last executing test programs:

4.25664045s ago: executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$packet(0x11, 0x3, 0x300)
r3 = socket(0x2, 0x3, 0x100000001)
connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0x10)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)

4.122894111s ago: executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000580)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
socket$inet_tcp(0x2, 0x1, 0x0)
connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000008000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000140000fbb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000440)='sched_switch\x00', r3}, 0x10)
mkdir(0x0, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(r4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})

3.958126166s ago: executing program 4:
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYRES8=0x0], 0x1, 0x217, &(0x7f00000004c0)="$eJzs3TFrE2EYB/CnttVSkGQQiiJ44uIUmop7ilQQA4qSQSeLTVGaWDAQ0KF180voV9DRVXAQV7+ACFIFF7t1ECL1YmNrYiM1OTG/35KH3Pu/e95LyEuGvLl1sr6ytNpY3tzciKmpsZgoRSm2xiIfh2I8Uo8CAPifbLVa8aWVyroXAGA4rP8AMHr6XP+vDrElAGDAfP8HgNFz/cbNy/Pl8sK1JJmKqD9uVpqV9DE9Pr8cd6MW1ZiNXHyNaO1I64uXyguzybaP+ajU19v59WZlfHe+GLnId88Xk9Tu/GRMt/PvpqMac5GLY93zc13zh+PsmZ+uX4hcvL0dq1GLpdjOdvJrxSS5cKW8J3/k+zgAAAAAAAAAAAAAAAAAAAAAABiEQrKj6/49hUKv42m+//2B9u7PMxEnJrKdOwAAAAAAAAAAAAAAAAAAAPwrGg8erizWatX7vyvuvXn2ar8xfRZj7ese9DwHL46e/vCk15jxP7s/f7d4eSrL29Jn8XrjzvFzjZnzmbUxGRG/PtPzrfU5FzGgfp5n+lr8mPW+g2eelhZfrL3/1O+Zh/5RBAAAAAAAAAAAAAAAAAAAI6/zo9+sOwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA7HT+/39wRdZzBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAbwEAAP//uSidyw==")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f00000001c0)=[{&(0x7f00000000c0)="f6", 0x1}], 0x1, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
close(r3)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.events\x00', 0x7a05, 0x1700)
pwritev(r4, &(0x7f00000004c0)=[{0x0}, {&(0x7f0000000200)="db", 0x1}], 0x2, 0x8040000, 0x0)
splice(r1, 0x0, r3, 0x0, 0xfdef, 0x0)

3.704020225s ago: executing program 4:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00'}, 0x10)
socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f00000000c0))
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xa04710, &(0x7f0000000100)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0xc32}}, {@nolazytime}, {@jqfmt_vfsold}, {@acl}, {@nodiscard}, {@errors_continue}, {@usrjquota}]}, 0xfe, 0x446, &(0x7f0000000d00)="$eJzs289vFFUcAPDvzG5BQWhFFEFUFI2NP1paUDl40WjiQRMTPeCxtoUgCzW0JkKIVmPwaEi8G48m/gWe9GLUk4lXvBsSolxAT2tmd6Zsl27Z7a+lzueTTPPezJu+992ZN/Nm3m4ApXUg+5NE3BMRlyNisJldUM8LZeVuXLsw+c+1C5NJ1Otv/5U0yl2/dmGyKFvstz3PDKcR6edJXslis+fOn5qo1abP5vnRudMfjM6eO//cydMTJ6ZPTJ8ZP3r0yOGxF18Yf35N4sziu77v45n9e19/99Kbk8cuvffLd0m+Ptri6MZAF2UOZIH/XW9o3/ZkL5VtAjta0km1jw2hJ5WIqObn8+UYjErcPHiD8dpnfW0csK6ye9PWzpvn68D/WBL9bgHQH8WNPnv+LZYNGnrcEa6+3HwAyuK+kS/NLdVI8zIDbc+3a+lARByb//frbIkVvIcAAOjVD9n459mlxn9ptI4Rd+ZzQ0MRcW9E7IqI+yJid0TcHxEPRMSeiHiwx/rbp4ZuHf+kV1YT3+1k47+X8rmtxeO/YvQXQ5U8t6MR/0By/GRt+lD+mQzHwNYsP7ZMHT+++vuXnba1jv+yJau/GAvm7bhSbXtBNzUxN9HVBFQXrn4asa+6VPzJwkxAEhF7I2Jfb/96Z5E4+fS3+zsVun38y1iDeab6NxFPNY//fLTFX0iWn58cvStq04dGi7PiVr/+dvGtTvWvKv41kB3/bYvP//YiQ0nrfO1s73Vc/OOLjs80Kz3/tyTvNK5HW/J1H03MzZ0di9iSvNHcq3X9+M19i3xRPot/+ODS/X9Xvk8W/0MRkZ3ED0fEIxHxaN72xyLi8Yg4uEz8P7/yxPsrj399ZfFPLXn9Wzj/245/74nKqZ++71R/d8f/SCM1nK9pXP9uo9sGruazAwAAgM0ibXwHPklHFtJpOjLS/A7/7tiW1mZm5545PvPhmanmd+WHYiAt3nQNtrwPHUvm8//YzI/n74qL7Yfz98ZfVe5u5EcmZ2pTfY4dym57S//ftedm/8/8WVlcNu1LC4F15fdaUF7t/d+NHsrD/R/KS/+H8tL/obyW6v+ftOUrG9QWYGO5/0N56f9QXvo/lJf+D6W0mt/1S5Q5Eekd0QyJdUrceq2oGicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACb0H8BAAD//7e39oM=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={0xffffffffffffffff, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x3ffffffffffffda, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0)
getsockname$packet(r6, &(0x7f0000000200)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001300)=@newqdisc={0x60, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x1ff}, @TCA_TBF_PARMS={0x28}]}}]}, 0x60}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)

3.397172831s ago: executing program 3:
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
mount(&(0x7f00000004c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x14113e, 0x0)
write$binfmt_script(r1, &(0x7f0000000280), 0x208e24b)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x107842, 0x0)
sendfile(r2, r2, 0x0, 0x80000000)

3.175899215s ago: executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)

3.128337732s ago: executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000d80)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x3, &(0x7f0000000480)=@framed={{0x18, 0x2}}, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xa, 0x4, 0x3, 0x8}, 0x48)
close(r1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800003d"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='scsi_dispatch_cmd_start\x00', r2}, 0x10)
write$cgroup_type(r0, &(0x7f0000000140), 0x9)

3.118325604s ago: executing program 1:
timerfd_gettime(0xffffffffffffffff, &(0x7f0000000180))
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f0000000a40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x94, 0x94, 0x2, [@volatile={0xf, 0x0, 0x0, 0x9, 0x3}, @const={0xc}, @union={0xd, 0x7, 0x0, 0x5, 0x0, 0x1, [{0x8, 0x0, 0x3}, {0x0, 0x0, 0x47c9afa5}, {0x0, 0x3}, {0xe}, {}, {0x3, 0x0, 0x800}, {}]}, @enum={0x10, 0x2, 0x0, 0x6, 0x4, [{0x9, 0x7}, {0x0, 0x9}]}]}}, &(0x7f0000000380)=""/18, 0xae, 0x12, 0x1, 0xd2}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, &(0x7f0000000440), &(0x7f0000000480)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0x10, &(0x7f00000006c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8}, [@map_val={0x18, 0xe, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x355}, @btf_id={0x18, 0x2, 0x3, 0x0, 0x4}, @map_fd={0x18, 0xb, 0x1, 0x0, r1}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x9}, @alu={0x7, 0x0, 0xd, 0x6, 0x1, 0x18, 0xfffffffffffffffc}, @map_fd={0x18, 0x3}, @btf_id={0x18, 0x8, 0x3, 0x0, 0x4}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x2000000000000078, &(0x7f00000003c0)=ANY=[@ANYBLOB="1c00000000000010f4a6133d1261d69d3d000000000000000018120000"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
r5 = getpid()
sched_setscheduler(r5, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r8, 0xc004743e, 0x20001439)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f00000007c0)=ANY=[@ANYBLOB="180000c8222f0a00000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf09000000000000650901000000000066000000ffffff80180100002020702500000000002020207b9a00fe000000005e9100000000000037010000f8ffffffb702000008000000b70300000000000056000000060000002c93000000000000b5030000000000008500000076000000b7000000000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x8000)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48)
r11 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r11}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x30000000}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x50, 0x6000000}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfff0}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x2}, {0x3, 0x3, 0x6, 0xa, 0xa}, {0x7, 0x1, 0x2, 0x9, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x2, 0x2, 0x0, r10}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x3, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

3.040933355s ago: executing program 0:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001d40)={0x0}, 0x10)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000001c0))
ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f00000005c0)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f0000000800)=""/86, &(0x7f0000000780)=""/72})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='sched_switch\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000040), 0x208e24b)
socketpair$unix(0x1, 0x1, 0x0, 0x0)

2.729097183s ago: executing program 4:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000f600850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
mount(&(0x7f00000004c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x14113e, 0x0)
write$binfmt_script(r2, &(0x7f0000000280), 0x208e24b)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x107842, 0x0)
sendfile(r3, r3, 0x0, 0x80000000)

2.543624652s ago: executing program 0:
memfd_create(&(0x7f0000000080)='\xf3e\t\xa9\xff\vty\x01senux\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})
open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
linkat(0xffffffffffffffff, &(0x7f0000001180)='./file1\x00', 0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
connect$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000380)='blkio.bfq.sectors\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)

2.338105873s ago: executing program 4:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180300002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='kmem_cache_free\x00', r0}, 0x10)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x64440, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r1, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ccc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6b3f0000f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784753f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a748cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d9f95e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x78}, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
writev(r2, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0x20f4}], 0x1)

2.044887068s ago: executing program 1:
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
close(r0)

2.035807989s ago: executing program 1:
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000002240)='./file0\x00', 0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c666c7573682c646d61736b3d30303030303030303030303030303030303137373737372c73686f72746e616d653d77696e39352c636865636b3d7374726963742c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c757466383d312c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c756e695f786c6174653d312c726f6469722c696f636861727365743d757466382c666d61736b3d30303030303030303030303030303030303030303030342c646d61736b3d30303030303030303030303030303030303030303030372c757466383d312c726f6469722c73686f72746e616d653d77696e39352c726f6469722c00743ccfec81d6c7d05b0f2a54ddce151ec4cbbaacb9552647fd950fedfdc024b3953e7669bc9d4f66e3beaecb80fe73633280b1d3e82023d4f5c7f5a4989406c0f0d0cf537f132dc1e63d84a17532cb78ae7a368bc0029207b9b166705972f4e8dad041e6be170bf43057b456d43f100c53b471aa6c8e3751", @ANYRES16], 0x1, 0x2b8, &(0x7f0000001080)="$eJzs3T2LY1UYAOD3JpkkuxZJYSWCF7SwWna2tckgWVhMpaRQCx3cXZAkCLsw4CgGK1sbS3+BINj5J2wEf4DgD7BzioEjN7mXZGbyMUEz48fzFJl37jnvPe85OcwHwz3z4cuT0eM8nn75+a/RbmdR60UvzrLoRi0qKaUUC72vAwD4NztLKX5Pc9dM6RUvWUS091saALAnO3///2HvJQEAe/bOu++9dTQY9N/O83Y8nHx1Mix+sy8+ztuPnsbHMY4ncT86cT7/W0D100Lx+jClNG3khW68NpmeDIvMyQc/lfc/qgY6jE50Z9HF/EeD/mE+t5Q/Leq4W47fK8Z/EJ14ccX4jwb9ByvyY9iM119dqv9edOLnj+KTGMfjWRGL/C8O8/zN9M0fn71flFfkZ9OTYWvWbyHVb+5dAQAAAAAAAAAAAAAAAAAAAADgv+5eeXZOK2bn9xSXyvN36ufFJweRV7oXz+eZ52fVjS6dDzRN8W1KrUbEoH8/z/NUdlzkN+KlRjRuZ9YAAAAAAAAAAAAAAAAAAADwz/L809PR8Xj85NmK4Je7EWua1gTVaQDVY/1bsurrmnpLV16J09Fxa/0Nl5pqZbhh0KhXfbKIjdMpJrHL3P9CcGddzd99v+sN29v7HGxan78nqHbX6DhbvYatqK60q/f0x+U+zbjmWM11TWn79lsKmiubOjvPvfnCLJhu6BPZpsLe+G2+cuWV7PIsmrNVXZl+UAZL6Zf2xk77+erXisxpHQAAAAAAAAAAAAAAAAAAsFeLh36vNN3ZklpLrb2VBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3avH//3cIpmXyNTo349nzW54iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/wN/BgAA//+kKlw+")
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x3ffffffffffffda, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = dup(0xffffffffffffffff)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000440)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r4}})
r5 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r5, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x0, {0x43}}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x3, 0x0, 0x1}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r5, &(0x7f00000002c0)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0xa}}, 0x37, 0x0}, 0x0)
write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[@ANYRES16=r4], 0x168)

1.977425828s ago: executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)

1.953815182s ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000f600850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r2, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
mount(&(0x7f00000004c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x14113e, 0x0)
write$binfmt_script(r3, &(0x7f0000000280), 0x208e24b)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x107842, 0x0)
sendfile(r4, r4, 0x0, 0x80000000)

1.939365574s ago: executing program 4:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$packet(0x11, 0x3, 0x300)
r3 = socket(0x2, 0x3, 0x100000001)
connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0x10)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)

1.851613848s ago: executing program 3:
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='afs_flock_op\x00', r5}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x4d)
newfstatat(0xffffffffffffff9c, &(0x7f00000004c0)='.\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, <r7=>0x0}, 0x0)
setuid(r7)
ioctl$SIOCSIFHWADDR(r6, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

