09004309ac73075c9cc84945a7ba9905009af2bcff26", @ANYRESHEX, @ANYRES32=0x0, @ANYRES32], 0x10c, 0x4000000}, 0x84)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000005300)={&(0x7f0000000000)=@proc={0x10, 0x0, 0x25dfdbff, 0x4000000}, 0xc, &(0x7f0000005140)=[{&(0x7f0000000040)={0x14, 0x30, 0x200, 0x0, 0x25dfdbfc, "", [@typed={0x4, 0x1b, 0x0, 0x0, @binary}]}, 0x14}, {&(0x7f00000070c0)={0x1200, 0x1f, 0x800, 0x70bd2c, 0x0, "", [@generic='x\x00+n', @typed={0x7, 0x2c, 0x0, 0x0, @str='.\f\x00'}, @typed={0x8, 0x2c, 0x0, 0x0, @pid=r0}, @typed={0x4, 0x7f, 0x0, 0x0, @binary}, @typed={0x8, 0x0, 0x0, 0x0, @ipv4=@broadcast}, @typed={0x14, 0x4e, 0x0, 0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @nested={0x4, 0x7d}, @nested={0x10dd, 0xa, 0x0, 0x1, [@generic="1d4e90ec1c3cfcd85565506a6c0e8549320c6363bb", @typed={0x8, 0x19, 0x0, 0x0, @ipv4=@remote}, @typed={0x8, 0x82, 0x0, 0x0, @uid}, @generic="02fdbfc6827422bba40c1891924d0cd0da2faeb3479468f9b330f8ccb6fd5e82bab96c4d097f6e05f8dce6f7e13677f2adca79e438c254a1581908f02f495de257f28a13804890478e31eb80eb17aaf2e53bf0ca4d2181eb12361a7c61218f9ca5343ba6224fb0e966853b4b546d9c2984332bbd0deb459b3eba98bd3e9b82f35c11a440fb1c5f6803ca5d9f2a09c2f85afc4d9308da7addf3fbb42ac80b2a385d9fd2a157f4219cb6477c2d843c9475493ea780691fe3723215eaf6b6646f2b2d47dec2b7f2788a68cbd8b1a3b0e0014653ce8d8e3554c5c0a8db147b94b847251fa8d5ac97a04950a8de0bc7098fa07f5b6248bcd7bffbfe5955867eca75994ddcb24bae2c4a9318c79c6038c731f40f948a9e5425d427848e81e7bc357b140ea71cc3711e4a7ff61a0bb03ed122f1456c1db7a06f9dfc862c41dcb29897514bc42a1481551504a54e350dcf7bbf11e9060a67fc190cac0b7511039570ad44a33474924a5e5a90786dbf90a13685132a5d9e165d094b999a22dfe9d8afc688604daacfd4629306dc550417bf663e353d994bef3ab73982647dfcc56812aee59ab036e3d0ffe214d16c9f40dfd79258c1c992e2621128fa1833cee2d4a74906f0ce6b3d59ca3ce383b17d824e77597603374044fc2c6d2d64da8a165335bb9dc1f686f4bca634ff8c22b49f646ada6b0b673572af72db6623dbce7dbe5d4c68429579b1d8a8f3fbf8d7afbad6e937841f960fbeaf11e8d2f23b315a2c8f1877602f0266e940b34dfa2efcb5b7b96defac17b34a373d5b4d8c983fd22b373938c81c66548251d652fc71df25f1cd195946e1ed710044a07de0764370174390c20ea8cd8ddb1ed5b0b82307a450a241887452e8bc27b3570dc07139758effb940cd96aaa895cc0f4476811ac12050a27352da31e2922904ec20e54634601c499527c8accb37caffc8b34ffde7dc120493208b7b830551eaf44bebe900616f74378dfc70b43112fb8e7f547f234f70d0ce3a1c8c79299e657a9d1b6ebc1dd16bb587a7773b615c9570f8c279b420162d15990f8a8fcf378428fa414d7caa8ea2370bde098c66d10e91aea00853ba53d395a6e916e3d0bb1a2610e3cd661e451564cbfd59c7b0279c509dcbecd40a0c905ecb2fbc909c3e0674f5d54277496f01930f54ed5fe2d786abf56aa306dcbbd7b9942b64222c424dd4ab52f75eef67676636f92d9c9e4ad8b9447dd77c3849379f57994721b3af46593f390bc3daccb64f30911659da72324d28cb217847b0f0ffacea4e4b1833c89571b75dcc5ab7a2ed387deeb238a82daa3a55f215b0202d329c322fa8e544770b3ec55393588a57a7c8951ec6e160e263620a7c8a37e7829e952c12cdbd7dac96b15f3e58d216f9301be5ec61dcbda542d0a2332d235c06a94ed296b2f39bdef9edf587e1c6cffbc8c6cff35a8eb14c559599812c533de764019dc06b9e8ecb27c57d82dcfa035ac36411276fad0d9f9ed78e651cdd78bb189b0b4256f41e55012a27e24009c6a9525551237937d13d9396a975a7e123db0dfa44c79cd2bd3daa86c3e762642923194f0edc3dcb203d45ac5a0ccd4727eb86fd45b7ddae861dcbf575d7030b50c098cf59ff306166fd40873beec37d48bc6267e3db4d9735bfbee6689e4caf81e9b81b133fd19dee85c50751dd4e997311e8cf26efeef7d9260e207ec60a5840e23cda69bf0bc7baf42f2f456aa4359a12cbfab0514679396ea2d49b800a89f0284f3540d5a89acdc22217cb215ea874894c0b4dc87f8ae0aac52716d6934a6cf22d71fb9ece7df3639248ebdc64f4cb621c544253f8ac79a697417e9ae39cc87574617151f27d9a1d4b7c44a0d14dcbd195e0f18b500d12883cba464b83ed482d43c01347a3b2898e4dc3a4dc035636dc4361dfe1f2b1bcf937d4e3262035845be6eb04d12d6ee14fec4b8f17a2b637bec90365f1acf8e5464e2879c02b135d8bb683560c68044bd7ba96e149e20f9caf8cc78cea9b6e67daf316cab237337fdbcbb75443be241ee0b429896f7b07863b7ee47f356b13eac33017feafccb501da47e1fcc28d39cf936a8cf7fafe5390df3ad5228b73bb0d1433693a094470ebe9435c100a2bb8ac86976ef613c7ba7aefd53a838beddb636334da74987b164a62c1c9faff0028b88be41b1a2c87b3789e8f5fa1a48412f4ffa1579c7e35ef4b732bb1720834598edd08a1bd08d1cb1e660ba1743f0f6f2a30cfaaba9c73e746fced7acd52680eb35558dfed746fdff4f17c1657c63b3e90827c424b85a3d252ffa312543a70a4fd128ed156107a5d1de95c84ac6f70bc3909146acd6c12a510fb23db2ad49eba98841edc8e969da4cf7527c2c5ad00865a4c02e2792153a8b8ee05ddeb05226cabfb719d8c71945b0e8cd6107ff1167c62c9677810ecd3a42aa08a8cc0bc008c50306f8b24cbf7f4a187d78c99d97114569b88df63fa064f1429af93d553ecd9b94e9c6f57fd868d2d4e5026385da161776b6cff0d42c349a4320ae8795528dc60286a85b7c332ee273331e7b9e8f7da4ec7ab63e12485c796b579f91fac6b3e07232ee6c140b3cf02176ddb03b8826dc731b2a421c792c1f36e9c4b761cd9dc324c479bcb1945e87192073a424cdd49b8797d6fb681bfdbd2216377b426432ea223cb671fb07a6e346e53e5654de6e94a94530c6b39ac42d3924aced59eed0bda8585590b9fb9dd77a6dc14667ae2b142d53e65281184e6d112363a09695f8a15a810a6bf7c788a85fb50e4bfdeb7de66e3cf55c3aca619b6f578dbe2ac5ff7cb4f14f790b2a20b63f3a3ef7d6cb5e6d29e59e94b4fde547f580b2e9902debcec11316a29460aa2ffa0f13b7e71c154b4ac6466218f300668f806a56af682c0422c94f66e884a498422178a1de568139f913f6834847933c86e142eaa4622c66eb853a35ee07715a7d08a9c84926878533b8c68ef06b19fb845737ee52f712ff45e9fa8b8e9820cb1c8a91fd663f73d3f6626bc33472f8f4a335c013a437596d49d94979c3d34387a6181041b3838382d437a67e6559fc6e25f20c6ee9aa775c7533610143c05cba9de33be0ee40e183ba92f40f57e8600d96420a967ce8895079bb42cda97f178d84e288d0144a8f00d91eb5b2c624eca89280ea51e2f82b5f1f4b426663e09c4021379244a52699900e0b9e163a258b30686cfcdc41c274d6bf17be77fe9f3aecaa61ad0db9a883808eff3aa8c7cefc391047edc41a0de6d502649f0d7b6eb3f933f0985968073e589a9a5a5e3422d74e90eaed7471e71b9430f1c63342c781abaa0faae081b5b7861f698b79e652f8c3f566460ef716c21c6efaae4667693deee096cacdc8790e99b615eadea7b32263fbcb02375ff405865a9ebde80663556c27c1b15ea311dc35d800076bc2104cbedf45aa1b18677405c5b2a3ca89924a1dd4f3b247f71086ea679f758d8a6fef83a4529a9dbe7c140658345fb593a67f893e09f63f64518400f840a6aad9973c39a3bc6ddb444734a13d8f90a0ba6d18339dc0d74f20519cc4a44001f601381dd564de24ec3385e441e8639c4801c7fd059e39b3547a6cd6922a956a3f903d0c5c001e1243a3b249ee11896b226040674bfe1e93dbbf87f4450207c0c9c7ecfa1350c1aeb32f6783f349da13558854e90688dfe2b44fc0444589df968b31381f772c5cf94b0e6d747899361c1fda8082f2c3091e2d1b0c621cd2b56cc74977dfcd6f4afd6a35e47d2152f57cd3535c5b6485646ce09de12e0eaa5122062f999fec4d7aac65c0cf88b7cb0235f563437ab9b7890df3419ffcb7be9c41a425939dde751cd2053f0a0fccd4621b0415ab2afc1e465000dd32401a68c40784288cab12cefe2d9a66bdbecdea41ca7a7e2d2ee251c40e116ec7da18e8e40e05fab6cb3e35aa2fb0e997be0208055155b65df2abb890bf033d1509aed4ec62f43071d58357a8c0304d03cd504d7d6313bea7ba814e88ee269e22b312fcc74c21575cf909ccd87076c3dad70380546e24ba642d2b5ae30653e9c90791fed7f04d7b0395417375ac2476b4a6f36d3847852a7c14b9e8d96ab2e391fe0377d3eed3eed6c9934aa0dd282af1e1648161b2d825fd6113cdf7a46571643d07cbbd53a1062a9afc5f62d8eec7a9756ef0609464cda14549fbf85b2e2b8845a821468c2c486c0760200d87f50a13bc5bb26ce2a91d63727e753fdaaa7e4d93b5e2cf40c2b7481f16b7207daff4d2b8aaa916ac0de78df8c2e4705cc0ac42f386cde1ad8c8acadbfe27fbdf2688e2dd9fcb8cae879844c4a031e7e216c1708215918d82dbb5a5e1970e433e6d8f511b51e334a206aab00b039d4dd83481c114c590f4183caaead16e4dac64327dc2d3e0a29d77f69e6f8096caa42790d860af7b53924a6f5cd83981f97fdf49e9ce0aeff59b2002157819338b36da26915d46d198c777d7c236d814c7fb1d1e653d700f9cd2f65f244612b7b1de8c8cb02f36f36c423b8ab52010b1d56cbad3ccf56776e1df02dc05ef3123cc322718af1bff0f3e86fbc5acdd2871a6e533699b9000eede3d6656bccb5eca793e2a93016c208f111f242c10ed30e1c962aa108efb7ef6bb5f92941f12bc947b24110b9122d152fbdb2ccba7877a364d80e62d80250ace98f3e710c00584938735ff10b6859a9c3c1d20d41b361349bd13fd1120d13d6687bc81a886e091ffdd6e540bafdf6b8415eab8da8345d2c9f1bad84ee2409eff076b7e9659d9cd23225bcdc30a47dbbcc4b09372bd69adc630fa6501388672a780a4e800cd4f83f222b8831c5ef36cefdc688f6073eb0b60dc4b67272a5ead944f0bdb267f8cb816adb621ab4118507cd6d9044dac1d5fef80224550679722c747ca66e5fee24b7ba4ebc0a49cc497565ed22c8defab30a4a968569ddd561f5c37861c2641b197014b119826fb99a378b2cd01453d766e997b56665594f2d0a1f0d3e75a2981f0fee96dc81b74cbf34aa40f0098ceba0f0c075402e8b51691d1c3804fea6cecc1663ea8bf01a5d5cd3c1515203f7cd765a4911f2af93472e15cf91eb63e379da4987997be7b6ec4971035c87f48e0960759205b1e48ee587a14aac1f8a0688c18b73a5e7b7491e5c75ce0b4e7f95135d7f52ef17256a5d7e7a74973483bb78209dfae23113681caac14250380ada6aee682455126026d7a5540148e6f3a107eee98aeb47ff8f84f244e986738861150eb05b301e89f7e1509030a4edf92bd3cb41a93a7c32db1171286599239c3ce387444fb7425aa6297b49cf18ed431f5f8debbdb838ee7fb1427b823bf6dee5d19d66f0c68200d547ba9304bb91c259b502e2077f7e32674dbe63cf42c6eac7a4a43c66b94419510ec42d519b6eb1677ffeddb3e2e6cb1f4a415d068cf55ecc7855e685b62024aa1a6b4ab697b7bdcfadb91eee2bba23c6554f1f26c2d4ad72b787f7dfb23a83d66ddbb427fd86c9e5bad2a827d3156af7bbfbb75efc78d9027d2b25638107c0b999ca46050c7c5b80ed5c95f2b1e1238dc406423c46a476361dacbc6e3ab443207bf3133c0b6bc078e38aec3e0996cc5d1c90e6b3add58f27fe338e05377036239873e2baa06fd926fee840d6170d4e2e759d1ddb3adb18d0c5af2e514f8b90ba423ce932b3192f713423a96fd7e80849ddf8790f570ef582cf159baf732bab94698b876b40ed5ed6b152084152e136115a4e870094006c842eb3fbe42cd484abda7932e076b125d8ec5b5e8a22c38de69b83291b74634cab1a89", @typed={0x14, 0x8d, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0x17}}, @generic="369751e726b845d355911472f4606e2c6537764692c6758ebc34f2d096a186f5180613b486aa931d6801a0bb60d918ef62fb1fa7cf938f0fef72211d166c8b98570f7428f748a6a6e561746abbd9d6d388ef11663355ea216a2f6aedf66fc4fffac9d8591df1efed24b2e5bdda92d237db18e989edeeb955800d42ed082004ec837d3a30ed3c78acad57b0b40fbe9790f162aa", @generic="7ae27dfadd798a03449256fb28499f4cb6"]}, @generic="4ab0fd70b9a087f773ba3086ae750ddfc94f73e561ad3860dcd81862eb7f2cee8e2b404f705d36615eb0961c02decc0412ed096030aa16cd7d6ab761e4524209b783ac38064701ac28cc75e3fcc340cc46332a174cd92f1a9f0ed798d856b2084a05bf98189fd15187f961305830b1f24ffe1aeace2c2ed2d5850094c3f32163c96e92b3645e75043321ebfcbddfa4e5c0c798fdb5184630141c3c896023234f15df22e21536d2610828cabadaff98a8d51d3f760846e68f6ef8d80b1e15f4f68ee5b49c8180f00659e5e0ad9c1bd60bac3a58430fed29"]}, 0x1200}, {&(0x7f0000006b80)=ANY=[@ANYBLOB="18050000350010002abd7000fbdbdf2518037780b8ef4d5b2638c546af0b4eb57fc6b907065ef0ef7ec1adc2f118f3d2063592e53484212c099f81ffd5c747afdaf4aa50fe3a52c1d4b5bb2c58bc36016b68032e2a1de47d1f8e2c1150b1692520d8ebb274cf347393fdcba5d632d3da6338a6621828eb7649594ff260bb2184bedf6785b075891c", @ANYRES32, @ANYBLOB="767847cd7d9e02462b58ee09e9691354a44cc779deb51ea4d0ca5f29566c4fd6b92f3db85021881b205f26cc5c171d05d600e81f085cae8f64fd85c08e36b89fef415f8e266952fa5b9667568d988b38e433dff5d519422f59053a135cd7ab745bdaf9b5cf39067d321a69d8a082d2516c2ff4d66a9cf5cfbda5a21c13931204996a713f99c250bf04194ff0b799551fe2cfae7f3e0170adc2215c7552356016226b2a1f87e4cb3156fc308aedad820921eb0f61569329fe08020d738bde936f549090b13245242399ad170520746518cbe26b25026d586e03a4dd7335c1d5d673ef8b3a826936ccfb0ea86b1f8c5cfd257f550b95263ff537dce6cb85b1f33099c49e6d4f3a258c6050337167af2ca9ca3952dcc4392cac4c8bf5ffbccbf9287ff09e9e14381f921b5e54cdd8cea59d667e8c5142493f550b4b15713d714e92baa25efb94a4c7f8f98151e6595a1e82451f29dd7cc43f2408f36f8aab0be6728887a7b807f7bdab11cfe554c4098dd62d24ab114530b20fad013d11ddbab04fd7810cc993c1069031d438286df3b9f1a855676af1b6c01397e15db07a4744b70dbb9810e21828d6f68d9f082a55bba496fd2697d7917d5e677bf28a45ce27d6a664", @ANYRES32=0x0, @ANYBLOB="14001900200100000000000000000000000000020c008a0000000000000000000d0044002d2d5c2427242d5d00000000d849c309e3ad5ea08c4e017d95066b3feaba8d3366d5d0affd4e69e1b1c6dd9019f340851b831def2d15f6a7aa56af55f7708419cc419f4e751226a86d510c09d68374226d8415aad010836e8306d9396130c1c44c4c59f1103c10973adeee479999f085cbab7065d0b738804c6eecdd15c38b610ae2bbced9f15564794da520e95dd3a1d41a1ea26ceb4442e7b127bad8e9418fbd83d099940a838e0490f762bbcfd5da50259567b38927f11ae12890697e4771f32e0c074ace6e0604b80d48c49398ea94bad012e8dbbe580876e205524e4247372648be82b623682fb50800000021a13352c9863948aca7d6d77fc1c755de010ead30124a926df541924f7cb821d6d1026915a5c941ad68c04ba62192ae8014dc2cde904abdea12b6555bf8ff82f98f730ef9e20da9aabf5ee1004c9ba39ec93d190a92bbe7ce5ea3c4811c90ff3fca27f62d1a1d661962dcef2a477daf43b23a55e256b42193b3db76730e7b749c23dbfddad0d19dcb0fc27fc207e43ebd53c5cd3ba9ef405f06ce3bc53dd2a64f4433bff288285d78b11bc903c3d6c04619a2ac632f10b6942a340aa972101098b299e9a3a5b08e1153308ca0c391448d85ac8208386a28a9b90da5150c000100070000000000000000"], 0x518}, {&(0x7f0000003c80)={0x128, 0x19, 0x200, 0x70bd2b, 0x25dfdbfe, "", [@nested={0x5e, 0x0, 0x0, 0x1, [@generic, @generic="fe7624e7c5210fff306a9a6f0e6a424ce47793fffb7a6cea6f75de49b006ca20b716724a261c74c1905bbb8b6950dd398714bb33c796bc37e4684d83a8de87db19d075b6b181d058f3d6361737de59d1f51bd474273b35a5f2ee"]}, @generic, @generic, @generic="bc5c43a2bbac8a68bdbfb65f05a87890ce31461c55dae7ba268b99c71974af75e2b9be5d4bc86d9f000180905b0ae2ed0ccfd463998513d77d7c0290c9ad5eb6850f552b22da1b6ed6b84469523b301d2ec2", @generic="916dfe61cd386853aa981e9a827cb9df6186f7b0e00ac311ab5662602feb38fc399c35e1ea97dc4abb1f90ab3a1ebcef4402c05b036b9e3cdc204122e1ed4b775ea6a33e10867e1c4a82d811ad1670014d2e0478f2478af4ee7898b84b", @typed={0x8, 0x1e, 0x0, 0x0, @uid}]}, 0x128}, {&(0x7f00000002c0)=ANY=[@ANYBLOB="700000003f00040028bd7000ffdbdf251600368004009400b6bf35ad9796979c045f768e3483000012491ccce029df3cec2b1dfdf1cdd01e6d5d81add03d0d813a6c863f8cbd6eb2dd16793224cadd826ea7368dcca9b71e4b9328d81c572c8b5974723b8f5d05880179af91fc3abd7de81820eef10d1f192c2eea961b4b5a78f24757acc9dc5059f74c7c89b0c3a97e6fcd3840bf85df1f191a6c365f8e6e9c2b8181b891ec42559fd176817f395f70100707fa6e2867f3bd12ae1281a300368d142a44ae0ed81f305c63991dea22b60447da3cbbc322558e8aae6b27816bd6a634184e7a73ccc241368e49d01b"], 0x70}, {&(0x7f0000000700)={0x10, 0x3c, 0x108, 0x70bd27}, 0x10}, {&(0x7f0000000740)={0x10, 0x27, 0x400, 0x70bd29, 0x25dfdbfc}, 0x10}, {0x0}], 0x8, &(0x7f0000005240)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee01}}}], 0x98, 0x4004821}, 0x20000001)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180), &(0x7f00000001c0)=0xc)
prlimit64(0x0, 0x7, 0x0, &(0x7f0000000280))
socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000540)=@filter={'filter\x00', 0x2, 0x4, 0x388, 0xffffffff, 0x1e8, 0x0, 0x1e8, 0xfeffffff, 0xffffffff, 0x2b8, 0x2b8, 0x2b8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev, @mcast1, [], [], 'macsec0\x00', 'bond_slave_0\x00', {}, {}, 0x0, 0x0, 0x3}, 0x2f2, 0xa8, 0xd0}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x6}}}, {{@ipv6={@mcast1, @loopback, [], [], 'netdevsim0\x00', 'geneve0\x00'}, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "ddabf53d9b1435965491f6531877000001e770b667f173dfa40b58c10327e3121114449fd20ba2be6e45cae72a972f25170163232ed996b4789b9d00"}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE3={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3e8)