1.359292393s ago: executing program 0:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xa04710, &(0x7f0000000100)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0xc32}}, {@nolazytime}, {@jqfmt_vfsold}, {@acl}, {@nodiscard}, {@errors_continue}, {@usrjquota}]}, 0xfe, 0x446, &(0x7f0000000d00)="$eJzs289vFFUcAPDvzG5BQWhFFEFUFI2NP1paUDl40WjiQRMTPeCxtoUgCzW0JkKIVmPwaEi8G48m/gWe9GLUk4lXvBsSolxAT2tmd6Zsl27Z7a+lzueTTPPezJu+992ZN/Nm3m4ApXUg+5NE3BMRlyNisJldUM8LZeVuXLsw+c+1C5NJ1Otv/5U0yl2/dmGyKFvstz3PDKcR6edJXslis+fOn5qo1abP5vnRudMfjM6eO//cydMTJ6ZPTJ8ZP3r0yOGxF18Yf35N4sziu77v45n9e19/99Kbk8cuvffLd0m+Ptri6MZAF2UOZIH/XW9o3/ZkL5VtAjta0km1jw2hJ5WIqObn8+UYjErcPHiD8dpnfW0csK6ye9PWzpvn68D/WBL9bgHQH8WNPnv+LZYNGnrcEa6+3HwAyuK+kS/NLdVI8zIDbc+3a+lARByb//frbIkVvIcAAOjVD9n459mlxn9ptI4Rd+ZzQ0MRcW9E7IqI+yJid0TcHxEPRMSeiHiwx/rbp4ZuHf+kV1YT3+1k47+X8rmtxeO/YvQXQ5U8t6MR/0By/GRt+lD+mQzHwNYsP7ZMHT+++vuXnba1jv+yJau/GAvm7bhSbXtBNzUxN9HVBFQXrn4asa+6VPzJwkxAEhF7I2Jfb/96Z5E4+fS3+zsVun38y1iDeab6NxFPNY//fLTFX0iWn58cvStq04dGi7PiVr/+dvGtTvWvKv41kB3/bYvP//YiQ0nrfO1s73Vc/OOLjs80Kz3/tyTvNK5HW/J1H03MzZ0di9iSvNHcq3X9+M19i3xRPot/+ODS/X9Xvk8W/0MRkZ3ED0fEIxHxaN72xyLi8Yg4uEz8P7/yxPsrj399ZfFPLXn9Wzj/245/74nKqZ++71R/d8f/SCM1nK9pXP9uo9sGruazAwAAgM0ibXwHPklHFtJpOjLS/A7/7tiW1mZm5545PvPhmanmd+WHYiAt3nQNtrwPHUvm8//YzI/n74qL7Yfz98ZfVe5u5EcmZ2pTfY4dym57S//ftedm/8/8WVlcNu1LC4F15fdaUF7t/d+NHsrD/R/KS/+H8tL/obyW6v+ftOUrG9QWYGO5/0N56f9QXvo/lJf+D6W0mt/1S5Q5Eekd0QyJdUrceq2oGicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACb0H8BAAD//7e39oM=")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x3ffffffffffffda, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0)
getsockname$packet(r5, &(0x7f0000000200)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r6, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001300)=@newqdisc={0x60, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x1ff}, @TCA_TBF_PARMS={0x28}]}}]}, 0x60}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)

1.111246461s ago: executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(0xffffffffffffffff, 0x942e, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYRES16=r1, @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close(0xffffffffffffffff)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000400)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000200)={r4})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000180)={<r5=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r3, 0x40182103, &(0x7f0000000240)={r5, 0x1, r3, 0x3, 0x80000})
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000480), 0x20000, 0x0)
accept4$inet6(r6, &(0x7f00000003c0)={0xa, 0x0, 0x0, @empty}, &(0x7f0000000780)=0x1c, 0x81800)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000640)={{{@in6=@private2, @in6=@mcast1}}, {{@in=@broadcast}, 0x0, @in6=@local}}, &(0x7f0000000300)=0xe8)
ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r3, 0x40082102, &(0x7f0000000080)=r5)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000280)={r5})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="b40000004900d96d28bd7000fedbdf250a003800", @ANYRES32=r6, @ANYBLOB="0100000014000100fcf8000000000000000000000000000014000100fe8000000000000000000000000000aa080002"], 0xb4}}, 0x0)

1.04870252s ago: executing program 2:
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b0018"], 0x15)
r2 = dup(r1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r4}, 0x10)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mkdir(&(0x7f0000000f40)='./file1/file0\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000005c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1/file0'}}]})

1.019816405s ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xd, 0xffffffff, 0x1, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
faccessat2(0xffffffffffffffff, 0x0, 0x0, 0x0)

958.702374ms ago: executing program 3:
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000001700))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000580)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000008000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7020000140000fbb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000440)='sched_switch\x00', r4}, 0x10)
mkdir(0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})

912.804761ms ago: executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000d80)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2}, [@call]}, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xa, 0x4, 0x3, 0x8}, 0x48)
close(r1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800003d"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='scsi_dispatch_cmd_start\x00', r2}, 0x10)
write$cgroup_type(r0, &(0x7f0000000140), 0x9)

866.327388ms ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000f600850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r2, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
mount(&(0x7f00000004c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x14113e, 0x0)
write$binfmt_script(r3, &(0x7f0000000280), 0x208e24b)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x107842, 0x0)
sendfile(r4, r4, 0x0, 0x80000000)

681.812777ms ago: executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180300002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='kmem_cache_free\x00', r0}, 0x10)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x64440, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r1, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ccc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6b3f0000f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784753f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a748cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d9f95e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x78}, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
writev(r2, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0x20f4}], 0x1)

461.59865ms ago: executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)

164.813085ms ago: executing program 1:
memfd_create(&(0x7f0000000080)='\xf3e\t\xa9\xff\vty\x01senux\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})
open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
linkat(0xffffffffffffffff, &(0x7f0000001180)='./file1\x00', 0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
connect$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000380)='blkio.bfq.sectors\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)

129.261981ms ago: executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(0xffffffffffffffff, 0x942e, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYRES16=r1, @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="32abe2ebc768c7b0ec42a9c2b613e344fde5bfae26dbea84a7d05c39a2dff4a72812372e4b0829ebcd8fe01c0429061814f2204b817f2c806c02372a9d49ddb870b8b5d0c6c1e1ed8d8d7c20ef585fd24dc9f6dfe15b967770e41cd4c45444b0d929f50df954dab617d5403ec52da755cd2fcb97e14be09adb37ec34c6f2a98a066a7fc54df6ebcc97c8c2e781cd0d1c166d69e3d6e7297e5bc4756af4150ab29a5ec9525362d151900fb4eebd623d972ad9"], &(0x7f0000003ff6)='GPL\x00', 0xfffffffe, 0xb7, &(0x7f000000cf3d)=""/183, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x90)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f0000000400)={<r5=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r4, 0xc0182101, &(0x7f0000000200)={r5})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f0000000180)={<r6=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r4, 0x40182103, &(0x7f0000000240)={r6, 0x1, r4, 0x3, 0x80000})
r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000480), 0x20000, 0x0)
accept4$inet6(r7, &(0x7f00000003c0)={0xa, 0x0, 0x0, @empty}, &(0x7f0000000780)=0x1c, 0x81800)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000640)={{{@in6=@private2, @in6=@mcast1}}, {{@in=@broadcast}, 0x0, @in6=@local}}, &(0x7f0000000300)=0xe8)
ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r4, 0x40082102, &(0x7f0000000080)=r6)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r4, 0xc0182101, &(0x7f0000000280)={r6})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="b40000004900d96d28bd7000fedbdf250a003800", @ANYRES32=r7, @ANYBLOB="0100000014000100fcf8000000000000000000000000000014000100fe8000000000000000000000000000aa080002"], 0xb4}}, 0x0)

0s ago: executing program 3:
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
geteuid()
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./file2\x00', 0x0, &(0x7f0000005700)=ANY=[@ANYBLOB="6e6f666c7573685f6d657267652c6e6f757365725f78617474722c6e6f71756f74612c6e6f71756f74612c6e6f646973636172642c6e6f696e6c696e655f64656e7472792c6a71666d743d76667376312c6a71666d743d7666737630000072706a71756f74613d272c6e6f62ba6172726965722c6e6f696e6c696e655f78617474722c00532ce9c75edc805c73af1e7e080908b718fd0828a937e3586554bcab7e1be7aa73459f8662170e991ca8c4b33e9be8c461e5cf93a3f06906d6fa59c7f8886f0b8367599af6dfca0f52ccf121a48c05cee074649107e6b6f3c1de6e4ecb13afd6d0b7a37e1ca7f2a73cfa86fec83ff91813514fc5dad59ef8a68267e2bc0900000000000000a3459a462407e6200beefe217570be55fa53ae668bc248f9910750fe29462516b37659f6d761b21b6ad0715f34", @ANYRES64, @ANYBLOB="3a4be99f9f727e8d0262285f8311dc64a122b0328932c72b2382283dcb1539cb6d4840c2d90f6bb77b5e93c4b5", @ANYRESOCT], 0x1, 0x5524, &(0x7f0000007200)="$eJzs3M1rI2UcB/Anfdnum2sRD946sAgtbELTl0VvVXfxBbuUVQ+eNE2mIbtJpjRpWnvy4FE8+J+IgieP/g0ePHsTD4o3oZJ5prtbtSA2bdzu5wOT78yTyW+eJywLv5mSADyzZpPffy2FG+FKCGEyhHA9hHy/VGy5tRgvhRDmQggTT2ylYvzRwKUQwtUQwo1h8VizVLz15a3BzdVf3vntux9mpq599e2P41s1MG4vhxA623F/rxMza8Z8UIzXBq08OyuDIuMbnYfFcRZzL93MK+zVjs6r5bncjOdn27u9YW61a/VhNltb+fh2N16wN2ge1ck/8KC2kx830s08W70sz+ZBnNf+Qfzf8aDXj3UaRb1P8vKh3z/KOJ7up3E92w/zrHcPJ+N4rJs10v1hDoosLhfqWbuRz2PzFF/0/9y7re7ufjJId3qtrJusVqqvVKq3y9WdrJH205VyrdO4vZLMN9vD08r9tNZZa2ZZs51W6llnIZlv1uvlajWZv5NutmrdpFqtLFcWy6sLxd6t5M17HyTtRjI/zNdb3d1+q91LtrKdJH5iIVmqLL+6kNysJu+tbyQb9+/eXd94P9z58N5r62+/UZz0t2kl80uLS0vl6mJ5qbpwYdY/92j9H52w/s+KSY9w/XAqpXFPAODpo/8HxuHs+v+d++HwMB8fXf8/k+fj/j/mf+//+8W4/n9U/e/hKPv/k/rfi93/j2X9cCr6fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAZ9ZP01+/le/MxuNrxfhzxdALxXEphDARQjj8B5Ph0rGak0Wd6RPOn/7LHL4vhbzC8BozxXY1hLBWbH88f9bfAgAAAFxc33w690Xs1uPL7LgnxHmKN20mrn88onqlEML07M8jqjYxfHlxRMXyf99TYX9E1fIbWJdHVCzecpsaVbV/ZfJYXH4iSjEmznU6AADAuTjeCZxvFwIAAMB5+nzcE2A8SuHoUebRs+D8L+8fPxC8cuwIAAAAeAqVxj0BAAAA4Mzl/b/f/wMAAICLLf7+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Cc793OjNhDFAfjZxoH8U1CUe1rhBmWkhBxzjCggTVACaSENUAO5pYQIVni8aFmxq5U8tndX3yfBMBb8mEH4MG+kAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD79rber3z+//uqaczh2k2c2AAAAwDX7ertqXsxT/317/WN76XPbLyKijIhra/cq3lxkVm1O/cD763tj+BPRJJy+Y9o+3kXEoopYRMT/T33/CgAAAPB67dabZVqtp6f52ANiSKloU374limviIh6/i9TWnnK+5IprPl/T+JHprSmgDXLFJZKbpNcaU/S3O7nqt3sTlOkpnz889nmDgAADKi6aIZdhQAAADCk72MPgHEUcbuVed4KnKam3d57e9EDAAAAXqBi7AEAAAAAvWvW/8/6/L9w/h8AAAB0lc7/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoE/7ervarTfLrjmHYzd5ZgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcMP+vKNACIRBGOxd35nM/Q8rDZqamlSB8PE3BgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw5nd/+T8xNc4kc6+NpeeRZO3U2Do19s6Noz+Mr18DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/vzkgIhEARRMGf876Tvf1hJ0DOIEAENjypq0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHzR7375PzE1ziRzp42l45Fk7aqxddXYe9A4ejDe/g0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzv38xpHFQcA/M3MzsZWxTXKHiKi4EEvNt3W1t7EgxI8+CcIId3W2FWx5mBLEXLxJjn3InoUEZR46//Qcwu91FsPe6jgwdPKzM4kr23E9UdnNtnPB9687w7DvO+bhZDvvJcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALXx2/txVhx60zitzt26f22j6G8/1Bdu7NxZKVoRJ00mfTi8GH9I+u0lAgAAwOLI6vo+hHA3310r+rRX1v95fU1R83/79DSu6/mH6/66r2v/ov3y873n9wbqTccpbnphczQ8+Wgqncc3y/n2zN9e0SmffPnuJSu/kPS97efGefk8k69v3nynW4ZLTWQLAPwbJ+q+Curfh4p+0GZiACyMTlR41/V/1ms3JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAmjLfDk3WchBBWOvtx4fb9axsH9Td27qzU7ez16zvxPYtb5CGEC5uj4ckG5zLvPr9y9dL6aDS83HzwUgihrdHfqqZ/6YMZLg6hlecj+J+CtPqy5yWfwxG0+EMJAIAjKa9aUdffzXfXinPJcgiT7x6s/1+N4jBj/X/vw7O34rHi+n/Q2AxbtBTF6V9ftrr1x2QyuXL19c2P1y8OLw4/eePU4M3B6XNnzpxbLd+VrHpjAgAAwH/TrVpc/6fLj67/H4/iMGP9/9k3gy/jsbJFq/9ntL/o13YmAAAAi+3Zl3//LTngfNLthi/Wt7YuD6bHvc+npscWUv3HlqoW1//ZcttZAQAAAE0YbycPrP+fj+Iw4/r/U9+/8GN8zyyEcKxa/z+x8enofHPTmWtN/Dlx23MEAACgXceqFq//5+X+/3Rvy0MaQnjtlWlc/RvAmer/7N2vfojHivf/n25uinMp7U+fR9n3Q+j0284IAACAo+yJqhXF/q/57tpHPx1/v2v/PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDT/gwAAP//vE9Crw==")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}]})
r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents64(r3, 0x0, 0x0)

kernel console output (not intermixed with test programs):

as an invalid length.
[  547.515344][T10377] bridge0: port 2(bridge_slave_1) entered disabled state
[  547.522312][T10377] bridge0: port 1(bridge_slave_0) entered disabled state
[  547.566539][  T537] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  547.576763][  T537] usb 4-1: config 0 interface 0 altsetting 129 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  547.587638][  T537] usb 4-1: config 0 interface 0 altsetting 129 endpoint 0x81 has invalid wMaxPacketSize 0
[  547.597346][  T537] usb 4-1: config 0 interface 0 has no altsetting 0
[  547.603747][  T537] usb 4-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[  547.612625][  T537] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  547.622826][  T537] usb 4-1: config 0 descriptor??
[  547.736468][  T683] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[  547.902729][T10388] loop2: detected capacity change from 0 to 512
[  547.963302][T10388] EXT4-fs (loop2): 1 truncate cleaned up
[  547.968891][T10388] EXT4-fs (loop2): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  548.050219][    T6] Bluetooth: hci0: command 0x1003 tx timeout
[  548.056283][  T823] Bluetooth: hci0: sending frame failed (-49)
[  548.110775][  T537] zeroplus 0003:0C12:0005.0092: item fetching failed at offset 1/5
[  548.127521][  T537] zeroplus 0003:0C12:0005.0092: parse failed
[  548.139254][  T537] zeroplus: probe of 0003:0C12:0005.0092 failed with error -22
[  548.156574][T10396] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  548.274537][T10396] sch_tbf: burst 511 is lower than device veth7 mtu (1514) !
[  548.301724][T10395] EXT4-fs error (device loop2): ext4_find_dest_de:2112: inode #2: block 13: comm syz-executor.2: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  548.321636][  T683] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  548.332918][  T683] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  548.342991][  T683] usb 1-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[  548.352053][  T683] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  548.367458][  T683] usb 1-1: config 0 descriptor??
[  548.490980][    T6] usb 4-1: USB disconnect, device number 55
[  548.803320][T10404] loop2: detected capacity change from 0 to 256
[  548.886646][T10404] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  548.898787][T10404] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  549.391669][  T683] hid-led: probe of 0003:0FC5:B080.0093 failed with error -71
[  549.399844][  T683] usb 1-1: USB disconnect, device number 59
[  549.810069][   T30] kauditd_printk_skb: 58 callbacks suppressed
[  549.810083][   T30] audit: type=1400 audit(1719154866.967:6461): avc:  denied  { mounton } for  pid=10424 comm="syz-executor.0" path="/root/syzkaller-testdir541317243/syzkaller.wW3Aqx/21/file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="9p" ino=7016996764471618667 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=blk_file permissive=1
[  550.127212][    T6] Bluetooth: hci0: command 0x1001 tx timeout
[  550.133212][  T823] Bluetooth: hci0: sending frame failed (-49)
[  550.459945][T10457] loop1: detected capacity change from 0 to 256
[  550.497180][T10457] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  550.529131][T10457] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  551.236765][T10480] loop3: detected capacity change from 0 to 512
[  551.340095][T10480] EXT4-fs (loop3): 1 truncate cleaned up
[  551.350379][T10480] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  551.743767][T10483] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  551.832311][T10488] sch_tbf: burst 511 is lower than device veth9 mtu (1514) !
[  551.908370][T10483] EXT4-fs error (device loop3): ext4_find_dest_de:2112: inode #2: block 13: comm syz-executor.3: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  552.031268][T10497] loop1: detected capacity change from 0 to 512
[  552.081880][T10497] EXT4-fs (loop1): 1 truncate cleaned up
[  552.091150][T10497] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  552.196441][    T6] Bluetooth: hci0: command 0x1009 tx timeout
[  552.556738][T10511] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  552.589824][T10511] sch_tbf: burst 511 is lower than device veth7 mtu (1514) !
[  552.600621][T10511] EXT4-fs error (device loop1): ext4_find_dest_de:2112: inode #2: block 13: comm syz-executor.1: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  552.636467][   T60] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  552.958998][T10519] loop1: detected capacity change from 0 to 256
[  553.025364][   T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  553.033822][T10519] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  553.039319][   T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  553.058126][T10519] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  553.059282][   T60] usb 3-1: New USB device found, idVendor=056e, idProduct=00fb, bcdDevice= 0.00
[  553.078025][   T60] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  553.088914][   T60] usb 3-1: config 0 descriptor??
[  553.639208][   T60] elecom 0003:056E:00FB.0094: unknown main item tag 0x0
[  553.657330][   T60] elecom 0003:056E:00FB.0094: hidraw0: USB HID v0.07 Device [HID 056e:00fb] on usb-dummy_hcd.2-1/input0
[  553.848337][   T60] usb 3-1: USB disconnect, device number 51
[  555.006446][    T6] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[  555.323668][T10573] loop2: detected capacity change from 0 to 40427
[  555.396575][    T6] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  555.407562][    T6] usb 1-1: config 0 interface 0 altsetting 129 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  555.428630][T10573] F2FS-fs (loop2): invalid crc value
[  555.442878][T10573] F2FS-fs (loop2): Found nat_bits in checkpoint
[  555.474743][T10580] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  555.586507][T10580] sch_tbf: burst 511 is lower than device veth9 mtu (1514) !
[  555.604804][    T6] usb 1-1: config 0 interface 0 altsetting 129 endpoint 0x81 has invalid wMaxPacketSize 0
[  555.614576][    T6] usb 1-1: config 0 interface 0 has no altsetting 0
[  555.621106][    T6] usb 1-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[  555.630047][    T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  555.634143][T10573] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  555.638497][    T6] usb 1-1: config 0 descriptor??
[  555.704841][T10582] syz-executor.2[10582] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  555.704892][T10582] syz-executor.2[10582] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  555.796435][ T7449] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[  556.048559][ T6598] attempt to access beyond end of device
[  556.048559][ T6598] loop2: rw=2049, want=45104, limit=40427
[  556.127282][    T6] zeroplus 0003:0C12:0005.0095: item fetching failed at offset 1/5
[  556.145352][    T6] zeroplus 0003:0C12:0005.0095: parse failed
[  556.151516][    T6] zeroplus: probe of 0003:0C12:0005.0095 failed with error -22
[  556.156005][T10585] loop4: detected capacity change from 0 to 512
[  556.177400][ T7449] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  556.196579][ T7449] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  556.210449][ T7449] usb 4-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[  556.227468][ T7449] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  556.244210][ T7449] usb 4-1: config 0 descriptor??
[  556.264790][T10591] loop1: detected capacity change from 0 to 512
[  556.271494][T10585] EXT4-fs (loop4): 1 truncate cleaned up
[  556.277744][T10585] EXT4-fs (loop4): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  556.306206][T10591] EXT4-fs (loop1): 1 truncate cleaned up
[  556.311765][T10591] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  556.330313][  T683] usb 1-1: USB disconnect, device number 60
[  556.723234][T10600] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  556.740542][T10602] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  556.841894][T10600] sch_tbf: burst 511 is lower than device veth5 mtu (1514) !
[  556.857399][T10600] EXT4-fs error (device loop4): ext4_find_dest_de:2112: inode #2: block 13: comm syz-executor.4: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  557.625594][T10618] loop0: detected capacity change from 0 to 40427
[  557.720454][T10618] F2FS-fs (loop0): invalid crc value
[  557.727294][T10618] F2FS-fs (loop0): Found nat_bits in checkpoint
[  557.750166][T10618] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  557.906530][ T7449] hid-led: probe of 0003:0FC5:B080.0096 failed with error -71
[  557.924414][ T7449] usb 4-1: USB disconnect, device number 56
[  557.999262][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  558.006240][T10628] fuse: Bad value for 'group_id'
[  558.104420][T10623] loop1: detected capacity change from 0 to 40427
[  558.171414][T10623] F2FS-fs (loop1): invalid crc value
[  558.184606][T10623] F2FS-fs (loop1): Found nat_bits in checkpoint
[  558.268929][T10623] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  558.437966][T10642] loop3: detected capacity change from 0 to 512
[  558.510160][T10642] EXT4-fs (loop3): 1 truncate cleaned up
[  558.515692][T10642] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  558.543010][T10645] syz-executor.1[10645] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  558.543091][T10645] syz-executor.1[10645] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  558.580366][T10188] attempt to access beyond end of device
[  558.580366][T10188] loop0: rw=2049, want=45104, limit=40427
[  558.627159][T10645] attempt to access beyond end of device
[  558.627159][T10645] loop1: rw=524288, want=45072, limit=40427
[  558.687226][T10645] attempt to access beyond end of device
[  558.687226][T10645] loop1: rw=0, want=45072, limit=40427
[  558.824291][T10647] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'.
[  558.910569][ T4988] attempt to access beyond end of device
[  558.910569][ T4988] loop1: rw=2049, want=45104, limit=40427
[  558.972454][T10649] loop0: detected capacity change from 0 to 512
[  559.027208][T10649] EXT4-fs (loop0): 1 truncate cleaned up
[  559.032704][T10649] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  559.077753][T10656] loop1: detected capacity change from 0 to 512
[  559.138868][T10656] EXT4-fs (loop1): 1 truncate cleaned up
[  559.144317][T10656] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  559.244153][T10659] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  559.365854][T10659] sch_tbf: burst 511 is lower than device veth3 mtu (1514) !
[  559.381087][T10659] EXT4-fs error (device loop0): ext4_find_dest_de:2112: inode #2: block 13: comm syz-executor.0: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  559.400884][   T60] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  559.560868][T10664] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
[  559.610127][T10665] device syzkaller0 entered promiscuous mode
[  559.786481][   T60] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  559.851966][   T60] usb 3-1: config 0 interface 0 altsetting 129 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  559.863357][   T60] usb 3-1: config 0 interface 0 altsetting 129 endpoint 0x81 has invalid wMaxPacketSize 0
[  559.873576][   T60] usb 3-1: config 0 interface 0 has no altsetting 0
[  559.880053][   T60] usb 3-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[  559.889113][   T60] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  559.905818][   T60] usb 3-1: config 0 descriptor??
[  560.036443][ T7449] Bluetooth: hci0: command 0x1003 tx timeout
[  560.042316][  T823] Bluetooth: hci0: sending frame failed (-49)
[  560.127682][T10672] loop1: detected capacity change from 0 to 512
[  560.199529][T10672] EXT4-fs (loop1): 1 truncate cleaned up
[  560.205162][T10672] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  560.805367][   T60] zeroplus 0003:0C12:0005.0097: item fetching failed at offset 1/5
[  560.821608][   T60] zeroplus 0003:0C12:0005.0097: parse failed
[  560.827770][   T60] zeroplus: probe of 0003:0C12:0005.0097 failed with error -22
[  561.121128][ T3384] usb 3-1: USB disconnect, device number 52
[  561.524452][T10696] loop3: detected capacity change from 0 to 512
[  561.546513][ T7449] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[  561.554836][T10696] EXT4-fs (loop3): 1 truncate cleaned up
[  561.560334][T10696] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  561.639007][T10703] fuse: Bad value for 'group_id'
[  561.751065][T10709] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  561.865201][T10709] sch_tbf: burst 511 is lower than device veth11 mtu (1514) !
[  561.881457][T10709] EXT4-fs error (device loop3): ext4_find_dest_de:2112: inode #2: block 13: comm syz-executor.3: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  561.952869][T10707] loop2: detected capacity change from 0 to 40427
[  561.971200][T10711] netlink: 'syz-executor.0': attribute type 27 has an invalid length.
[  562.011107][T10707] F2FS-fs (loop2): invalid crc value
[  562.013156][T10717] loop0: detected capacity change from 0 to 512
[  562.024332][T10707] F2FS-fs (loop2): Found nat_bits in checkpoint
[  562.047510][T10707] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  562.073521][T10717] EXT4-fs (loop0): 1 truncate cleaned up
[  562.079245][T10717] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  562.098845][ T7449] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  562.109641][ T7449] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  562.119490][ T7449] usb 2-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[  562.128414][ T7449] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  562.136872][ T7449] usb 2-1: config 0 descriptor??
[  562.141775][ T3890] Bluetooth: hci0: command 0x1001 tx timeout
[  562.147657][  T823] Bluetooth: hci0: sending frame failed (-49)
[  562.282865][T10725] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  562.456995][T10723] EXT4-fs error (device loop0): ext4_find_dest_de:2112: inode #2: block 13: comm syz-executor.0: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  562.648463][ T6598] attempt to access beyond end of device
[  562.648463][ T6598] loop2: rw=2049, want=45104, limit=40427
[  563.491966][ T7449] hid-led: probe of 0003:0FC5:B080.0098 failed with error -71
[  563.627113][ T7449] usb 2-1: USB disconnect, device number 63
[  563.798836][T10752] netlink: 'syz-executor.2': attribute type 27 has an invalid length.
[  563.949262][T10756] loop3: detected capacity change from 0 to 40427
[  564.029928][T10756] F2FS-fs (loop3): invalid crc value
[  564.052743][T10756] F2FS-fs (loop3): Found nat_bits in checkpoint
[  564.135936][T10774] overlayfs: failed to resolve './file1': -2
[  564.299473][ T7449] Bluetooth: hci0: command 0x1009 tx timeout
[  564.305435][T10756] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  564.328730][T10781] loop1: detected capacity change from 0 to 256
[  564.377211][T10781] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  564.389279][T10781] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  564.410869][T10782] syz-executor.3[10782] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  564.410958][T10782] syz-executor.3[10782] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  565.006852][ T7344] attempt to access beyond end of device
[  565.006852][ T7344] loop3: rw=2049, want=45104, limit=40427
[  565.037934][T10787] netlink: 'syz-executor.0': attribute type 27 has an invalid length.
[  565.986467][  T683] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[  566.074936][T10823] netlink: 'syz-executor.0': attribute type 27 has an invalid length.
[  566.149545][T10819] loop1: detected capacity change from 0 to 40427
[  566.208230][T10819] F2FS-fs (loop1): invalid crc value
[  566.283386][T10819] F2FS-fs (loop1): Found nat_bits in checkpoint
[  566.307758][T10819] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  566.370851][T10837] syz-executor.1[10837] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  566.370902][T10837] syz-executor.1[10837] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  566.850865][  T683] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  566.873188][  T683] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  566.873404][ T4988] attempt to access beyond end of device
[  566.873404][ T4988] loop1: rw=2049, want=45104, limit=40427
[  566.882702][  T683] usb 4-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[  566.902575][  T683] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  566.911121][  T683] usb 4-1: config 0 descriptor??
[  567.112206][T10843] loop0: detected capacity change from 0 to 40427
[  567.168781][T10843] F2FS-fs (loop0): invalid crc value
[  567.174869][T10843] F2FS-fs (loop0): Found nat_bits in checkpoint
[  567.212046][T10843] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  567.836514][  T683] hid-led: probe of 0003:0FC5:B080.0099 failed with error -71
[  567.850402][  T683] usb 4-1: USB disconnect, device number 57
[  567.856576][T10188] attempt to access beyond end of device
[  567.856576][T10188] loop0: rw=2049, want=45104, limit=40427
[  568.431520][T10877] device syzkaller0 entered promiscuous mode
[  569.396588][ T3384] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[  569.690219][T10901] loop4: detected capacity change from 0 to 40427
[  569.886499][  T683] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  569.896898][T10901] F2FS-fs (loop4): invalid crc value
[  569.906302][T10901] F2FS-fs (loop4): Found nat_bits in checkpoint
[  569.942344][T10901] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  570.210237][ T3384] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  570.221982][ T3384] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  570.231607][ T3384] usb 2-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[  570.240444][ T3384] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  570.248934][ T3384] usb 2-1: config 0 descriptor??