3.012159378s ago: executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
close(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x8)
mlockall(0x1)
r3 = syz_open_procfs(0x0, &(0x7f0000001080)='smaps_rollup\x00')
socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
socket$inet6_tcp(0xa, 0x1, 0x0)
read$FUSE(r3, &(0x7f0000002e40)={0x2020}, 0x2020)
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x0, 0x4, &(0x7f0000000040)=ANY=[], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195}, 0x90)
close(r4)
getdents64(0xffffffffffffffff, &(0x7f0000000680)=""/151, 0x97)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

2.60927065s ago: executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x6}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000038ba9a7e7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

1.922357745s ago: executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0x30, r1, 0xdb8f12b9d679de2b, 0x0, 0x0, {}, [@ETHTOOL_A_CHANNELS_RX_COUNT={0x8}, @ETHTOOL_A_CHANNELS_COMBINED_COUNT={0x8}, @ETHTOOL_A_CHANNELS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}]}, 0x30}}, 0x0)

1.788205426s ago: executing program 1:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000140)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001c00)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000000), 0xffe000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000d40)={<r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000080)="31de76fb398bc62d058b8a96924594f5476a0824be53f7a5949f80614c42391e4b80412938c955d34d37eb96ba7849c3eb823bb36724bd6f6d0219cfe5c884afcd2bdea5acf9c877c03dcdbbb3e47417b6707c27d4c5c1db1924071f6b6f23c7d199c799c9b0c41101e625fcdb7bbfd12a3eeeef4540a5698f058aaf6a141e5d333929b92a7f64e925bf0ef424c3ef29fcd5fd4721c547fde6abe4d47048b64511693624b0d786711abe4a66e250fcbfe95ac9037e58f331b26b6ed0d08e5c73ba4c49", 0xc3}], 0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="000026d5f47f0000000000000100000000000200000000001400000000000000000000000200000000000000000000001400000000000000000000000200000000000000000000001100000000000000"], 0xf}, 0x0)

1.730353915s ago: executing program 4:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$sock(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000002080)="8cdbfc912b2f5015cd4201ad9746ee95213affe23f8c35e5170be0abd5b03507e79012189e1e64b37f4ad974f59fc51fa1f54dbbe9965a2263f8f27e9eb7c8f3da6b8a2ceaaf2e4d39ce3ac31c9fd63f148369fdf5ab93ba0d574effb74d9045ef022dc492d3f44d5dea22c7b841fcc04eb1c49289f206be0479e83bc738a0c0b4af8078e4196fc461319ad63eb307ce25e4478809f34c4d4260eb8dd2de61ea8ec9b3b1492a881c74ca76df5cfb77002aa143f9eed0d0522867d652a3d8550aabeae3d042976bbc2880b947e381f251002b954397afa87388aac2fc96f97a64ab4ff907ae1529ef438006380d08fa0bb3467af1fb531998277792cdf3074d910a636d341e5d398b46e771cfef2599b8639f8e59ab3d5836457eff22ff2c65569eaa99e255c40f18b952f20d020e7d687bc41142b2a31e82cb45a7e0988dc1b6f261944fd46ca54c067f4ad6d9fcaa2e336148d28e22c5f23714c7a66a18faa639baa7eaffed706242859815cda57d2b4b09", 0x172}], 0x1}, 0x0)
sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {0x0}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x8, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})

1.601332464s ago: executing program 4:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0xffffffffffffffff, 0x0)

1.589143886s ago: executing program 2:
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000ac0)='./file0\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="6c617a7974696d652c6e6f696e6c696e655f78617474722c6c617a7974696d652c6e6f626172726965722c6163746976655f6c6f67733d342c757365725f78617474722c6d6f64653d6c66732c616c6c6f635f6d6f64653d64656661756c742c00be9ee044c45511e65887f6fac9eba6d787c3684a836f23dbf8ad3dd5931c08b4d8bde7e8acbbf3bf3326f2faa5952a332ad2ced40c98a2affa2dad4d623f9ff3ffa81e45095548ab6200f069d0f63d20fd71d3043b0dd5c4cf9785f3f531abc19bc1548f5e0b33006bd1049ca45bd8500d67a5aa6e1c23d900000000007867738729e703bb122283fb2fae9813a0cfefcdf3dc96eb384dbb4268c50943198a96d9b1af9c91506b30922be8537f54e65cf60c6b6a5798955796aea325770d6ccc93a95fad93b2c7bad114fcbc55036a301c23b07073c71555791db8919235022bb0ee4294211ab9b43f3fbedecd223722d937aa22b31e2e9c97e5ea94e4ab83d4e5811c7556813c334aec856af0a0c12b3c93ba5aa906bde2268a0c6cbbb13f496d87c608604eb02b2c031d5ae40c75"], 0x1, 0x5511, &(0x7f0000015b80)="$eJzs3E1rY9UfB/CTdjqdp//8i7hwNxcGoYVJmPRh0F3VGXzADsWHhStNkzRkJsktTZrWrly4FBe+Djei4Mql+BIEXbsTF4o7Qck9pzIdFdRmkqn9fOD2e+/JzS+/E0rLuQk3AGfWQvbzj6VwNVwMIcyGEK6EUOyX0lZYj/FUCOFaCGHmga2Uxn8fOB9CuBRCuDoqHmuW0kMf3RheX/vhlZ+++Hr+3OVPPv92erMGpu3pEEJ3J+7vd2PmrZj30nht2C6yuzpMGR/o3k/Hecz95lZRYb92dF6tyJVWPD/f2euPcrtTq4+y1d4uxnd68QX7w9ZRneIJ92q7xXGjuVVku58X2TqMfR0cxr9th/1BrNNI9d4tyofB4CjjePOgGeczf7/Iem+QxmPdvNE8GOUwZXq5UM87jaKPrZO804+3V9u9vYNs2Nztt/NetlapPlOp3ipXd/NGc9BcLde6jVur2WKrMzqtPGjWuuutPG91mpV63l3KFlv1erlazRZvN7fatV5WrVZWKjfLa0tp70b24t03s04jWxzl8+3e3qDd6Wfb+W4Wn7GULVdWnl3Krlez1zc2s83X7tzZ2Hzj7dtv3X1u4+UX0kl/aCtbXL65vFyu3iwvV5dO7/xH/+v/0fzfT02Pcf5wIqVpNwBw+lj/A5P28VcxT/P6P/yb9f+O9f/DrP/P9vzhRKz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADOrO/mPn2p2FmIx5fT+P/S0BPpuBRCmAkh/PonZsP5YzVnU525vzh/7qEeviyFosLoNebTdimEsJ62X/7/qN8FAAAA+O/67L1rH8bVevyxMO2GmKR40WbmyjtjqlcKIcwtfD+GKiFdbApPnryraPT7fS4cjKlacQHrwpiKxUtu58ZV7W+ZPRYXHohSjJmJtgMAAEzE8ZXAZFchAAAATNIH026A6Sg+aU3fxU9f4J+PkT4QvHjsCAAAADiFStNuAAAAAHjkivX/43P/v2+Kfff/AwAAgPGK9/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiNnfvJSR2K4gB8Wuh7vD9GYpy7FWewDFdgHDo0LMBNsATcghtgDThzCQYMbYnWYKLhto3k+5K23Bvy45QwOfeSAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCmp2Ixfbi7uD80Z705TJq7AQAAAPZZFYtp+WJcjf/V8yf11Fk9ziIij4h9vfsgfjUyB3VO8cn7iw81PEaUCdvP+F0ffyPisj5eTtv+FgAAAOB4LWfzSdWtV6dx3wXRpWrRJv9/lSgvi4hi/JwoLd+ezhOFlb/vYdwmSisXsEaJwqolt2GqtC8ZNC6jd5esuuSdlgMAAHSi2Ql024UAAADQpZu+C6AfWey2Mnd7weU/7982BP80RgAAAMAPlPVdAAAAANC6sv/3/D8AAAA4btXz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGjTqlhMl7P5pDF5/f2c9eYw6e4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXtmfdxQIgTAIg73rO5O5/2GlQUNjkyoQPv7GYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4M3v/vJ/YmqcSeZeG0vPI8naqbF1auydG0d/GF+/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYn9eUiAEgiAK5oz/nfT9DysJegYRIqDhUUUtGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4ot/98n9iapxJ5k4bS8cjydpVY+uqsfegcfRgvP0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYud+XuOo4gCAf3dnZ2urYoySQ0QUPOjFptva2qsHJXjwTxBCuq3RrT/aHGwpQi7eJOdeRI8ighJv/R96bqGXeuthDxU89VCZ2ZnkdS24WjqzST4fePO+Mwzzvm8SQr7zZhcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDa+L29OCs2C5O4Wx27df/aetHfnuoLN7bvLBetiDtNJr0PPHgYr6b7naX2cgEAAODwyOr6PiLu5jurRd9dKOv/vD6nqPl/eH4S1/X8dN1f93XtX7Tff7v38u5AC5Nxioue3xgNT/wzld7Tm+V8e+Ffz+iVd7589pKVP5Duh1svjfPyfna+u3nz/X4ZHmkiWwDg/zhe91VQ/z9U9IM2EwPg0OglhXdd/2cL7eYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0IT+Vjxbx52IWO7txYXb96+tl/3U/o3tO8t1O3P9+nZ6zeISeUSc3xgNTzQ1kX3g8pWrn62NRsNLzQevRUR7o1fBxzOcE9FmhoInDbrV7/q85LM/gpb/MAEAcODkVSvq+rv5zmpxrLMY8fDHR+v/N5M40vp/qk/r/3ufnLmVjpXW/4PGZjj/VjYvfrly+crVtzcurl0YXhh+/s7JwbuDU2dPnz67Uj4rWfHEBAAAgCfTr1pa/3cXI8ZT6//HkjhmrP+/+n7wTTpWpv5/rL1Fv7YzAQAAONxefP2vPzuPOd7p9+Prtc3NS4PJdnf/5GTbQqr/2ZGqpfV/tth2VgAAAEATxludR9b/zyVxzLj+/9xPr/ySXjOLiKPV+v/x9S9G55qbTksezHRWEx8nfupTBQAAYK4drVq6/p+X7/93d1956EbEW29M4uprAGeq/7MPvv05HSt9//9Uc1OcS92lyf0o+6WI3lLbGQEAAHCQPVO1otj/I99Z/fTXYx/1vf8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0LS/AwAA//+xhkJ5")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000180)={'#! ', './file0', [], 0xa, "1d2388097397c65c5443c72ef4e784ad668de7c14f8cd677637cc1d99581a3f4284839c65d5cab0ed22ef8ae2f6d0b2b91811ee51800855b7478d2a05eddd9f7f7c3aa8757d5126bf21a7f58bb5e42dd1d5d7860160710c6110b65701b131af2828a1c2d77b0d6b91ada3dbd5962031d9292bf3fb3e5"}, 0x81)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000003, 0x11, r1, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae0a, &(0x7f0000000080)=""/1)

1.440960309s ago: executing program 4:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001b40)={&(0x7f0000000100)='jbd2_handle_stats\x00', r0}, 0x10)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)

1.23716967s ago: executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000000c0)='jbd2_write_superblock\x00', r2}, 0x10)
ioctl$TUNSETOFFLOAD(r0, 0x40086607, 0x20001412)

1.230079831s ago: executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_LIMIT={0x8}]}}]}, 0x40}}, 0x0)
sendmmsg$inet(r0, &(0x7f0000006f40)=[{{0x0, 0x0, &(0x7f00000007c0)=[{0x0}], 0x1}}], 0x1, 0x0)

1.057717368s ago: executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r0}, &(0x7f0000000040)=0x18, &(0x7f0000000140)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='ext4_unlink_exit\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='ext4_unlink_exit\x00', r2}, 0x10)
unlink(&(0x7f0000000140)='./cgroup\x00')