[  570.332202][ T8943] attempt to access beyond end of device
[  570.332202][ T8943] loop4: rw=2049, want=45104, limit=40427
[  570.502663][  T683] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  570.515208][  T683] usb 4-1: config 0 interface 0 altsetting 129 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  570.526455][  T683] usb 4-1: config 0 interface 0 altsetting 129 endpoint 0x81 has invalid wMaxPacketSize 0
[  570.536429][  T683] usb 4-1: config 0 interface 0 has no altsetting 0
[  570.543584][  T683] usb 4-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[  570.552484][  T683] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  570.560802][  T683] usb 4-1: config 0 descriptor??
[  570.619273][    T8] Bluetooth: hci0: Frame reassembly failed (-84)
[  570.706906][T10892] syz-executor.1[10892] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  570.706958][T10892] syz-executor.1[10892] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  570.728022][ T3384] logitech-hidpp-device 0003:046D:C086.009A: hidraw0: USB HID v0.00 Device [HID 046d:c086] on usb-dummy_hcd.1-1/input0
[  570.856454][ T3890] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  570.931351][ T7449] usb 2-1: USB disconnect, device number 64
[  571.027400][  T683] zeroplus 0003:0C12:0005.009B: item fetching failed at offset 1/5
[  571.037090][  T683] zeroplus 0003:0C12:0005.009B: parse failed
[  571.042899][  T683] zeroplus: probe of 0003:0C12:0005.009B failed with error -22
[  571.338914][ T7449] usb 4-1: USB disconnect, device number 58
[  571.406508][ T3890] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  571.417246][ T3890] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  571.426752][ T3890] usb 3-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[  571.435609][ T3890] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  571.444004][ T3890] usb 3-1: config 0 descriptor??
[  571.813822][T10934] device syzkaller0 entered promiscuous mode
[  572.416524][ T3890] hid-led: probe of 0003:0FC5:B080.009C failed with error -71
[  572.426997][ T3890] usb 3-1: USB disconnect, device number 53
[  572.676460][   T60] Bluetooth: hci0: command 0x1003 tx timeout
[  572.682412][  T823] Bluetooth: hci0: sending frame failed (-49)
[  572.726525][ T3384] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[  572.986477][ T3384] usb 1-1: Using ep0 maxpacket: 32
[  573.036891][   T30] audit: type=1326 audit(1719154890.197:6462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10962 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effd5c8a0a9 code=0x7fc00000
[  573.080970][   T30] audit: type=1326 audit(1719154890.217:6463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10962 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7effd5c8a0a9 code=0x7fc00000
[  573.106785][ T3384] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  573.133851][ T3384] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  573.173348][ T3384] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  573.184648][ T3384] usb 1-1: config 0 descriptor??
[  573.226980][ T3384] hub 1-1:0.0: USB hub found
[  573.446520][ T3384] hub 1-1:0.0: 1 port detected
[  573.759172][   T30] audit: type=1326 audit(1719154890.917:6464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10962 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effd5c8a0a9 code=0x7fc00000
[  573.783198][   T30] audit: type=1326 audit(1719154890.917:6465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10962 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7effd5c8a0a9 code=0x7fc00000
[  573.807027][   T30] audit: type=1326 audit(1719154890.917:6466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10962 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effd5c8a0a9 code=0x7fc00000
[  573.837501][   T30] audit: type=1326 audit(1719154890.917:6467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10962 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effd5c8a0a9 code=0x7fc00000
[  573.863353][   T30] audit: type=1326 audit(1719154890.917:6468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10962 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effd5c8a0a9 code=0x7fc00000
[  573.888038][   T30] audit: type=1326 audit(1719154890.917:6469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10962 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effd5c8a0a9 code=0x7fc00000
[  573.912106][   T30] audit: type=1326 audit(1719154890.917:6470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10962 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effd5c8a0a9 code=0x7fc00000
[  573.936209][   T30] audit: type=1326 audit(1719154890.917:6471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10962 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effd5c8a0a9 code=0x7fc00000
[  574.076515][ T3384] hub 1-1:0.0: hub_hub_status failed (err = -71)
[  574.082712][ T3384] hub 1-1:0.0: config failed, can't get hub status (err -71)
[  574.106505][  T329] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  574.186500][ T3384] usbhid 1-1:0.0: can't add hid device: -71
[  574.192312][ T3384] usbhid: probe of 1-1:0.0 failed with error -71
[  574.226934][ T3384] usb 1-1: USB disconnect, device number 61
[  574.337944][T10994] netlink: 'syz-executor.1': attribute type 27 has an invalid length.
[  574.496491][  T329] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  574.506455][  T329] usb 3-1: config 0 interface 0 altsetting 129 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  574.517264][  T329] usb 3-1: config 0 interface 0 altsetting 129 endpoint 0x81 has invalid wMaxPacketSize 0
[  574.527238][  T329] usb 3-1: config 0 interface 0 has no altsetting 0
[  574.535291][  T329] usb 3-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[  574.544350][  T329] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  574.555380][  T329] usb 3-1: config 0 descriptor??
[  574.759904][ T3384] Bluetooth: hci0: command 0x1001 tx timeout
[  574.765782][  T823] Bluetooth: hci0: sending frame failed (-49)
[  575.187280][  T329] zeroplus 0003:0C12:0005.009D: item fetching failed at offset 1/5
[  575.195184][  T329] zeroplus 0003:0C12:0005.009D: parse failed
[  575.201151][  T329] zeroplus: probe of 0003:0C12:0005.009D failed with error -22
[  575.285277][T11022] loop1: detected capacity change from 0 to 256
[  575.347092][T11022] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  575.359272][T11022] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  575.389111][ T3890] usb 3-1: USB disconnect, device number 54
[  576.083726][T11030] netlink: 'syz-executor.1': attribute type 27 has an invalid length.
[  576.457210][T11045] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  576.501033][T11045] sch_tbf: burst 511 is lower than device veth13 mtu (1514) !
[  576.710944][T11053] loop3: detected capacity change from 0 to 256
[  576.747153][T11053] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  576.759903][T11053] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  576.838612][   T60] Bluetooth: hci0: command 0x1009 tx timeout
[  576.882875][T11056] loop3: detected capacity change from 0 to 256
[  576.961866][T11056] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  576.977105][T11056] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  577.150753][T11064] netlink: 'syz-executor.3': attribute type 27 has an invalid length.
[  577.166806][T11064] bridge0: port 2(bridge_slave_1) entered disabled state
[  577.173738][T11064] bridge0: port 1(bridge_slave_0) entered disabled state
[  577.706483][   T60] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[  577.888333][T11087] loop1: detected capacity change from 0 to 512
[  578.066593][   T60] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  578.076864][   T60] usb 4-1: config 0 interface 0 altsetting 129 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  578.087924][   T60] usb 4-1: config 0 interface 0 altsetting 129 endpoint 0x81 has invalid wMaxPacketSize 0
[  578.089242][T11087] EXT4-fs (loop1): 1 truncate cleaned up
[  578.098105][   T60] usb 4-1: config 0 interface 0 has no altsetting 0
[  578.103204][T11087] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  578.110086][   T60] usb 4-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[  578.138851][   T60] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  578.149069][   T60] usb 4-1: config 0 descriptor??
[  578.487969][T11100] netlink: 'syz-executor.1': attribute type 27 has an invalid length.
[  578.519731][T11103] loop1: detected capacity change from 0 to 256
[  578.547142][T11103] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  578.560978][T11103] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  578.694781][   T60] zeroplus 0003:0C12:0005.009E: item fetching failed at offset 1/5
[  578.704653][   T60] zeroplus 0003:0C12:0005.009E: parse failed
[  578.710712][   T60] zeroplus: probe of 0003:0C12:0005.009E failed with error -22
[  578.870088][  T683] usb 4-1: USB disconnect, device number 59
[  578.890975][T11124] device syzkaller0 entered promiscuous mode
[  579.660824][T11132] netlink: 'syz-executor.1': attribute type 27 has an invalid length.
[  579.809655][T11137] loop2: detected capacity change from 0 to 256
[  579.837202][T11137] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  579.875584][T11137] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  580.705210][T11164] netlink: 'syz-executor.0': attribute type 27 has an invalid length.
[  580.731749][T11166] loop3: detected capacity change from 0 to 256
[  580.742186][T11166] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  580.756758][T11166] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  581.182965][  T683] usb 2-1: new high-speed USB device number 65 using dummy_hcd
[  581.766601][  T683] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  581.786941][  T683] usb 2-1: config 0 interface 0 altsetting 129 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  581.802624][  T683] usb 2-1: config 0 interface 0 altsetting 129 endpoint 0x81 has invalid wMaxPacketSize 0
[  581.815247][  T683] usb 2-1: config 0 interface 0 has no altsetting 0
[  581.821979][  T683] usb 2-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[  581.831165][  T683] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  581.849598][  T683] usb 2-1: config 0 descriptor??
[  582.123103][    T8] Bluetooth: hci0: Frame reassembly failed (-84)
[  582.154873][T11204] netlink: 'syz-executor.4': attribute type 27 has an invalid length.
[  582.587527][  T683] zeroplus 0003:0C12:0005.009F: item fetching failed at offset 1/5
[  582.597370][  T683] zeroplus 0003:0C12:0005.009F: parse failed
[  582.607619][  T683] zeroplus: probe of 0003:0C12:0005.009F failed with error -22
[  582.794941][  T329] usb 2-1: USB disconnect, device number 65
[  583.328143][T11216] loop1: detected capacity change from 0 to 256
[  583.386719][T11216] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  583.399043][T11216] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  584.196459][  T329] Bluetooth: hci0: command 0x1003 tx timeout
[  584.202393][  T823] Bluetooth: hci0: sending frame failed (-49)
[  584.239070][T11239] loop1: detected capacity change from 0 to 512
[  584.295947][T11239] EXT4-fs (loop1): 1 truncate cleaned up
[  584.302517][T11239] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  584.524360][T11245] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  584.650682][T11245] sch_tbf: burst 511 is lower than device veth15 mtu (1514) !
[  584.664053][T11245] EXT4-fs error (device loop1): ext4_find_dest_de:2112: inode #2: block 13: comm syz-executor.1: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  584.836671][   T30] kauditd_printk_skb: 68 callbacks suppressed
[  584.836706][   T30] audit: type=1326 audit(1719154901.987:6540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11249 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f67b000a9 code=0x7fc00000
[  584.871634][   T30] audit: type=1326 audit(1719154901.987:6541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11249 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4f67b000a9 code=0x7fc00000
[  585.126442][  T683] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[  585.550840][   T30] audit: type=1326 audit(1719154902.707:6542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11249 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f67b000a9 code=0x7fc00000
[  585.575240][   T30] audit: type=1326 audit(1719154902.707:6543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11249 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4f67b000a9 code=0x7fc00000
[  585.623881][T11270] loop3: detected capacity change from 0 to 256
[  585.666542][  T683] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  585.676512][  T683] usb 5-1: config 0 interface 0 altsetting 129 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  585.687353][  T683] usb 5-1: config 0 interface 0 altsetting 129 endpoint 0x81 has invalid wMaxPacketSize 0
[  585.689848][T11270] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  585.698802][  T683] usb 5-1: config 0 interface 0 has no altsetting 0
[  585.715556][  T683] usb 5-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[  585.715857][T11270] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  585.724656][  T683] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  585.749623][  T683] usb 5-1: config 0 descriptor??
[  586.227309][  T683] zeroplus 0003:0C12:0005.00A0: item fetching failed at offset 1/5
[  586.235160][  T683] zeroplus 0003:0C12:0005.00A0: parse failed
[  586.241009][  T683] zeroplus: probe of 0003:0C12:0005.00A0 failed with error -22
[  586.276483][  T329] Bluetooth: hci0: command 0x1001 tx timeout
[  586.282386][  T823] Bluetooth: hci0: sending frame failed (-49)
[  586.428657][  T683] usb 5-1: USB disconnect, device number 50
[  587.253428][   T30] audit: type=1326 audit(1719154904.407:6544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11297 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd31ebfd0a9 code=0x7fc00000
[  587.283564][   T30] audit: type=1326 audit(1719154904.407:6545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11297 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd31ebfd0a9 code=0x7fc00000
[  587.844294][   T30] audit: type=1326 audit(1719154904.997:6546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11297 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd31ebfd0a9 code=0x7fc00000
[  587.868501][   T30] audit: type=1326 audit(1719154904.997:6547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11297 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd31ebfd0a9 code=0x7fc00000
[  587.893608][   T30] audit: type=1326 audit(1719154904.997:6548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11297 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd31ebfd0a9 code=0x7fc00000
[  587.917740][   T30] audit: type=1326 audit(1719154904.997:6549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11297 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd31ebfd0a9 code=0x7fc00000
[  588.356500][  T329] Bluetooth: hci0: command 0x1009 tx timeout
[  588.746449][  T683] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[  589.346501][  T683] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  589.356594][  T683] usb 1-1: config 0 interface 0 altsetting 129 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  589.367396][  T683] usb 1-1: config 0 interface 0 altsetting 129 endpoint 0x81 has invalid wMaxPacketSize 0
[  589.377089][  T683] usb 1-1: config 0 interface 0 has no altsetting 0
[  589.383597][  T683] usb 1-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[  589.392450][  T683] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  589.400813][  T683] usb 1-1: config 0 descriptor??
[  589.709020][T11349] netlink: 'syz-executor.4': attribute type 27 has an invalid length.
[  589.940271][  T683] zeroplus 0003:0C12:0005.00A1: item fetching failed at offset 1/5
[  589.996679][  T683] zeroplus 0003:0C12:0005.00A1: parse failed
[  590.007584][T11354] loop4: detected capacity change from 0 to 512
[  590.012710][  T683] zeroplus: probe of 0003:0C12:0005.00A1 failed with error -22
[  590.071160][T11354] EXT4-fs (loop4): 1 truncate cleaned up
[  590.076970][T11354] EXT4-fs (loop4): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  590.139849][  T683] usb 1-1: USB disconnect, device number 62
[  590.848124][T11357] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  590.880318][T11357] sch_tbf: burst 511 is lower than device veth7 mtu (1514) !
[  590.891989][T11357] EXT4-fs error (device loop4): ext4_find_dest_de:2112: inode #2: block 13: comm syz-executor.4: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  591.793755][T11384] loop3: detected capacity change from 0 to 512
[  591.823018][T11388] netlink: 'syz-executor.1': attribute type 27 has an invalid length.
[  591.843699][T11384] EXT4-fs (loop3): 1 truncate cleaned up
[  591.849637][T11384] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  593.012644][T11409] device veth0_vlan left promiscuous mode
[  593.018873][T11409] device veth0_vlan entered promiscuous mode
[  593.418473][T11410] loop4: detected capacity change from 0 to 512
[  593.539799][T11410] EXT4-fs (loop4): 1 truncate cleaned up
[  593.545415][T11410] EXT4-fs (loop4): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  594.378578][T11428] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  594.420444][T11428] sch_tbf: burst 511 is lower than device veth9 mtu (1514) !
[  594.446415][T11428] EXT4-fs error (device loop4): ext4_find_dest_de:2112: inode #2: block 13: comm syz-executor.4: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  594.496618][   T30] kauditd_printk_skb: 62 callbacks suppressed