944.238035ms ago: executing program 1:
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$udambuf(0xffffffffffffff9c, 0x0, 0x2)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$hfsplus(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', 0xa00010, &(0x7f0000000700)=ANY=[@ANYBLOB='nodecompose,decompose,nobfrrier,gid=', @ANYRESHEX=0xee01, @ANYBLOB="2c6e6c733d69736f383835392d310000000072726965722c00bcd0f0b5c4e2957974ff5d7ea3c3dcee087e4983684e8a4c4e4e87b134e30ce77162b12885b964b3506ff3eae0f3599447b17861d19be78079e5dd7bdc7f1eb36e31ac14de48349767164f5f6431bbdeaef96a4f2bce64b5cfa76ce3a2c4302374bc5535d7e2eb8dfb2e5d58a37b7e37836597c21f51bcdf6df4cad825cfd9ef5ee9e89e04b15cd3cea9e152d67b9a7eedc5dfe6d85a3ce7c342da8cc969b552197cb8bcc4a1009f38f4a85b7c742101ba5bc03115feca2b994c699812"], 0x6, 0x635, &(0x7f0000000c80)="$eJzs3c1rHOcdB/DvrFZryQVHSezELYGKGNJSUVsvKK16iVtK0SGUkB56FrYcC6+VIClFCaWo79BTD/kD0oNuPRV6N6Tn9parjoFCLznppjKzs9LaWil6s1ZqPx/z7PM888w888xvZ2Zndi0mwP+t+Yk0n6TI/MTb62V9a3OmvbU5c6Vubicpy42k2clSLCfFZ8nddFK+Xk6s5y8OWs8nS3Pvfv7l1hedWrNO1fyNw5Y7mo06ZTzJUJ0/o/Wn4/Q33CmU/dzr398xFLtbWAbsVjdwMGg7+2wcZ/FTHrfARVB0Pjf3GUuuJhmprwNSnx0a5zu6s3essxwAAABcUi9sZzvruTbocQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBlUj//v6hTo1seT9F9/n+rnpa6fKk9GfQAAAAAAAAAAOAMfHM721nPtW59p6h+83+9qlyvXr+WD7OaxazkdtazkLWsZSVTScZ6OmqtL6ytrUwdYcnpvktOn8/2AgAAAAAAAMD/qN9kfu/3fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGKShOi86xaJO17vlsTSaSUaStMr5NpJ/dcuXRNFv4pPzHwcAAACcysgJlnlhO9tZz7Vufaeo7vlfqe6XR/JhlrOWpaylncXcr++hy7v+xtbmTHtrc+Zxmfb3+8P/HGsYVY+7X0P0W/PNao7RPMhSNeV27lWDuZ9GtWTpZnc8/cf163JMxVu1I47sfp2XK/vzQd8iDMRYFZHh3YhM1mMro/Hi4ZH4yneneeiaptLY/ebn+nOI+dU6L7fnDxcz5o1UkZju2fteOTwSybf+/tefP2wvP3r4YHXi4mzSCT27T8z0ROLVSx2J5jHnn6wicWO3Pp+f5GeZyHjeyUqW8ossZC2L2anbF+r9uXwdOzxSd5+qvfNVI2nV70vnLHqUMY3nx1VpIa9Xy17LUoq8n/tZzJvVv+lM5XuZzWzmet7hGweOu9q26qhvHO+ov/XtujCa5I91Pmidj9Qyri/2xLX3nDtWtfVO2YvSS2d/bmx+oy6U6/htnV8Mz0ZiqicSLx8eib9Ux8Zqe/nRysOFDw7of+OZ+ht1Xu5xv79QnxLl/vJSRuozydN7R9n28u5Z5ul4tepfXDptjX1tN6q2ougeqT898Eht1ddw+3uartpe7ds2U7Xd7Gl76nor76e9ez0EwAV29TtXW6P/Hv3n6Kejvxt9OPr2yI+ufP/Ka60M/2P4B83JoTcarxV/y6f51d79PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHKrH338aKHdXlzpX2gc3HS2haJ+kM95rEth0IXuQwRP3eHdC7E5l7owlKRfU/0WneThosClcGft8Qd3Vj/6+LtLjxfeW3xvcXl4dnZucm72zZk7D5bai5Od10GPEnge9j70+7cXF+oBmwAAAAAAAAAAAECO9vc2O/X//zvxXxoMehsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAy21+Is0nKTI1eXuyrG9tzrTL1C3vzdlM0mgkxS+T4rPkbjopYz3dFW8dsJ5Plube/fzLrS/2+mpW85ed1vkpbNQp40mG6vys+rt36v6K3S0sA3arGzgYtP8GAAD//+IHAOM=")
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
getdents64(r0, &(0x7f0000002f40)=""/4098, 0x1002)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpu.stat\x00', 0x275a, 0x0)
openat$cgroup_type(r4, &(0x7f0000000040), 0x2, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000000, 0x10, r4, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800, &(0x7f0000000040)=ANY=[], 0x1, 0x66e, &(0x7f0000000cc0)="$eJzs3c1vHGcdB/DvrDd2Ni2p2yZtQJVqNRIgLBK/yAVzISCEfKhQVQ6crcRprGzSYrvIrRB1eL320D+gHHxBnJC4RyocuMCtN+RjJSQuvWBOi3Z2dr1Zv2TdNl6nfD7R7PPM88w883t+szP7YkUb4P/W0nTq91NkafqVzfb6zvZ8c2d7/k63nmQiyVZST1JLUvyn1Wp9mFxLit4wxUC5z/uri6999MnOx521erWU29eO2m9Atd3WQPNWt20qyVhVfgYPjHf9M49X9CK/luRyVcLInUnSesBP//Zkr6dP46C9z55IjMCjVXReN1O9HvdMJueqC739PqD7yls7+QiHMzHkdoPvIAAAAOBxM8xn4Kd2s5vN4vwJhAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfCFt7v/9fVEutW59K0f39//GqLVX9dHnxeJvff1RxAAAAAAAAAMAJenE3u9nM+e56qyj/5v9SuXKhfHwib2U9K1nLlWxmORvZyFpmk0z2DTS+ubyxsTY7xJ5zB+4595BAJ6qy8fnMGwAAAAAAAAC+YH6Zpb2//wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGlQJGOdIsW9vubJ1OpJziYZbzdsJf/o1h9n90cdAAAAAJyAp3azm82c7663ilxI8lz5HcDZvJW72chqNtLMSm6U3wt0PvXXdrbnmzvb83fay/5xv/fvY4VRjpjOdw8HH/lSuUUjN7NatlzJ9byRZm6kVu7ZdqmKpzvqQFz32jEV360MGdmNqmzP/L2q3OfdY032MMf8MmWyzMiZXkZmqtja2Xi6e2YOPkPHPDuDR5pNrRfshYEjDUziU+X8XFW25/Pbw3I+EoOZmOt79j13dM6Tr/35jz+ZqeqnZ0rDGavKVvnY2J+J+b5MPD9MJm41796+dXN9+nHLxD4zZSYu9taX8sP8ONOZyqtZy2p+luVsZCVT+UFZW65OftF3yR+SqWsPrL36sEjGq2do52QdL6aXyn3PZzU/yhu5kZW8XP6by2y+lYUsZLHvDF88+gyXV33tkKu+9aUDg7/89arSSPK7qjzQoR2PSjuvT/fltf+eO1n29bfsZemZIbJ0zHtj/StVpX2MX1Xl6TCYidm+TDx7dCZ+X95W1pt3b6/dWn5zuMM9815VaV9HvzlVt9T28+WZ9skq1x58drT7nj2wb7bsu9Drq+3ru9jr61ypW4deqePVe7j9I82Vfc8f2Ddf9l3q6zvo/RYAp965b5wbb/yr8ffGB41fN241Xjn7/YlvT7wwnjN/OfOd+szYV2svFH/KB/nF3ud/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg01t/+53by83mytpApdVqvXtI10lX6g8JdV8lU/98or1Dt6WVXlf358xOcBZffjIZeQ5HXvlvq9WqWopDtvnDX09NolqVU5G6EVVGd08CTsbVjTtvXl1/+51vrt5Zfn3l9ZW7iwsLizOLCy/PX7252lyZ6TyOOkrgUdh70R91JAAAAAAAAAAAAMCwTuK/E4x6jgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDjbWk69fspMjtzZaa9vrM932wv3frelvUktSTFz5Piw+RaOksm+4YrDjvO+6uLr330yc7He2PVu9vXjtpvOFvVkqkkY53y3uc13vWqPFJx1BSK3gzbCbvcTRyM2v8CAAD///IHB5c=")
open(&(0x7f0000000180)='./bus\x00', 0x4a37e, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6}]})
syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x14113e, 0x0)
unlink(&(0x7f0000000300)='./bus\x00')
write$char_usb(r5, &(0x7f00000002c0)="9f", 0x1)

822.202694ms ago: executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='ext4_es_find_extent_range_enter\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='ext4_es_find_extent_range_enter\x00', r1}, 0x10)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)

649.68338ms ago: executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = dup(r5)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000940)=@bpf_tracing={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000004c0)=[r6, 0xffffffffffffffff]}, 0x90)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_SET_LAPIC(r7, 0x4400ae8f, &(0x7f0000000500)={"8858bde0d7f6115d52f5f716ca311bf16c671fc9d87024dbe4bbb080bebe90b30668b19f6c591b7390425985dcaa66a958a8a970391decb4b7d3e52996ff674f707cdf49c7381d2964c301f29e875ce36aa6b1930032da440a2e212da56797dfe5748aaaae9fbc3f7ffd295072e1ea64bad7d3549055fdc45e7078006b383692bf1b90d3c1bab243eb0d17151ba3e65431ac11adc58b77321481fd65569362b3a8bddbed39d885f990908ce1892580ee43159c1db62d59fe2cb71882dfb0abf9dcb8ee30aadea127f169312855440d9ec40deaf8215a2bdcc65fcbbd5e0b83d2f1e3ea96ef1c993bb76ab53dee477b7ade8550d47e5a3eea926f58efb6fb7f33064fb7b6951eae379648695b27505fa731a2454174592ef7a0227f59ac45d0ed37cccabee68ba44346135659abe531ca418b0841f5a8f285605fc1e0e77f9e97a47277ed3f9cc1a94027b11505bfc9fac2db199a88aa87c399b7ada0ff033039d0d3a8b043b53335d15c275ea6ce63f3c34655761c1182bc26b1a590a8cb8667e764c3f74dc55dd44ca9e7c6a61c6376761acb0fd9fb1941caca01396905eeeead3e189fd11bd19137b214eecefa07116dc4b4b7ea423308ac9183ffc62c8dc69021249027b7b0929660135b3161d08e109a46b6fd1b7fc08a3bc0934ee2648df2b04716aff5342d9897218f91371f6c06666e0082b8a66e973930c219a568f1e0938a6a1681c7268147b1e0425c41de41a55877c32797bbfa11736d046b681bf70f376112a9094c5f23bedd87986014e72730b64d9e33412e3d423cf8213370fc4338e6f0d722dde3135706e615085bf76fa752bac824485910a6acc45b6552537fbbf0909a08d9b891ce78d11af59ca0f09c8120689017f082dce61d3682695c75e6c2d0388412fe7f36823a0e74de0f91d4fc15397a14a831d37dc60d6bd3f355649347f6257d05cbbd9fc1c5e958955fd219d1ab60dbc058e0ba5565daed86f86e6356a782b305d5e2f6e1b190479e6376b4e6247c0f020e607e9468f48fa9a16e0770b05f6bcda150dc373437963a045e0ca1272848ae96fd7823f3eac82ae253a7d907b237ff231bbae89a93ac077db04197707ff3de99ca9191ed561e972fd60356654e89242b3ac8b112092d28e10759bb3e85cfab2ae11ce90b6b52f7d2be1fd3e6d9eaabe37a3083749c11f54c17b6402fc1b54c3c030d0266480faaaf253c706800ba90c26ccefc230296f498c1304abe91a8fb37eb7abda2072c686aae830cc5abd72b47dc87cb4e01c3f565b6dc6ac2bee572bf601e02d9a51851877f1498d6e2ba3b5947d83d90072eaf0cefed3dceb9bf35b36cbca3f1feba2c3d0f16ce04e13237e8b78689b9599d33db6f8b74d863a964ab658bc1671878ab615bc37943f9c9b8e9d5069bf7de6aaa74b0470389f22935cedbb9e22523e4"})

249.094322ms ago: executing program 0:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800004e9d00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000008850000007600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)
sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)=@newtaction={0x64, 0x30, 0xffffffffffffffff, 0x0, 0x0, {}, [{0x50, 0x1, [@m_bpf={0x4c, 0x1, 0x0, 0x0, {{0x8}, {0x24, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18}, @TCA_ACT_BPF_FD={0x8, 0x5, r5}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)=@newtaction={0x44, 0x31, 0xffffffffffffffff, 0x0, 0x0, {}, [{0x30, 0x1, [@m_bpf={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x44}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r1)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_START_AP(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x5c, r8, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {{}, 0x0, @default, 0x0, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x5c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r0, @ANYBLOB="010000000000000000000800000008000300", @ANYRES32=r10, @ANYBLOB="edf7159c15afb0025753c13d74e3bb5bf6fa4afcf0929745e61f7b68c776e1abebb5e9e5cb3b300e9a4a7a71d0c8101e0c52245d29732bf32759815fc73bb7540b6f842943279ff7b9ea13f7d701ada0a65366ade5065a74ff17bba855f664f3da9128d87174d437f6a0b13366d51a91207bb75bce731f02ef3829e14ffa0ae042c64c60b0ebce75b9b61702d6508eeb69eee758da0456e599fe506097bb66b5a3f63902ec27cb6828a3e12a0fab7fa34da765e5ee304e6796d3ebdc907281225860a8209fadee103c331af04fce0310e92d1eb8bdf2a373526feddd27dc12c7dda277f66e37028146056e1484cf24"], 0x1c}}, 0x0)

159.557816ms ago: executing program 3:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$sock(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000002080)="8cdbfc912b2f5015cd4201ad9746ee95213affe23f8c35e5170be0abd5b03507e79012189e1e64b37f4ad974f59fc51fa1f54dbbe9965a2263f8f27e9eb7c8f3da6b8a2ceaaf2e4d39ce3ac31c9fd63f148369fdf5ab93ba0d574effb74d9045ef022dc492d3f44d5dea22c7b841fcc04eb1c49289f206be0479e83bc738a0c0b4af8078e4196fc461319ad63eb307ce25e4478809f34c4d4260eb8dd2de61ea8ec9b3b1492a881c74ca76df5cfb77002aa143f9eed0d0522867d652a3d8550aabeae3d042976bbc2880b947e381f251002b954397afa87388aac2fc96f97a64ab4ff907ae1529ef438006380d08fa0bb3467af1fb531998277792cdf3074d910a636d341e5d398b46e771cfef2599b8639f8e59ab3d5836457eff22ff2c65569eaa99e255c40f18b952f20d020e7d687bc41142b2a31e82cb45a7e0988dc1b6f261944fd46ca54c067f4ad6d9fcaa2e336148d28e22c5f23714c7a66a18faa639baa7eaffed706242859815cda57d2b4b09", 0x172}], 0x1}, 0x0)
sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {0x0}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x8, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})

148.310207ms ago: executing program 4:
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x12)
inotify_rm_watch(r0, 0x0)

0s ago: executing program 4:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

d, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  449.051731][  T935] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  449.067911][  T935] usb 5-1: Product: syz
[  449.078772][  T935] usb 5-1: Manufacturer: syz
[  449.099090][  T935] usb 5-1: SerialNumber: syz
[  449.118576][  T935] usb 5-1: config 0 descriptor??
[  449.178341][  T935] ch341 5-1:0.0: ch341-uart converter detected
[  449.807914][ T9715] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  450.448929][  T935] usb 5-1: failed to send control message: -71
[  450.455401][  T935] ch341-uart: probe of ttyUSB0 failed with error -71
[  450.518513][  T935] usb 5-1: USB disconnect, device number 8
[  450.561303][  T935] ch341 5-1:0.0: device disconnected
[  452.270010][ T3574] Bluetooth: hci1: command 0x0406 tx timeout
[  452.670595][ T9717] loop2: detected capacity change from 0 to 32768
[  452.792653][ T9717] XFS (loop2): Mounting V5 Filesystem
[  452.995278][ T9717] XFS (loop2): Ending clean mount
[  453.056622][ T9717] XFS (loop2): Metadata CRC error detected at xfs_rmapbt_read_verify+0x39/0xc0, xfs_rmapbt block 0x14 
[  453.093003][ T9717] XFS (loop2): Unmount and run xfs_repair
[  453.113615][ T9717] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  453.152953][ T9717] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff  RMB3............
[  453.206840][ T9717] 00000010: 00 a7 50 00 00 00 00 14 00 00 00 01 00 00 00 80  ..P.............
[  453.264418][ T9717] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91  ..G...N..b..1...
[  453.288799][ T9717] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01  ....[.;.........
[  453.302515][ T9717] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00  ................
[  453.346968][ T9717] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb  ................
[  453.379426][ T9767] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  453.686758][ T9717] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02  ................
[  453.946220][ T9717] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00  ................
[  454.012624][ T9717] XFS (loop2): metadata I/O error in "xfs_btree_read_buf_block+0x26e/0x370" at daddr 0x14 len 4 error 74
[  454.092701][ T9717] XFS (loop2): Corruption of in-memory data (0x8) detected at xfs_defer_finish_noroll+0x1acd/0x2210 (fs/xfs/libxfs/xfs_defer.c:573).  Shutting down filesystem.
[  454.138988][ T9717] XFS (loop2): Please unmount the filesystem and rectify the problem(s)
[  454.206582][ T9542] XFS (loop2): Unmounting Filesystem
[  456.371441][ T9813] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  457.716708][ T9809] loop0: detected capacity change from 0 to 32768
[  457.828399][ T9809] XFS (loop0): Mounting V5 Filesystem
[  458.005375][ T9809] XFS (loop0): Ending clean mount
[  458.091130][ T6726] XFS (loop0): Metadata CRC error detected at xfs_rmapbt_read_verify+0x39/0xc0, xfs_rmapbt block 0x14 
[  458.110172][ T6726] XFS (loop0): Unmount and run xfs_repair
[  458.121801][ T6726] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[  458.148702][ T6726] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff  RMB3............
[  458.157621][ T6726] 00000010: 00 a7 50 00 00 00 00 14 00 00 00 01 00 00 00 80  ..P.............
[  458.198705][ T6726] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91  ..G...N..b..1...
[  458.207642][ T6726] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01  ....[.;.........
[  458.218328][ T6726] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00  ................
[  458.243200][ T6726] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb  ................
[  458.260344][ T6726] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02  ................
[  458.271777][ T6726] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00  ................
[  458.281734][ T9809] XFS (loop0): metadata I/O error in "xfs_btree_read_buf_block+0x26e/0x370" at daddr 0x14 len 4 error 74
[  458.303615][ T9809] XFS (loop0): Corruption of in-memory data (0x8) detected at xfs_defer_finish_noroll+0x1acd/0x2210 (fs/xfs/libxfs/xfs_defer.c:573).  Shutting down filesystem.
[  458.320533][ T9809] XFS (loop0): Please unmount the filesystem and rectify the problem(s)
[  459.150696][ T7457] XFS (loop0): Unmounting Filesystem
[  459.373614][ T9867] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.2'.
[  459.582016][ T9868] overlayfs: failed to resolve './file1': -2
[  459.680672][ T9870] 9pnet: Could not find request transport: tcpl
[  459.784179][ T9878] loop2: detected capacity change from 0 to 1024
[  459.841297][ T9878] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  459.937856][ T9885] loop0: detected capacity change from 0 to 512
[  459.977204][ T9885] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002]
[  460.027380][ T9885] System zones: 1-12
[  460.038348][ T9542] EXT4-fs (loop2): unmounting filesystem.
[  460.054577][ T9885] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 33619980: comm syz-executor.0: invalid block
[  460.111609][ T9885] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[  460.140834][ T9885] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz-executor.0: bg 0: block 361: padding at end of block bitmap is not set
[  460.168800][ T9885] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6171: Corrupt filesystem
[  460.179192][ T9885] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #13: comm syz-executor.0: attempt to clear invalid blocks 33619980 len 1
[  460.203557][ T9885] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 0)
[  460.233423][ T9885] EXT4-fs (loop0): 1 truncate cleaned up
[  460.242483][ T9885] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  460.314815][ T7457] EXT4-fs (loop0): unmounting filesystem.
[  460.522694][ T9904] loop0: detected capacity change from 0 to 256
[  460.547200][ T9904] exfat: Deprecated parameter 'utf8'
[  460.561766][ T9904] exfat: Unknown parameter 'u—™Ítf8'
[  460.584214][ T9888] loop4: detected capacity change from 0 to 32768
[  460.601028][ T9900] lo speed is unknown, defaulting to 1000
[  460.653396][ T9888] XFS (loop4): Mounting V5 Filesystem
[  460.657102][ T9904] loop0: detected capacity change from 0 to 2048
[  460.670127][ T9904] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  460.719524][ T9913] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  460.791437][ T9888] XFS (loop4): Ending clean mount
[  460.856830][  T935] XFS (loop4): Metadata CRC error detected at xfs_rmapbt_read_verify+0x39/0xc0, xfs_rmapbt block 0x14 
[  460.903530][  T935] XFS (loop4): Unmount and run xfs_repair
[  460.915553][  T935] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  460.937728][  T935] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff  RMB3............
[  460.968423][  T935] 00000010: 00 a7 50 00 00 00 00 14 00 00 00 01 00 00 00 80  ..P.............
[  460.989351][  T935] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91  ..G...N..b..1...
[  461.038692][  T935] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01  ....[.;.........
[  461.047628][  T935] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00  ................
[  461.083379][  T935] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb  ................
[  461.112753][  T935] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02  ................
[  461.131558][  T935] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00  ................
[  461.158785][ T9888] XFS (loop4): metadata I/O error in "xfs_btree_read_buf_block+0x26e/0x370" at daddr 0x14 len 4 error 74
[  461.185913][ T9888] XFS (loop4): Corruption of in-memory data (0x8) detected at xfs_defer_finish_noroll+0x1acd/0x2210 (fs/xfs/libxfs/xfs_defer.c:573).  Shutting down filesystem.
[  461.202699][ T9888] XFS (loop4): Please unmount the filesystem and rectify the problem(s)
[  461.253215][ T8671] XFS (loop4): Unmounting Filesystem
[  461.342287][ T9937] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  461.425554][ T6726] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  461.625463][ T9944] loop2: detected capacity change from 0 to 256
[  461.642261][ T9944] exfat: Deprecated parameter 'utf8'
[  461.647949][ T9944] exfat: Unknown parameter 'u—™Ítf8'
[  461.699596][ T6726] usb 1-1: Using ep0 maxpacket: 32
[  461.729111][ T9944] loop2: detected capacity change from 0 to 2048
[  461.755886][ T9944] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  461.775521][ T9946] loop4: detected capacity change from 0 to 1024
[  461.808784][ T9947] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  461.829632][ T6726] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  461.842583][ T9946] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a000c118, mo2=0002]
[  461.861663][ T6726] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  461.886856][ T9946] System zones: 0-1, 3-12
[  461.910330][ T9946] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  461.925902][ T6726] usb 1-1: New USB device found, idVendor=06cd, idProduct=0107, bcdDevice=44.fe
[  461.962815][ T6726] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  462.022596][ T6726] usb 1-1: config 0 descriptor??
[  462.080916][ T6726] keyspan 1-1:0.0: Keyspan 1 port adapter converter detected
[  462.107942][ T6726] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 84
[  462.131646][ T6726] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 81
[  462.144944][ T6726] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 82
[  462.154728][ T6726] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 1
[  462.168453][ T6726] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 2
[  462.179855][ T6726] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 83
[  462.187796][ T6726] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 3
[  462.202928][ T6726] usb 1-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[  462.220395][ T8671] EXT4-fs (loop4): unmounting filesystem.
[  462.283039][ T3293] usb 1-1: USB disconnect, device number 15
[  462.315312][ T3293] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[  462.359984][ T3293] keyspan 1-1:0.0: device disconnected
[  462.764461][   T26] audit: type=1800 audit(1717472657.370:258): pid=9976 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1945 res=0 errno=0
[  462.851111][   T26] audit: type=1800 audit(1717472657.370:259): pid=9976 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1945 res=0 errno=0
[  463.246256][ T9984] loop2: detected capacity change from 0 to 8192
[  463.280672][ T9984] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  464.127861][T10015] ebt_limit: overflow, try lower: 570423552/2483027968
[  464.865932][T10032] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  466.101269][T10030] loop2: detected capacity change from 0 to 32768
[  466.158400][T10030] XFS (loop2): Mounting V5 Filesystem
[  466.258841][  T935] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  466.303096][T10030] XFS (loop2): Ending clean mount
[  466.407920][ T9542] XFS (loop2): Unmounting Filesystem
[  466.527812][  T935] usb 1-1: Using ep0 maxpacket: 32
[  466.659036][  T935] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  466.675490][  T935] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  466.698057][  T935] usb 1-1: New USB device found, idVendor=06cd, idProduct=0107, bcdDevice=44.fe
[  466.707484][  T935] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  466.755296][  T935] usb 1-1: config 0 descriptor??
[  466.800230][  T935] keyspan 1-1:0.0: Keyspan 1 port adapter converter detected
[  466.807793][  T935] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 84
[  466.830500][  T935] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 81
[  466.838396][  T935] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 82
[  466.878759][  T935] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 1
[  466.898758][  T935] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 2
[  466.914143][  T935] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 83
[  466.938997][  T935] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 3
[  466.968959][  T935] usb 1-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[  467.002259][  T935] usb 1-1: USB disconnect, device number 16
[  467.017106][  T935] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[  467.029453][  T935] keyspan 1-1:0.0: device disconnected
[  468.479199][T10152] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  470.287286][T10169] loop2: detected capacity change from 0 to 32768
[  470.365298][T10169] XFS (loop2): Mounting V5 Filesystem
[  470.495668][T10169] XFS (loop2): Ending clean mount
[  470.618535][ T9542] XFS (loop2): Unmounting Filesystem
[  470.782163][T10201] loop0: detected capacity change from 0 to 2048
[  470.812687][T10201] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  470.833503][T10201] ext4 filesystem being mounted at /root/syzkaller-testdir669180108/syzkaller.4UYvJS/146/file0 supports timestamps until 2038 (0x7fffffff)
[  470.872717][T10201] fs-verity: sha512 using implementation "sha512-avx2"
[  470.914280][ T7457] EXT4-fs (loop0): unmounting filesystem.
[  471.228901][  T935] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  471.468704][  T935] usb 1-1: Using ep0 maxpacket: 16
[  471.588853][  T935] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  471.769212][  T935] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  471.778286][  T935] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  471.786514][  T935] usb 1-1: Product: syz
[  471.804743][  T935] usb 1-1: Manufacturer: syz
[  471.809660][  T935] usb 1-1: SerialNumber: syz
[  471.827913][  T935] usb 1-1: config 0 descriptor??
[  471.870573][  T935] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  471.888707][  T935] em28xx 1-1:0.0: DVB interface 0 found: bulk
[  472.198891][  T935] em28xx 1-1:0.0: unknown em28xx chip ID (0)
[  472.369016][  T935] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  472.379321][  T935] em28xx 1-1:0.0: board has no eeprom
[  472.498672][  T935] em28xx 1-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  472.522478][  T935] em28xx 1-1:0.0: dvb set to bulk mode.
[  472.543034][    T7] em28xx 1-1:0.0: Binding DVB extension
[  472.552698][  T935] usb 1-1: USB disconnect, device number 17
[  472.568371][  T935] em28xx 1-1:0.0: Disconnecting em28xx
[  472.850221][    T7] em28xx 1-1:0.0: Registering input extension
[  472.857177][  T935] em28xx 1-1:0.0: Closing input extension
[  472.898450][  T935] em28xx 1-1:0.0: Freeing device
[  473.179191][   T26] audit: type=1804 audit(1717472667.630:260): pid=10260 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="bus" dev="sda1" ino=1961 res=1 errno=0
[  474.397387][T10269] lo speed is unknown, defaulting to 1000
[  474.591451][   T26] audit: type=1804 audit(1717472669.180:261): pid=10285 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir847127630/syzkaller.6hRF4o/49/bus" dev="sda1" ino=1952 res=1 errno=0
[  474.619031][ T6726] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  474.629146][   T26] audit: type=1804 audit(1717472669.180:262): pid=10285 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir847127630/syzkaller.6hRF4o/49/bus" dev="sda1" ino=1952 res=1 errno=0
[  475.069692][ T6726] usb 1-1: Using ep0 maxpacket: 16
[  475.189825][ T6726] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  475.382736][   T26] audit: type=1804 audit(1717472669.860:263): pid=10300 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir847127630/syzkaller.6hRF4o/50/bus" dev="sda1" ino=1957 res=1 errno=0
[  475.979988][ T6726] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  476.038991][ T6726] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  476.047064][ T6726] usb 1-1: Product: syz
[  476.088520][ T6726] usb 1-1: Manufacturer: syz
[  476.101120][ T6726] usb 1-1: SerialNumber: syz
[  476.148295][ T6726] usb 1-1: config 0 descriptor??
[  476.207645][ T6726] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  476.236417][ T6726] em28xx 1-1:0.0: DVB interface 0 found: bulk
[  476.519034][ T6726] em28xx 1-1:0.0: unknown em28xx chip ID (0)
[  476.688841][ T6726] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  476.696922][ T6726] em28xx 1-1:0.0: board has no eeprom
[  476.859588][ T6726] em28xx 1-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  476.867570][ T6726] em28xx 1-1:0.0: dvb set to bulk mode.
[  476.895117][ T6726] usb 1-1: USB disconnect, device number 18
[  476.931729][ T6726] em28xx 1-1:0.0: Disconnecting em28xx
[  476.963498][ T3293] em28xx 1-1:0.0: Binding DVB extension
[  477.200831][ T3293] em28xx 1-1:0.0: Registering input extension
[  477.218936][ T6726] em28xx 1-1:0.0: Closing input extension
[  477.229583][ T6726] em28xx 1-1:0.0: Freeing device
[  479.849571][   T26] audit: type=1326 audit(1717472674.460:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10390 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  479.964047][   T26] audit: type=1326 audit(1717472674.480:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10390 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  480.045531][   T26] audit: type=1326 audit(1717472674.480:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10390 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  480.074807][   T26] audit: type=1326 audit(1717472674.480:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10390 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  480.161821][   T26] audit: type=1326 audit(1717472674.480:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10390 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  480.261383][   T26] audit: type=1326 audit(1717472674.480:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10390 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  480.312348][T10403] loop0: detected capacity change from 0 to 16
[  480.341667][T10403] erofs: (device loop0): mounted with root inode @ nid 36.
[  480.349582][   T26] audit: type=1326 audit(1717472674.480:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10390 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  480.430936][   T26] audit: type=1326 audit(1717472674.490:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10390 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  480.478342][ T3572] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  480.494424][ T3585] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  480.504281][ T3585] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  480.526742][ T3585] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  480.534812][ T3585] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  480.542395][ T3585] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  480.586894][   T26] audit: type=1326 audit(1717472674.490:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10390 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  480.611685][   T26] audit: type=1326 audit(1717472674.490:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10390 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  480.842480][T10416] device syzkaller0 entered promiscuous mode
[  481.088693][T10408] lo speed is unknown, defaulting to 1000
[  481.328084][T10440] loop0: detected capacity change from 0 to 512
[  481.409707][T10440] EXT4-fs (loop0): 1 truncate cleaned up
[  481.424506][T10440] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  481.467235][T10440] EXT4-fs (loop0): unmounting filesystem.
[  481.618970][T10447] overlayfs: failed to clone upperpath
[  483.105568][ T3574] Bluetooth: hci0: command tx timeout
[  483.171284][T10408] chnl_net:caif_netlink_parms(): no params data found
[  483.286156][ T3775] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  483.624636][ T3775] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  483.761341][T10476] overlayfs: failed to resolve './file1': -2
[  483.857424][ T3775] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  483.917983][T10408] bridge0: port 1(bridge_slave_0) entered blocking state
[  483.954820][T10408] bridge0: port 1(bridge_slave_0) entered disabled state
[  483.963988][T10408] device bridge_slave_0 entered promiscuous mode
[  483.977631][T10408] bridge0: port 2(bridge_slave_1) entered blocking state
[  483.992191][T10408] bridge0: port 2(bridge_slave_1) entered disabled state
[  484.010173][T10408] device bridge_slave_1 entered promiscuous mode
[  484.024820][T10482] loop0: detected capacity change from 0 to 2048
[  484.343461][T10482] EXT4-fs: Ignoring removed mblk_io_submit option
[  484.695332][ T3775] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  484.779919][T10482] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  484.802404][T10408] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  484.832253][T10408] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  484.884220][T10482] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz-executor.0: bg 0: block 234: padding at end of block bitmap is not set
[  484.948558][T10482] EXT4-fs (loop0): Remounting filesystem read-only
[  484.959220][T10408] team0: Port device team_slave_0 added
[  485.012640][T10408] team0: Port device team_slave_1 added
[  485.134992][T10408] batman_adv: batadv0: Adding interface: batadv_slave_0
[  485.149027][ T3574] Bluetooth: hci0: command tx timeout
[  485.158421][T10408] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  485.200419][ T7457] EXT4-fs (loop0): unmounting filesystem.
[  485.202098][T10408] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  485.221040][T10408] batman_adv: batadv0: Adding interface: batadv_slave_1
[  485.228171][T10408] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  485.334451][T10408] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  485.532363][T10408] device hsr_slave_0 entered promiscuous mode
[  485.568037][T10408] device hsr_slave_1 entered promiscuous mode
[  485.589507][T10408] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  485.611073][T10408] Cannot create hsr debugfs directory
[  486.768373][ T3775] device hsr_slave_0 left promiscuous mode
[  486.791162][ T3775] device hsr_slave_1 left promiscuous mode
[  486.802666][ T3775] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  486.828503][ T3775] batman_adv: batadv0: Removing interface: batadv_slave_0
[  486.855529][ T3775] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  486.867888][ T3775] batman_adv: batadv0: Removing interface: batadv_slave_1
[  486.892484][ T3775] device bridge_slave_1 left promiscuous mode
[  486.910501][ T3775] bridge0: port 2(bridge_slave_1) entered disabled state
[  486.940041][ T3775] device bridge_slave_0 left promiscuous mode
[  486.946352][ T3775] bridge0: port 1(bridge_slave_0) entered disabled state
[  486.981872][ T3775] device veth1_macvtap left promiscuous mode
[  486.987991][ T3775] device veth0_macvtap left promiscuous mode
[  487.026026][ T3775] device veth1_vlan left promiscuous mode
[  487.051745][ T3775] device veth0_vlan left promiscuous mode
[  487.229230][ T3574] Bluetooth: hci0: command tx timeout
[  487.536685][ T3775] team0 (unregistering): Port device team_slave_1 removed
[  487.552336][ T3775] team0 (unregistering): Port device team_slave_0 removed
[  487.566650][ T3775] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  487.592687][ T3775] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  487.690723][ T3775] bond0 (unregistering): Released all slaves
[  487.774277][T10408] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  487.784747][T10408] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  487.797770][T10408] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  487.829589][T10408] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  487.942385][T10408] 8021q: adding VLAN 0 to HW filter on device bond0