[  594.496660][   T30] audit: type=1326 audit(1719154911.627:6612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a373640a9 code=0x7fc00000
[  594.546483][   T60] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[  594.547668][   T30] audit: type=1326 audit(1719154911.627:6613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8a373640a9 code=0x7fc00000
[  594.665523][    T8] Bluetooth: hci0: Frame reassembly failed (-84)
[  594.936507][   T60] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  594.946484][   T60] usb 1-1: config 0 interface 0 altsetting 129 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  594.957297][   T60] usb 1-1: config 0 interface 0 altsetting 129 endpoint 0x81 has invalid wMaxPacketSize 0
[  594.967004][   T60] usb 1-1: config 0 interface 0 has no altsetting 0
[  594.973424][   T60] usb 1-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[  594.982277][   T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  594.990650][   T60] usb 1-1: config 0 descriptor??
[  595.126917][   T30] audit: type=1326 audit(1719154912.287:6614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a373640a9 code=0x7fc00000
[  595.150970][   T30] audit: type=1326 audit(1719154912.287:6615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8a373640a9 code=0x7fc00000
[  595.175226][   T30] audit: type=1326 audit(1719154912.287:6616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a373640a9 code=0x7fc00000
[  595.204075][   T30] audit: type=1326 audit(1719154912.287:6617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a373640a9 code=0x7fc00000
[  595.228309][   T30] audit: type=1326 audit(1719154912.287:6618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a373640a9 code=0x7fc00000
[  595.252525][   T30] audit: type=1326 audit(1719154912.287:6619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a373640a9 code=0x7fc00000
[  595.276598][   T30] audit: type=1326 audit(1719154912.287:6620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a373640a9 code=0x7fc00000
[  595.300712][   T30] audit: type=1326 audit(1719154912.287:6621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a373640a9 code=0x7fc00000
[  595.616705][   T60] zeroplus 0003:0C12:0005.00A2: item fetching failed at offset 1/5
[  595.624569][   T60] zeroplus 0003:0C12:0005.00A2: parse failed
[  595.630670][   T60] zeroplus: probe of 0003:0C12:0005.00A2 failed with error -22
[  595.718632][  T683] usb 1-1: USB disconnect, device number 63
[  596.699428][  T683] Bluetooth: hci0: command 0x1003 tx timeout
[  596.705302][  T823] Bluetooth: hci0: sending frame failed (-49)
[  598.114555][T11517] device veth0_vlan left promiscuous mode
[  598.121576][T11517] device veth0_vlan entered promiscuous mode
[  598.766512][  T683] Bluetooth: hci0: command 0x1001 tx timeout
[  598.772568][  T823] Bluetooth: hci0: sending frame failed (-49)
[  598.921695][T11542] binder_alloc: 11540: binder_alloc_buf, no vma
[  598.949026][T11545] loop3: detected capacity change from 0 to 512
[  598.974426][T11545] EXT4-fs (loop3): 1 truncate cleaned up
[  598.980023][T11545] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  599.214372][T11560] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  599.285423][T11562] device veth0_vlan left promiscuous mode
[  599.292413][T11562] device veth0_vlan entered promiscuous mode
[  600.487382][T11581] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  600.630443][ T3890] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[  600.647956][T11580] sch_tbf: burst 511 is lower than device veth17 mtu (1514) !
[  600.717198][T11586] fuse: Bad value for 'fd'
[  600.832536][T11588] loop0: detected capacity change from 0 to 40427
[  600.846538][  T683] Bluetooth: hci0: command 0x1009 tx timeout
[  600.879238][T11588] F2FS-fs (loop0): invalid crc value
[  600.885261][T11588] F2FS-fs (loop0): Found nat_bits in checkpoint
[  600.908334][T11588] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  601.006534][ T3890] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  601.017592][ T3890] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  601.035069][ T3890] usb 4-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[  601.049532][ T3890] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  601.057680][T11597] syz-executor.0[11597] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  601.057760][T11597] syz-executor.0[11597] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  601.070392][ T3890] usb 4-1: config 0 descriptor??
[  601.088188][T11597] attempt to access beyond end of device
[  601.088188][T11597] loop0: rw=524288, want=45072, limit=40427
[  601.100381][T11597] attempt to access beyond end of device
[  601.100381][T11597] loop0: rw=0, want=45072, limit=40427
[  601.591303][T10188] attempt to access beyond end of device
[  601.591303][T10188] loop0: rw=2049, want=45104, limit=40427
[  601.722806][T11610] loop0: detected capacity change from 0 to 4096
[  601.794067][T11612] device veth0_vlan left promiscuous mode
[  601.801080][T11612] device veth0_vlan entered promiscuous mode
[  601.853410][T11610] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  601.950125][   T30] kauditd_printk_skb: 175 callbacks suppressed
[  601.950141][   T30] audit: type=1400 audit(1719154919.107:6797): avc:  denied  { read write } for  pid=11609 comm="syz-executor.0" name="file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  601.979242][   T30] audit: type=1400 audit(1719154919.107:6798): avc:  denied  { open } for  pid=11609 comm="syz-executor.0" path="/root/syzkaller-testdir541317243/syzkaller.wW3Aqx/105/file0/file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  602.007314][   T30] audit: type=1400 audit(1719154919.137:6799): avc:  denied  { mounton } for  pid=11609 comm="syz-executor.0" path="/root/syzkaller-testdir541317243/syzkaller.wW3Aqx/105/file0/bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  602.117202][   T30] audit: type=1400 audit(1719154919.277:6800): avc:  denied  { unmount } for  pid=4988 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  602.176531][ T3890] hid-led: probe of 0003:0FC5:B080.00A3 failed with error -71
[  602.185347][ T3890] usb 4-1: USB disconnect, device number 60
[  602.561983][   T30] audit: type=1400 audit(1719154919.717:6801): avc:  denied  { rmdir } for  pid=10188 comm="syz-executor.0" name="lost+found" dev="loop0" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  602.585270][   T30] audit: type=1400 audit(1719154919.717:6802): avc:  denied  { unlink } for  pid=10188 comm="syz-executor.0" name="file0" dev="loop0" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  602.608383][   T30] audit: type=1400 audit(1719154919.717:6803): avc:  denied  { unlink } for  pid=10188 comm="syz-executor.0" name="file1" dev="loop0" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  602.631753][   T30] audit: type=1400 audit(1719154919.717:6804): avc:  denied  { unmount } for  pid=10188 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  603.478747][T11657] device veth0_vlan left promiscuous mode
[  603.484549][T11657] device veth0_vlan entered promiscuous mode
[  603.576355][T11661] binder: BINDER_SET_CONTEXT_MGR already set
[  603.589841][T11661] binder: 11660:11661 ioctl 4018620d 20000040 returned -16
[  603.906474][ T3890] usb 4-1: new high-speed USB device number 61 using dummy_hcd
[  603.997670][T11666] loop1: detected capacity change from 0 to 4096
[  604.059062][T11666] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  604.069996][   T30] audit: type=1400 audit(1719154921.237:6805): avc:  denied  { mount } for  pid=11665 comm="syz-executor.1" name="/" dev="loop1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  604.371060][T11676] overlayfs: statfs failed on './file0'
[  604.416591][ T3890] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  604.428623][ T3890] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  604.438621][ T3890] usb 4-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[  604.447740][ T3890] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  604.456166][ T3890] usb 4-1: config 0 descriptor??
[  604.627427][T11683] fuse: Bad value for 'fd'
[  605.254581][T11703] device veth0_vlan left promiscuous mode
[  605.261412][T11703] device veth0_vlan entered promiscuous mode
[  605.446508][ T3890] hid-led: probe of 0003:0FC5:B080.00A4 failed with error -71
[  605.455178][ T3890] usb 4-1: USB disconnect, device number 61
[  605.608957][   T30] audit: type=1326 audit(1719154922.767:6806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11704 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effd5c8a0a9 code=0x7fc00000
[  605.901804][T11717] fuse: Invalid rootmode
[  605.965482][    T8] Bluetooth: hci0: Frame reassembly failed (-84)
[  606.013832][T11724] loop1: detected capacity change from 0 to 4096
[  606.089134][T11724] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  606.675435][T11746] loop0: detected capacity change from 0 to 4096
[  606.738890][T11746] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  606.985279][T11751] device veth0_vlan left promiscuous mode
[  606.991102][T11751] device veth0_vlan entered promiscuous mode
[  607.232341][T11755] fuse: Invalid rootmode
[  607.306497][  T329] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[  607.676535][  T329] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  607.687424][  T329] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  607.697040][  T329] usb 2-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[  607.706044][  T329] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  607.714761][  T329] usb 2-1: config 0 descriptor??
[  607.775193][T11766] loop3: detected capacity change from 0 to 512
[  607.827713][T11766] EXT4-fs (loop3): 1 truncate cleaned up
[  607.833358][T11766] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  608.008212][T11769] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  608.092657][T11769] sch_tbf: burst 511 is lower than device veth15 mtu (1514) !
[  608.132668][   T60] Bluetooth: hci0: command 0x1003 tx timeout
[  608.142628][T11768] EXT4-fs error (device loop3): ext4_find_dest_de:2112: inode #2: block 13: comm syz-executor.3: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  608.162968][  T823] Bluetooth: hci0: sending frame failed (-49)
[  608.361180][T11777] loop2: detected capacity change from 0 to 512
[  608.440120][T11777] EXT4-fs (loop2): 1 truncate cleaned up
[  608.445648][T11777] EXT4-fs (loop2): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  609.425649][  T329] hid-led: probe of 0003:0FC5:B080.00A5 failed with error -71
[  609.444403][  T329] usb 2-1: USB disconnect, device number 66
[  609.461273][T11791] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  609.871376][T11798] loop2: detected capacity change from 0 to 4096
[  609.948566][T11798] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  610.086114][T11802] device veth0_vlan left promiscuous mode
[  610.091927][T11802] device veth0_vlan entered promiscuous mode
[  610.196445][ T3890] Bluetooth: hci0: command 0x1001 tx timeout
[  610.202678][  T823] Bluetooth: hci0: sending frame failed (-49)
[  610.953894][   T30] kauditd_printk_skb: 67 callbacks suppressed
[  610.953935][   T30] audit: type=1326 audit(1719154928.107:6874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11820 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20f23240a9 code=0x7fc00000
[  610.984131][   T30] audit: type=1326 audit(1719154928.147:6875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11820 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f20f23240a9 code=0x7fc00000
[  611.229448][T11825] loop3: detected capacity change from 0 to 512
[  611.304219][T11825] EXT4-fs (loop3): 1 truncate cleaned up
[  611.309784][T11825] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  611.313554][T11827] loop0: detected capacity change from 0 to 40427
[  611.490038][T11832] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  611.622803][T11832] sch_tbf: burst 511 is lower than device veth17 mtu (1514) !
[  611.642618][T11827] F2FS-fs (loop0): invalid crc value
[  611.650058][T11830] EXT4-fs error (device loop3): ext4_find_dest_de:2112: inode #2: block 13: comm syz-executor.3: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  611.658936][T11827] F2FS-fs (loop0): Found nat_bits in checkpoint
[  611.689691][   T30] audit: type=1326 audit(1719154928.837:6876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11820 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20f23240a9 code=0x7fc00000
[  611.729924][   T30] audit: type=1326 audit(1719154928.837:6877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11820 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f20f23240a9 code=0x7fc00000
[  611.754647][   T30] audit: type=1326 audit(1719154928.837:6878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11820 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20f23240a9 code=0x7fc00000
[  611.763930][T11827] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  611.788999][   T30] audit: type=1326 audit(1719154928.837:6879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11820 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20f23240a9 code=0x7fc00000
[  611.813002][   T30] audit: type=1326 audit(1719154928.837:6880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11820 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20f23240a9 code=0x7fc00000
[  611.837392][   T30] audit: type=1326 audit(1719154928.837:6881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11820 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20f23240a9 code=0x7fc00000
[  611.861633][   T30] audit: type=1326 audit(1719154928.837:6882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11820 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20f23240a9 code=0x7fc00000
[  611.886453][   T30] audit: type=1326 audit(1719154928.837:6883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11820 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20f23240a9 code=0x7fc00000
[  612.619022][   T60] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  612.643043][ T3890] Bluetooth: hci0: command 0x1009 tx timeout
[  612.679309][T11846] loop3: detected capacity change from 0 to 256
[  612.686434][T11847] syz-executor.0[11847] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  612.686529][T11847] syz-executor.0[11847] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  612.700409][T11847] attempt to access beyond end of device
[  612.700409][T11847] loop0: rw=524288, want=45072, limit=40427
[  612.723750][T11847] attempt to access beyond end of device
[  612.723750][T11847] loop0: rw=0, want=45072, limit=40427
[  612.868790][   T60] usb 3-1: Using ep0 maxpacket: 32
[  612.892678][T10188] attempt to access beyond end of device
[  612.892678][T10188] loop0: rw=2049, want=45104, limit=40427
[  612.926382][T11856] device veth0_vlan left promiscuous mode
[  612.932219][T11856] device veth0_vlan entered promiscuous mode
[  612.986509][   T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  612.997552][   T60] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  613.006557][   T60] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  613.047033][   T60] usb 3-1: config 0 descriptor??
[  613.086975][   T60] hub 3-1:0.0: USB hub found
[  613.306525][   T60] hub 3-1:0.0: 1 port detected
[  613.726466][   T60] hub 3-1:0.0: hub_hub_status failed (err = -71)
[  613.732637][   T60] hub 3-1:0.0: config failed, can't get hub status (err -71)
[  613.846936][   T60] usbhid 3-1:0.0: can't add hid device: -71
[  613.855930][T11868] loop0: detected capacity change from 0 to 512
[  613.862268][   T60] usbhid: probe of 3-1:0.0 failed with error -71
[  613.870642][T11868] EXT4-fs (loop0): 1 truncate cleaned up
[  613.876156][T11868] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  613.898585][   T60] usb 3-1: USB disconnect, device number 55
[  614.051421][T11871] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  614.155998][T11871] sch_tbf: burst 511 is lower than device veth7 mtu (1514) !
[  614.168823][T11871] EXT4-fs error (device loop0): ext4_find_dest_de:2112: inode #2: block 13: comm syz-executor.0: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  614.295843][T11877] loop1: detected capacity change from 0 to 256
[  614.398998][T11879] netlink: 'syz-executor.2': attribute type 27 has an invalid length.
[  614.435045][T11883] loop2: detected capacity change from 0 to 256
[  614.869286][T11898] loop2: detected capacity change from 0 to 4096
[  614.886191][T11898] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  614.902464][T11896] device veth0_vlan left promiscuous mode
[  614.909152][T11896] device veth0_vlan entered promiscuous mode
[  615.484630][T11912] loop1: detected capacity change from 0 to 4096
[  615.579721][T11912] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  615.658794][T11915] loop3: detected capacity change from 0 to 256
[  615.896008][T11922] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  616.356446][T11925] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  616.566463][T11926] sch_tbf: burst 511 is lower than device veth9 mtu (1514) !
[  616.701362][T11931] loop2: detected capacity change from 0 to 256
[  616.861994][T11946] loop2: detected capacity change from 0 to 256
[  617.022318][  T683] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[  617.041255][T11956] 9pnet: Insufficient options for proto=fd
[  617.062438][T11956] 9pnet: Insufficient options for proto=fd
[  617.169137][T11927] Bluetooth: hci0: Frame reassembly failed (-84)
[  617.250093][T11962] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  617.386785][T11962] sch_tbf: burst 511 is lower than device veth11 mtu (1514) !
[  617.576518][  T683] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  617.587239][  T683] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  617.597018][  T683] usb 5-1: New USB device found, idVendor=056e, idProduct=00fb, bcdDevice= 0.00
[  617.605887][  T683] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  617.623122][  T683] usb 5-1: config 0 descriptor??
[  617.839849][T11970] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  618.004908][T11968] sch_tbf: burst 511 is lower than device veth21 mtu (1514) !
[  618.185574][T11981] loop2: detected capacity change from 0 to 4096
[  618.251500][T11981] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  618.297052][  T683] usbhid 5-1:0.0: can't add hid device: -71
[  618.302838][  T683] usbhid: probe of 5-1:0.0 failed with error -71
[  618.312515][  T683] usb 5-1: USB disconnect, device number 51
[  618.840561][T11992] loop4: detected capacity change from 0 to 512
[  618.898879][T11992] EXT4-fs (loop4): 1 truncate cleaned up
[  618.904474][T11992] EXT4-fs (loop4): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  619.061122][T11996] loop2: detected capacity change from 0 to 256
[  619.076575][T11997] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  619.188202][T11997] sch_tbf: burst 511 is lower than device veth11 mtu (1514) !
[  619.200995][T11997] EXT4-fs error (device loop4): ext4_find_dest_de:2112: inode #2: block 13: comm syz-executor.4: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  619.236470][  T683] Bluetooth: hci0: command 0x1003 tx timeout
[  619.242486][  T823] Bluetooth: hci0: sending frame failed (-49)
[  619.428386][T12002] loop3: detected capacity change from 0 to 512
[  619.512164][T12002] EXT4-fs (loop3): 1 truncate cleaned up
[  619.521272][T12002] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  619.831725][T12006] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  621.397468][  T683] Bluetooth: hci0: command 0x1001 tx timeout
[  621.403646][  T823] Bluetooth: hci0: sending frame failed (-49)
[  622.248158][   T60] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[  622.389620][   T30] kauditd_printk_skb: 58 callbacks suppressed
[  622.389645][   T30] audit: type=1326 audit(1719154939.547:6942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12043 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f67b000a9 code=0x7fc00000
[  622.419638][   T30] audit: type=1326 audit(1719154939.547:6943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12043 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4f67b000a9 code=0x7fc00000
[  622.551247][T12057] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  622.684043][T12057] sch_tbf: burst 511 is lower than device veth13 mtu (1514) !
[  622.776550][   T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  622.787332][   T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  622.796818][   T60] usb 5-1: New USB device found, idVendor=056e, idProduct=00fb, bcdDevice= 0.00
[  622.805648][   T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  622.814039][   T60] usb 5-1: config 0 descriptor??
[  623.156615][   T30] audit: type=1326 audit(1719154940.307:6944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12043 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f67b000a9 code=0x7fc00000
[  623.237763][T12062] loop2: detected capacity change from 0 to 256
[  623.356618][   T60] usbhid 5-1:0.0: can't add hid device: -71
[  623.362352][   T60] usbhid: probe of 5-1:0.0 failed with error -71
[  623.371427][   T60] usb 5-1: USB disconnect, device number 52
[  623.476537][  T683] Bluetooth: hci0: command 0x1009 tx timeout
[  625.600645][T12105] loop3: detected capacity change from 0 to 256
[  625.681499][T12107] fuse: Unknown parameter 'user_i00000000000000000000'
[  625.705717][T12108] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  625.831317][T12108] sch_tbf: burst 511 is lower than device veth13 mtu (1514) !
[  625.959582][T12111] loop2: detected capacity change from 0 to 4096
[  625.981026][T12111] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  626.182675][T12123] EXT4-fs error (device loop2): ext4_map_blocks:602: inode #15: block 112: comm syz-executor.2: lblock 0 mapped to illegal pblock 112 (length 1)
[  626.211315][T12123] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  626.221194][T12123] EXT4-fs error (device loop2): ext4_dirty_inode:6024: inode #15: comm syz-executor.2: mark_inode_dirty error
[  626.376469][ T6598] EXT4-fs error (device loop2): ext4_map_blocks:602: inode #2: block 16: comm syz-executor.2: lblock 0 mapped to illegal pblock 16 (length 1)
[  626.391484][ T6598] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  626.401651][ T6598] EXT4-fs error (device loop2): ext4_dirty_inode:6024: inode #2: comm syz-executor.2: mark_inode_dirty error
[  626.417627][ T6598] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  626.435551][ T6598] EXT4-fs error (device loop2): ext4_quota_off:6464: inode #3: comm syz-executor.2: mark_inode_dirty error
[  626.448278][ T6598] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  626.457797][ T6598] EXT4-fs error (device loop2): ext4_quota_off:6464: inode #4: comm syz-executor.2: mark_inode_dirty error
[  626.474885][T12128] loop4: detected capacity change from 0 to 256
[  626.537371][T12128] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  626.556953][T12128] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  626.632727][T12131] bridge0: port 1(bridge_slave_0) entered blocking state
[  626.639812][T12131] bridge0: port 1(bridge_slave_0) entered disabled state
[  626.647183][T12131] device bridge_slave_0 entered promiscuous mode
[  626.654686][T12131] bridge0: port 2(bridge_slave_1) entered blocking state
[  626.661577][T12131] bridge0: port 2(bridge_slave_1) entered disabled state
[  626.668790][T12131] device bridge_slave_1 entered promiscuous mode
[  626.926980][T12138] netlink: 'syz-executor.3': attribute type 27 has an invalid length.
[  627.004939][T12141] loop3: detected capacity change from 0 to 256
[  627.006240][T12142] loop0: detected capacity change from 0 to 512
[  627.018926][  T683] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  627.026124][  T683] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  627.046282][T12131] device veth0_vlan entered promiscuous mode
[  627.052407][  T683] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  627.061312][  T683] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  627.063874][T12142] EXT4-fs (loop0): 1 truncate cleaned up
[  627.069341][  T683] bridge0: port 1(bridge_slave_0) entered blocking state
[  627.074896][T12142] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  627.081443][  T683] bridge0: port 1(bridge_slave_0) entered forwarding state
[  627.082518][  T683] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  627.115748][  T683] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  627.123807][  T683] bridge0: port 2(bridge_slave_1) entered blocking state
[  627.130762][  T683] bridge0: port 2(bridge_slave_1) entered forwarding state
[  627.145668][  T683] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  627.153652][  T683] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  627.161509][  T683] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  627.169745][  T683] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  627.190966][  T683] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  627.200991][  T683] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  627.209345][  T683] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  627.236100][  T683] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  627.244570][  T683] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  627.252156][  T683] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  627.264601][  T683] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  627.279472][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  627.289451][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  627.711800][T12150] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  627.826366][T12131] device veth1_macvtap entered promiscuous mode
[  627.869889][T12155] loop1: detected capacity change from 0 to 512
[  627.877466][   T45] device bridge_slave_1 left promiscuous mode
[  627.883393][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  627.916744][   T45] device bridge_slave_0 left promiscuous mode
[  627.922963][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  627.992722][T12155] EXT4-fs (loop1): 1 truncate cleaned up
[  628.000827][T12155] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  628.760534][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  628.768592][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  628.777176][T12166] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  628.791621][T12165] sch_tbf: burst 511 is lower than device veth13 mtu (1514) !
[  628.799049][T12168] device veth0_vlan left promiscuous mode
[  628.804844][T12168] device veth0_vlan entered promiscuous mode
[  628.812710][T12169] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  628.868866][T12177] loop4: detected capacity change from 0 to 512
[  628.876126][ T7449] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  628.888284][ T7449] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  628.926852][T12177] EXT4-fs (loop4): 1 truncate cleaned up
[  628.932385][T12177] EXT4-fs (loop4): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  628.946141][T12182] netlink: 'syz-executor.1': attribute type 27 has an invalid length.
[  629.240551][ T7449] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[  629.274521][T12189] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  629.491613][T12189] sch_tbf: burst 511 is lower than device veth15 mtu (1514) !
[  629.513173][T12189] EXT4-fs error (device loop4): ext4_find_dest_de:2112: inode #2: block 13: comm syz-executor.4: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  629.596457][  T329] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[  629.749537][T12192] loop2: detected capacity change from 0 to 256
[  629.768406][T12193] loop0: detected capacity change from 0 to 4096
[  629.803865][    T8] Bluetooth: hci0: Frame reassembly failed (-84)
[  629.816506][ T7449] usb 4-1: Using ep0 maxpacket: 32
[  629.822109][T12192] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  629.834622][T12192] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  629.856821][T12193] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  629.926479][  T329] usb 2-1: Using ep0 maxpacket: 16
[  629.939644][T12193] EXT4-fs error (device loop0): ext4_map_blocks:602: inode #15: block 112: comm syz-executor.0: lblock 0 mapped to illegal pblock 112 (length 1)
[  629.954525][T12193] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  629.964131][ T7449] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  629.964271][T12193] EXT4-fs error (device loop0): ext4_dirty_inode:6024: inode #15: comm syz-executor.0: mark_inode_dirty error
[  629.974994][ T7449] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  630.066739][  T329] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  630.106897][  T329] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  630.140108][T10188] EXT4-fs error (device loop0): ext4_map_blocks:602: inode #2: block 16: comm syz-executor.0: lblock 0 mapped to illegal pblock 16 (length 1)
[  630.155054][  T329] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  630.166634][T10188] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  630.169956][ T7449] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  630.175922][  T329] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  630.192129][T10188] EXT4-fs error (device loop0): ext4_dirty_inode:6024: inode #2: comm syz-executor.0: mark_inode_dirty error
[  630.200996][ T7449] usb 4-1: config 0 descriptor??
[  630.209994][  T329] usb 2-1: config 0 descriptor??
[  630.212146][T10188] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  630.224154][T10188] EXT4-fs error (device loop0): ext4_quota_off:6464: inode #3: comm syz-executor.0: mark_inode_dirty error
[  630.236556][T10188] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  630.245924][T10188] EXT4-fs error (device loop0): ext4_quota_off:6464: inode #4: comm syz-executor.0: mark_inode_dirty error
[  630.266898][ T7449] hub 4-1:0.0: USB hub found
[  630.422680][T12201] bridge0: port 1(bridge_slave_0) entered blocking state
[  630.429608][T12201] bridge0: port 1(bridge_slave_0) entered disabled state
[  630.436884][T12201] device bridge_slave_0 entered promiscuous mode
[  630.443512][T12201] bridge0: port 2(bridge_slave_1) entered blocking state
[  630.450596][T12201] bridge0: port 2(bridge_slave_1) entered disabled state
[  630.458034][T12201] device bridge_slave_1 entered promiscuous mode
[  630.476487][ T7449] hub 4-1:0.0: 1 port detected
[  630.501796][T12201] bridge0: port 2(bridge_slave_1) entered blocking state
[  630.508647][T12201] bridge0: port 2(bridge_slave_1) entered forwarding state
[  630.515710][T12201] bridge0: port 1(bridge_slave_0) entered blocking state
[  630.522550][T12201] bridge0: port 1(bridge_slave_0) entered forwarding state
[  630.541486][ T3384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  630.548953][ T3384] bridge0: port 1(bridge_slave_0) entered disabled state
[  630.556016][ T3384] bridge0: port 2(bridge_slave_1) entered disabled state
[  630.564850][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  630.572980][ T3890] bridge0: port 1(bridge_slave_0) entered blocking state
[  630.579840][ T3890] bridge0: port 1(bridge_slave_0) entered forwarding state
[  630.614006][  T683] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  630.622967][  T683] bridge0: port 2(bridge_slave_1) entered blocking state
[  630.629839][  T683] bridge0: port 2(bridge_slave_1) entered forwarding state
[  630.636989][  T683] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  630.646871][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  630.659431][ T3384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  630.672170][T12201] device veth0_vlan entered promiscuous mode
[  630.682213][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  630.688926][T12206] loop2: detected capacity change from 0 to 256
[  630.690842][  T329] microsoft 0003:045E:07DA.00A6: unknown main item tag 0x0
[  630.704486][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  630.707223][T12206] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  630.713993][  T329] microsoft 0003:045E:07DA.00A6: unknown main item tag 0x0
[  630.731045][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  630.738572][T12206] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  630.738705][  T329] microsoft 0003:045E:07DA.00A6: unknown main item tag 0x0
[  630.768836][T12201] device veth1_macvtap entered promiscuous mode
[  630.776188][  T329] microsoft 0003:045E:07DA.00A6: unknown main item tag 0x0
[  630.843648][  T329] microsoft 0003:045E:07DA.00A6: unknown main item tag 0x0
[  630.850753][  T329] microsoft 0003:045E:07DA.00A6: unknown main item tag 0x0
[  630.857766][  T329] microsoft 0003:045E:07DA.00A6: unknown main item tag 0x0
[  630.865713][  T329] microsoft 0003:045E:07DA.00A6: unknown main item tag 0x0
[  630.873622][  T329] microsoft 0003:045E:07DA.00A6: unknown main item tag 0x0
[  630.886451][  T329] microsoft 0003:045E:07DA.00A6: unknown main item tag 0x0
[  630.899277][  T329] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.00A6/input/input32
[  630.919592][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  630.933464][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  630.957780][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  631.060346][  T329] microsoft 0003:045E:07DA.00A6: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  631.088757][   T30] audit: type=1400 audit(1719154948.247:6945): avc:  denied  { read } for  pid=85 comm="acpid" name="event3" dev="devtmpfs" ino=1726 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  631.141019][  T329] usb 2-1: USB disconnect, device number 67
[  631.223071][   T30] audit: type=1400 audit(1719154948.277:6946): avc:  denied  { open } for  pid=85 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=1726 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  631.266475][   T30] audit: type=1400 audit(1719154948.277:6947): avc:  denied  { ioctl } for  pid=85 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=1726 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  631.338807][T12218] device veth0_vlan left promiscuous mode
[  631.344802][T12218] device veth0_vlan entered promiscuous mode
[  631.377179][   T10] device bridge_slave_1 left promiscuous mode
[  631.383120][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  631.399260][   T10] device bridge_slave_0 left promiscuous mode
[  631.405314][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  631.436466][ T7449] hub 4-1:0.0: hub_hub_status failed (err = -71)
[  631.442634][ T7449] hub 4-1:0.0: config failed, can't get hub status (err -71)
[  631.489367][T12222] netlink: 'syz-executor.0': attribute type 27 has an invalid length.
[  631.504599][T12222] bridge0: port 2(bridge_slave_1) entered disabled state
[  631.511579][T12222] bridge0: port 1(bridge_slave_0) entered disabled state
[  631.546475][ T7449] usbhid 4-1:0.0: can't add hid device: -71
[  631.558844][ T7449] usbhid: probe of 4-1:0.0 failed with error -71
[  631.617106][ T7449] usb 4-1: USB disconnect, device number 62
[  631.644609][T12230] loop0: detected capacity change from 0 to 256
[  631.759754][T12230] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  631.960404][T12230] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  632.090437][    T6] Bluetooth: hci0: command 0x1003 tx timeout
[  632.098914][  T823] Bluetooth: hci0: sending frame failed (-49)
[  632.601039][T12254] device veth0_vlan left promiscuous mode
[  632.606909][T12254] device veth0_vlan entered promiscuous mode
[  632.618356][T12256] loop1: detected capacity change from 0 to 512