[  488.002183][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  488.016098][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  488.031101][T10408] 8021q: adding VLAN 0 to HW filter on device team0
[  488.042210][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  488.052321][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  488.061242][    T7] bridge0: port 1(bridge_slave_0) entered blocking state
[  488.068394][    T7] bridge0: port 1(bridge_slave_0) entered forwarding state
[  488.076995][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  488.090367][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  488.107554][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  488.120887][ T3293] bridge0: port 2(bridge_slave_1) entered blocking state
[  488.128183][ T3293] bridge0: port 2(bridge_slave_1) entered forwarding state
[  488.188257][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  488.211825][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  488.285270][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  488.322092][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  488.345850][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  488.381442][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  488.406937][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  488.424012][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  488.444788][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  488.466786][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  488.487933][T10408] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  488.520589][ T6726] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  489.209918][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  489.217709][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  489.280127][T10408] 8021q: adding VLAN 0 to HW filter on device batadv0
[  489.309397][ T3574] Bluetooth: hci0: command tx timeout
[  489.367320][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  489.391983][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  489.402190][T10620] syz-executor.0[10620] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  489.402322][T10620] syz-executor.0[10620] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  489.488263][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  489.520480][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  489.538721][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  489.547190][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  489.573996][T10408] device veth0_vlan entered promiscuous mode
[  489.616530][T10408] device veth1_vlan entered promiscuous mode
[  489.718750][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  489.727606][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  489.773844][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  489.805526][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  489.820355][T10408] device veth0_macvtap entered promiscuous mode
[  489.839761][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  489.858999][T10408] device veth1_macvtap entered promiscuous mode
[  489.885753][T10633] overlayfs: failed to clone upperpath
[  489.948488][T10408] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  489.996254][T10408] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  490.027076][T10408] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  490.085753][T10408] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  490.117335][T10408] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  490.147881][T10408] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  490.167451][T10408] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  490.208987][T10408] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  490.247756][T10408] batman_adv: batadv0: Interface activated: batadv_slave_0
[  490.282692][T10644] bridge0: port 1(bridge_slave_0) entered disabled state
[  490.349667][T10652] bridge0: port 1(bridge_slave_0) entered blocking state
[  490.359067][T10652] bridge0: port 1(bridge_slave_0) entered forwarding state
[  490.407143][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  490.432304][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  490.471130][T10408] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  490.495781][T10408] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  490.524119][T10408] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  490.564012][T10408] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  490.587358][T10660] dccp_invalid_packet: P.Data Offset(0) too small
[  490.604688][T10408] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  490.638081][T10408] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  490.677736][T10408] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  490.704854][T10408] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  490.746679][T10408] batman_adv: batadv0: Interface activated: batadv_slave_1
[  490.782278][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  490.803124][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  490.822053][T10408] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  490.842873][T10408] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  490.860795][T10408] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  490.877548][T10408] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  490.899902][T10670] rdma_rxe: ignoring netdev event = 23 for team_slave_1
[  490.920784][T10670] rdma_rxe: team_slave_1 changed mtu to 59233
[  491.111737][ T3777] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  491.138266][ T3777] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  491.192284][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  491.213073][   T33] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  491.240420][   T33] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  491.302577][ T6724] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  491.333489][T10678] netlink: 'syz-executor.1': attribute type 10 has an invalid length.
[  491.434035][T10678] wlan1: mtu greater than device maximum
[  491.436372][T10682] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  491.453212][   T26] kauditd_printk_skb: 21 callbacks suppressed
[  491.453229][   T26] audit: type=1800 audit(1717472686.060:295): pid=10681 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1966 res=0 errno=0
[  491.585360][T10683] xt_bpf: check failed: parse error
[  491.627263][T10685] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  492.390546][T10708] bridge0: port 1(bridge_slave_0) entered disabled state
[  492.454317][T10708] bridge0: port 1(bridge_slave_0) entered blocking state
[  492.461547][T10708] bridge0: port 1(bridge_slave_0) entered forwarding state
[  492.726742][   T26] audit: type=1804 audit(1717472687.330:296): pid=10723 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="file1" dev="sda1" ino=1958 res=1 errno=0
[  493.945835][T10761] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  493.969330][T10761] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  494.025090][T10765] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  494.076284][T10761] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  494.108201][T10761] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  494.144400][T10761] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  494.181525][T10761] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  495.541903][T10780] loop2: detected capacity change from 0 to 32768
[  495.650958][T10827] netlink: 'syz-executor.1': attribute type 10 has an invalid length.
[  495.651707][T10780] XFS (loop2): Mounting V5 Filesystem
[  495.665959][T10827] wlan1: mtu greater than device maximum
[  495.803770][T10780] XFS (loop2): Ending clean mount
[  495.815323][T10780] XFS (loop2): Quotacheck needed: Please wait.
[  495.902518][T10780] XFS (loop2): Quotacheck: Done.
[  496.050198][T10408] XFS (loop2): Unmounting Filesystem
[  496.597256][T10858] loop2: detected capacity change from 0 to 16
[  496.645151][T10860] netlink: 'syz-executor.0': attribute type 10 has an invalid length.
[  496.659745][T10858] erofs: (device loop2): mounted with root inode @ nid 36.
[  496.754175][T10860] team0: Port device wlan1 added
[  500.070994][T10918] loop0: detected capacity change from 0 to 16
[  500.100031][T10918] erofs: Unknown parameter 'ÿÿÿÿ00000000000000000000003ÿÿÿÿÿÿÿÿÿ!Z¡[òžÒÿo’Aÿ`i'
[  500.133526][T10922] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  500.146362][T10922] device bridge_slave_1 left promiscuous mode
[  500.154643][T10922] bridge0: port 2(bridge_slave_1) entered disabled state
[  500.188742][T10922] device bridge_slave_0 left promiscuous mode
[  500.195438][T10922] bridge0: port 1(bridge_slave_0) entered disabled state
[  503.342988][ T1251] ieee802154 phy0 wpan0: encryption failed: -22
[  503.371887][ T1251] ieee802154 phy1 wpan1: encryption failed: -22
[  504.518811][T10944] loop0: detected capacity change from 0 to 764
[  504.858281][T10944] rock: directory entry would overflow storage
[  504.879103][T10944] rock: sig=0x4f50, size=4, remaining=3
[  504.900672][T10944] iso9660: Corrupted directory entry in block 4 of inode 1792
[  505.252887][T10956] loop2: detected capacity change from 0 to 1024
[  505.358992][T10956] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  507.611044][T10989] loop2: detected capacity change from 0 to 1024
[  507.619772][T10989] hfsplus: unable to parse mount options
[  507.828954][   T26] audit: type=1800 audit(1717472702.410:297): pid=10990 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1946 res=0 errno=0
[  507.860654][T10997] loop0: detected capacity change from 0 to 16
[  507.906015][T10997] erofs: (device loop0): mounted with root inode @ nid 36.
[  508.995310][T11020] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  511.484974][T11034] device macvtap0 entered promiscuous mode
[  511.521734][T11034] device macvtap0 left promiscuous mode
[  513.603762][T11050] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  517.316121][T11090] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  518.302316][T11094] Invalid ELF header magic: != ELF
[  518.935781][T11122] overlayfs: missing 'lowerdir'
[  519.180085][T11129] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  519.734613][T11131] loop0: detected capacity change from 0 to 256
[  520.342210][T11147] overlayfs: statfs failed on './file0'
[  520.488162][T11154] overlayfs: missing 'lowerdir'
[  520.798407][T11167] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  521.542236][T11173] bond0: (slave macsec1): Error -34 calling dev_set_mtu
[  521.619602][T11177] fuse: Unknown parameter 'fd00000000000000000000'
[  521.740749][T11181] overlayfs: failed to clone upperpath
[  522.980197][T11183] loop0: detected capacity change from 0 to 32768
[  523.148316][T11183] XFS (loop0): Mounting V5 Filesystem
[  523.229264][T11183] XFS (loop0): Ending clean mount
[  523.294471][T11234] loop2: detected capacity change from 0 to 1024
[  523.306756][T11234] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  523.454850][ T7457] XFS (loop0): Unmounting Filesystem
[  524.139120][T11251] xt_CT: You must specify a L4 protocol and not use inversions on it
[  524.254027][T11212] device wireguard0 entered promiscuous mode
[  524.545492][T11263] loop2: detected capacity change from 0 to 256
[  525.398707][T11296] overlayfs: missing 'lowerdir'
[  525.968077][T11314] loop2: detected capacity change from 0 to 1024
[  526.034491][T11314] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  526.631329][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  527.309368][   T26] audit: type=1326 audit(1717472721.910:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11310 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x0
[  527.621937][   T26] audit: type=1804 audit(1717472722.230:299): pid=11355 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="file1" dev="sda1" ino=1969 res=1 errno=0
[  527.941118][T11363] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  530.463462][T11362] loop0: detected capacity change from 0 to 32768
[  530.541147][T11362] XFS (loop0): Mounting V5 Filesystem
[  530.747277][T11362] XFS (loop0): log mount failed
[  530.840417][   T26] audit: type=1804 audit(1717472725.450:300): pid=11443 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="file1" dev="sda1" ino=1968 res=1 errno=0
[  532.128776][   T26] audit: type=1326 audit(1717472726.700:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11454 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f959d27cf69 code=0x0
[  533.933748][   T26] audit: type=1804 audit(1717472728.540:302): pid=11516 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2468012066/syzkaller.OGoO1B/50/file1" dev="sda1" ino=1953 res=1 errno=0
[  534.610864][T11523] overlayfs: failed to clone upperpath
[  536.416846][T11518] loop0: detected capacity change from 0 to 262144
[  536.428226][T11518] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop0 scanned by syz-executor.0 (11518)
[  536.464331][T11518] BTRFS info (device loop0): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  536.474823][T11518] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[  536.484435][T11518] BTRFS info (device loop0): using free space tree
[  536.664628][T11518] BTRFS info (device loop0): enabling ssd optimizations
[  536.673275][ T3736] BTRFS warning (device loop0): checksum verify failed on logical 30457856 mirror 1 wanted 0x402e75f1de9ccfe6 found 0xf1f292946054726e level 0
[  536.741650][T11518] BTRFS info (device loop0): read error corrected: ino 0 off 30457856 (dev /dev/loop0 sector 75872)
[  536.753358][T11518] BTRFS info (device loop0): read error corrected: ino 0 off 30461952 (dev /dev/loop0 sector 75880)
[  536.764598][T11518] BTRFS info (device loop0): read error corrected: ino 0 off 30466048 (dev /dev/loop0 sector 75888)
[  536.775901][T11518] BTRFS info (device loop0): read error corrected: ino 0 off 30470144 (dev /dev/loop0 sector 75896)
[  536.981193][ T7457] BTRFS info (device loop0): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  537.855033][T11565] overlayfs: failed to clone upperpath
[  537.877273][   T26] audit: type=1804 audit(1717472732.480:303): pid=11595 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="bus" dev="sda1" ino=1948 res=1 errno=0
[  539.214625][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  540.377245][ T3735] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  540.401266][ T3585] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  540.415623][ T3585] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  540.426352][ T3585] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  540.435852][ T3572] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  540.445184][ T3572] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  540.453514][ T3572] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  540.641882][ T3735] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  540.764236][ T3735] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  540.802925][T11656] lo speed is unknown, defaulting to 1000
[  540.887637][ T3735] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  541.147371][T11656] chnl_net:caif_netlink_parms(): no params data found
[  541.429272][T11656] bridge0: port 1(bridge_slave_0) entered blocking state
[  541.473509][T11656] bridge0: port 1(bridge_slave_0) entered disabled state
[  541.526415][T11656] device bridge_slave_0 entered promiscuous mode
[  541.635213][T11696] device veth0_vlan left promiscuous mode
[  541.670597][T11696] device veth0_vlan entered promiscuous mode
[  541.691797][T11656] bridge0: port 2(bridge_slave_1) entered blocking state
[  541.702685][T11656] bridge0: port 2(bridge_slave_1) entered disabled state
[  541.733305][T11656] device bridge_slave_1 entered promiscuous mode
[  541.789083][T11700] loop0: detected capacity change from 0 to 256
[  541.847325][T11656] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  541.862942][T11656] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  541.986333][T11656] team0: Port device team_slave_0 added
[  542.042793][T11656] team0: Port device team_slave_1 added
[  542.046486][   T26] audit: type=1326 audit(1717472736.650:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11707 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x0
[  542.125397][T11656] batman_adv: batadv0: Adding interface: batadv_slave_0
[  542.134792][T11656] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  542.162644][T11656] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  542.207335][T11656] batman_adv: batadv0: Adding interface: batadv_slave_1
[  542.219668][T11656] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  542.278932][T11656] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  542.455106][T11656] device hsr_slave_0 entered promiscuous mode
[  542.474891][T11656] device hsr_slave_1 entered promiscuous mode
[  542.486842][T11656] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  542.501379][T11656] Cannot create hsr debugfs directory
[  542.518850][ T3574] Bluetooth: hci0: command tx timeout
[  542.733206][T11728] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  544.106078][ T3735] device hsr_slave_0 left promiscuous mode
[  544.141355][ T3735] device hsr_slave_1 left promiscuous mode
[  544.155506][ T3735] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  544.176627][ T3735] batman_adv: batadv0: Removing interface: batadv_slave_0
[  544.205995][ T3735] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  544.218833][ T3735] batman_adv: batadv0: Removing interface: batadv_slave_1
[  544.228422][ T3735] device bridge_slave_1 left promiscuous mode
[  544.242850][ T3735] bridge0: port 2(bridge_slave_1) entered disabled state
[  544.271705][ T3735] device bridge_slave_0 left promiscuous mode
[  544.278594][ T3735] bridge0: port 1(bridge_slave_0) entered disabled state
[  544.319705][ T3735] device veth1_macvtap left promiscuous mode
[  544.341762][ T3735] device veth0_macvtap left promiscuous mode
[  544.352838][ T3735] device veth1_vlan left promiscuous mode
[  544.363690][ T3735] device veth0_vlan left promiscuous mode
[  544.588927][ T3574] Bluetooth: hci0: command tx timeout
[  544.888497][ T3735] team0 (unregistering): Port device team_slave_1 removed
[  544.973531][ T3735] team0 (unregistering): Port device team_slave_0 removed
[  544.990132][ T3735] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  545.008689][ T3735] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  545.082718][T11760] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  545.851580][ T3735] bond0 (unregistering): Released all slaves
[  546.125616][   T26] audit: type=1326 audit(1717472740.730:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11771 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x0
[  546.281250][   T26] audit: type=1326 audit(1717472740.890:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11771 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  546.308042][   T26] audit: type=1326 audit(1717472740.920:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11771 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  546.356399][   T26] audit: type=1326 audit(1717472740.920:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11771 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  546.456627][   T26] audit: type=1326 audit(1717472740.920:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11771 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  546.542596][T11786] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  546.690728][ T3574] Bluetooth: hci0: command tx timeout
[  546.739445][   T26] audit: type=1326 audit(1717472740.920:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11771 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  547.297987][   T26] audit: type=1326 audit(1717472740.920:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11771 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  547.390063][   T26] audit: type=1326 audit(1717472740.920:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11771 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  547.444311][   T26] audit: type=1326 audit(1717472740.920:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11771 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  547.519378][   T26] audit: type=1326 audit(1717472740.920:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11771 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  547.602776][   T26] audit: type=1326 audit(1717472740.920:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11771 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  547.619105][ T4509] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  547.685104][   T26] audit: type=1326 audit(1717472740.920:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11771 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  547.778827][   T26] audit: type=1326 audit(1717472740.920:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11771 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  547.847990][T11656] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  547.871731][T11656] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  547.896566][T11656] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  547.916663][T11656] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  548.009347][ T4509] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  548.038276][ T4509] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  548.082518][ T4509] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  548.126103][ T4509] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  548.166738][ T4509] usb 1-1: config 0 descriptor??
[  548.186594][T11656] 8021q: adding VLAN 0 to HW filter on device bond0
[  548.256602][T11817] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  548.749276][ T3572] Bluetooth: hci0: command tx timeout
[  548.981525][ T6724] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  548.992236][ T6724] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  549.033498][T11656] 8021q: adding VLAN 0 to HW filter on device team0
[  549.079090][ T6724] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  549.099962][ T6724] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  549.128722][ T6724] bridge0: port 1(bridge_slave_0) entered blocking state
[  549.136066][ T6724] bridge0: port 1(bridge_slave_0) entered forwarding state
[  549.167398][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  549.189899][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  549.214183][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  549.236484][ T3293] bridge0: port 2(bridge_slave_1) entered blocking state
[  549.243895][ T3293] bridge0: port 2(bridge_slave_1) entered forwarding state
[  549.258857][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  549.303648][ T6723] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  549.322311][ T6723] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  549.341722][ T6723] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  549.353159][ T6723] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  549.402558][ T4507] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  549.424128][ T4507] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  549.465606][T11656] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  549.508415][T11656] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  549.532268][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  549.545732][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  549.560275][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  549.577071][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  549.585809][ T4509] usbhid 1-1:0.0: can't add hid device: -71