[  632.665841][T12259] binder: BINDER_SET_CONTEXT_MGR already set
[  632.679491][T12259] binder: 12258:12259 ioctl 4018620d 20000040 returned -16
[  632.714947][T12256] EXT4-fs (loop1): 1 truncate cleaned up
[  632.720623][T12256] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  632.921985][   T30] audit: type=1326 audit(1719154950.077:6948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12266 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  632.950569][T12272] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  632.957312][   T30] audit: type=1326 audit(1719154950.107:6949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12266 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  632.983776][ T7449] usb 1-1: new high-speed USB device number 64 using dummy_hcd
[  632.995652][T12272] sch_tbf: burst 511 is lower than device veth21 mtu (1514) !
[  633.236507][ T7449] usb 1-1: Using ep0 maxpacket: 16
[  633.315841][T12276] loop3: detected capacity change from 0 to 40427
[  633.386521][ T7449] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  633.397388][ T7449] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  633.410514][ T7449] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  633.415690][T12276] F2FS-fs (loop3): invalid crc value
[  633.420289][ T7449] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  633.426232][T12276] F2FS-fs (loop3): Found nat_bits in checkpoint
[  633.436481][ T7449] usb 1-1: config 0 descriptor??
[  633.474165][T12276] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  633.633722][T12283] syz-executor.3[12283] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  633.633903][T12283] syz-executor.3[12283] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  633.645918][   T30] audit: type=1326 audit(1719154950.807:6950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12266 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  633.685398][T12283] attempt to access beyond end of device
[  633.685398][T12283] loop3: rw=524288, want=45072, limit=40427
[  633.699190][T12283] attempt to access beyond end of device
[  633.699190][T12283] loop3: rw=0, want=45072, limit=40427
[  633.706204][   T30] audit: type=1326 audit(1719154950.807:6951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12266 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  633.734638][   T30] audit: type=1326 audit(1719154950.807:6952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12266 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  633.759680][   T30] audit: type=1326 audit(1719154950.807:6953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12266 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  633.788218][   T30] audit: type=1326 audit(1719154950.807:6954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12266 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  634.128774][    T6] Bluetooth: hci0: command 0x1001 tx timeout
[  634.134629][  T823] Bluetooth: hci0: sending frame failed (-49)
[  634.143551][ T7449] microsoft 0003:045E:07DA.00A7: unknown main item tag 0x0
[  634.150752][ T7449] microsoft 0003:045E:07DA.00A7: unknown main item tag 0x0
[  634.157909][ T7449] microsoft 0003:045E:07DA.00A7: unknown main item tag 0x0
[  634.165473][ T7449] microsoft 0003:045E:07DA.00A7: unknown main item tag 0x0
[  634.172723][ T7449] microsoft 0003:045E:07DA.00A7: unknown main item tag 0x0
[  634.179952][ T7449] microsoft 0003:045E:07DA.00A7: unknown main item tag 0x0
[  634.187096][ T7449] microsoft 0003:045E:07DA.00A7: unknown main item tag 0x0
[  634.194142][ T7449] microsoft 0003:045E:07DA.00A7: unknown main item tag 0x0
[  634.201388][ T7449] microsoft 0003:045E:07DA.00A7: unknown main item tag 0x0
[  634.208577][ T7449] microsoft 0003:045E:07DA.00A7: unknown main item tag 0x0
[  634.227168][ T7449] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.00A7/input/input33
[  634.271075][ T7344] attempt to access beyond end of device
[  634.271075][ T7344] loop3: rw=2049, want=45104, limit=40427
[  634.307798][ T7449] microsoft 0003:045E:07DA.00A7: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[  634.329869][ T7449] usb 1-1: USB disconnect, device number 64
[  634.797726][T12311] loop1: detected capacity change from 0 to 256
[  634.822373][T12313] loop0: detected capacity change from 0 to 4096
[  634.915059][T12313] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  635.035735][T12313] EXT4-fs error (device loop0): ext4_map_blocks:716: inode #15: block 271: comm syz-executor.0: lblock 111 mapped to illegal pblock 271 (length 1)
[  635.156794][T12313] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:476: comm syz-executor.0: Invalid block bitmap block 0 in block_group 0
[  635.198111][T12313] EXT4-fs error (device loop0): ext4_discard_preallocations:5104: comm syz-executor.0: Error -117 reading block bitmap for 0
[  635.231050][T12313] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  635.256436][T12313] EXT4-fs error (device loop0): ext4_ext_truncate:4431: inode #15: comm syz-executor.0: mark_inode_dirty error
[  635.289451][T12313] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  635.312037][T12313] EXT4-fs error (device loop0): ext4_truncate:4292: inode #15: comm syz-executor.0: mark_inode_dirty error
[  635.329369][T12324] EXT4-fs error (device loop0): ext4_ext_map_blocks:4160: inode #15: comm syz-executor.0: bad extent address lblock: 9, depth: 1 pblock 0
[  635.343984][T12324] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 9 with max blocks 7 with error 117
[  635.356791][T12328] loop3: detected capacity change from 0 to 40427
[  635.362591][T12324] EXT4-fs (loop0): This should not happen!! Data will be lost
[  635.362591][T12324] 
[  635.373013][T12324] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  635.375541][T12328] F2FS-fs (loop3): invalid crc value
[  635.382649][T12324] EXT4-fs error (device loop0): ext4_dirty_inode:6024: inode #15: comm syz-executor.0: mark_inode_dirty error
[  635.388682][T12328] F2FS-fs (loop3): Found nat_bits in checkpoint
[  635.430468][   T45] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 95 with error 117
[  635.432368][T12328] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  635.442763][   T45] EXT4-fs (loop0): This should not happen!! Data will be lost
[  635.442763][   T45] 
[  635.607958][T12333] syz-executor.3[12333] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  635.608030][T12333] syz-executor.3[12333] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  635.648575][T12333] attempt to access beyond end of device
[  635.648575][T12333] loop3: rw=524288, want=45072, limit=40427
[  635.682565][T12333] attempt to access beyond end of device
[  635.682565][T12333] loop3: rw=0, want=45072, limit=40427
[  635.722236][T12334] bridge0: port 1(bridge_slave_0) entered blocking state
[  635.729299][T12334] bridge0: port 1(bridge_slave_0) entered disabled state
[  635.737066][T12334] device bridge_slave_0 entered promiscuous mode
[  635.913263][T12334] bridge0: port 2(bridge_slave_1) entered blocking state
[  636.005407][T12334] bridge0: port 2(bridge_slave_1) entered disabled state
[  636.022173][T12334] device bridge_slave_1 entered promiscuous mode
[  636.083085][T12348] fuse: Invalid rootmode
[  636.114290][ T7344] attempt to access beyond end of device
[  636.114290][ T7344] loop3: rw=2049, want=45104, limit=40427
[  636.120439][T12353] loop1: detected capacity change from 0 to 256
[  636.160141][T12334] bridge0: port 2(bridge_slave_1) entered blocking state
[  636.166996][T12334] bridge0: port 2(bridge_slave_1) entered forwarding state
[  636.174052][T12334] bridge0: port 1(bridge_slave_0) entered blocking state
[  636.180884][T12334] bridge0: port 1(bridge_slave_0) entered forwarding state
[  636.196463][ T7449] Bluetooth: hci0: command 0x1009 tx timeout
[  636.200554][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  636.222664][  T329] bridge0: port 1(bridge_slave_0) entered disabled state
[  636.231475][  T329] bridge0: port 2(bridge_slave_1) entered disabled state
[  636.249946][ T7449] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  636.261073][ T7449] bridge0: port 1(bridge_slave_0) entered blocking state
[  636.267942][ T7449] bridge0: port 1(bridge_slave_0) entered forwarding state
[  636.281769][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  636.290147][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[  636.297008][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[  636.315895][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  636.324043][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  636.336982][ T7449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  636.350655][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  636.359004][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  636.366143][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  636.374373][T12334] device veth0_vlan entered promiscuous mode
[  636.380782][    T8] device bridge_slave_1 left promiscuous mode
[  636.386882][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  636.394017][    T8] device bridge_slave_0 left promiscuous mode
[  636.400161][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  636.407788][    T8] device veth0_vlan left promiscuous mode
[  636.482140][T12334] device veth1_macvtap entered promiscuous mode
[  636.488958][ T7449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  636.501550][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  636.509759][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  636.537130][  T537] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[  636.651847][   T30] kauditd_printk_skb: 130 callbacks suppressed
[  636.651880][   T30] audit: type=1326 audit(1719154953.807:7085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12368 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  636.685025][   T30] audit: type=1326 audit(1719154953.837:7086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12368 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  636.796501][  T537] usb 2-1: Using ep0 maxpacket: 32
[  636.956513][  T537] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  636.967287][  T537] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  636.976042][  T537] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  636.985486][  T537] usb 2-1: config 0 descriptor??
[  637.027829][  T537] hub 2-1:0.0: USB hub found
[  637.197215][T12382] fuse: Invalid rootmode
[  637.246518][  T537] hub 2-1:0.0: 1 port detected
[  637.412363][   T30] audit: type=1326 audit(1719154954.567:7087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12368 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  637.438108][   T30] audit: type=1326 audit(1719154954.567:7088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12368 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  637.462177][   T30] audit: type=1326 audit(1719154954.567:7089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12368 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  637.486946][   T30] audit: type=1326 audit(1719154954.567:7090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12368 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  637.516510][   T30] audit: type=1326 audit(1719154954.567:7091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12368 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  637.559466][   T30] audit: type=1326 audit(1719154954.567:7092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12368 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  637.592393][   T30] audit: type=1326 audit(1719154954.567:7093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12368 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  637.626640][   T30] audit: type=1326 audit(1719154954.567:7094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12368 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  637.669083][T12397] loop2: detected capacity change from 0 to 512
[  637.749286][T12397] EXT4-fs (loop2): 1 truncate cleaned up
[  637.754838][T12397] EXT4-fs (loop2): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  637.991003][  T537] hub 2-1:0.0: hub_hub_status failed (err = -71)
[  637.997192][  T537] hub 2-1:0.0: config failed, can't get hub status (err -71)
[  638.085448][T12404] loop3: detected capacity change from 0 to 4096
[  638.096601][  T537] usbhid 2-1:0.0: can't add hid device: -71
[  638.102523][  T537] usbhid: probe of 2-1:0.0 failed with error -71
[  638.136687][  T537] usb 2-1: USB disconnect, device number 68
[  638.152193][T12408] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  638.161832][T12408] sch_tbf: burst 511 is lower than device vlan0 mtu (1514) !
[  638.170004][T12404] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  638.292078][T12404] EXT4-fs error (device loop3): ext4_ext_map_blocks:4160: inode #15: comm syz-executor.3: bad extent address lblock: 9, depth: 1 pblock 0
[  638.306244][T12404] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 9 with max blocks 7 with error 117
[  638.318651][T12404] EXT4-fs (loop3): This should not happen!! Data will be lost
[  638.318651][T12404] 
[  638.328260][T12404] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  638.337732][T12404] EXT4-fs error (device loop3): ext4_dirty_inode:6024: inode #15: comm syz-executor.3: mark_inode_dirty error
[  638.354597][ T7344] EXT4-fs error (device loop3): ext4_map_blocks:602: inode #2: block 16: comm syz-executor.3: lblock 0 mapped to illegal pblock 16 (length 1)
[  638.369104][ T7344] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  638.378593][ T7344] EXT4-fs error (device loop3): ext4_dirty_inode:6024: inode #2: comm syz-executor.3: mark_inode_dirty error
[  638.392345][   T45] EXT4-fs error (device loop3): ext4_ext_map_blocks:4160: inode #15: comm kworker/u4:2: bad extent address lblock: 16, depth: 1 pblock 0
[  638.406549][   T45] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 332 with error 117
[  638.418959][   T45] EXT4-fs (loop3): This should not happen!! Data will be lost
[  638.418959][   T45] 
[  638.443920][ T7344] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  638.453402][ T7344] EXT4-fs error (device loop3): ext4_quota_off:6464: inode #3: comm syz-executor.3: mark_inode_dirty error
[  638.476508][ T7344] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  638.563187][T12414] loop1: detected capacity change from 0 to 512
[  638.577791][   T45] tipc: Left network mode
[  638.665444][T12414] EXT4-fs (loop1): 1 truncate cleaned up
[  638.670947][T12414] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  638.695940][T12414] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  638.782129][T12428] loop1: detected capacity change from 0 to 4096
[  638.789785][T12421] bridge0: port 1(bridge_slave_0) entered blocking state
[  638.802627][T12421] bridge0: port 1(bridge_slave_0) entered disabled state
[  638.815093][T12421] device bridge_slave_0 entered promiscuous mode
[  638.824108][T12433] loop0: detected capacity change from 0 to 512
[  638.840684][T12421] bridge0: port 2(bridge_slave_1) entered blocking state
[  638.870382][T12428] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  638.881264][T12421] bridge0: port 2(bridge_slave_1) entered disabled state
[  638.902396][T12421] device bridge_slave_1 entered promiscuous mode
[  638.916884][T12433] EXT4-fs (loop0): 1 truncate cleaned up
[  638.923512][T12433] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  639.132496][T12437] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  639.144724][T12437] sch_tbf: burst 511 is lower than device bridge_slave_1 mtu (1514) !
[  639.158634][T12437] EXT4-fs error (device loop0): ext4_find_dest_de:2112: inode #2: block 13: comm syz-executor.0: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  639.282533][T12421] bridge0: port 2(bridge_slave_1) entered blocking state
[  639.289542][T12421] bridge0: port 2(bridge_slave_1) entered forwarding state
[  639.296816][T12421] bridge0: port 1(bridge_slave_0) entered blocking state
[  639.303720][T12421] bridge0: port 1(bridge_slave_0) entered forwarding state
[  639.313933][T12428] EXT4-fs error (device loop1): ext4_ext_map_blocks:4160: inode #15: comm syz-executor.1: bad extent address lblock: 9, depth: 1 pblock 0
[  639.329003][T12428] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 9 with max blocks 7 with error 117
[  639.343591][T12428] EXT4-fs (loop1): This should not happen!! Data will be lost
[  639.343591][T12428] 
[  639.345409][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  639.353433][T12428] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  639.369421][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  639.369538][T12428] EXT4-fs error (device loop1): ext4_dirty_inode:6024: inode #15: comm syz-executor.1: mark_inode_dirty error
[  639.388069][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  639.408094][   T45] device bridge_slave_1 left promiscuous mode
[  639.414294][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  639.417143][ T4988] EXT4-fs error (device loop1): ext4_map_blocks:602: inode #2: block 16: comm syz-executor.1: lblock 0 mapped to illegal pblock 16 (length 1)
[  639.435696][   T45] device bridge_slave_0 left promiscuous mode
[  639.441734][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  639.449615][ T4988] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  639.459226][ T4988] EXT4-fs error (device loop1): ext4_dirty_inode:6024: inode #2: comm syz-executor.1: mark_inode_dirty error
[  639.474892][   T10] EXT4-fs error (device loop1): ext4_ext_map_blocks:4160: inode #15: comm kworker/u4:1: bad extent address lblock: 16, depth: 1 pblock 0
[  639.491032][   T10] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 332 with error 117
[  639.504354][   T10] EXT4-fs (loop1): This should not happen!! Data will be lost
[  639.504354][   T10] 