[  549.593351][ T4509] usbhid: probe of 1-1:0.0 failed with error -71
[  549.609651][ T4509] usb 1-1: USB disconnect, device number 19
[  549.629547][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  550.062874][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  550.074446][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  550.095187][T11656] 8021q: adding VLAN 0 to HW filter on device batadv0
[  550.162879][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  550.177230][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  550.229528][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  550.245390][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  550.267742][T11656] device veth0_vlan entered promiscuous mode
[  550.277736][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  550.288201][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  550.333626][T11656] device veth1_vlan entered promiscuous mode
[  550.452874][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  550.486220][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  550.521779][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  550.563040][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  550.617473][T11656] device veth0_macvtap entered promiscuous mode
[  550.624159][   T26] audit: type=1804 audit(1717472745.200:318): pid=11858 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="bus" dev="sda1" ino=1956 res=1 errno=0
[  550.762225][T11866] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  550.782369][T11656] device veth1_macvtap entered promiscuous mode
[  551.332626][T11656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  551.436502][T11656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  551.503594][T11656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  551.514309][T11656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  551.532070][T11656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  551.563953][T11656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  551.596758][T11656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  551.622122][T11656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  551.663256][T11656] batman_adv: batadv0: Interface activated: batadv_slave_0
[  551.704355][  T935] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  551.727674][  T935] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  551.793929][  T935] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  551.835764][  T935] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  551.903691][T11884] syz-executor.0[11884] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  551.904144][T11884] syz-executor.0[11884] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  552.742727][T11656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  552.823554][T11656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  552.840631][T11656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  552.859195][T11656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  552.877932][T11656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  552.895900][T11656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  552.907312][T11656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  552.918514][T11656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  552.930997][T11656] batman_adv: batadv0: Interface activated: batadv_slave_1
[  552.973469][ T6726] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  552.998317][ T6726] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  553.019485][T11656] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  553.028254][T11656] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  553.078862][T11656] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  553.094582][T11656] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  553.338875][ T3775] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  553.523431][ T3775] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  553.531330][   T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  553.543243][   T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  553.615386][T11907] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  554.383465][ T6726] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  554.393484][ T6726] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  554.539867][T11911] Bluetooth: MGMT ver 1.22
[  555.068842][ T6726] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  556.209000][ T6726] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  556.233235][ T6726] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  556.254986][ T6726] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  556.269622][ T6726] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  556.290737][ T6726] usb 1-1: config 0 descriptor??
[  556.465990][T11956] input: syz0 as /devices/virtual/input/input12
[  556.838858][ T6726] usbhid 1-1:0.0: can't add hid device: -71
[  556.845046][ T6726] usbhid: probe of 1-1:0.0 failed with error -71
[  556.861411][ T6726] usb 1-1: USB disconnect, device number 20
[  557.422649][T11970] overlayfs: failed to clone upperpath
[  557.482063][   T26] audit: type=1800 audit(1717472752.090:319): pid=11970 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1971 res=0 errno=0
[  557.885634][ T3735] device hsr_slave_0 left promiscuous mode
[  557.907376][ T3735] device hsr_slave_1 left promiscuous mode
[  557.934347][ T3735] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  557.958735][ T3735] batman_adv: batadv0: Removing interface: batadv_slave_0
[  557.996044][ T3735] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  558.033969][ T3735] batman_adv: batadv0: Removing interface: batadv_slave_1
[  558.062271][ T3735] device bridge_slave_1 left promiscuous mode
[  558.075401][ T3735] bridge0: port 2(bridge_slave_1) entered disabled state
[  558.087555][ T3735] device bridge_slave_0 left promiscuous mode
[  558.104104][ T3735] bridge0: port 1(bridge_slave_0) entered disabled state
[  558.150155][ T3735] device veth1_macvtap left promiscuous mode
[  558.173704][ T3735] device veth0_macvtap left promiscuous mode
[  558.193160][ T3735] device veth1_vlan left promiscuous mode
[  558.209417][ T3735] device veth0_vlan left promiscuous mode
[  558.325476][T11988] kvm [11986]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc1 data 0x3ce00000000
[  558.376817][T11988] kvm [11986]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x110000000000
[  558.455788][T11988] kvm [11986]: vcpu0, guest rIP: 0x18e ignored wrmsr: 0x11e data 0x35ce00000000
[  558.523840][T11988] kvm [11986]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0x186 data 0x51ce00000000
[  558.586971][T11988] kvm [11986]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0x186 data 0x584500000800
[  558.931119][ T3735] team0 (unregistering): Port device team_slave_1 removed
[  558.953853][ T3735] team0 (unregistering): Port device team_slave_0 removed
[  558.979191][ T3735] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  559.001025][ T3735] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  559.305012][ T3735] bond0 (unregistering): Released all slaves
[  560.208792][T12006] netlink: 116 bytes leftover after parsing attributes in process `syz-executor.4'.
[  560.248182][T12006] netlink: 116 bytes leftover after parsing attributes in process `syz-executor.4'.
[  561.192337][T12071] loop0: detected capacity change from 0 to 1024
[  561.282121][T12071] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  562.145774][T12109] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  562.358914][ T4507] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  562.618954][ T4507] usb 1-1: Using ep0 maxpacket: 32
[  562.649594][T12130] loop2: detected capacity change from 0 to 2048
[  562.727361][T12130] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a802c018, mo2=0002]
[  562.744699][ T4507] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  562.748694][T12130] System zones: 0-7
[  562.762262][T12130] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  562.782480][ T4507] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  562.830072][ T1251] ieee802154 phy0 wpan0: encryption failed: -22
[  562.837297][ T1251] ieee802154 phy1 wpan1: encryption failed: -22
[  562.844730][T12130] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz-executor.2: bg 0: block 234: padding at end of block bitmap is not set
[  562.849714][ T4507] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  562.869138][T12130] EXT4-fs (loop2): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 33 with error 117
[  562.882504][T12130] EXT4-fs (loop2): This should not happen!! Data will be lost
[  562.882504][T12130] 
[  562.947939][T12137] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5868: Corrupt filesystem
[  562.975345][ T4507] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  563.003058][T12137] EXT4-fs error (device loop2): ext4_update_disksize_before_punch:3957: inode #19: comm syz-executor.2: mark_inode_dirty error
[  563.027421][ T4507] usb 1-1: config 0 descriptor??
[  563.069299][T12105] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  563.090705][ T4507] hub 1-1:0.0: USB hub found
[  563.138997][T12143] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  563.168427][T11656] EXT4-fs error (device loop2): ext4_map_blocks:607: inode #2: block 16: comm syz-executor.2: lblock 0 mapped to illegal pblock 16 (length 1)
[  563.243725][T11656] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5868: Corrupt filesystem
[  563.268595][T11656] EXT4-fs error (device loop2): ext4_dirty_inode:6072: inode #19: comm syz-executor.2: mark_inode_dirty error
[  563.324860][ T4507] hub 1-1:0.0: 2 ports detected
[  563.338044][T11656] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5868: Corrupt filesystem
[  563.363650][T11656] EXT4-fs error (device loop2): ext4_dirty_inode:6072: inode #2: comm syz-executor.2: mark_inode_dirty error
[  563.399638][T11656] EXT4-fs (loop2): unmounting filesystem.
[  563.447723][T12158] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  563.589064][ T4507] hub 1-1:0.0: hub_hub_status failed (err = -71)
[  563.605857][ T4507] hub 1-1:0.0: config failed, can't get hub status (err -71)
[  563.728922][ T4507] usbhid 1-1:0.0: can't add hid device: -71
[  563.736773][ T4507] usbhid: probe of 1-1:0.0 failed with error -71
[  563.804966][ T4507] usb 1-1: USB disconnect, device number 21
[  563.932756][ T3735] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  564.085794][ T3735] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  564.179872][ T3735] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  564.324537][ T3735] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  564.855106][ T3574] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  564.870065][ T3574] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  564.882187][ T3574] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  564.894321][ T3574] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  564.902147][ T3574] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  564.909847][ T3574] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  565.240567][T12212] lo speed is unknown, defaulting to 1000
[  565.751751][T12212] chnl_net:caif_netlink_parms(): no params data found
[  566.031303][ T3735] device hsr_slave_0 left promiscuous mode
[  566.047598][ T3735] device hsr_slave_1 left promiscuous mode
[  566.092683][ T3735] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  566.126773][ T3735] batman_adv: batadv0: Removing interface: batadv_slave_0
[  566.159027][ T3735] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  566.166576][ T3735] batman_adv: batadv0: Removing interface: batadv_slave_1
[  566.184575][ T3735] device bridge_slave_1 left promiscuous mode
[  566.198813][ T3735] bridge0: port 2(bridge_slave_1) entered disabled state
[  566.207913][ T3735] device bridge_slave_0 left promiscuous mode
[  566.231980][ T3735] bridge0: port 1(bridge_slave_0) entered disabled state
[  566.271079][ T3735] device veth1_macvtap left promiscuous mode
[  566.277196][ T3735] device veth0_macvtap left promiscuous mode
[  566.308797][ T3735] device veth1_vlan left promiscuous mode
[  566.314794][ T3735] device veth0_vlan left promiscuous mode
[  566.902918][ T3735] team0 (unregistering): Port device team_slave_1 removed
[  566.972085][ T3735] team0 (unregistering): Port device team_slave_0 removed
[  566.989850][ T3735] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  566.998987][ T3572] Bluetooth: hci0: command tx timeout
[  567.014216][ T3735] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  567.139531][ T3735] bond0 (unregistering): Released all slaves
[  567.219230][T12212] bridge0: port 1(bridge_slave_0) entered blocking state
[  567.241444][T12212] bridge0: port 1(bridge_slave_0) entered disabled state
[  567.254484][T12212] device bridge_slave_0 entered promiscuous mode
[  567.289945][T12212] bridge0: port 2(bridge_slave_1) entered blocking state
[  567.297351][T12212] bridge0: port 2(bridge_slave_1) entered disabled state
[  567.320247][T12212] device bridge_slave_1 entered promiscuous mode
[  567.355634][T12212] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  567.491615][T12212] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  567.578306][T12257] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  568.213959][T12212] team0: Port device team_slave_0 added
[  568.283900][T12212] team0: Port device team_slave_1 added
[  568.450466][T12212] batman_adv: batadv0: Adding interface: batadv_slave_0
[  568.457662][T12212] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  568.492131][T12212] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  568.505638][T12212] batman_adv: batadv0: Adding interface: batadv_slave_1
[  568.522093][T12212] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  568.553351][T12212] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  568.725892][T12212] device hsr_slave_0 entered promiscuous mode
[  568.753185][T12212] device hsr_slave_1 entered promiscuous mode
[  568.776495][T12212] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  568.793426][T12212] Cannot create hsr debugfs directory
[  569.158787][ T3572] Bluetooth: hci0: command tx timeout
[  570.197128][T12212] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  570.492443][T12212] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  570.559183][T12212] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  570.601004][T12212] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  570.928893][T12212] 8021q: adding VLAN 0 to HW filter on device bond0
[  571.043441][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  571.054598][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  571.081693][T12212] 8021q: adding VLAN 0 to HW filter on device team0
[  571.108154][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  571.121096][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  571.144816][ T4512] bridge0: port 1(bridge_slave_0) entered blocking state
[  571.152063][ T4512] bridge0: port 1(bridge_slave_0) entered forwarding state
[  571.228638][ T3574] Bluetooth: hci0: command tx timeout
[  571.269181][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  571.277497][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  571.355748][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  571.381556][ T4512] bridge0: port 2(bridge_slave_1) entered blocking state
[  571.388877][ T4512] bridge0: port 2(bridge_slave_1) entered forwarding state
[  571.429582][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  571.456921][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  571.492590][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  571.516384][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  571.528074][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  571.545304][ T4512] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  571.582224][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  571.595039][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  571.619851][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  571.637425][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  571.681291][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  571.715180][T12212] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  572.079131][T12327] loop0: detected capacity change from 0 to 16
[  572.114155][T12327] erofs: (device loop0): mounted with root inode @ nid 36.
[  572.240384][T12212] 8021q: adding VLAN 0 to HW filter on device batadv0
[  572.255390][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  572.274158][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  572.320927][   T26] audit: type=1326 audit(1717472766.930:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12334 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  572.373789][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  572.392431][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  572.407912][   T26] audit: type=1326 audit(1717472766.960:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12334 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  572.484725][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  572.498119][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  572.539725][T12212] device veth0_vlan entered promiscuous mode
[  572.553925][   T26] audit: type=1326 audit(1717472766.960:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12334 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7d1727bb60 code=0x7ffc0000
[  572.587840][ T6724] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  572.608384][ T6724] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  572.635532][T12212] device veth1_vlan entered promiscuous mode
[  572.672602][   T26] audit: type=1326 audit(1717472766.960:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12334 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  572.755845][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  572.773351][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  572.801441][   T26] audit: type=1326 audit(1717472766.960:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12334 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  572.832141][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  572.864683][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  572.906452][T12212] device veth0_macvtap entered promiscuous mode
[  572.926948][   T26] audit: type=1326 audit(1717472766.960:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12334 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  572.993107][T12212] device veth1_macvtap entered promiscuous mode
[  573.056983][T12212] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  573.127460][T12212] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  573.142884][   T26] audit: type=1326 audit(1717472766.960:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12334 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=310 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  573.178029][T12212] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  573.244932][   T26] audit: type=1326 audit(1717472766.960:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12334 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  573.267415][T12212] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  573.308765][T12212] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  573.308980][ T3574] Bluetooth: hci0: command tx timeout
[  573.332837][T12212] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  573.425750][T12212] batman_adv: batadv0: Interface activated: batadv_slave_0
[  573.433429][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  573.450977][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  573.461748][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  573.476559][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  573.500156][T12212] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  573.517035][T12212] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  573.613370][T12212] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  573.677468][T12212] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  573.763197][T12212] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  573.835623][T12367] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  574.018014][T12212] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  574.231993][T12212] batman_adv: batadv0: Interface activated: batadv_slave_1
[  574.393744][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  574.461850][ T3293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  574.783809][T12212] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  574.857429][T12212] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  574.895367][T12212] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  574.917366][T12212] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  575.185284][ T3637] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  575.205847][ T3637] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  575.305347][ T6723] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  575.333454][ T3637] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  575.371190][ T3637] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  575.431047][ T6723] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  575.541379][T12384] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  576.379500][T12413] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  576.613913][   T26] audit: type=1326 audit(1717472771.220:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12419 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  576.685380][   T26] audit: type=1326 audit(1717472771.250:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12419 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  577.236868][T12393] loop2: detected capacity change from 0 to 40427
[  577.270112][T12393] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  577.285466][T12393] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  577.328388][T12393] F2FS-fs (loop2): invalid crc value
[  577.341551][T12393] F2FS-fs (loop2): Found nat_bits in checkpoint
[  577.420286][T12393] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  577.427601][T12393] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  579.564931][T12514] syz-executor.1[12514] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  579.565045][T12514] syz-executor.1[12514] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  580.134132][T12543] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  580.762465][T12571] loop2: detected capacity change from 0 to 1024
[  580.840488][T12571] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  581.027561][T12577] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  582.961159][T12614] loop2: detected capacity change from 0 to 1024
[  582.968420][T12614] hfsplus: unable to parse mount options
[  582.996103][T12616] loop0: detected capacity change from 0 to 16
[  583.155939][T12616] erofs: (device loop0): mounted with root inode @ nid 36.
[  584.000232][   T26] kauditd_printk_skb: 2 callbacks suppressed
[  584.000249][   T26] audit: type=1326 audit(1717472778.120:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12613 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x0
[  585.516602][   T26] audit: type=1804 audit(1717472780.120:333): pid=12607 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="bus" dev="sda1" ino=1968 res=1 errno=0
[  585.633380][T12658] loop2: detected capacity change from 0 to 1024
[  585.640783][T12658] hfsplus: unable to parse mount options
[  586.449796][   T26] audit: type=1326 audit(1717472781.060:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12657 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x0
[  587.048996][T12673] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  589.834571][   T26] audit: type=1326 audit(1717472783.950:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12703 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd1a547cf69 code=0x0
[  589.961245][T12712] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  590.159625][T12718] loop2: detected capacity change from 0 to 512
[  590.172932][T12718] ext4: Bad value for 'journal_dev'
[  592.474487][   T26] audit: type=1326 audit(1717472787.080:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12744 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd1a547cf69 code=0x0
[  593.265720][T12811] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  593.585657][   T26] audit: type=1804 audit(1717472788.190:337): pid=12764 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="bus" dev="sda1" ino=1957 res=1 errno=0
[  593.906370][T12843] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  594.491342][T12852] kvm [12851]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc1 data 0x800
[  594.521612][T12852] kvm [12851]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc1 data 0x0
[  594.556794][T12852] kvm [12851]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc1 data 0x800
[  594.625755][T12852] kvm [12851]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc1 data 0x0
[  594.660103][T12852] kvm [12851]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc1 data 0x800
[  594.678913][T12852] kvm [12851]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc1 data 0x0
[  594.758402][T12876] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  595.316309][T12852] kvm [12851]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc1 data 0x800
[  595.584511][   T26] audit: type=1326 audit(1717472790.190:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12884 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e6447cf69 code=0x7ffc0000
[  595.662618][   T26] audit: type=1326 audit(1717472790.220:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12884 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e6447cf69 code=0x7ffc0000
[  595.726501][   T26] audit: type=1326 audit(1717472790.220:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12884 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f1e6447cf69 code=0x7ffc0000
[  595.804422][   T26] audit: type=1326 audit(1717472790.230:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12884 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e6447cf69 code=0x7ffc0000
[  595.962441][   T26] audit: type=1804 audit(1717472790.570:342): pid=12853 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="bus" dev="sda1" ino=1966 res=1 errno=0
[  596.036067][T12900] device syzkaller0 entered promiscuous mode
[  597.123904][T12950] loop2: detected capacity change from 0 to 1024
[  597.131276][T12950] hfsplus: unable to parse mount options
[  597.766523][T12954] loop2: detected capacity change from 0 to 1024
[  597.780930][T12954] hfsplus: unable to parse mount options
[  597.865623][   T26] audit: type=1326 audit(1717472792.470:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12949 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x0
[  598.862991][   T26] audit: type=1804 audit(1717472793.470:344): pid=12929 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="bus" dev="sda1" ino=1952 res=1 errno=0
[  599.132090][T12977] loop2: detected capacity change from 0 to 1024
[  599.139493][T12977] hfsplus: unable to parse mount options
[  600.129000][T12982] loop2: detected capacity change from 0 to 1024
[  600.236915][   T26] audit: type=1326 audit(1717472794.840:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12976 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x0
[  601.538769][ T4512] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  601.734414][T12994] loop0: detected capacity change from 0 to 32768
[  601.766777][T13021] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.4'.
[  601.838487][T12994] XFS (loop0): Mounting V5 Filesystem
[  601.869716][T13032] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  601.899247][ T4512] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  601.937329][ T4512] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  601.969106][ T4512] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  601.978223][ T4512] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  601.989770][T12994] XFS (loop0): Ending clean mount
[  602.011709][T12994] XFS (loop0): Quotacheck needed: Please wait.
[  602.030443][ T4512] usb 3-1: config 0 descriptor??
[  602.134671][T12994] XFS (loop0): Quotacheck: Done.
[  602.209095][   T26] audit: type=1804 audit(1717472796.820:346): pid=12994 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir669180108/syzkaller.4UYvJS/342/file0/bus" dev="loop0" ino=9291 res=1 errno=0
[  602.489333][T13046] overlayfs: failed to clone upperpath
[  602.692512][ T7457] XFS (loop0): Unmounting Filesystem
[  602.838370][T13059] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'.
[  602.868859][ T4512] usbhid 3-1:0.0: can't add hid device: -71
[  602.888798][ T4512] usbhid: probe of 3-1:0.0 failed with error -71
[  602.904795][ T4512] usb 3-1: USB disconnect, device number 9
[  603.873747][T13087] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  604.524118][T13089] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.0'.
[  605.684657][T13119] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  607.065201][T13116] loop0: detected capacity change from 0 to 32768
[  607.139418][T13138] syz-executor.3[13138] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  607.139526][T13138] syz-executor.3[13138] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  607.213314][T13116] XFS (loop0): Mounting V5 Filesystem
[  607.246675][T13147] loop2: detected capacity change from 0 to 512
[  607.268093][T13147] EXT4-fs (loop2): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors
[  607.283132][T13147] EXT4-fs (loop2): group descriptors corrupted!
[  607.468258][T13116] XFS (loop0): Ending clean mount
[  607.517319][T13116] XFS (loop0): Quotacheck needed: Please wait.
[  607.626800][T13164] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  608.315971][T13116] XFS (loop0): Quotacheck: Done.
[  608.396217][   T26] audit: type=1804 audit(1717472803.000:347): pid=13116 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir669180108/syzkaller.4UYvJS/352/file0/bus" dev="loop0" ino=9291 res=1 errno=0
[  608.555612][ T7457] XFS (loop0): Unmounting Filesystem
[  609.076147][T13189] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  609.296372][T13192] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  610.249723][T13226] xt_time: invalid argument - start or stop time greater than 23:59:59
[  610.319144][   T26] audit: type=1804 audit(1717472804.920:348): pid=13204 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="bus" dev="sda1" ino=1941 res=1 errno=0
[  610.453799][   T26] audit: type=1326 audit(1717472805.060:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13231 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f959d27cf69 code=0x7ffc0000
[  610.479376][T13230] loop0: detected capacity change from 0 to 256
[  610.514900][   T26] audit: type=1326 audit(1717472805.060:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13231 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f959d27cf69 code=0x7ffc0000
[  610.570908][T13230] netlink: 276 bytes leftover after parsing attributes in process `syz-executor.0'.
[  610.573192][   T26] audit: type=1326 audit(1717472805.060:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13231 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f959d27cf69 code=0x7ffc0000
[  610.645686][   T26] audit: type=1326 audit(1717472805.060:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13231 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f959d27cf69 code=0x7ffc0000
[  610.693399][T13238] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  610.705468][   T26] audit: type=1326 audit(1717472805.090:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13231 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f959d27cf69 code=0x7ffc0000
[  610.773231][T13242] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  610.811597][   T26] audit: type=1326 audit(1717472805.110:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13231 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f959d27cf69 code=0x7ffc0000
[  610.846891][ T3615] lo speed is unknown, defaulting to 1000
[  610.853401][ T4510] lo speed is unknown, defaulting to 1000
[  610.916944][   T26] audit: type=1326 audit(1717472805.110:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13231 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f959d27a6e7 code=0x7ffc0000
[  610.996018][   T26] audit: type=1326 audit(1717472805.110:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13231 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f959d2403c9 code=0x7ffc0000
[  611.875012][T13270] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  611.939049][T13270] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  612.310089][T13283] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  613.103738][T13300] syz-executor.4 uses obsolete (PF_INET,SOCK_PACKET)
[  613.564109][   T26] kauditd_printk_skb: 52 callbacks suppressed
[  613.564123][   T26] audit: type=1326 audit(1717472808.170:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13314 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e6447cf69 code=0x7ffc0000
[  613.677827][T13317] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  613.694290][   T26] audit: type=1326 audit(1717472808.200:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13314 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=104 compat=0 ip=0x7f1e6447cf69 code=0x7ffc0000
[  613.857012][   T26] audit: type=1326 audit(1717472808.200:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13314 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e6447cf69 code=0x7ffc0000
[  613.963972][   T26] audit: type=1326 audit(1717472808.570:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13320 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x7ffc0000
[  614.037206][   T26] audit: type=1326 audit(1717472808.570:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13320 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=311 compat=0 ip=0x7f9dc527cf69 code=0x7ffc0000
[  614.080286][   T26] audit: type=1326 audit(1717472808.570:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13320 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x7ffc0000
[  614.132914][   T26] audit: type=1326 audit(1717472808.630:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13320 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x7ffc0000
[  614.464734][T13339] device syzkaller0 entered promiscuous mode
[  614.574857][T13344] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  614.749384][   T26] audit: type=1804 audit(1717472809.360:416): pid=13313 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="bus" dev="sda1" ino=1967 res=1 errno=0
[  615.341379][T13369] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  616.430346][   T26] audit: type=1800 audit(1717472811.040:417): pid=13395 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1967 res=0 errno=0
[  616.568942][T13400] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  617.315682][   T26] audit: type=1804 audit(1717472811.920:418): pid=13384 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="bus" dev="sda1" ino=1969 res=1 errno=0
[  617.700923][T13432] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
[  618.133956][T13445] Invalid ELF header magic: != ELF
[  618.821726][T13467] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  618.841218][   T26] audit: type=1326 audit(1717472813.450:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13468 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f959d27cf69 code=0x7ffc0000
[  618.903151][   T26] audit: type=1326 audit(1717472813.480:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13468 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f959d27cf69 code=0x7ffc0000
[  618.998683][   T26] audit: type=1326 audit(1717472813.480:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13468 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f959d27cf69 code=0x7ffc0000
[  619.085628][   T26] audit: type=1326 audit(1717472813.480:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13468 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f959d27cf69 code=0x7ffc0000
[  619.127629][   T26] audit: type=1326 audit(1717472813.480:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13468 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f959d27cf69 code=0x7ffc0000
[  619.214571][T13447] loop0: detected capacity change from 0 to 32768
[  619.314056][T13447] XFS (loop0): Mounting V5 Filesystem
[  619.471626][T13447] XFS (loop0): Ending clean mount
[  619.487724][T13447] XFS (loop0): Quotacheck needed: Please wait.
[  619.575411][T13447] XFS (loop0): Quotacheck: Done.
[  619.648915][   T26] audit: type=1804 audit(1717472814.260:424): pid=13447 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir669180108/syzkaller.4UYvJS/378/file0/bus" dev="loop0" ino=9291 res=1 errno=0
[  619.823888][ T7457] XFS (loop0): Unmounting Filesystem
[  620.005567][T13501] loop2: detected capacity change from 0 to 16
[  620.023229][T13501] erofs: (device loop2): mounted with root inode @ nid 36.
[  620.645911][T13510] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'.
[  620.701601][   T26] audit: type=1326 audit(1717472815.300:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13512 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  620.779221][   T26] audit: type=1326 audit(1717472815.310:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13512 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  620.813620][   T26] audit: type=1326 audit(1717472815.310:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13512 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  620.889096][   T26] audit: type=1326 audit(1717472815.310:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13512 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  620.949846][T13523] Invalid ELF header magic: != ELF
[  623.507054][T13567] loop2: detected capacity change from 0 to 1024
[  623.556144][T13567] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  623.671525][T13574] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  624.273909][ T1251] ieee802154 phy0 wpan0: encryption failed: -22
[  624.280889][ T1251] ieee802154 phy1 wpan1: encryption failed: -22
[  624.301205][T13588] loop0: detected capacity change from 0 to 1024
[  624.308479][T13588] hfsplus: unable to parse mount options
[  624.722457][T13595] loop0: detected capacity change from 0 to 1024
[  624.737345][T13595] hfsplus: unable to parse mount options
[  626.648161][   T26] kauditd_printk_skb: 4 callbacks suppressed
[  626.648179][   T26] audit: type=1326 audit(1717472821.250:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13587 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1e6447cf69 code=0x0
[  627.093363][T13607] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  627.225689][   T26] audit: type=1326 audit(1717472821.830:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13610 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x7ffc0000
[  627.267489][   T26] audit: type=1326 audit(1717472821.830:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13610 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x7ffc0000
[  627.299820][   T26] audit: type=1326 audit(1717472821.840:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13610 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9dc527cf69 code=0x7ffc0000
[  627.377088][   T26] audit: type=1326 audit(1717472821.840:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13610 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x7ffc0000
[  627.424743][   T26] audit: type=1326 audit(1717472821.840:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13610 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x7ffc0000
[  627.505527][   T26] audit: type=1326 audit(1717472821.840:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13610 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f9dc527cf69 code=0x7ffc0000
[  627.621133][   T26] audit: type=1326 audit(1717472821.840:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13610 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x7ffc0000
[  627.701993][   T26] audit: type=1326 audit(1717472821.840:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13610 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x7ffc0000
[  627.982343][T13634] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  628.308664][   T26] audit: type=1326 audit(1717472822.720:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13627 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f959d27cf69 code=0x0
[  630.022728][T13673] loop2: detected capacity change from 0 to 1024
[  630.030113][T13673] hfsplus: unable to parse mount options
[  630.353944][T13675] loop2: detected capacity change from 0 to 1024
[  630.364924][T13675] hfsplus: unable to parse mount options
[  632.088899][   T26] kauditd_printk_skb: 9 callbacks suppressed
[  632.088919][   T26] audit: type=1804 audit(1717472826.630:452): pid=13654 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="bus" dev="sda1" ino=1940 res=1 errno=0
[  632.860772][T13713] loop2: detected capacity change from 0 to 1024
[  632.868035][T13713] hfsplus: unable to parse mount options
[  633.599797][T13715] loop2: detected capacity change from 0 to 1024
[  633.609816][T13715] hfsplus: unable to parse mount options
[  635.323841][T13718] syz-executor.4[13718] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  635.323952][T13718] syz-executor.4[13718] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  635.356976][   T26] audit: type=1326 audit(1717472829.960:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13711 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x0
[  636.925094][T13758] loop2: detected capacity change from 0 to 1024
[  636.932456][T13758] hfsplus: unable to parse mount options
[  637.883236][T13762] loop2: detected capacity change from 0 to 1024
[  637.893449][T13762] hfsplus: unable to parse mount options
[  638.817145][   T26] audit: type=1326 audit(1717472833.120:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13757 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x0
[  639.873563][   T26] audit: type=1804 audit(1717472834.480:455): pid=13767 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="bus" dev="sda1" ino=1967 res=1 errno=0
[  640.141057][T13802] loop0: detected capacity change from 0 to 1024
[  640.150244][T13802] hfsplus: unable to parse mount options
[  640.920842][T13806] loop0: detected capacity change from 0 to 1024
[  640.935205][T13806] hfsplus: unable to parse mount options
[  641.024148][   T26] audit: type=1326 audit(1717472835.630:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13800 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1e6447cf69 code=0x0
[  643.080243][T13834] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  644.357713][   T26] audit: type=1326 audit(1717472838.960:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13844 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd1a547cf69 code=0x0
[  644.471459][T13830] loop0: detected capacity change from 0 to 32768
[  644.516496][T13830] XFS (loop0): Mounting V5 Filesystem
[  644.616589][T13830] XFS (loop0): Ending clean mount
[  644.632723][T13830] XFS (loop0): Quotacheck needed: Please wait.
[  644.700683][T13830] XFS (loop0): Quotacheck: Done.
[  644.743848][   T26] audit: type=1804 audit(1717472839.350:458): pid=13830 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir669180108/syzkaller.4UYvJS/401/file0/bus" dev="loop0" ino=9291 res=1 errno=0
[  645.223892][ T7457] XFS (loop0): Unmounting Filesystem
[  645.309085][T13876] syz-executor.4[13876] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  645.309206][T13876] syz-executor.4[13876] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  645.589495][T13887] overlayfs: failed to clone upperpath
[  646.271221][   T26] audit: type=1326 audit(1717472840.880:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13899 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f959d27cf69 code=0x0
[  646.726476][T13905] loop0: detected capacity change from 0 to 32768
[  646.869608][T13905] XFS (loop0): Mounting V5 Filesystem
[  647.015877][T13905] XFS (loop0): Ending clean mount
[  647.080414][T13905] XFS (loop0): Quotacheck needed: Please wait.
[  647.200435][T13905] XFS (loop0): Quotacheck: Done.
[  647.261369][   T26] audit: type=1804 audit(1717472841.870:460): pid=13905 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir669180108/syzkaller.4UYvJS/403/file0/bus" dev="loop0" ino=9291 res=1 errno=0
[  647.367447][ T7457] XFS (loop0): Unmounting Filesystem
[  649.298697][   T26] audit: type=1326 audit(1717472843.880:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13948 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x0
[  651.385655][   T26] audit: type=1804 audit(1717472845.990:462): pid=13965 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="bus" dev="sda1" ino=1938 res=1 errno=0
[  652.357263][T14042] loop2: detected capacity change from 0 to 1024
[  652.368843][T14042] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  652.550503][T14045] loop0: detected capacity change from 0 to 2048
[  652.869019][T14045]  loop0: unable to read partition table
[  652.895356][T14045] loop0: partition table beyond EOD, truncated
[  652.917704][T14045] loop_reread_partitions: partition scan of loop0 () failed (rc=-5)
[  653.933727][   T26] audit: type=1804 audit(1717472848.540:463): pid=14044 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="bus" dev="sda1" ino=1969 res=1 errno=0
[  654.254196][T14080] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  654.538044][ T3735] Bluetooth: hci5: Frame reassembly failed (-84)
[  656.291515][T14117] loop2: detected capacity change from 0 to 1024
[  656.299029][T14117] hfsplus: unable to parse mount options
[  656.588664][ T3572] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  656.600740][ T3574] Bluetooth: hci5: command 0x1003 tx timeout
[  656.621706][T14120] loop2: detected capacity change from 0 to 1024
[  656.629487][T14120] hfsplus: unable to parse mount options
[  656.727713][   T26] audit: type=1326 audit(1717472851.330:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14116 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x0
[  657.040316][   T26] audit: type=1804 audit(1717472851.650:465): pid=14104 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="bus" dev="sda1" ino=1959 res=1 errno=0
[  658.022799][T14169] loop0: detected capacity change from 0 to 1024
[  658.030992][T14169] hfsplus: unable to parse mount options
[  658.401881][T14175] loop0: detected capacity change from 0 to 1024
[  658.409697][T14175] hfsplus: unable to parse mount options
[  658.444861][   T26] audit: type=1326 audit(1717472853.050:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14167 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1e6447cf69 code=0x0
[  659.638409][   T26] audit: type=1326 audit(1717472854.240:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14195 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd1a547cf69 code=0x0
[  660.226845][T14207] loop2: detected capacity change from 0 to 1024
[  660.234279][T14207] hfsplus: unable to parse mount options
[  660.610557][T14212] loop2: detected capacity change from 0 to 1024
[  660.618313][T14212] hfsplus: unable to parse mount options
[  660.698746][   T26] audit: type=1326 audit(1717472855.300:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14206 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x0
[  661.609116][   T26] audit: type=1326 audit(1717472856.220:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14240 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1e6447cf69 code=0x0
[  661.967609][T14256] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  663.415787][T14272] A link change request failed with some changes committed already. Interface veth1_vlan may have been left with an inconsistent configuration, please check.
[  664.360479][   T26] audit: type=1326 audit(1717472858.970:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14247 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f959d27cf69 code=0x0
[  664.428328][   T26] audit: type=1326 audit(1717472859.030:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14288 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x0
[  664.498798][T14265] loop0: detected capacity change from 0 to 40427
[  664.508291][T14265] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  664.516461][T14265] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  664.527577][T14265] F2FS-fs (loop0): invalid crc value
[  664.546391][T14265] F2FS-fs (loop0): Found nat_bits in checkpoint
[  664.675052][T14265] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  664.682554][T14265] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  665.754803][ T3775] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  665.808596][ T3775] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  665.903578][T14310] syz-executor.3[14310] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  665.903693][T14310] syz-executor.3[14310] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  665.930563][T14310] syz-executor.3[14310] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  665.968845][T14310] syz-executor.3[14310] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  667.346292][T14323] loop0: detected capacity change from 0 to 256
[  667.606027][   T26] audit: type=1326 audit(1717472862.210:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14324 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x0
[  667.992899][   T26] audit: type=1326 audit(1717472862.600:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14338 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e6447cf69 code=0x7ffc0000
[  668.058610][   T26] audit: type=1326 audit(1717472862.640:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14338 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1e6447cf69 code=0x7ffc0000
[  668.115233][   T26] audit: type=1326 audit(1717472862.640:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14338 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e6447cf69 code=0x7ffc0000
[  668.145178][   T26] audit: type=1326 audit(1717472862.640:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14338 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1e6447cf69 code=0x7ffc0000
[  668.175663][   T26] audit: type=1326 audit(1717472862.640:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14338 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e6447cf69 code=0x7ffc0000
[  668.348214][   T26] audit: type=1326 audit(1717472862.640:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14338 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f1e6447cf69 code=0x7ffc0000
[  668.427296][   T26] audit: type=1326 audit(1717472862.640:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14338 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e6447cf69 code=0x7ffc0000
[  668.639079][T14358] syz-executor.1[14358] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  668.639191][T14358] syz-executor.1[14358] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  669.128548][T14372] loop2: detected capacity change from 0 to 1024
[  669.147702][T14372] hfsplus: unable to parse mount options
[  669.375808][T14372] loop2: detected capacity change from 0 to 1024
[  669.383312][T14372] hfsplus: unable to parse mount options
[  669.465482][   T26] kauditd_printk_skb: 9 callbacks suppressed
[  669.465502][   T26] audit: type=1326 audit(1717472864.070:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14371 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x0
[  670.673286][   T26] audit: type=1326 audit(1717472865.280:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14397 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x7ffc0000
[  670.728595][   T26] audit: type=1326 audit(1717472865.310:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14397 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9dc527cf69 code=0x7ffc0000
[  670.790573][   T26] audit: type=1326 audit(1717472865.310:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14397 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x7ffc0000
[  670.824726][   T26] audit: type=1326 audit(1717472865.310:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14397 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9dc527cf69 code=0x7ffc0000
[  670.838623][ T4509] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  670.888054][   T26] audit: type=1326 audit(1717472865.310:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14397 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x7ffc0000
[  670.926307][   T26] audit: type=1326 audit(1717472865.310:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14397 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f9dc527cf69 code=0x7ffc0000
[  670.975146][   T26] audit: type=1326 audit(1717472865.310:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14397 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x7ffc0000
[  671.138980][T14410] loop2: detected capacity change from 0 to 1024
[  671.146217][T14410] hfsplus: unable to parse mount options
[  671.385987][T14410] loop2: detected capacity change from 0 to 1024
[  671.393426][T14410] hfsplus: unable to parse mount options
[  671.419034][ T4509] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  671.431668][   T26] audit: type=1326 audit(1717472866.040:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14409 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x0
[  671.431734][ T4509] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  671.510244][ T4509] usb 1-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  671.529727][ T4509] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  672.221355][ T4509] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  672.388753][ T4509] usb 1-1: New USB device strings: Mfr=0, Product=254, SerialNumber=2
[  672.503453][ T4509] usb 1-1: Product: syz
[  672.528722][ T4509] usb 1-1: SerialNumber: syz
[  672.691619][   T26] audit: type=1326 audit(1717472867.300:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14428 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f959d27cf69 code=0x7ffc0000
[  672.888993][ T4509] usb 1-1: 0:2 : does not exist
[  672.894131][ T4509] usb 1-1: unit 5 not found!
[  672.927898][ T4509] usb 1-1: USB disconnect, device number 22
[  673.211164][T14437] lo speed is unknown, defaulting to 1000
[  673.520387][T14451] loop2: detected capacity change from 0 to 1024
[  673.527725][T14451] hfsplus: unable to parse mount options
[  673.596518][T14451] loop2: detected capacity change from 0 to 1024
[  673.604036][T14451] hfsplus: unable to parse mount options
[  675.088719][   T26] kauditd_printk_skb: 7 callbacks suppressed
[  675.088741][   T26] audit: type=1326 audit(1717472869.660:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14466 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x7ffc0000
[  675.248717][   T26] audit: type=1326 audit(1717472869.730:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14466 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9dc527cf69 code=0x7ffc0000
[  675.273617][   T26] audit: type=1326 audit(1717472869.730:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14466 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x7ffc0000
[  675.312022][   T26] audit: type=1326 audit(1717472869.740:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14466 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x7ffc0000
[  675.388931][   T26] audit: type=1326 audit(1717472869.740:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14466 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f9dc527cf69 code=0x7ffc0000
[  675.686266][T14480] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  677.119643][   T26] audit: type=1326 audit(1717472869.740:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14466 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc527cf69 code=0x7ffc0000
[  677.922794][   T26] audit: type=1326 audit(1717472872.530:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14497 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  677.964004][T14499] loop0: detected capacity change from 0 to 1024
[  677.971301][T14499] hfsplus: unable to parse mount options
[  678.014857][T14499] loop0: detected capacity change from 0 to 1024
[  678.022215][T14499] hfsplus: unable to parse mount options
[  678.055340][   T26] audit: type=1326 audit(1717472872.530:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14497 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  678.143132][   T26] audit: type=1326 audit(1717472872.530:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14497 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  678.195107][   T26] audit: type=1326 audit(1717472872.530:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14497 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d1727cf69 code=0x7ffc0000
[  678.371429][T14506] loop2: detected capacity change from 0 to 2048
[  678.483325][T14506] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  678.900764][T14522] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  680.137370][T12212] EXT4-fs (loop2): unmounting filesystem.
[  680.178558][   T26] kauditd_printk_skb: 6 callbacks suppressed
[  680.178578][   T26] audit: type=1326 audit(1717472874.790:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14537 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f959d27cf69 code=0x7ffc0000
[  680.262066][   T26] audit: type=1326 audit(1717472874.790:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14537 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f959d27cf69 code=0x7ffc0000
[  680.329368][   T26] audit: type=1326 audit(1717472874.790:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14537 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f959d27a6e7 code=0x7ffc0000
[  680.418744][   T26] audit: type=1326 audit(1717472874.790:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14537 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f959d2403c9 code=0x7ffc0000
[  680.518594][   T26] audit: type=1326 audit(1717472874.790:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14537 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f959d27a6e7 code=0x7ffc0000
[  680.576687][   T26] audit: type=1326 audit(1717472874.790:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14537 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f959d2403c9 code=0x7ffc0000
[  680.648620][   T26] audit: type=1326 audit(1717472874.790:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14537 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f959d27a6e7 code=0x7ffc0000
[  680.704704][   T26] audit: type=1326 audit(1717472874.790:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14537 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f959d2403c9 code=0x7ffc0000
[  680.778592][   T26] audit: type=1326 audit(1717472874.790:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14537 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f959d27cf69 code=0x7ffc0000
[  680.850733][   T26] audit: type=1326 audit(1717472874.790:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14537 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f959d27cf69 code=0x7ffc0000
[  681.239969][T14555] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3343437945 (53495007120 ns) > initial count (160 ns). Using initial count to start timer.
[  681.266148][T14555] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3702941173 (3702941173 ns) > initial count (2209245800 ns). Using initial count to start timer.
[  681.655965][T14540] loop2: detected capacity change from 0 to 40427
[  681.677103][T14559] 
[  681.679488][T14559] ======================================================
[  681.686523][T14559] WARNING: possible circular locking dependency detected
[  681.693556][T14559] 6.1.92-syzkaller #0 Not tainted
[  681.698609][T14559] ------------------------------------------------------
[  681.705658][T14559] syz-executor.0/14559 is trying to acquire lock:
[  681.712103][T14559] ffff888021090d00 (team->team_lock_key#25){+.+.}-{3:3}, at: team_del_slave+0x2e/0x1c0
[  681.721928][T14559] 
[  681.721928][T14559] but task is already holding lock:
[  681.729395][T14559] ffff8880795407c8 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: nl80211_del_interface+0x112/0x130
[  681.739269][T14559] 
[  681.739269][T14559] which lock already depends on the new lock.
[  681.739269][T14559] 
[  681.749675][T14559] 
[  681.749675][T14559] the existing dependency chain (in reverse order) is:
[  681.758692][T14559] 
[  681.758692][T14559] -> #1 (&rdev->wiphy.mtx){+.+.}-{3:3}:
[  681.766433][T14559]        lock_acquire+0x1f8/0x5a0
[  681.771478][T14559]        __mutex_lock+0x132/0xd80
[  681.776509][T14559]        ieee80211_open+0x13a/0x1f0
[  681.781720][T14559]        __dev_open+0x377/0x510
[  681.786578][T14559]        dev_open+0xa9/0x260
[  681.791173][T14559]        team_add_slave+0x96e/0x2760
[  681.796470][T14559]        do_setlink+0xe99/0x3de0
[  681.801411][T14559]        rtnl_newlink+0x172c/0x2050
[  681.806623][T14559]        rtnetlink_rcv_msg+0x818/0xff0
[  681.812087][T14559]        netlink_rcv_skb+0x1cd/0x410
[  681.817391][T14559]        netlink_unicast+0x7d8/0x970
[  681.822693][T14559]        netlink_sendmsg+0xa26/0xd60
[  681.828097][T14559]        ____sys_sendmsg+0x5a5/0x8f0
[  681.833387][T14559]        __sys_sendmsg+0x2a9/0x390
[  681.838504][T14559]        do_syscall_64+0x3b/0xb0
[  681.843460][T14559]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  681.849893][T14559] 
[  681.849893][T14559] -> #0 (team->team_lock_key#25){+.+.}-{3:3}:
[  681.858165][T14559]        validate_chain+0x1661/0x5950
[  681.863563][T14559]        __lock_acquire+0x125b/0x1f80
[  681.868954][T14559]        lock_acquire+0x1f8/0x5a0
[  681.874003][T14559]        __mutex_lock+0x132/0xd80
[  681.879035][T14559]        team_del_slave+0x2e/0x1c0
[  681.884161][T14559]        team_device_event+0x269/0x570
[  681.889638][T14559]        raw_notifier_call_chain+0xd0/0x170
[  681.895551][T14559]        unregister_netdevice_many+0xec1/0x17a0
[  681.901832][T14559]        unregister_netdevice_queue+0x2e6/0x350
[  681.908111][T14559]        _cfg80211_unregister_wdev+0x174/0x570
[  681.914283][T14559]        ieee80211_if_remove+0x1cc/0x2d0
[  681.919938][T14559]        ieee80211_del_iface+0x15/0x20
[  681.925410][T14559]        cfg80211_remove_virtual_intf+0x270/0x490
[  681.931847][T14559]        genl_rcv_msg+0xc1a/0xf70
[  681.936884][T14559]        netlink_rcv_skb+0x1cd/0x410
[  681.942187][T14559]        genl_rcv+0x24/0x40
[  681.946699][T14559]        netlink_unicast+0x7d8/0x970
[  681.952013][T14559]        netlink_sendmsg+0xa26/0xd60
[  681.957319][T14559]        ____sys_sendmsg+0x5a5/0x8f0
[  681.962612][T14559]        __sys_sendmsg+0x2a9/0x390
[  681.967735][T14559]        do_syscall_64+0x3b/0xb0
[  681.972696][T14559]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  681.979126][T14559] 
[  681.979126][T14559] other info that might help us debug this:
[  681.979126][T14559] 
[  681.989391][T14559]  Possible unsafe locking scenario:
[  681.989391][T14559] 
[  681.996866][T14559]        CPU0                    CPU1
[  682.002256][T14559]        ----                    ----
[  682.007624][T14559]   lock(&rdev->wiphy.mtx);
[  682.012138][T14559]                                lock(team->team_lock_key#25);
[  682.019702][T14559]                                lock(&rdev->wiphy.mtx);
[  682.026735][T14559]   lock(team->team_lock_key#25);
[  682.031790][T14559] 
[  682.031790][T14559]  *** DEADLOCK ***
[  682.031790][T14559] 
[  682.040128][T14559] 3 locks held by syz-executor.0/14559:
[  682.045798][T14559]  #0: ffffffff8e2fa0f0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40
[  682.054073][T14559]  #1: ffffffff8e29b028 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x5b/0x8a0
[  682.063603][T14559]  #2: ffff8880795407c8 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: nl80211_del_interface+0x112/0x130
[  682.074182][T14559] 
[  682.074182][T14559] stack backtrace:
[  682.080091][T14559] CPU: 0 PID: 14559 Comm: syz-executor.0 Not tainted 6.1.92-syzkaller #0
[  682.088637][T14559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  682.098801][T14559] Call Trace:
[  682.102093][T14559]  <TASK>
[  682.105030][T14559]  dump_stack_lvl+0x1e3/0x2cb
[  682.109741][T14559]  ? nf_tcp_handle_invalid+0x642/0x642
[  682.115222][T14559]  ? print_circular_bug+0x12b/0x1a0
[  682.120433][T14559]  check_noncircular+0x2fa/0x3b0
[  682.125386][T14559]  ? add_chain_block+0x850/0x850
[  682.130345][T14559]  ? lockdep_lock+0x11f/0x2a0
[  682.135044][T14559]  ? lockdep_unlock+0x165/0x300
[  682.139915][T14559]  ? lockdep_lock+0x2a0/0x2a0
[  682.144607][T14559]  ? _find_first_zero_bit+0xd0/0x100
[  682.149967][T14559]  validate_chain+0x1661/0x5950
[  682.154854][T14559]  ? reacquire_held_locks+0x660/0x660
[  682.160246][T14559]  ? reacquire_held_locks+0x660/0x660
[  682.165644][T14559]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  682.171641][T14559]  ? mark_lock+0x9a/0x340
[  682.175988][T14559]  __lock_acquire+0x125b/0x1f80
[  682.180950][T14559]  lock_acquire+0x1f8/0x5a0
[  682.185470][T14559]  ? team_del_slave+0x2e/0x1c0
[  682.190252][T14559]  ? read_lock_is_recursive+0x10/0x10
[  682.195642][T14559]  ? __might_sleep+0xb0/0xb0
[  682.200244][T14559]  ? xsk_notifier+0x20f/0x220
[  682.204932][T14559]  ? __lock_acquire+0x1f80/0x1f80
[  682.209994][T14559]  __mutex_lock+0x132/0xd80
[  682.214561][T14559]  ? team_del_slave+0x2e/0x1c0
[  682.219352][T14559]  ? __mutex_lock+0x2f7/0xd80
[  682.224042][T14559]  ? bond_netdev_event+0xde/0xe50
[  682.229085][T14559]  ? team_del_slave+0x2e/0x1c0
[  682.233866][T14559]  ? mutex_lock_nested+0x10/0x10
[  682.238837][T14559]  ? bond_ipsec_offload_ok+0x400/0x400
[  682.244405][T14559]  ? memset+0x1f/0x40
[  682.248399][T14559]  team_del_slave+0x2e/0x1c0
[  682.253013][T14559]  team_device_event+0x269/0x570
[  682.257979][T14559]  raw_notifier_call_chain+0xd0/0x170
[  682.263370][T14559]  unregister_netdevice_many+0xec1/0x17a0
[  682.269120][T14559]  ? alloc_netdev_mqs+0xeb0/0xeb0
[  682.274165][T14559]  ? kasan_quarantine_put+0xd4/0x220
[  682.279460][T14559]  ? lockdep_hardirqs_on+0x94/0x130
[  682.284668][T14559]  ? up_write+0x19d/0x580
[  682.289043][T14559]  unregister_netdevice_queue+0x2e6/0x350
[  682.294784][T14559]  ? list_netdevice+0x660/0x660
[  682.299675][T14559]  ? kernfs_remove_by_name_ns+0x10f/0x150
[  682.305419][T14559]  _cfg80211_unregister_wdev+0x174/0x570
[  682.311081][T14559]  ieee80211_if_remove+0x1cc/0x2d0
[  682.316220][T14559]  ieee80211_del_iface+0x15/0x20
[  682.321201][T14559]  cfg80211_remove_virtual_intf+0x270/0x490
[  682.327108][T14559]  ? nl80211_del_interface+0x112/0x130
[  682.332580][T14559]  genl_rcv_msg+0xc1a/0xf70
[  682.337098][T14559]  ? genl_bind+0x400/0x400
[  682.341532][T14559]  ? read_lock_is_recursive+0x10/0x10
[  682.346930][T14559]  ? ref_tracker_free+0x638/0x7d0
[  682.352005][T14559]  ? nl80211_new_interface+0x1110/0x1110
[  682.357678][T14559]  ? refcount_inc+0x80/0x80
[  682.362205][T14559]  ? __copy_skb_header+0x47b/0x600
[  682.367338][T14559]  netlink_rcv_skb+0x1cd/0x410
[  682.372128][T14559]  ? genl_bind+0x400/0x400
[  682.376555][T14559]  ? netlink_ack+0x1290/0x1290
[  682.381349][T14559]  genl_rcv+0x24/0x40
[  682.385351][T14559]  netlink_unicast+0x7d8/0x970
[  682.390135][T14559]  ? netlink_detachskb+0x90/0x90
[  682.395086][T14559]  ? __virt_addr_valid+0x44a/0x520
[  682.400565][T14559]  ? __phys_addr_symbol+0x2b/0x70
[  682.405602][T14559]  ? __check_object_size+0x4dd/0xa30
[  682.410896][T14559]  ? bpf_lsm_netlink_send+0x5/0x10
[  682.416021][T14559]  netlink_sendmsg+0xa26/0xd60
[  682.420798][T14559]  ? netlink_getsockopt+0x580/0x580
[  682.426007][T14559]  ? aa_sock_msg_perm+0x91/0x150
[  682.430961][T14559]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  682.436275][T14559]  ? security_socket_sendmsg+0x7d/0xa0
[  682.441750][T14559]  ? netlink_getsockopt+0x580/0x580
[  682.446957][T14559]  ____sys_sendmsg+0x5a5/0x8f0
[  682.451737][T14559]  ? __sys_sendmsg_sock+0x30/0x30
[  682.456776][T14559]  __sys_sendmsg+0x2a9/0x390
[  682.461375][T14559]  ? ____sys_sendmsg+0x8f0/0x8f0
[  682.466327][T14559]  ? rcu_is_watching+0x11/0xb0
[  682.471108][T14559]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  682.477115][T14559]  ? syscall_enter_from_user_mode+0x2e/0x230
[  682.483108][T14559]  ? lockdep_hardirqs_on+0x94/0x130
[  682.488318][T14559]  ? syscall_enter_from_user_mode+0x2e/0x230
[  682.494314][T14559]  do_syscall_64+0x3b/0xb0
[  682.498751][T14559]  ? clear_bhb_loop+0x45/0xa0
[  682.503442][T14559]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  682.509349][T14559] RIP: 0033:0x7f1e6447cf69
[  682.513785][T14559] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  682.533400][T14559] RSP: 002b:00007f1e652980c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  682.541826][T14559] RAX: ffffffffffffffda RBX: 00007f1e645b3fa0 RCX: 00007f1e6447cf69
[  682.549806][T14559] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
2024/06/04 03:47:57 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  682.557789][T14559] RBP: 00007f1e644da706 R08: 0000000000000000 R09: 0000000000000000
[  682.565780][T14559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  682.573765][T14559] R13: 000000000000000b R14: 00007f1e645b3fa0 R15: 00007ffeb2f591b8
[  682.581771][T14559]  </TASK>
[  682.602804][T14540] F2FS-fs (loop2): invalid crc value
[  682.638368][T14540] F2FS-fs (loop2): Found nat_bits in checkpoint
[  682.665129][T14559] team0: Port device wlan1 removed
[  682.820404][T14540] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  682.867050][T14540] syz-executor.2: attempt to access beyond end of device
[  682.867050][T14540] loop2: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[  682.932218][T12212] syz-executor.2: attempt to access beyond end of device
[  682.932218][T12212] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  683.146837][   T46] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  683.306864][   T46] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0