[  639.524451][ T4988] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  639.533859][ T4988] EXT4-fs error (device loop1): ext4_quota_off:6464: inode #3: comm syz-executor.1: mark_inode_dirty error
[  639.549077][ T4988] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  639.730170][  T537] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  639.740791][  T537] bridge0: port 1(bridge_slave_0) entered blocking state
[  639.747669][  T537] bridge0: port 1(bridge_slave_0) entered forwarding state
[  639.755006][  T537] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  639.763550][  T537] bridge0: port 2(bridge_slave_1) entered blocking state
[  639.770421][  T537] bridge0: port 2(bridge_slave_1) entered forwarding state
[  639.778389][  T329] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[  639.787533][  T537] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  639.795344][T12448] loop0: detected capacity change from 0 to 512
[  639.795407][  T537] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  639.820076][T12421] device veth0_vlan entered promiscuous mode
[  639.832480][T12421] device veth1_macvtap entered promiscuous mode
[  639.843023][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  639.851976][T12448] EXT4-fs (loop0): 1 truncate cleaned up
[  639.854956][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  639.865417][T12448] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  639.876708][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  639.899773][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  639.916869][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  639.924966][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  639.945219][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  639.968896][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  639.976208][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  639.985148][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  639.993969][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  640.007431][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  640.015417][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  640.066491][  T329] usb 3-1: Using ep0 maxpacket: 32
[  640.203534][T12456] sch_tbf: burst 511 is lower than device team_slave_1 mtu (1514) !
[  640.211835][  T329] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  640.226861][  T329] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  640.235900][  T329] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  640.244936][  T329] usb 3-1: config 0 descriptor??
[  640.262111][T12464] loop3: detected capacity change from 0 to 512
[  640.271483][T12451] bridge0: port 1(bridge_slave_0) entered blocking state
[  640.279049][T12451] bridge0: port 1(bridge_slave_0) entered disabled state
[  640.287038][  T329] hub 3-1:0.0: USB hub found
[  640.294334][T12451] device bridge_slave_0 entered promiscuous mode
[  640.302754][T12451] bridge0: port 2(bridge_slave_1) entered blocking state
[  640.309798][T12451] bridge0: port 2(bridge_slave_1) entered disabled state
[  640.310235][T12464] EXT4-fs (loop3): 1 truncate cleaned up
[  640.317258][T12451] device bridge_slave_1 entered promiscuous mode
[  640.324187][T12464] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  640.373367][T12464] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  640.405965][T12451] bridge0: port 2(bridge_slave_1) entered blocking state
[  640.412826][T12451] bridge0: port 2(bridge_slave_1) entered forwarding state
[  640.419915][T12451] bridge0: port 1(bridge_slave_0) entered blocking state
[  640.426709][T12451] bridge0: port 1(bridge_slave_0) entered forwarding state
[  640.455046][ T3384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  640.456686][T12471] loop3: detected capacity change from 0 to 256
[  640.468594][ T3384] bridge0: port 1(bridge_slave_0) entered disabled state
[  640.475781][ T3384] bridge0: port 2(bridge_slave_1) entered disabled state
[  640.497525][ T3384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  640.505742][ T3384] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  640.514065][ T3384] bridge0: port 1(bridge_slave_0) entered blocking state
[  640.520925][ T3384] bridge0: port 1(bridge_slave_0) entered forwarding state
[  640.529232][ T3384] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  640.537276][ T3384] bridge0: port 2(bridge_slave_1) entered blocking state
[  640.544114][ T3384] bridge0: port 2(bridge_slave_1) entered forwarding state
[  640.566567][ T3384] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  640.574593][ T3384] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  640.587359][T12474] loop3: detected capacity change from 0 to 4096
[  640.601860][T12451] device veth0_vlan entered promiscuous mode
[  640.609864][  T537] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  640.619191][  T537] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  640.628042][  T537] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  640.638284][T12474] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  640.661669][T12451] device veth1_macvtap entered promiscuous mode
[  640.703884][ T3384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  640.729528][ T7449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  640.753880][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  640.766681][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  640.781385][T12474] EXT4-fs error (device loop3): ext4_map_blocks:716: inode #15: block 449: comm syz-executor.3: lblock 289 mapped to illegal pblock 449 (length 1)
[  640.798977][T12474] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:476: comm syz-executor.3: Invalid block bitmap block 0 in block_group 0
[  640.820322][T12474] EXT4-fs error (device loop3): ext4_discard_preallocations:5104: comm syz-executor.3: Error -117 reading block bitmap for 0
[  640.834656][T12474] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  640.844780][T12474] EXT4-fs error (device loop3): ext4_ext_truncate:4431: inode #15: comm syz-executor.3: mark_inode_dirty error
[  640.880574][T12474] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  641.001912][T12474] EXT4-fs error (device loop3): ext4_truncate:4292: inode #15: comm syz-executor.3: mark_inode_dirty error
[  641.071505][   T45] device bridge_slave_1 left promiscuous mode
[  641.109066][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  641.117594][T12488] loop4: detected capacity change from 0 to 256
[  641.125058][   T45] device bridge_slave_0 left promiscuous mode
[  641.149757][T12483] EXT4-fs error (device loop3): ext4_ext_map_blocks:4160: inode #15: comm syz-executor.3: bad extent address lblock: 9, depth: 1 pblock 0
[  641.163814][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  641.186787][T12483] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 9 with max blocks 7 with error 117
[  641.248212][T12491] loop4: detected capacity change from 0 to 512
[  641.256445][T12483] EXT4-fs (loop3): This should not happen!! Data will be lost
[  641.256445][T12483] 
[  641.279301][T12483] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  641.299637][T12483] EXT4-fs error (device loop3): ext4_dirty_inode:6024: inode #15: comm syz-executor.3: mark_inode_dirty error
[  641.332569][T11927] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 273 with error 117
[  641.345235][T11927] EXT4-fs (loop3): This should not happen!! Data will be lost
[  641.345235][T11927] 
[  641.354808][  T329] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[  641.382699][T12491] EXT4-fs (loop4): 1 truncate cleaned up
[  641.389965][T12491] EXT4-fs (loop4): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  641.496530][  T329] usbhid 3-1:0.0: can't add hid device: -71
[  641.502646][  T329] usbhid: probe of 3-1:0.0 failed with error -71
[  641.537881][  T329] usb 3-1: USB disconnect, device number 56
[  641.591913][T12495] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  641.750095][T12495] sch_tbf: burst 511 is lower than device veth17 mtu (1514) !
[  641.775023][T12494] EXT4-fs error (device loop4): ext4_find_dest_de:2112: inode #2: block 13: comm syz-executor.4: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  641.900727][T12501] bridge0: port 1(bridge_slave_0) entered blocking state
[  641.907695][T12501] bridge0: port 1(bridge_slave_0) entered disabled state
[  641.914842][T12501] device bridge_slave_0 entered promiscuous mode
[  641.921975][T12501] bridge0: port 2(bridge_slave_1) entered blocking state
[  641.929118][T12501] bridge0: port 2(bridge_slave_1) entered disabled state
[  641.938080][T12501] device bridge_slave_1 entered promiscuous mode
[  642.243057][T12512] loop4: detected capacity change from 0 to 4096
[  642.286170][T12515] netlink: 'syz-executor.2': attribute type 27 has an invalid length.
[  642.299557][T12512] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  642.359883][T12515] bridge0: port 2(bridge_slave_1) entered disabled state
[  642.366885][T12515] bridge0: port 1(bridge_slave_0) entered disabled state
[  642.468856][T12512] EXT4-fs error (device loop4): ext4_ext_map_blocks:4160: inode #15: comm syz-executor.4: bad extent address lblock: 9, depth: 1 pblock 0
[  642.488529][T12512] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 9 with max blocks 7 with error 117
[  642.503508][T12512] EXT4-fs (loop4): This should not happen!! Data will be lost
[  642.503508][T12512] 
[  642.521911][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  642.529701][T12512] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  642.548478][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  642.549661][T12512] EXT4-fs error (device loop4): ext4_dirty_inode:6024: inode #15: comm syz-executor.4: mark_inode_dirty error
[  642.556726][    T6] bridge0: port 1(bridge_slave_0) entered blocking state
[  642.574599][    T6] bridge0: port 1(bridge_slave_0) entered forwarding state
[  642.584615][ T8943] EXT4-fs error (device loop4): ext4_map_blocks:602: inode #2: block 16: comm syz-executor.4: lblock 0 mapped to illegal pblock 16 (length 1)
[  642.589302][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  642.607212][    T6] bridge0: port 2(bridge_slave_1) entered blocking state
[  642.609205][ T8943] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  642.614053][    T6] bridge0: port 2(bridge_slave_1) entered forwarding state
[  642.623999][ T8943] EXT4-fs error (device loop4): ext4_dirty_inode:6024: inode #2: comm syz-executor.4: mark_inode_dirty error
[  642.642185][   T30] kauditd_printk_skb: 58 callbacks suppressed
[  642.642197][   T30] audit: type=1326 audit(1719154959.807:7153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12520 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  642.673120][T11927] EXT4-fs error (device loop4): ext4_ext_map_blocks:4160: inode #15: comm kworker/u4:3: bad extent address lblock: 16, depth: 1 pblock 0
[  642.673743][   T30] audit: type=1326 audit(1719154959.837:7154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12520 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  642.687599][T11927] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 332 with error 117
[  642.723728][T11927] EXT4-fs (loop4): This should not happen!! Data will be lost
[  642.723728][T11927] 
[  642.733283][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  642.741526][ T8943] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  642.741838][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  642.751566][ T8943] EXT4-fs error (device loop4): ext4_quota_off:6464: inode #3: comm syz-executor.4: mark_inode_dirty error
[  642.770691][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  642.778682][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  642.786468][ T8943] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  642.799444][T12501] device veth0_vlan entered promiscuous mode
[  642.808004][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  642.815878][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  642.823293][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  642.834569][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  642.842797][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  642.863377][T12501] device veth1_macvtap entered promiscuous mode
[  642.891291][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  642.901349][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  642.903472][T12528] loop1: detected capacity change from 0 to 256
[  642.915620][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  642.924000][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  642.932192][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  642.942895][T12528] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  642.955747][T12528] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  643.169475][   T45] device bridge_slave_1 left promiscuous mode
[  643.177766][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  643.442040][   T30] audit: type=1326 audit(1719154960.597:7155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12520 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  643.467340][   T45] device bridge_slave_0 left promiscuous mode
[  643.474370][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  643.482720][   T45] device veth1_macvtap left promiscuous mode
[  643.488773][   T45] device veth0_vlan left promiscuous mode
[  643.497048][   T30] audit: type=1326 audit(1719154960.597:7156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12520 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  643.526054][   T30] audit: type=1326 audit(1719154960.597:7157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12520 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  643.580795][   T30] audit: type=1326 audit(1719154960.597:7158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12520 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  643.585374][T12543] loop0: detected capacity change from 0 to 512
[  643.630426][   T30] audit: type=1326 audit(1719154960.597:7159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12520 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  643.678852][   T30] audit: type=1326 audit(1719154960.597:7160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12520 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  643.702913][   T30] audit: type=1326 audit(1719154960.597:7161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12520 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  643.726947][   T30] audit: type=1326 audit(1719154960.597:7162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12520 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b467460a9 code=0x7fc00000
[  643.756012][T12543] EXT4-fs (loop0): 1 truncate cleaned up
[  643.761871][T12543] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none.
[  644.017340][T12561] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  644.071975][T12561] sch_tbf: burst 511 is lower than device veth0_macvtap mtu (1514) !
[  644.104345][T12566] loop2: detected capacity change from 0 to 4096
[  644.196214][T12566] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  644.395726][T12566] EXT4-fs error (device loop2): ext4_ext_map_blocks:4160: inode #15: comm syz-executor.2: bad extent address lblock: 9, depth: 1 pblock 0
[  644.410093][T12566] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 9 with max blocks 7 with error 117
[  644.422297][T12566] EXT4-fs (loop2): This should not happen!! Data will be lost
[  644.422297][T12566] 
[  644.431963][T12566] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  644.441504][T12566] EXT4-fs error (device loop2): ext4_dirty_inode:6024: inode #15: comm syz-executor.2: mark_inode_dirty error
[  644.464333][T12131] EXT4-fs error (device loop2): ext4_map_blocks:602: inode #2: block 16: comm syz-executor.2: lblock 0 mapped to illegal pblock 16 (length 1)
[  644.482607][T12131] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  644.492079][T12131] EXT4-fs error (device loop2): ext4_dirty_inode:6024: inode #2: comm syz-executor.2: mark_inode_dirty error
[  644.507358][T11927] EXT4-fs error (device loop2): ext4_ext_map_blocks:4160: inode #15: comm kworker/u4:3: bad extent address lblock: 16, depth: 1 pblock 0
[  644.523887][T11927] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 332 with error 117
[  644.536965][T11927] EXT4-fs (loop2): This should not happen!! Data will be lost
[  644.536965][T11927] 
[  644.566724][T12131] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  644.576141][T12131] EXT4-fs error (device loop2): ext4_quota_off:6464: inode #3: comm syz-executor.2: mark_inode_dirty error
[  644.596629][T12131] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  644.648816][   T45] device veth0_vlan left promiscuous mode
[  644.894776][T12583] bridge0: port 1(bridge_slave_0) entered blocking state
[  644.901764][T12583] bridge0: port 1(bridge_slave_0) entered disabled state
[  644.909519][T12583] device bridge_slave_0 entered promiscuous mode
[  644.923084][T12583] bridge0: port 2(bridge_slave_1) entered blocking state
[  644.930287][T12583] bridge0: port 2(bridge_slave_1) entered disabled state
[  644.938612][T12583] device bridge_slave_1 entered promiscuous mode
2024/06/23 15:02:42 SYZFATAL: executor 4 failed 11 times: executor 4: EOF
remote cover enable write trace failed (errno 17)

[  645.032002][  T537] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  645.039953][  T537] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  645.049793][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  645.058286][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  645.067762][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[  645.074694][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[  645.130254][  T537] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready