last executing test programs:

3.90768157s ago: executing program 1 (id=3113):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x3, 0x3, 0x9, 0x1, 0xa8}]}, &(0x7f0000000080)='syzkaller\x00', 0x4, 0x98, &(0x7f00000000c0)=""/152}, 0x80)

3.856686784s ago: executing program 1 (id=3115):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000001900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = dup(r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000002240)='9p_client_req\x00', r4}, 0x10)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [], 0x6b}})

3.372431373s ago: executing program 1 (id=3119):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000009c0)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0xf, {[@main=@item_4={0x3, 0x0, 0x0, "a8407a73"}, @local=@item_4={0x3, 0x2, 0x0, "f85edaca"}, @main=@item_4]}}, 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$HIDIOCGCOLLECTIONINFO(r1, 0xc0104811, &(0x7f0000000000))

2.865966705s ago: executing program 2 (id=3127):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x6, 0x8, 0x1}, 0x48)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xd, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002a00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
r4 = epoll_create1(0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x0, 0x0, 0x5}, 0x48)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r6, &(0x7f0000000040)={0x60000014})
read$char_usb(r5, &(0x7f0000000100)=""/169, 0xa9)
epoll_pwait(r4, &(0x7f0000000200)=[{}], 0x1, 0x0, 0x0, 0x0)

2.267596564s ago: executing program 0 (id=3133):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x2, 0x7fe2, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0xe, &(0x7f0000000140)={@multicast, @broadcast, @val, {@can={0xc, {{}, 0x0, 0x0, 0x0, 0x0, "c74855c9c7563e26"}}}}, 0x0)

2.174669792s ago: executing program 0 (id=3134):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000940)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x4d100000, 0x0, 0x0, 0x0, 0x0, 0x0)

2.052650422s ago: executing program 0 (id=3135):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x6}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
r2 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88c19edace00000000000000002100000002ff02000000000000000000000000000104004e20004d13"], 0x0)
ppoll(&(0x7f00000001c0)=[{r2, 0x325}], 0x1, 0x0, 0x0, 0x0)

1.903861674s ago: executing program 0 (id=3136):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000080)={0x0, 0x0, 0x4, r2, 0x1})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000100)={0x0, 0x0, 0x0, r2, 0x8})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x10000, 0x0, 0x4, r2, 0x5})

1.793251773s ago: executing program 3 (id=3137):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=@ipv4_newrule={0x2c, 0x20, 0x787, 0x0, 0x0, {0x2, 0x0, 0x14, 0x0, 0x81}, [@FRA_GENERIC_POLICY=@FRA_DPORT_RANGE={0x8, 0x18, {0x4e20, 0x4e24}}, @FRA_SRC={0x8, 0x2, @private}]}, 0x2c}}, 0x0)

1.696363121s ago: executing program 0 (id=3138):
socket$nl_sock_diag(0x10, 0x3, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat2(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$f2fs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x2008410, &(0x7f0000000400)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45aca9836c319f437199ff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b525718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c84268030000000000000008886b313bd01a22d576e414011a4f0a897514329f86d4585fa0ea17068f8af349696da4a2b3e24310bb52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515e34ac8c454a30dd54a580ad7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54f3936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb00010000f7a0fa13516c0926d19dd2d58633d97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4ab22052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0", @ANYRES32=0x0, @ANYRESHEX], 0x1, 0x5549, &(0x7f0000003d80)="$eJzs3EtvG9UXAPA7TpP++/xHiAW7jlQhJVJt1elDsAvQiodIFfFYsALHdiy3tieKHSeEDRIsEQu+CQKJFUs+AwvW7BALEDskkOeOKaE8WtmJk/b3k8Zn5s74zLkjK9GZsRyAJ9Zi+stPSbgYzoQQ5kII55OQryfFkluN4ZkQwqUQQulPS1KM/zGwEEI4G0K4OEoecybFrs+uDC/f+PG1n7/+9vSpc59/9d3sZg3M2rMhhO5WXN/txpi1YrxbjNeG7Tx2rw+LGHd07xXbWYy7zY08w25tfFwtj9da8fhsa6c/ipudWn0UW+3NfHyrF0/YH7bGefI33K1t59uN5kYe2/0sj639WNfefvzbtt8fxDyNIt/7efowGIxjHG/uNeN8tu7lsd4bFOMxb9Zo7o3isIjF6UI96zTyOjYmudLH2+vt3s5eOmxu99tZL71RqT5Xqd4sV7ezRnPQvF6udRs3r6dLrc7osPKgWeuutrKs1WlW6ll3OV1q1evlajVdutXcaNd6abVauVa5Wr6xXKxdSV++83baaaRLo/hiu7ez0O70081sO43vWE5XKteeX04vV9M319bT9Tdu315bf+vdW+/ceWHt1ZeKgx4oK11aubqyUq5eLa9Ul4/B/Ef/dx9y/oNJ5v9xUfQjzD+Z7PLAv3v0D9gHC4dSCMDJ8UD/H/T/wOE76f1/mGb/P2qp9P//3f+WJu//J+p/j2v/f4LnDxNxgwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4In1/fwXr+Qri3H7XDF+oRh6qthOQgilEMJvf2MuLBzIOVfkmf+H4+f/UsM3ScgzjM5xuljOhhBWi+XX/x/2VQAAAIDH15cfXvo0duvxZXHWBXGU4k2b0vn3ppQvCSHML/4wpWyl0cvTU0qWf75Phb0pZctvYP1vSsniLbdT08r2UObG4aML9wfzCSUxlI60HAAA4EjMHQhH24UAAABwlD6ZdQHMRhLGjzLHz4Lzb97ff7R55sA+AAAA4ARKZl0AAAAAcOjy/t/v/wEAAMDjLf7+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzOzt3cJg6EYQD+bDA/+6NFq71vK3uDMraEPe4xUECaoATSQhqgBnJLCRFE2CMkRyCBsGOBnkfymLHR6xnw5RtLBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2vRSrGZPD78fr83Z7q7TzGwAAACAYzbFalZ+mFT9r+n493ToZ+pnEZFHxLHavReDWmYv5RQnvl98GMNzRJmwv8YwbV8i4k/a3n60/SsAAADA/VovltOqWq+aSdcD4jNVizb5t78N5WURUUxeG0rL982vhsLK+7sf/xtKKxewRg2FVUtu/ePnBueGjC+6ZK+2SzMZzcs/sezlF8UBAAA3oV4JnKhCAAAAuAP/uh4A3cgOzeE547DapQeC41oPAAAAuEFZ1wMAAAAAWlfW/97/BwAAAPetev8fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbdoUq9l6sZyeOj8/M2e7u05zMwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4Z3/ebQCEwRgMmjd0KPsPizwBZZq76tNvpQgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwK81ydLYGm+SvdfG0fNIcnZqXJ0ad+fG0wdj9icAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPjYn5cUCIEgiII5438nff/DSoKeQYQIaHhUUYsGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC/63S//J6bGmWTutLF0PJKsXTW2rhp7DxpHD8bbvwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYuX/eOIooAODv9m4vfwBhDHJhQEGigIbYl5CQEgqQRcFHQLKcczBcCCQuSGSB3ECFXKdBUCKEBDJdvkPqWEoTuhQujEQN2r1dZ5MYfFjH7sX+/aTZeXsezbzZO1l+3rUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABK2+/ES0kRt7PD1DAuX7uzs7aU9VuP9JlbG3dns5bFrf0W+ubt8Sc/2V6unpyaqZx8VX8yAAAAHA3tsr6PiHvp5kLWJ1N5/Z+WY7Ka//tnhnFZzz9a92/trB0vvjRb1v+//Xr/hd2FpobrZJMurwz684+n0vmftjjxnt13RCe/8vnvXtr5G5K8v/78dppfz9a3t2+/283DY3VkCwAcxOmyL4Ly56Gs7zWZGABHRqdSeJf1f3uq2ZwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6rC9Hk+VcSsiZjsP4szWztrSXv2tjbuzZTt/8+ZGdc5sijQillcG/bTGvUy6a9dvfLI4GPSvjhIk/2XwvsGpiBjrhAcJPhxhTMS/jyk+ntHcLv45aE1GGo0GSfH+TEo+4wzKz974Z27oGxIAAIdWWrSsrr+Xbi5kr7WmI/764eH6/7VKHCPW//c/On+nula1/u/VtsPJN7d6+bO5a9dvvLFyefFS/1L/0zfP9N7qnb1w7tyFuexazc8tR9KfbzpNAAAAnmDdolXr/2T68fv/JytxjFj/f/5d78vqWm31/54e3PRrOhMAAICjqLsbPffKn3+09hjR6nbji8XV1au94XH3/MzwWGu6B3SsaNX6vz3ddFYAAABAHbbXWw/d/79YiWPE+/9P//jiz9U52xFxIuJKRPRPL10ZXKxvOxOtjj9UzhfqNr1TAAAAmnKiaNX7/2n+/H+y+8hDEhGvvzqMy/91NUr9337v65+qa1Wf/z9b3xYnUjIzvB55PxPRmWk6IwAAAA6z40XLiv3f082Fj385+UHX8/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdfs7AAD//5X/Nho=")
r0 = creat(&(0x7f0000000380)='./bus\x00', 0x0)
fspick(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50000000}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000001840)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
syz_open_procfs$pagemap(r2, &(0x7f0000000280))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0x7168)
mount$9p_xen(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="36c268480e3b1d07c62ac2fe6f217472616e733d78656e1c006ddd603eeea7d9ce5b4c700f731275ec2242c948394dcf8dcd2621"])
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x118823, 0x0)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000780)=ANY=[@ANYBLOB="9feb0100180000f8ffffffff0b0000000c000000020000000000000000000006040000000000"], 0x0, 0x26}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x15, 0x8, 0x4, 0x0, 0x0, 0x1, 0x0, '\x00', 0x0, r5, 0x0, 0x1}, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

1.653765175s ago: executing program 3 (id=3139):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x7, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000540)={@link_local, @remote, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x10, 0x11, 0x0, @empty, @mcast2, {[], {0x0, 0x0, 0x10, 0x0, @gue={{0x2}}}}}}}}, 0x0)

1.522823255s ago: executing program 3 (id=3140):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018020000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r0}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r1, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
link(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)='./bus\x00')

1.418733994s ago: executing program 3 (id=3141):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000001900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = dup(r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000002240)='9p_client_req\x00', r4}, 0x10)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [], 0x6b}})

1.209932351s ago: executing program 2 (id=3130):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000300)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1.173776364s ago: executing program 2 (id=3143):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000400)='jbd2_handle_stats\x00', r3}, 0x10)

1.145459136s ago: executing program 2 (id=3145):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r5, 0x29, 0x11, &(0x7f0000000080)=0x4, 0x4)
sendto$inet6(r5, 0x0, 0x0, 0x0, &(0x7f0000000480)={0xa, 0x4e24, 0x0, @remote}, 0x18)

1.031711446s ago: executing program 3 (id=3146):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="10030300ffff"], 0xffdd)

824.803612ms ago: executing program 4 (id=3147):
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000300))
r0 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r0, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
ppoll(&(0x7f0000000d40)=[{r0}], 0x1, &(0x7f0000000dc0)={0x0, 0x3938700}, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000075c0)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000200), 0x35c, 0x0)
r2 = creat(&(0x7f0000000380)='./bus\x00', 0x0)
sendfile(r2, r1, 0x0, 0xd)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={0x0}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)

708.414552ms ago: executing program 3 (id=3148):
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x5}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socket$packet(0x11, 0x0, 0x300)
open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0)
fsetxattr(0xffffffffffffffff, &(0x7f0000000000)=@known='security.selinux\x00', &(0x7f00000001c0)='syz:', 0x3c8, 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='mpol=bind=static:0-N:N'])
r4 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_buf(r4, 0x1, 0x37, &(0x7f0000000200)=""/4096, &(0x7f0000001200)=0x1000)

692.053423ms ago: executing program 4 (id=3149):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000005efe2100850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
getpgrp(0x0)

591.353932ms ago: executing program 1 (id=3150):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x2a00200, &(0x7f0000000140), 0x84, 0x479, &(0x7f0000000500)="$eJzs3M1vFOUfAPDvzLa88+vCD194UVfRSHxpaUHl4AWjCRcTEz3gsZZCkAIGaiKESDUGj4a/QD2a+Bd4wotRThqveDcmxHARPZg1szvTbtvp2mW3LLifTzL0eXaemXm++8yz+8w8swQwsGrZP0nEloi4EREjzeziArXmn9u3Lk39eevSVBL1+pu/J41yf9y6NFUULbbbPJ+pRvpJErtLjnv+wsVTkzMz0+fy/Njs6ffGzl+4+PzJ05Mnpk9Mn5k4dOjggfGXXpx4oSdxDmV13fXh2T07j7x99fWpo1ff+eHrrIpb8vWtcTRVuz5mLWqL38sWT3W993vL9W0L6WSotMi1rXevOqxSJe8bw43+PxKVWGi8kXjt475WDlhr6fplL1WKxFwd+A/LRvPAICq+6LPr32K5i2OPvrt5OObvY9zOl+aaoUiza/hq89pora5daxFxdO6vz7MlSu9DAAD01rXDEfFc2fgvjQeLQrWF8tWI2BYR2yPi/xGxIyIeiGiUfSgiHu7w+LUl+eXjn582dhxUB7Lx38v53Nbi8V9aFKlW8tzWRvzDyfGTM9P7I+J/EbEvhtdn+fE2x/j21Z8/W2ld6/gvW7LjF2PBvB6/DS25QXdscnaym5hb3fwoYtdQWfzJ/ExANj7eGRG77mD/WeOdfOarPSut//f42yifZ+pI/cuIp5vtPxdL4i8k7ecnxzbEzPT+seKsWLRZRMzF9R+vvLHS8buKvwey9t9Uev7Px19NWudrz3d+jCu/fFp+TbMu/3sH5/+65K1Fu/hgcnb23HjEumRu+esTC9sW+aJ8Fv++veX9f3vE31/k2+2OiOwkfiQiHo2Ix/K2ezwinoiIvW3i//6VJ99dad290P7HOmr/zhOVU999k+/rRufxZ+1/sJHal7+yms+/1Vaw2/cPAAAA7gdp4xn4JB2dT6fpxvwZ/h2xKZ2p12efPX72/TPHms/KV2M4Le50jbTcDx3P7w0X+Ykl+QON+8b1er2+sZEfnTo743lw6K/NJf1/dLS57tdKv2sHrLlVzaMVkzAr/aINuC/1YB4duE/p/zC49H8YXPo/DK6y/n854nYfqgLcZb7/YXDp/zC49H8YXPo/DKRuftffLrH9SDebD/e2PocjotcBNhNp9/uprFUTlCfSDv5zhLaJ6EHsfUukZas2REQ/6rM+IlZb+PKyGsaGZk/udcX6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQG/8EAAD//+3S304=")
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f0000000680)=@raw={'raw\x00', 0x4001, 0x3, 0x238, 0x0, 0x0, 0x148, 0x0, 0x148, 0x220, 0x240, 0x240, 0x220, 0x240, 0x7fffffe, 0x0, {[{{@ip={@loopback, @local, 0x0, 0x0, 'ip6gretap0\x00', 'netdevsim0\x00'}, 0x0, 0xc8, 0x110, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'lo\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@mcast1, 'vxcan1\x00'}}}, {{@ip={@local, @loopback, 0x0, 0x0, 'veth0_vlan\x00', 'macvtap0\x00'}, 0x0, 0x70, 0x90}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x298)
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000000)=0xb2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000001340)=[{{&(0x7f0000000100)={0xa, 0x4e23, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0)
recvmmsg(r0, &(0x7f0000000800), 0x62, 0x12141, 0x0)

564.428744ms ago: executing program 4 (id=3151):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x7, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000540)={@link_local, @remote, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x10, 0x11, 0x0, @empty, @mcast2, {[], {0x0, 0x0, 0x10, 0x0, @gue={{0x2}}}}}}}}, 0x0)

507.550959ms ago: executing program 4 (id=3152):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000006100)='cmdline\x00')
read$FUSE(r3, &(0x7f0000000000)={0x2020}, 0x2020)
readv(r3, &(0x7f0000000180)=[{&(0x7f0000000100)=""/39, 0x27}], 0x1)
setxattr(&(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=@known='trusted.syz\x00', &(0x7f0000000500)='\x00', 0x1, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
fchmodat(0xffffffffffffffff, &(0x7f00000000c0)='./file1\x00', 0x0)

118.059831ms ago: executing program 2 (id=3153):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000300)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

95.413902ms ago: executing program 4 (id=3154):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xb, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)

95.099742ms ago: executing program 0 (id=3155):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000400)='jbd2_handle_stats\x00', r3}, 0x10)

94.700012ms ago: executing program 2 (id=3156):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
ptrace$PTRACE_SETSIGMASK(0x420b, r0, 0x8, &(0x7f0000000280))
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
rename(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)='./file0\x00')
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x45, 0x1000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000300000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
pipe2(&(0x7f0000000040), 0x0)
r8 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r8, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000006c0)='net/route\x00')
preadv(r9, &(0x7f00000025c0)=[{&(0x7f0000002500)=""/79, 0x4f}], 0x1, 0x10006c, 0x0)
ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x4b4e, 0x0)
socket$netlink(0x10, 0x3, 0x0)

94.511213ms ago: executing program 1 (id=3157):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x85}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800004e9d00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
listxattr(&(0x7f00000003c0)='./file1\x00', 0x0, 0x0)

383.03µs ago: executing program 1 (id=3158):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TESTMODE(r0, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000300)={&(0x7f00000003c0)={0xac, r1, 0x100, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x6, 0x15}}}}, [@NL80211_ATTR_TESTDATA={0x2b, 0x45, "b0a0c9ab84088378c9bd32055cc3e44249ca3653dc4daf3edf7fb8ed82e94f468b797397ceaa9f"}, @NL80211_ATTR_TESTDATA={0x58, 0x45, "58b46984eb5a5aa7c24175a0f0f9192ab61c5de2833f16d7ea7daf5104572005caf2576777f965ec6232d73dc9617f32a71f811e90054ab73e594c7250e0a3ed4014526f5f9819e88fd83e371072789d5c028778"}]}, 0xac}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x10, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x2e}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000007800000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x34, 0x10, 0x409, 0x0, 0x0, {0x0, 0x0, 0x0, r7}, [@IFLA_MTU={0x8}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x34}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r4}, 0x10)
r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
connect$inet6(r8, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
r9 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000500)='/sys/kernel/fscaps', 0x40000, 0xa8)
write(r9, &(0x7f0000000540)="545b928d22f1ff167e9b9811deca6e071b859f39b2234d10ededac4541e24918fc39b8b2bfe485941cbb86f73d72b5a952d92502696c50", 0x37)
getsockopt$inet6_buf(r8, 0x29, 0x18, 0x0, &(0x7f0000000080))
preadv(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000140)=""/220, 0xdc}], 0x1, 0xa1, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r11=>0x0})
sendmsg$NL80211_CMD_AUTHENTICATE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001280)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000001600000008000300", @ANYRES32=r11, @ANYBLOB="20005080090001001813709d1300000005000200000000000800030001ac0f0008003500000000000a0006"], 0x5c}}, 0x0)

0s ago: executing program 4 (id=3159):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
futex(&(0x7f0000004000), 0x5, 0x0, 0x0, &(0x7f0000004000), 0x0)

kernel console output (not intermixed with test programs):

th1_macvtap entered promiscuous mode
[  245.747519][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  245.758341][ T2213] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  245.774119][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  245.817307][ T2213] Bluetooth: hci1: command 0x1001 tx timeout
[  245.823195][ T4450] Bluetooth: hci1: sending frame failed (-49)
[  245.857053][  T313] usb 3-1: Using ep0 maxpacket: 32
[  245.981382][   T30] audit: type=1400 audit(1721076232.293:1718): avc:  denied  { connect } for  pid=7708 comm="syz.4.2594" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  246.017349][  T313] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  246.072407][  T313] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  246.082210][  T313] usb 3-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00
[  246.091257][  T313] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  246.130138][  T313] usb 3-1: config 0 descriptor??
[  246.608544][  T313] hid-rmi 0003:0461:4E72.002F: item fetching failed at offset 1/5
[  246.616331][  T313] hid-rmi 0003:0461:4E72.002F: parse failed
[  246.622152][  T313] hid-rmi: probe of 0003:0461:4E72.002F failed with error -22
[  246.727585][ T7729] device syzkaller0 entered promiscuous mode
[  246.817315][   T20] usb 3-1: USB disconnect, device number 10
[  246.833898][ T7732] loop4: detected capacity change from 0 to 256
[  246.858350][ T7732] exfat: Unknown parameter '/dev/kvm'
[  246.957638][ T7736] loop0: detected capacity change from 0 to 2048
[  246.970045][ T7732] loop4: detected capacity change from 0 to 512
[  246.978942][ T7738] IPv6: NLM_F_CREATE should be specified when creating new route
[  246.985055][ T7732] EXT4-fs (loop4): quotafile must be on filesystem root
[  246.988615][ T7738] IPv6: Can't replace route, no match found
[  247.004531][ T7736] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  247.015580][ T7736] ext4 filesystem being mounted at /123/file0 supports timestamps until 2038 (0x7fffffff)
[  247.398234][ T7762] loop0: detected capacity change from 0 to 256
[  247.427170][ T7762] exfat: Deprecated parameter 'utf8'
[  247.432344][ T7762] exfat: Deprecated parameter 'namecase'
[  247.447012][ T7762] exfat: Deprecated parameter 'utf8'
[  247.469477][ T7762] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  247.511040][ T7762] exFAT-fs (loop0): error, tried to truncate zeroed cluster.
[  247.607126][ T7771] loop2: detected capacity change from 0 to 2048
[  247.666108][ T7771] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  247.677529][ T7771] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038 (0x7fffffff)
[  247.897215][  T314] Bluetooth: hci1: command 0x1009 tx timeout
[  247.919565][ T7783] loop3: detected capacity change from 0 to 256
[  247.977222][ T7783] exfat: Unknown parameter '/dev/kvm'
[  248.051279][ T7783] loop3: detected capacity change from 0 to 512
[  248.097521][ T7783] EXT4-fs (loop3): quotafile must be on filesystem root
[  248.144854][ T7785] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.151726][ T7785] bridge0: port 1(bridge_slave_0) entered disabled state
[  248.159043][ T7785] device bridge_slave_0 entered promiscuous mode
[  248.165912][ T7785] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.173212][ T7785] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.180441][ T7785] device bridge_slave_1 entered promiscuous mode
[  248.223356][ T7785] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.230202][ T7785] bridge0: port 2(bridge_slave_1) entered forwarding state
[  248.237452][ T7785] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.244216][ T7785] bridge0: port 1(bridge_slave_0) entered forwarding state
[  248.265717][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  248.276302][  T314] bridge0: port 1(bridge_slave_0) entered disabled state
[  248.284855][  T314] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.295644][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  248.304481][  T316] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.311323][  T316] bridge0: port 1(bridge_slave_0) entered forwarding state
[  248.325110][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  248.333051][  T314] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.339898][  T314] bridge0: port 2(bridge_slave_1) entered forwarding state
[  248.354372][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  248.367147][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  248.382796][ T7785] device veth0_vlan entered promiscuous mode
[  248.393931][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  248.403431][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  248.412912][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  248.420821][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  248.429055][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  248.436278][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  248.445875][ T7793] device wireguard0 entered promiscuous mode
[  248.461475][ T7785] device veth1_macvtap entered promiscuous mode
[  248.468459][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  248.476630][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  248.484905][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  248.502941][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  248.511646][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  248.520381][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  248.528872][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  248.578025][ T7799] loop4: detected capacity change from 0 to 512
[  248.619684][ T7799] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  248.626805][ T7799] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[  248.641939][ T7799] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  248.645170][   T30] kauditd_printk_skb: 10 callbacks suppressed
[  248.645182][   T30] audit: type=1400 audit(1721076234.973:1729): avc:  denied  { bind } for  pid=7800 comm="syz.2.2626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  248.682541][   T30] audit: type=1400 audit(1721076234.973:1730): avc:  denied  { node_bind } for  pid=7800 comm="syz.2.2626" saddr=ff02::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  248.691447][ T7799] Quota error (device loop4): do_check_range: Getting dqdh_next_free 7 out of range 0-5
[  248.714544][ T7799] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  248.726370][ T7799] EXT4-fs error (device loop4): mb_free_blocks:1865: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  248.741022][ T7799] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #12: comm syz.4.2625: corrupted inode contents
[  248.741231][  T369] device bridge_slave_1 left promiscuous mode
[  248.759739][ T7799] EXT4-fs error (device loop4): ext4_dirty_inode:6024: inode #12: comm syz.4.2625: mark_inode_dirty error
[  248.774540][  T369] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.785253][ T7799] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #12: comm syz.4.2625: corrupted inode contents
[  248.800382][  T369] device bridge_slave_0 left promiscuous mode
[  248.806356][  T369] bridge0: port 1(bridge_slave_0) entered disabled state
[  248.811109][ T7799] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #12: comm syz.4.2625: mark_inode_dirty error
[  248.823413][ T7810] loop2: detected capacity change from 0 to 512
[  248.824452][ T7799] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #12: comm syz.4.2625: corrupted inode contents
[  248.841989][  T369] device veth1_macvtap left promiscuous mode
[  248.843156][ T7799] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  248.848373][  T369] device veth0_vlan left promiscuous mode
[  248.862497][ T7799] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #12: comm syz.4.2625: corrupted inode contents
[  248.874382][ T7799] EXT4-fs error (device loop4): ext4_truncate:4292: inode #12: comm syz.4.2625: mark_inode_dirty error
[  248.885753][ T7799] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  248.887969][ T7810] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  248.894682][ T7799] EXT4-fs (loop4): 1 truncate cleaned up
[  248.905868][ T7810] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038 (0x7fffffff)
[  248.920316][ T7799] EXT4-fs (loop4): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000800000,noblock_validity,mblk_io_submit,jqfmt=vfsold,noinit_itable,abort,noauto_da_alloc,errors=continue,resgid=0x00000000000000002,errors=continue. Quota mode: writeback.
[  248.969128][   T30] audit: type=1400 audit(1721076235.303:1731): avc:  denied  { setattr } for  pid=7809 comm="syz.2.2629" name="work" dev="loop2" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  249.023781][   T30] audit: type=1400 audit(1721076235.303:1732): avc:  denied  { remove_name } for  pid=7809 comm="syz.2.2629" name="#56" dev="loop2" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  249.047933][   T30] audit: type=1400 audit(1721076235.303:1733): avc:  denied  { rename } for  pid=7809 comm="syz.2.2629" name="#56" dev="loop2" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  249.069869][   T30] audit: type=1400 audit(1721076235.303:1734): avc:  denied  { unlink } for  pid=7809 comm="syz.2.2629" name="#56" dev="loop2" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[  249.093726][   T30] audit: type=1400 audit(1721076235.303:1735): avc:  denied  { unlink } for  pid=7809 comm="syz.2.2629" name="#57" dev="loop2" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  250.018752][   T30] audit: type=1400 audit(1721076236.353:1736): avc:  denied  { rmdir } for  pid=7671 comm="syz-executor" name="lost+found" dev="loop2" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  250.053638][ T7823] fuse: Unknown parameter 'use00000000000000000000'
[  250.348642][ T7829] loop4: detected capacity change from 0 to 256
[  250.458237][ T7831] bridge0: port 1(bridge_slave_0) entered blocking state
[  250.465095][ T7831] bridge0: port 1(bridge_slave_0) entered disabled state
[  250.472531][ T7831] device bridge_slave_0 entered promiscuous mode
[  250.479790][ T7831] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.486652][ T7831] bridge0: port 2(bridge_slave_1) entered disabled state
[  250.493946][ T7831] device bridge_slave_1 entered promiscuous mode
[  250.500097][ T2213] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  250.584599][ T7843] device syzkaller0 entered promiscuous mode
[  250.596785][ T7831] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.604035][ T7831] bridge0: port 2(bridge_slave_1) entered forwarding state
[  250.611100][ T7831] bridge0: port 1(bridge_slave_0) entered blocking state
[  250.617871][ T7831] bridge0: port 1(bridge_slave_0) entered forwarding state
[  250.645947][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  250.654528][  T316] bridge0: port 1(bridge_slave_0) entered disabled state
[  250.661920][  T316] bridge0: port 2(bridge_slave_1) entered disabled state
[  250.674195][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  250.682653][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[  250.689531][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[  250.697078][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  250.705371][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.712231][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[  250.729520][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  250.741311][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  250.756619][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  250.769817][ T7831] device veth0_vlan entered promiscuous mode
[  250.776002][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  250.784069][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  250.791271][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  250.810554][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  250.822479][ T7847] loop0: detected capacity change from 0 to 512
[  250.824094][ T7831] device veth1_macvtap entered promiscuous mode
[  250.839729][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  250.849046][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  250.867040][ T2213] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  250.877816][ T2213] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  250.894071][ T2213] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  250.902967][ T2213] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  250.911506][ T2213] usb 4-1: config 0 descriptor??
[  250.922352][ T7847] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  250.933358][ T7847] ext4 filesystem being mounted at /134/file0 supports timestamps until 2038 (0x7fffffff)
[  252.232840][  T369] device bridge_slave_1 left promiscuous mode
[  252.238864][  T369] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.246291][  T369] device bridge_slave_0 left promiscuous mode
[  252.252485][  T369] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.261696][  T369] device veth1_macvtap left promiscuous mode
[  252.267649][  T369] device veth0_vlan left promiscuous mode
[  252.372179][ T7860] bridge0: port 1(bridge_slave_0) entered blocking state
[  252.379156][ T7860] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.386348][ T7860] device bridge_slave_0 entered promiscuous mode
[  252.393440][ T7860] bridge0: port 2(bridge_slave_1) entered blocking state
[  252.400595][ T7860] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.408021][ T7860] device bridge_slave_1 entered promiscuous mode
[  252.472702][ T7860] bridge0: port 2(bridge_slave_1) entered blocking state
[  252.479573][ T7860] bridge0: port 2(bridge_slave_1) entered forwarding state
[  252.486661][ T7860] bridge0: port 1(bridge_slave_0) entered blocking state
[  252.493460][ T7860] bridge0: port 1(bridge_slave_0) entered forwarding state
[  252.519349][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  252.527930][  T316] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.535156][  T316] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.548041][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  252.556001][  T314] bridge0: port 1(bridge_slave_0) entered blocking state
[  252.562846][  T314] bridge0: port 1(bridge_slave_0) entered forwarding state
[  252.570091][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  252.578561][  T314] bridge0: port 2(bridge_slave_1) entered blocking state
[  252.585413][  T314] bridge0: port 2(bridge_slave_1) entered forwarding state
[  252.603574][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  252.611640][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  252.640960][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  252.659027][ T7860] device veth0_vlan entered promiscuous mode
[  252.668518][  T962] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  252.687307][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  252.694563][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  252.714737][ T7860] device veth1_macvtap entered promiscuous mode
[  252.727166][ T2213] usb 4-1: string descriptor 0 read error: -71
[  252.747578][ T2213] uclogic 0003:256C:006D.0030: failed retrieving string descriptor #200: -71
[  252.765046][  T962] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  252.776668][  T962] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  252.776830][ T2213] uclogic 0003:256C:006D.0030: failed retrieving pen parameters: -71
[  252.785159][  T962] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  252.793348][ T2213] uclogic 0003:256C:006D.0030: failed probing pen v2 parameters: -71
[  252.808871][ T2213] uclogic 0003:256C:006D.0030: failed probing parameters: -71
[  252.816184][ T2213] uclogic: probe of 0003:256C:006D.0030 failed with error -71
[  252.825138][ T2213] usb 4-1: USB disconnect, device number 20
[  252.836471][ T7874] bridge0: port 1(bridge_slave_0) entered blocking state
[  252.843441][ T7874] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.850738][ T7874] device bridge_slave_0 entered promiscuous mode
[  252.858110][ T7874] bridge0: port 2(bridge_slave_1) entered blocking state
[  252.865304][ T7874] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.882143][ T7874] device bridge_slave_1 entered promiscuous mode
[  253.033910][  T369] tipc: Disabling bearer <udp:syz2>
[  253.039147][  T369] tipc: Left network mode
[  253.050007][  T369] tipc: Disabling bearer <udp:syz0>
[  253.055082][  T369] tipc: Left network mode
[  253.111464][ T7874] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.118322][ T7874] bridge0: port 2(bridge_slave_1) entered forwarding state
[  253.125378][ T7874] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.132206][ T7874] bridge0: port 1(bridge_slave_0) entered forwarding state
[  253.153052][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  253.160683][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.168407][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.191931][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  253.200133][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.206991][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[  253.237729][  T962] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  253.245785][  T962] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.252642][  T962] bridge0: port 2(bridge_slave_1) entered forwarding state
[  253.268576][  T962] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  253.280988][  T962] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  253.281885][ T7902] loop1: detected capacity change from 0 to 256
[  253.294185][ T7874] device veth0_vlan entered promiscuous mode
[  253.307563][ T7902] exfat: Unknown parameter '/dev/kvm'
[  253.313768][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  253.321839][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  253.330266][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  253.337577][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  253.353772][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  253.368275][ T7902] loop1: detected capacity change from 0 to 512
[  253.374668][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  253.387709][  T316] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  253.400750][ T7874] device veth1_macvtap entered promiscuous mode
[  253.408088][ T7902] EXT4-fs (loop1): quotafile must be on filesystem root
[  253.423298][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  253.431327][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  253.441674][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  253.457847][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  253.465933][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  253.486070][ T7911] fuse: Unknown parameter 'use00000000000000000000'
[  253.604933][ T7918] loop3: detected capacity change from 0 to 512
[  253.894881][ T7927] loop2: detected capacity change from 0 to 256
[  253.930151][  T369] device bridge_slave_1 left promiscuous mode
[  253.945153][  T369] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.953061][  T369] device bridge_slave_0 left promiscuous mode
[  253.961407][  T369] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.968102][ T7918] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  253.979335][ T7918] ext4 filesystem being mounted at /45/file0 supports timestamps until 2038 (0x7fffffff)
[  253.990325][  T369] device bridge_slave_1 left promiscuous mode
[  253.996257][  T369] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.003369][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  254.003382][   T30] audit: type=1400 audit(1721076240.323:1739): avc:  denied  { ioctl } for  pid=7915 comm="syz.3.2665" path="/45/file0/file1" dev="loop3" ino=15 ioctlcmd=0x5879 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  254.034018][  T369] device bridge_slave_0 left promiscuous mode
[  254.037858][  T316] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  254.040010][  T369] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.051188][  T316] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  254.067333][  T316] usb 5-1: New USB device found, idVendor=5543, idProduct=0005, bcdDevice= 0.00
[  254.076443][  T316] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.084554][  T369] device veth1_macvtap left promiscuous mode
[  254.090714][  T369] device veth0_vlan left promiscuous mode
[  254.094328][  T316] usb 5-1: config 0 descriptor??
[  254.101570][  T369] device veth1_macvtap left promiscuous mode
[  254.107533][  T369] device veth0_vlan left promiscuous mode
[  254.116507][   T30] audit: type=1400 audit(1721076240.443:1740): avc:  denied  { create } for  pid=7932 comm="syz.1.2670" dev="anon_inodefs" ino=59571 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  254.157144][   T30] audit: type=1400 audit(1721076240.443:1741): avc:  denied  { ioctl } for  pid=7932 comm="syz.1.2670" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=59571 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  254.195538][ T7939] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[  254.595680][ T7895] loop4: detected capacity change from 0 to 40427
[  254.657874][ T7895] F2FS-fs (loop4): Found nat_bits in checkpoint
[  254.736655][ T7895] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  255.294602][ T7963] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2656'.
[  255.685273][ T7969] loop3: detected capacity change from 0 to 256
[  255.717833][ T7969] exfat: Unknown parameter '/dev/kvm'
[  255.792706][ T7969] loop3: detected capacity change from 0 to 512
[  255.869724][ T7969] EXT4-fs (loop3): quotafile must be on filesystem root
[  256.217007][ T7976] loop3: detected capacity change from 0 to 512
[  256.288531][ T7976] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  256.299618][ T7976] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038 (0x7fffffff)
[  256.384800][ T7990] loop3: detected capacity change from 0 to 512
[  256.458729][ T7990] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[  256.466010][ T7990] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[  256.475357][ T7990] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  256.488651][ T7990] Quota error (device loop3): do_check_range: Getting dqdh_next_free 7 out of range 0-5
[  256.498330][ T7990] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  256.508161][ T7990] EXT4-fs error (device loop3): mb_free_blocks:1865: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  256.522454][ T7990] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #12: comm syz.3.2686: corrupted inode contents
[  256.534418][ T7990] EXT4-fs error (device loop3): ext4_dirty_inode:6024: inode #12: comm syz.3.2686: mark_inode_dirty error
[  256.546343][ T7990] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #12: comm syz.3.2686: corrupted inode contents
[  256.558608][ T7990] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #12: comm syz.3.2686: mark_inode_dirty error
[  256.569907][ T7990] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #12: comm syz.3.2686: corrupted inode contents
[  256.582443][ T7990] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  256.591523][ T7990] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #12: comm syz.3.2686: corrupted inode contents
[  256.595229][ T7785] attempt to access beyond end of device
[  256.595229][ T7785] loop4: rw=2049, want=45104, limit=40427
[  256.604117][ T7990] EXT4-fs error (device loop3): ext4_truncate:4292: inode #12: comm syz.3.2686: mark_inode_dirty error
[  256.638841][ T7990] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  256.648028][ T7990] EXT4-fs (loop3): 1 truncate cleaned up
[  256.653894][ T7990] EXT4-fs (loop3): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000800000,noblock_validity,mblk_io_submit,jqfmt=vfsold,noinit_itable,abort,noauto_da_alloc,errors=continue,resgid=0x00000000000000002,errors=continue. Quota mode: writeback.
[  256.687059][  T316] usbhid 5-1:0.0: can't add hid device: -71
[  256.692809][  T316] usbhid: probe of 5-1:0.0 failed with error -71
[  256.736549][  T316] usb 5-1: USB disconnect, device number 28
[  256.805070][ T8003] loop3: detected capacity change from 0 to 512
[  256.832672][ T8002] loop0: detected capacity change from 0 to 1024
[  256.850966][ T8006] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2693'.
[  256.868216][ T8003] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  256.890179][ T8003] ext4 filesystem being mounted at /61/file0 supports timestamps until 2038 (0x7fffffff)
[  256.920935][ T8002] EXT4-fs (loop0): mounted filesystem without journal. Opts: data_err=abort,stripe=0x0000000000000002,noblock_validity,errors=remount-ro,noblock_validity,bsddf,sysvgroups,nojournal_checksum,nodelalloc,. Quota mode: none.
[  256.982394][   T30] audit: type=1400 audit(1721076243.313:1742): avc:  denied  { mounton } for  pid=7999 comm="syz.0.2691" path="/4/file1/bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  257.051690][   T30] audit: type=1400 audit(1721076243.313:1743): avc:  denied  { append } for  pid=7999 comm="syz.0.2691" name="loop0" dev="devtmpfs" ino=112 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  257.081472][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies.  Check SNMP counters.
[  257.688046][ T8027] loop2: detected capacity change from 0 to 256
[  257.757071][  T299] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  257.770540][ T7874] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /4/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  257.889405][ T8033] loop4: detected capacity change from 0 to 256
[  257.905013][   T30] audit: type=1400 audit(1721076243.313:1744): avc:  denied  { map } for  pid=7999 comm="syz.0.2691" path="/4/file1/bus" dev="devtmpfs" ino=112 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  257.907608][ T7215] Quota error (device loop3): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  257.933136][ T7874] EXT4-fs (loop0): Remounting filesystem read-only
[  257.939647][ T7215] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  257.945989][ T7874] EXT4-fs error (device loop0): ext4_read_inline_dir:1610: inode #12: block 7: comm syz-executor: path /4/file1/file0: bad entry in directory: rec_len % 4 != 0 - offset=40, inode=14, rec_len=250, size=80 fake=0
[  257.976218][ T7874] EXT4-fs error (device loop0): ext4_read_inline_dir:1610: inode #12: block 7: comm syz-executor: path /4/file1/file0: bad entry in directory: rec_len % 4 != 0 - offset=40, inode=14, rec_len=250, size=80 fake=0
[  257.976251][ T8033] exfat: Deprecated parameter 'utf8'
[  258.001636][ T8033] exfat: Deprecated parameter 'namecase'
[  258.007168][ T8033] exfat: Deprecated parameter 'utf8'
[  258.039689][ T8033] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  258.072194][ T8033] exFAT-fs (loop4): error, tried to truncate zeroed cluster.
[  258.177084][  T299] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  258.192326][  T299] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  258.202404][  T299] usb 2-1: New USB device found, idVendor=04e7, idProduct=0030, bcdDevice= 0.00
[  258.211327][  T299] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.219955][ T8039] bridge0: port 1(bridge_slave_0) entered blocking state
[  258.223274][  T299] usb 2-1: config 0 descriptor??
[  258.226796][ T8039] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.229429][ T8039] device bridge_slave_0 entered promiscuous mode
[  258.248302][ T8039] bridge0: port 2(bridge_slave_1) entered blocking state
[  258.255173][ T8039] bridge0: port 2(bridge_slave_1) entered disabled state
[  258.266146][ T8039] device bridge_slave_1 entered promiscuous mode
[  258.342067][ T8039] bridge0: port 2(bridge_slave_1) entered blocking state
[  258.348947][ T8039] bridge0: port 2(bridge_slave_1) entered forwarding state
[  258.356035][ T8039] bridge0: port 1(bridge_slave_0) entered blocking state
[  258.362853][ T8039] bridge0: port 1(bridge_slave_0) entered forwarding state
[  258.372607][ T8055] netlink: 72 bytes leftover after parsing attributes in process `syz.0.2710'.
[  258.376979][ T5169] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  258.400902][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies.  Check SNMP counters.
[  258.405502][ T2213] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  258.418928][ T2213] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.426396][ T2213] bridge0: port 2(bridge_slave_1) entered disabled state
[  258.444432][ T2213] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  258.452487][ T2213] bridge0: port 1(bridge_slave_0) entered blocking state
[  258.459352][ T2213] bridge0: port 1(bridge_slave_0) entered forwarding state
[  258.466581][ T2213] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  258.475825][ T2213] bridge0: port 2(bridge_slave_1) entered blocking state
[  258.482702][ T2213] bridge0: port 2(bridge_slave_1) entered forwarding state
[  258.498012][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  258.505783][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  258.523418][ T8039] device veth0_vlan entered promiscuous mode
[  258.532685][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  258.541530][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  258.550156][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  258.557601][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  258.574249][ T8039] device veth1_macvtap entered promiscuous mode
[  258.581755][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  258.596821][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  258.602339][ T8059] loop0: detected capacity change from 0 to 40427
[  258.605517][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  258.627404][ T5169] usb 5-1: Using ep0 maxpacket: 16
[  258.648934][  T369] device bridge_slave_1 left promiscuous mode
[  258.650281][ T8059] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  258.658233][  T369] bridge0: port 2(bridge_slave_1) entered disabled state
[  258.669502][ T8059] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  258.677916][  T369] device bridge_slave_0 left promiscuous mode
[  258.683954][  T369] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.692700][  T369] device veth1_macvtap left promiscuous mode
[  258.698880][  T369] device veth0_vlan left promiscuous mode
[  258.705407][ T8059] F2FS-fs (loop0): Found nat_bits in checkpoint
[  258.712557][  T299] elo 0003:04E7:0030.0031: item fetching failed at offset 2/5
[  258.723152][  T299] elo 0003:04E7:0030.0031: parse failed
[  258.734890][  T299] elo: probe of 0003:04E7:0030.0031 failed with error -22
[  258.757207][ T5169] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  258.770672][ T5169] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  258.782280][ T5169] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  258.793879][ T5169] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 0
[  258.817342][ T8059] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  258.824226][ T8059] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  258.877137][ T5169] usb 5-1: New USB device found, idVendor=04e6, idProduct=0007, bcdDevice= 1.75
[  258.892266][ T5169] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=5
[  258.908405][ T5169] usb 5-1: SerialNumber: syz
[  258.923539][  T314] usb 2-1: USB disconnect, device number 28
[  258.945568][ T8063] loop3: detected capacity change from 0 to 40427
[  258.957730][ T5169] usb-storage 5-1:1.0: USB Mass Storage device detected
[  258.965471][ T5169] usb-storage 5-1:1.0: Quirks match for vid 04e6 pid 0007: 1
[  258.972954][ T5169] scsi host1: usb-storage 5-1:1.0
[  259.020877][ T8063] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  259.028680][ T8063] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  259.038123][ T8063] F2FS-fs (loop3): invalid crc value
[  259.062350][ T8063] F2FS-fs (loop3): Found nat_bits in checkpoint
[  259.099787][ T8063] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  259.111798][ T8063] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  259.120507][ T8063] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  259.143007][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  259.143019][   T30] audit: type=1400 audit(1721076245.473:1748): avc:  denied  { create } for  pid=8062 comm="syz.3.2713" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  259.236120][   T30] audit: type=1400 audit(1721076245.523:1749): avc:  denied  { read } for  pid=8062 comm="syz.3.2713" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  259.284695][   T20] usb 5-1: USB disconnect, device number 29
[  260.284691][ T8094] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2721'.
[  260.326308][ T8097] loop2: detected capacity change from 0 to 256
[  260.379122][   T30] audit: type=1400 audit(1721076246.713:1750): avc:  denied  { getopt } for  pid=8101 comm="syz.1.2723" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  260.410230][ T8097] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[  260.509548][   T30] audit: type=1400 audit(1721076246.843:1751): avc:  denied  { map } for  pid=8114 comm="syz.1.2729" path="socket:[60709]" dev="sockfs" ino=60709 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  260.716979][  T313] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  261.087039][  T313] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  261.103452][  T313] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  261.122758][  T313] usb 5-1: New USB device found, idVendor=04e7, idProduct=0030, bcdDevice= 0.00
[  261.141341][  T313] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  261.158334][  T313] usb 5-1: config 0 descriptor??
[  261.414406][ T8124] loop1: detected capacity change from 0 to 512
[  261.501971][ T8124] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[  261.517105][ T8124] ext4 filesystem being mounted at /23/file0 supports timestamps until 2038 (0x7fffffff)
[  261.611172][ T8129] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2733'.
[  261.647818][  T313] elo 0003:04E7:0030.0032: item fetching failed at offset 2/5
[  261.655260][  T313] elo 0003:04E7:0030.0032: parse failed
[  261.672591][  T313] elo: probe of 0003:04E7:0030.0032 failed with error -22
[  261.855435][ T5169] usb 5-1: USB disconnect, device number 30
[  261.869662][ T8136] overlayfs: invalid redirect ((null))
[  261.946985][  T314] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  262.063047][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies.  Check SNMP counters.
[  262.103234][ T8150] loop2: detected capacity change from 0 to 512
[  262.217796][ T8150] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[  262.237071][ T8150] ext4 filesystem being mounted at /23/file0 supports timestamps until 2038 (0x7fffffff)
[  262.307116][  T314] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  262.326982][  T314] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  262.366853][  T314] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  262.379092][  T314] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  262.413187][  T314] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  262.597054][  T314] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  262.609152][  T314] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.625558][  T314] usb 2-1: Product: syz
[  262.633862][  T314] usb 2-1: Manufacturer: syz
[  262.642576][  T314] usb 2-1: SerialNumber: syz
[  263.016923][ T8059] F2FS-fs (loop0): f2fs_pin_file_control: Enable GC = ino a after 801 GC trials
[  263.028160][ T8059] attempt to access beyond end of device
[  263.028160][ T8059] loop0: rw=524288, want=57352, limit=40427
[  263.039519][ T8059] attempt to access beyond end of device
[  263.039519][ T8059] loop0: rw=524288, want=57360, limit=40427
[  263.051115][ T8059] attempt to access beyond end of device
[  263.051115][ T8059] loop0: rw=524288, want=57368, limit=40427
[  263.062610][ T8059] attempt to access beyond end of device
[  263.062610][ T8059] loop0: rw=524288, want=57376, limit=40427
[  263.074067][ T8059] attempt to access beyond end of device
[  263.074067][ T8059] loop0: rw=524288, want=57384, limit=40427
[  263.094087][ T8059] attempt to access beyond end of device
[  263.094087][ T8059] loop0: rw=524288, want=57392, limit=40427
[  263.112253][ T8059] attempt to access beyond end of device
[  263.112253][ T8059] loop0: rw=524288, want=57400, limit=40427
[  263.129783][ T8059] attempt to access beyond end of device
[  263.129783][ T8059] loop0: rw=524288, want=57408, limit=40427
[  263.141382][ T8059] attempt to access beyond end of device
[  263.141382][ T8059] loop0: rw=524288, want=57416, limit=40427
[  263.154772][ T8059] attempt to access beyond end of device
[  263.154772][ T8059] loop0: rw=524288, want=57424, limit=40427
[  263.202002][ T8165] overlayfs: invalid redirect ((null))
[  263.290785][ T8177] loop4: detected capacity change from 0 to 512
[  263.388013][ T8177] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[  263.417192][ T8177] ext4 filesystem being mounted at /18/file0 supports timestamps until 2038 (0x7fffffff)
[  263.567176][  T314] cdc_ncm 2-1:1.0: bind() failure
[  263.575062][  T314] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  263.592341][  T314] cdc_ncm 2-1:1.1: bind() failure
[  263.605612][  T314] usb 2-1: USB disconnect, device number 29
[  263.796970][  T316] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  264.167058][  T316] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  264.186989][  T316] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  264.206669][  T316] usb 5-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  264.216730][  T316] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  264.233308][  T316] usb 5-1: config 0 descriptor??
[  264.489266][   T30] audit: type=1400 audit(1721076250.823:1752): avc:  denied  { bind } for  pid=8180 comm="syz.4.2755" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  264.524477][   T30] audit: type=1400 audit(1721076250.823:1753): avc:  denied  { listen } for  pid=8180 comm="syz.4.2755" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  264.564431][   T30] audit: type=1400 audit(1721076250.843:1754): avc:  denied  { accept } for  pid=8180 comm="syz.4.2755" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  264.847008][  T316] usbhid 5-1:0.0: can't add hid device: -71
[  264.852806][  T316] usbhid: probe of 5-1:0.0 failed with error -71
[  264.870158][  T316] usb 5-1: USB disconnect, device number 31
[  264.940637][ T8193] loop7: detected capacity change from 0 to 16384
[  265.156958][ T8194] loop_set_status: loop7 () has still dirty pages (nrpages=1056)
[  265.257556][ T8196] overlayfs: invalid redirect ((null))
[  265.299812][ T8200] loop1: detected capacity change from 0 to 256
[  265.317695][ T8200] exfat: Unknown parameter '/dev/kvm'
[  265.423722][ T8200] loop1: detected capacity change from 0 to 512
[  265.467790][ T8200] EXT4-fs (loop1): quotafile must be on filesystem root
[  265.746491][ T8205] loop1: detected capacity change from 0 to 1024
[  265.787967][ T8205] EXT4-fs (loop1): mounted filesystem without journal. Opts: data_err=abort,stripe=0x0000000000000002,noblock_validity,errors=remount-ro,noblock_validity,bsddf,sysvgroups,nojournal_checksum,nodelalloc,. Quota mode: none.
[  266.056847][ T7860] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /33/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  266.100692][ T8210] loop4: detected capacity change from 0 to 512
[  266.106896][ T7860] EXT4-fs (loop1): Remounting filesystem read-only
[  266.127085][ T7860] EXT4-fs error (device loop1): ext4_read_inline_dir:1610: inode #12: block 7: comm syz-executor: path /33/file1/file0: bad entry in directory: rec_len % 4 != 0 - offset=40, inode=14, rec_len=250, size=80 fake=0
[  266.168046][ T7860] EXT4-fs error (device loop1): ext4_read_inline_dir:1610: inode #12: block 7: comm syz-executor: path /33/file1/file0: bad entry in directory: rec_len % 4 != 0 - offset=40, inode=14, rec_len=250, size=80 fake=0
[  266.248211][ T8210] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[  266.297025][ T8210] ext4 filesystem being mounted at /21/file0 supports timestamps until 2038 (0x7fffffff)
[  267.616961][  T313] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  267.977034][  T313] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  267.997261][  T313] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  268.016968][  T313] usb 5-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  268.025817][  T313] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  268.037004][ T8059] handle_bad_sector: 116104 callbacks suppressed
[  268.037021][ T8059] attempt to access beyond end of device
[  268.037021][ T8059] loop0: rw=0, want=58520, limit=40427
[  268.049044][  T313] usb 5-1: config 0 descriptor??
[  268.057279][ T8059] attempt to access beyond end of device
[  268.057279][ T8059] loop0: rw=0, want=58528, limit=40427
[  268.073289][ T8059] attempt to access beyond end of device
[  268.073289][ T8059] loop0: rw=0, want=58536, limit=40427
[  268.090885][ T8059] attempt to access beyond end of device
[  268.090885][ T8059] loop0: rw=0, want=58544, limit=40427
[  268.101982][ T8059] attempt to access beyond end of device
[  268.101982][ T8059] loop0: rw=0, want=58552, limit=40427
[  268.113525][ T8059] attempt to access beyond end of device
[  268.113525][ T8059] loop0: rw=0, want=58560, limit=40427
[  268.128078][ T8059] attempt to access beyond end of device
[  268.128078][ T8059] loop0: rw=0, want=58568, limit=40427
[  268.139227][ T8059] attempt to access beyond end of device
[  268.139227][ T8059] loop0: rw=0, want=58576, limit=40427
[  268.150251][ T8059] attempt to access beyond end of device
[  268.150251][ T8059] loop0: rw=0, want=58584, limit=40427
[  268.161225][ T8059] attempt to access beyond end of device
[  268.161225][ T8059] loop0: rw=0, want=58592, limit=40427
[  268.617261][  T313] usbhid 5-1:0.0: can't add hid device: -71
[  268.623079][  T313] usbhid: probe of 5-1:0.0 failed with error -71
[  268.644236][  T313] usb 5-1: USB disconnect, device number 32
[  268.653129][ T8239] loop1: detected capacity change from 0 to 65536
[  268.719680][ T8241] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.736641][ T8241] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.744336][ T8241] device bridge_slave_0 entered promiscuous mode
[  268.757783][ T8241] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.775006][ T8241] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.795395][ T8241] device bridge_slave_1 entered promiscuous mode
[  268.963967][ T8241] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.970850][ T8241] bridge0: port 2(bridge_slave_1) entered forwarding state
[  268.977963][ T8241] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.984709][ T8241] bridge0: port 1(bridge_slave_0) entered forwarding state
[  269.138236][   T30] audit: type=1400 audit(1721076255.473:1755): avc:  denied  { nlmsg_write } for  pid=8255 comm="syz.1.2779" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  269.201702][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  269.210061][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  269.219564][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  269.226843][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  269.253297][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  269.267346][ T8250] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.274807][ T8250] bridge0: port 1(bridge_slave_0) entered disabled state
[  269.282607][ T8250] device bridge_slave_0 entered promiscuous mode
[  269.289980][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  269.308924][ T8250] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.315936][ T8250] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.323986][ T8250] device bridge_slave_1 entered promiscuous mode
[  269.339044][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  269.347727][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  269.355457][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  269.362817][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  269.384045][ T8241] device veth0_vlan entered promiscuous mode
[  269.430758][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  269.444192][ T8241] device veth1_macvtap entered promiscuous mode
[  269.511927][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  269.522710][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  269.620374][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  269.634652][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  269.650271][  T314] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.657150][  T314] bridge0: port 1(bridge_slave_0) entered forwarding state
[  269.679271][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  269.698600][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  269.714172][  T314] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.721048][  T314] bridge0: port 2(bridge_slave_1) entered forwarding state
[  269.743368][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  269.771547][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  269.785937][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  269.802447][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  269.818275][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  269.841053][ T8250] device veth0_vlan entered promiscuous mode
[  269.855544][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  269.865598][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  269.888900][ T8250] device veth1_macvtap entered promiscuous mode
[  269.901173][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  269.909637][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  269.910293][ T8272] loop4: detected capacity change from 0 to 40427
[  269.923393][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  269.940165][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  269.954835][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  269.955419][ T8272] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  269.978656][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  269.984694][ T8272] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  269.988926][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  270.004226][ T8272] F2FS-fs (loop4): Unrecognized mount option "0xffffffffffffffff" or missing value
[  270.013992][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  270.037394][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  271.112249][ T8282] loop1: detected capacity change from 0 to 65536
[  271.625211][   T30] audit: type=1400 audit(1721076257.953:1756): avc:  denied  { read } for  pid=8317 comm="syz.1.2798" name="usbmon0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  271.671091][   T30] audit: type=1400 audit(1721076257.993:1757): avc:  denied  { open } for  pid=8317 comm="syz.1.2798" path="/dev/usbmon0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  271.716984][   T30] audit: type=1326 audit(1721076257.993:1758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8317 comm="syz.1.2798" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa831648bd9 code=0x0
[  271.763856][   T30] audit: type=1400 audit(1721076258.093:1759): avc:  denied  { write } for  pid=8317 comm="syz.1.2798" name="usbmon0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  272.684534][ T8335] cgroup: No subsys list or none specified
[  273.047024][ T8059] handle_bad_sector: 97100 callbacks suppressed
[  273.047045][ T8059] attempt to access beyond end of device
[  273.047045][ T8059] loop0: rw=524288, want=59208, limit=40427
[  273.064681][ T8059] attempt to access beyond end of device
[  273.064681][ T8059] loop0: rw=524288, want=59216, limit=40427
[  273.076168][ T8059] attempt to access beyond end of device
[  273.076168][ T8059] loop0: rw=524288, want=59224, limit=40427
[  273.097200][ T8059] attempt to access beyond end of device
[  273.097200][ T8059] loop0: rw=524288, want=59232, limit=40427
[  273.117008][ T8059] attempt to access beyond end of device
[  273.117008][ T8059] loop0: rw=524288, want=59240, limit=40427
[  273.138423][ T8059] attempt to access beyond end of device
[  273.138423][ T8059] loop0: rw=524288, want=59248, limit=40427
[  273.167069][ T8059] attempt to access beyond end of device
[  273.167069][ T8059] loop0: rw=524288, want=59256, limit=40427
[  273.187056][ T8059] attempt to access beyond end of device
[  273.187056][ T8059] loop0: rw=524288, want=59264, limit=40427
[  273.198782][ T8331] loop1: detected capacity change from 0 to 40427
[  273.215339][ T8059] attempt to access beyond end of device
[  273.215339][ T8059] loop0: rw=524288, want=59272, limit=40427
[  273.226792][ T8059] attempt to access beyond end of device
[  273.226792][ T8059] loop0: rw=524288, want=59280, limit=40427
[  273.268147][ T8331] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  273.285807][ T8331] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  273.297159][ T8331] F2FS-fs (loop1): invalid crc value
[  273.377836][ T8331] F2FS-fs (loop1): Found nat_bits in checkpoint
[  273.459471][   T30] audit: type=1326 audit(1721076259.793:1760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8343 comm="syz.3.2806" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8fe8ddfbd9 code=0x0
[  273.497402][ T8331] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  273.534123][ T8331] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  273.547346][ T8331] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  273.623945][ T8329] loop4: detected capacity change from 0 to 65536
[  273.632633][ T8345] bridge0: port 1(bridge_slave_0) entered blocking state
[  273.647764][ T8345] bridge0: port 1(bridge_slave_0) entered disabled state
[  273.657410][ T8345] device bridge_slave_0 entered promiscuous mode
[  273.674411][ T8345] bridge0: port 2(bridge_slave_1) entered blocking state
[  273.694182][ T8345] bridge0: port 2(bridge_slave_1) entered disabled state
[  273.722419][ T8345] device bridge_slave_1 entered promiscuous mode
[  273.931214][ T8345] bridge0: port 2(bridge_slave_1) entered blocking state
[  273.938096][ T8345] bridge0: port 2(bridge_slave_1) entered forwarding state
[  273.945188][ T8345] bridge0: port 1(bridge_slave_0) entered blocking state
[  273.951980][ T8345] bridge0: port 1(bridge_slave_0) entered forwarding state
[  274.048519][ T4830] device bridge_slave_1 left promiscuous mode
[  274.054460][ T4830] bridge0: port 2(bridge_slave_1) entered disabled state
[  274.072098][ T4830] device bridge_slave_0 left promiscuous mode
[  274.097116][ T4830] bridge0: port 1(bridge_slave_0) entered disabled state
[  274.117060][ T4830] device veth1_macvtap left promiscuous mode
[  274.122882][ T4830] device veth0_vlan left promiscuous mode
[  274.367004][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  274.376618][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  274.394992][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  274.433907][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  274.444014][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  274.464130][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  274.474536][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  274.496138][ T8345] device veth0_vlan entered promiscuous mode
[  274.504590][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  274.514490][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  274.532772][ T8345] device veth1_macvtap entered promiscuous mode
[  274.544924][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  274.552634][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  274.566109][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  274.579436][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  274.591354][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  274.610420][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  274.622966][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  274.636584][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  274.649719][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  274.775613][   T30] audit: type=1400 audit(1721076261.103:1761): avc:  denied  { name_bind } for  pid=8373 comm="syz.2.2813" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  275.397050][  T316] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  275.787124][  T316] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  275.806959][  T316] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  275.826650][  T316] usb 4-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  275.854405][  T316] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.904130][   T30] audit: type=1326 audit(1721076262.233:1762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8392 comm="syz.4.2820" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f871c023bd9 code=0x0
[  275.927746][  T316] usb 4-1: config 0 descriptor??
[  276.467014][  T316] usbhid 4-1:0.0: can't add hid device: -71
[  276.472824][  T316] usbhid: probe of 4-1:0.0 failed with error -71
[  276.496033][  T316] usb 4-1: USB disconnect, device number 21
[  276.884129][   T30] audit: type=1400 audit(1721076263.213:1763): avc:  denied  { ioctl } for  pid=8407 comm="syz.4.2825" path="socket:[62660]" dev="sockfs" ino=62660 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  276.948195][ T8408] device syzkaller0 entered promiscuous mode
[  277.424818][ T8422] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[  278.085416][ T8419] loop4: detected capacity change from 0 to 40427
[  278.091748][ T8059] handle_bad_sector: 46787 callbacks suppressed
[  278.091764][ T8059] attempt to access beyond end of device
[  278.091764][ T8059] loop0: rw=0, want=58800, limit=40427
[  278.309638][ T8419] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  278.327533][ T8059] attempt to access beyond end of device
[  278.327533][ T8059] loop0: rw=0, want=58808, limit=40427
[  278.358953][ T8419] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  278.369426][ T8059] attempt to access beyond end of device
[  278.369426][ T8059] loop0: rw=0, want=58816, limit=40427
[  278.393886][ T8059] attempt to access beyond end of device
[  278.393886][ T8059] loop0: rw=0, want=58824, limit=40427
[  278.412546][ T8059] attempt to access beyond end of device
[  278.412546][ T8059] loop0: rw=0, want=58832, limit=40427
[  278.424482][ T8419] F2FS-fs (loop4): Found nat_bits in checkpoint
[  278.452399][ T8059] attempt to access beyond end of device
[  278.452399][ T8059] loop0: rw=0, want=58840, limit=40427
[  278.484327][ T8059] attempt to access beyond end of device
[  278.484327][ T8059] loop0: rw=0, want=58848, limit=40427
[  278.509700][ T8059] attempt to access beyond end of device
[  278.509700][ T8059] loop0: rw=0, want=58856, limit=40427
[  278.520952][ T8419] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  278.531500][ T8419] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  278.547064][ T8059] attempt to access beyond end of device
[  278.547064][ T8059] loop0: rw=0, want=58864, limit=40427
[  278.587139][ T8059] attempt to access beyond end of device
[  278.587139][ T8059] loop0: rw=0, want=58872, limit=40427
[  278.599513][ T8419] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  278.620749][ T8419] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  278.698978][ T8419] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix.
[  278.716954][ T8419] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix.
[  278.735821][ T8419] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix.
[  278.755113][ T8419] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix.
[  278.774092][ T8419] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix.
[  278.787012][ T8419] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix.
[  278.805799][ T8419] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix.
[  278.825692][ T8419] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix.
[  279.163656][ T8447] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2834'.
[  280.376901][ T8451] loop4: detected capacity change from 0 to 131072
[  280.494492][ T8451] F2FS-fs (loop4): Invalid log sectorsize (67108873)
[  280.504267][ T8451] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  280.523044][ T8451] F2FS-fs (loop4): invalid crc value
[  280.563533][ T8451] F2FS-fs (loop4): Found nat_bits in checkpoint
[  280.664344][ T8451] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  280.686982][ T8451] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  280.747644][ T8451] F2FS-fs (loop4): inode (7) has corrupted xattr
[  280.774014][ T8451] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=7
[  280.817045][ T8451] F2FS-fs (loop4): inode (7) has corrupted xattr
[  280.823232][ T8451] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=7
[  280.857080][ T8451] F2FS-fs (loop4): inode (7) has corrupted xattr
[  281.480429][ T8476] loop4: detected capacity change from 0 to 256
[  281.558437][ T8478] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[  281.864624][ T8484] loop4: detected capacity change from 0 to 256
[  281.958460][ T8484] exfat: Bad value for 'uid'
[  282.563135][   T30] audit: type=1400 audit(1721076268.893:1764): avc:  denied  { bind } for  pid=8491 comm="syz.4.2850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  282.621012][ T4830] Bluetooth: hci0: Frame reassembly failed (-84)
[  282.755878][ T8495] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.797010][ T8495] bridge0: port 1(bridge_slave_0) entered disabled state
[  282.814451][ T8495] device bridge_slave_0 entered promiscuous mode
[  282.836146][ T8495] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.874964][ T8495] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.897460][ T8495] device bridge_slave_1 entered promiscuous mode
[  283.106820][ T8059] handle_bad_sector: 44817 callbacks suppressed
[  283.106840][ T8059] attempt to access beyond end of device
[  283.106840][ T8059] loop0: rw=524288, want=59016, limit=40427
[  283.170377][ T8059] attempt to access beyond end of device
[  283.170377][ T8059] loop0: rw=524288, want=59024, limit=40427
[  283.182706][ T2213] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  283.197859][ T2213] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  283.226571][ T2213] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  283.245534][ T2213] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  283.253788][ T2213] bridge0: port 1(bridge_slave_0) entered blocking state
[  283.260647][ T2213] bridge0: port 1(bridge_slave_0) entered forwarding state
[  283.277030][ T8059] attempt to access beyond end of device
[  283.277030][ T8059] loop0: rw=524288, want=59032, limit=40427
[  283.297082][ T2213] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  283.315397][ T2213] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  283.325360][ T8059] attempt to access beyond end of device
[  283.325360][ T8059] loop0: rw=524288, want=59040, limit=40427
[  283.327166][ T2213] bridge0: port 2(bridge_slave_1) entered blocking state
[  283.343411][ T2213] bridge0: port 2(bridge_slave_1) entered forwarding state
[  283.366909][ T8059] attempt to access beyond end of device
[  283.366909][ T8059] loop0: rw=524288, want=59048, limit=40427
[  283.377095][ T2213] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  283.386470][ T2213] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  283.404307][ T8059] attempt to access beyond end of device
[  283.404307][ T8059] loop0: rw=524288, want=59056, limit=40427
[  283.417304][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  283.445291][ T8059] attempt to access beyond end of device
[  283.445291][ T8059] loop0: rw=524288, want=59064, limit=40427
[  283.468550][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  283.507071][ T8059] attempt to access beyond end of device
[  283.507071][ T8059] loop0: rw=524288, want=59072, limit=40427
[  283.519818][ T8495] device veth0_vlan entered promiscuous mode
[  283.537171][ T2213] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  283.547223][ T8059] attempt to access beyond end of device
[  283.547223][ T8059] loop0: rw=524288, want=59080, limit=40427
[  283.552398][ T8495] device veth1_macvtap entered promiscuous mode
[  283.578735][ T8059] attempt to access beyond end of device
[  283.578735][ T8059] loop0: rw=524288, want=59088, limit=40427
[  283.578777][ T2213] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  283.617461][ T2213] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  283.624765][ T2213] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  283.656230][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  283.664510][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  283.964572][ T8510] cgroup: No subsys list or none specified
[  284.697468][   T20] Bluetooth: hci0: command 0x1003 tx timeout
[  284.703319][ T4450] Bluetooth: hci0: sending frame failed (-49)
[  284.998919][ T8518] bridge0: port 1(bridge_slave_0) entered blocking state
[  285.006999][ T8518] bridge0: port 1(bridge_slave_0) entered disabled state
[  285.014257][ T8518] device bridge_slave_0 entered promiscuous mode
[  285.031445][ T8518] bridge0: port 2(bridge_slave_1) entered blocking state
[  285.040662][ T8518] bridge0: port 2(bridge_slave_1) entered disabled state
[  285.051218][ T8518] device bridge_slave_1 entered promiscuous mode
[  285.232095][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  285.248021][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  285.271508][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  285.289807][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  285.317183][  T299] bridge0: port 1(bridge_slave_0) entered blocking state
[  285.324046][  T299] bridge0: port 1(bridge_slave_0) entered forwarding state
[  285.337079][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  285.365493][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  285.373867][  T299] bridge0: port 2(bridge_slave_1) entered blocking state
[  285.380743][  T299] bridge0: port 2(bridge_slave_1) entered forwarding state
[  285.419898][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  285.440240][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  285.450300][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  285.470509][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  285.480521][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  285.501683][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  285.517290][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  285.537680][ T8518] device veth0_vlan entered promiscuous mode
[  285.545545][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  285.564152][ T8518] device veth1_macvtap entered promiscuous mode
[  285.573395][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  285.587612][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  285.594890][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  285.617154][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  285.625348][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  285.637664][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  285.649332][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  285.662665][  T382] device bridge_slave_1 left promiscuous mode
[  285.671743][  T382] bridge0: port 2(bridge_slave_1) entered disabled state
[  285.681479][  T382] device bridge_slave_0 left promiscuous mode
[  285.690722][  T382] bridge0: port 1(bridge_slave_0) entered disabled state
[  285.725620][  T382] device veth1_macvtap left promiscuous mode
[  285.736919][  T382] device veth0_vlan left promiscuous mode
[  286.777381][  T299] Bluetooth: hci0: command 0x1001 tx timeout
[  286.783256][ T4450] Bluetooth: hci0: sending frame failed (-49)
[  287.294352][   T30] audit: type=1400 audit(1721076273.623:1765): avc:  denied  { getopt } for  pid=8553 comm="syz.1.2866" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  287.348004][  T299] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  287.532225][   T30] audit: type=1326 audit(1721076273.863:1766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8561 comm="syz.1.2870" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4215174bd9 code=0x0
[  287.738631][  T299] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  287.766973][  T299] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  287.776522][  T299] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  287.806978][  T299] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  287.816450][  T299] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  288.150319][ T8059] handle_bad_sector: 27572 callbacks suppressed
[  288.150339][ T8059] attempt to access beyond end of device
[  288.150339][ T8059] loop0: rw=524288, want=58488, limit=40427
[  288.186095][ T8059] attempt to access beyond end of device
[  288.186095][ T8059] loop0: rw=524288, want=58496, limit=40427
[  288.215660][ T8059] attempt to access beyond end of device
[  288.215660][ T8059] loop0: rw=524288, want=58504, limit=40427
[  288.217271][  T299] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  288.245057][  T299] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  288.247066][ T8059] attempt to access beyond end of device
[  288.247066][ T8059] loop0: rw=524288, want=58512, limit=40427
[  288.257015][  T299] usb 3-1: Product: syz
[  288.275350][  T299] usb 3-1: Manufacturer: syz
[  288.281902][  T299] usb 3-1: SerialNumber: syz
[  288.287052][ T8059] attempt to access beyond end of device
[  288.287052][ T8059] loop0: rw=524288, want=58520, limit=40427
[  288.317023][ T8059] attempt to access beyond end of device
[  288.317023][ T8059] loop0: rw=524288, want=58528, limit=40427
[  288.337082][ T8059] attempt to access beyond end of device
[  288.337082][ T8059] loop0: rw=524288, want=58536, limit=40427
[  288.367033][ T8059] attempt to access beyond end of device
[  288.367033][ T8059] loop0: rw=524288, want=58544, limit=40427
[  288.387068][ T8059] attempt to access beyond end of device
[  288.387068][ T8059] loop0: rw=524288, want=58552, limit=40427
[  288.407051][ T8059] attempt to access beyond end of device
[  288.407051][ T8059] loop0: rw=524288, want=58560, limit=40427
[  288.857215][   T20] Bluetooth: hci0: command 0x1009 tx timeout
[  289.217118][  T299] cdc_ncm 3-1:1.0: bind() failure
[  289.223177][  T299] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  289.240176][  T299] cdc_ncm 3-1:1.1: bind() failure
[  289.267834][  T299] usb 3-1: USB disconnect, device number 11
[  290.189489][ T8578] loop2: detected capacity change from 0 to 40427
[  290.258232][ T8578] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  290.270278][ T8578] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  290.516275][ T8578] F2FS-fs (loop2): Found nat_bits in checkpoint
[  290.645448][ T8578] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  290.669886][ T8578] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  290.706738][ T8578] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  290.746756][ T8578] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  290.956158][ T8592] overlayfs: failed to resolve './file1': -2
[  291.100020][ T8578] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix.
[  291.127124][ T8578] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix.
[  291.156566][ T8578] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix.
[  291.176627][ T8578] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix.
[  291.206459][   T30] audit: type=1400 audit(1721076277.533:1767): avc:  denied  { read } for  pid=8593 comm="syz.1.2879" name="loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  291.370342][ T8578] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix.
[  291.387098][ T8578] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix.
[  291.395887][ T8578] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix.
[  291.413605][   T30] audit: type=1400 audit(1721076277.533:1768): avc:  denied  { open } for  pid=8593 comm="syz.1.2879" path="/dev/loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  291.466976][ T8578] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix.
[  291.476378][   T30] audit: type=1400 audit(1721076277.533:1769): avc:  denied  { ioctl } for  pid=8593 comm="syz.1.2879" path="/dev/loop-control" dev="devtmpfs" ino=111 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  293.195987][ T8059] handle_bad_sector: 41458 callbacks suppressed
[  293.196007][ T8059] attempt to access beyond end of device
[  293.196007][ T8059] loop0: rw=524288, want=58456, limit=40427
[  293.232850][ T8059] attempt to access beyond end of device
[  293.232850][ T8059] loop0: rw=524288, want=58464, limit=40427
[  293.253461][ T8059] attempt to access beyond end of device
[  293.253461][ T8059] loop0: rw=524288, want=58472, limit=40427
[  293.268074][ T8059] attempt to access beyond end of device
[  293.268074][ T8059] loop0: rw=524288, want=58480, limit=40427
[  293.434555][ T8059] attempt to access beyond end of device
[  293.434555][ T8059] loop0: rw=524288, want=58488, limit=40427
[  293.524481][ T8059] attempt to access beyond end of device
[  293.524481][ T8059] loop0: rw=524288, want=58496, limit=40427
[  293.540959][ T8629] bridge0: port 1(bridge_slave_0) entered blocking state
[  293.587879][ T8059] attempt to access beyond end of device
[  293.587879][ T8059] loop0: rw=524288, want=58504, limit=40427
[  293.599191][ T8059] attempt to access beyond end of device
[  293.599191][ T8059] loop0: rw=524288, want=58512, limit=40427
[  293.607908][ T8629] bridge0: port 1(bridge_slave_0) entered disabled state
[  293.611717][ T8059] attempt to access beyond end of device
[  293.611717][ T8059] loop0: rw=524288, want=58520, limit=40427
[  293.628637][ T8059] attempt to access beyond end of device
[  293.628637][ T8059] loop0: rw=524288, want=58528, limit=40427
[  293.648242][ T8629] device bridge_slave_0 entered promiscuous mode
[  293.681957][ T8629] bridge0: port 2(bridge_slave_1) entered blocking state
[  293.703767][ T8616] loop2: detected capacity change from 0 to 131072
[  293.715247][ T8629] bridge0: port 2(bridge_slave_1) entered disabled state
[  293.742922][ T8629] device bridge_slave_1 entered promiscuous mode
[  293.819705][ T8616] F2FS-fs (loop2): Invalid log sectorsize (67108873)
[  293.829335][ T8616] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  293.859920][ T8616] F2FS-fs (loop2): invalid crc value
[  293.894624][ T8629] bridge0: port 2(bridge_slave_1) entered blocking state
[  293.901504][ T8629] bridge0: port 2(bridge_slave_1) entered forwarding state
[  293.908592][ T8629] bridge0: port 1(bridge_slave_0) entered blocking state
[  293.915365][ T8629] bridge0: port 1(bridge_slave_0) entered forwarding state
[  293.925587][ T8616] F2FS-fs (loop2): Found nat_bits in checkpoint
[  293.988398][ T5169] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  294.006867][ T5169] bridge0: port 1(bridge_slave_0) entered disabled state
[  294.024242][ T8616] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  294.031726][ T5169] bridge0: port 2(bridge_slave_1) entered disabled state
[  294.035232][ T8616] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  294.072257][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  294.087322][ T8616] F2FS-fs (loop2): inode (7) has corrupted xattr
[  294.095567][ T8616] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=7
[  294.112676][  T299] bridge0: port 1(bridge_slave_0) entered blocking state
[  294.119554][  T299] bridge0: port 1(bridge_slave_0) entered forwarding state
[  294.126678][ T8616] F2FS-fs (loop2): inode (7) has corrupted xattr
[  294.142151][ T8616] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=7
[  294.157072][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  294.165070][  T299] bridge0: port 2(bridge_slave_1) entered blocking state
[  294.171921][  T299] bridge0: port 2(bridge_slave_1) entered forwarding state
[  294.173977][ T8616] F2FS-fs (loop2): inode (7) has corrupted xattr
[  294.208604][ T5169] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  294.226611][ T5169] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  294.254410][ T8629] device veth0_vlan entered promiscuous mode
[  294.285122][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  294.293471][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  294.317237][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  294.324913][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  294.348261][  T383] device bridge_slave_1 left promiscuous mode
[  294.354217][  T383] bridge0: port 2(bridge_slave_1) entered disabled state
[  294.363089][  T383] device bridge_slave_0 left promiscuous mode
[  294.377476][  T383] bridge0: port 1(bridge_slave_0) entered disabled state
[  294.407272][  T383] device veth1_macvtap left promiscuous mode
[  294.413097][  T383] device veth0_vlan left promiscuous mode
[  294.737901][ T2213] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  294.755362][ T2213] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  294.775505][ T2213] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  294.805770][ T2213] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  294.815211][ T8629] device veth1_macvtap entered promiscuous mode
[  294.848650][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  294.861284][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  294.885822][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  294.945258][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  294.973671][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  297.028338][   T30] audit: type=1400 audit(1721076283.363:1770): avc:  denied  { mounton } for  pid=8694 comm="syz.3.2909" path="/36/file0" dev="ramfs" ino=64240 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[  297.100907][   T30] audit: type=1400 audit(1721076283.413:1771): avc:  denied  { remount } for  pid=8694 comm="syz.3.2909" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  297.182691][   T30] audit: type=1400 audit(1721076283.513:1772): avc:  denied  { ioctl } for  pid=8700 comm="syz.3.2911" path="/dev/binderfs/binder0" dev="binder" ino=22 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  297.268857][   T30] audit: type=1400 audit(1721076283.543:1773): avc:  denied  { set_context_mgr } for  pid=8700 comm="syz.3.2911" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  297.463543][ T8709] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8709 comm=syz.2.2914
[  297.601150][   T30] audit: type=1400 audit(1721076283.553:1774): avc:  denied  { map } for  pid=8700 comm="syz.3.2911" path="/dev/binderfs/binder0" dev="binder" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  297.626215][   T30] audit: type=1400 audit(1721076283.553:1775): avc:  denied  { call } for  pid=8700 comm="syz.3.2911" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  297.817666][  T313] Bluetooth: hci0: command 0x1003 tx timeout
[  297.823722][ T4450] Bluetooth: hci0: sending frame failed (-49)
[  298.176086][ T2213] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  298.197258][ T8059] handle_bad_sector: 38254 callbacks suppressed
[  298.197279][ T8059] attempt to access beyond end of device
[  298.197279][ T8059] loop0: rw=524288, want=57368, limit=40427
[  298.214709][ T8059] attempt to access beyond end of device
[  298.214709][ T8059] loop0: rw=524288, want=57376, limit=40427
[  298.226690][ T8059] attempt to access beyond end of device
[  298.226690][ T8059] loop0: rw=524288, want=57384, limit=40427
[  298.245170][ T8059] attempt to access beyond end of device
[  298.245170][ T8059] loop0: rw=524288, want=57392, limit=40427
[  298.273865][ T8059] attempt to access beyond end of device
[  298.273865][ T8059] loop0: rw=524288, want=57400, limit=40427
[  298.315646][ T8059] attempt to access beyond end of device
[  298.315646][ T8059] loop0: rw=524288, want=57408, limit=40427
[  298.357207][ T8059] attempt to access beyond end of device
[  298.357207][ T8059] loop0: rw=524288, want=57416, limit=40427
[  298.380538][ T8720] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  298.384851][ T8059] attempt to access beyond end of device
[  298.384851][ T8059] loop0: rw=524288, want=57424, limit=40427
[  298.416007][ T8059] attempt to access beyond end of device
[  298.416007][ T8059] loop0: rw=524288, want=57432, limit=40427
[  298.427027][ T8720] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  298.430072][ T8059] attempt to access beyond end of device
[  298.430072][ T8059] loop0: rw=524288, want=57440, limit=40427
[  298.557074][ T2213] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  298.579084][ T2213] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  299.072764][ T8734] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[  299.082563][ T8734] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev tmpfs, type tmpfs) errno=-22
[  299.372984][ T2213] usb 3-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00
[  299.381956][ T2213] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.393051][ T2213] usb 3-1: config 0 descriptor??
[  299.444383][   T30] audit: type=1400 audit(1721076285.773:1776): avc:  denied  { unmount } for  pid=8629 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  299.489959][ T8742] sch_fq: defrate 0 ignored.
[  299.668188][ T8751] APIC base relocation is unsupported by KVM
[  299.668385][ T8751] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3728620137 (477263377536 ns) > initial count (31325312 ns). Using initial count to start timer.
[  299.699586][ T8755] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  299.719019][ T8755] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  299.896973][  T316] Bluetooth: hci0: command 0x1001 tx timeout
[  299.902880][ T4450] Bluetooth: hci0: sending frame failed (-49)
[  299.947306][ T2213] hid (null): global environment stack underflow
[  299.967604][ T2213] uclogic 0003:5543:0522.0033: global environment stack underflow
[  299.995485][ T2213] uclogic 0003:5543:0522.0033: item 0 1 1 11 parsing failed
[  300.054425][ T2213] uclogic 0003:5543:0522.0033: parse failed
[  300.407483][ T2213] uclogic: probe of 0003:5543:0522.0033 failed with error -22
[  300.602418][ T2213] usb 3-1: USB disconnect, device number 12
[  300.875033][ T8777] sch_fq: defrate 0 ignored.
[  300.891987][   T30] audit: type=1400 audit(1721076287.223:1777): avc:  denied  { create } for  pid=8778 comm="syz.4.2940" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  301.030346][ T8786] device syzkaller0 entered promiscuous mode
[  301.038129][   T30] audit: type=1326 audit(1721076287.373:1778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8790 comm="syz.0.2944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2583e8bd9 code=0x7ffc0000
[  301.090450][   T30] audit: type=1326 audit(1721076287.373:1779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8790 comm="syz.0.2944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2583e8bd9 code=0x7ffc0000
[  301.769992][ T8815] sch_fq: defrate 0 ignored.
[  301.977015][  T316] Bluetooth: hci0: command 0x1009 tx timeout
[  302.158638][ T8844] sch_fq: defrate 0 ignored.
[  302.798219][ T8867] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2972'.
[  302.824749][ T8867] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2972'.
[  303.220225][ T8059] handle_bad_sector: 35672 callbacks suppressed
[  303.220248][ T8059] attempt to access beyond end of device
[  303.220248][ T8059] loop0: rw=0, want=58152, limit=40427
[  303.263174][ T8059] attempt to access beyond end of device
[  303.263174][ T8059] loop0: rw=0, want=58160, limit=40427
[  303.274838][ T8059] attempt to access beyond end of device
[  303.274838][ T8059] loop0: rw=0, want=58168, limit=40427
[  303.314888][ T8059] attempt to access beyond end of device
[  303.314888][ T8059] loop0: rw=0, want=58176, limit=40427
[  303.357057][ T8059] attempt to access beyond end of device
[  303.357057][ T8059] loop0: rw=0, want=58184, limit=40427
[  303.464003][ T8059] attempt to access beyond end of device
[  303.464003][ T8059] loop0: rw=0, want=58192, limit=40427
[  303.492289][ T8059] attempt to access beyond end of device
[  303.492289][ T8059] loop0: rw=0, want=58200, limit=40427
[  303.670665][ T8059] attempt to access beyond end of device
[  303.670665][ T8059] loop0: rw=0, want=58208, limit=40427
[  303.796573][ T8059] attempt to access beyond end of device
[  303.796573][ T8059] loop0: rw=0, want=58216, limit=40427
[  303.808647][ T8059] attempt to access beyond end of device
[  303.808647][ T8059] loop0: rw=0, want=58224, limit=40427
[  303.844680][ T8898] tipc: Started in network mode
[  303.864097][ T8898] tipc: Node identity dea5471d5061, cluster identity 4711
[  303.881851][ T8898] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  303.896071][ T8899] ªªªªªª: renamed from syzkaller0
[  303.912845][ T8899] tipc: Disabling bearer <eth:syzkaller0>
[  303.954359][ T8901] device pim6reg1 entered promiscuous mode
[  304.049549][   T30] kauditd_printk_skb: 104 callbacks suppressed
[  304.049564][   T30] audit: type=1326 audit(1721076290.383:1884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8908 comm="syz.2.2987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b18054bd9 code=0x7ffc0000
[  304.109139][   T30] audit: type=1326 audit(1721076290.413:1885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8908 comm="syz.2.2987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=270 compat=0 ip=0x7f4b18054bd9 code=0x7ffc0000
[  305.275926][ T8931] device syzkaller0 entered promiscuous mode
[  305.761739][ T8940] device pim6reg1 entered promiscuous mode
[  306.087159][   T30] audit: type=1326 audit(1721076292.403:1886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8950 comm="syz.4.3000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddb3d62bd9 code=0x7ffc0000
[  306.133118][ T8941] bridge0: port 1(bridge_slave_0) entered blocking state
[  306.144988][ T8941] bridge0: port 1(bridge_slave_0) entered disabled state
[  306.152975][ T8941] device bridge_slave_0 entered promiscuous mode
[  306.160494][ T8954] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3001'.
[  306.173564][   T30] audit: type=1326 audit(1721076292.403:1887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8950 comm="syz.4.3000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7fddb3d62bd9 code=0x7ffc0000
[  306.173847][ T8941] bridge0: port 2(bridge_slave_1) entered blocking state
[  306.196867][   T30] audit: type=1326 audit(1721076292.403:1888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8950 comm="syz.4.3000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddb3d62bd9 code=0x7ffc0000
[  306.227279][ T8941] bridge0: port 2(bridge_slave_1) entered disabled state
[  306.234563][ T8941] device bridge_slave_1 entered promiscuous mode
[  306.321081][ T8956] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3002'.
[  306.347276][   T30] audit: type=1400 audit(1721076292.683:1889): avc:  denied  { accept } for  pid=8955 comm="syz.2.3002" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  306.436314][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  306.447089][   T60] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  306.447617][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  306.495306][ T2214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  306.508639][ T2214] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  306.524815][ T2214] bridge0: port 1(bridge_slave_0) entered blocking state
[  306.531686][ T2214] bridge0: port 1(bridge_slave_0) entered forwarding state
[  306.565846][ T2214] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  306.584337][ T2214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  306.600789][ T2214] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  306.623280][ T2214] bridge0: port 2(bridge_slave_1) entered blocking state
[  306.630162][ T2214] bridge0: port 2(bridge_slave_1) entered forwarding state
[  306.662240][  T383] Bluetooth: hci0: Frame reassembly failed (-84)
[  306.687080][ T2214] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  306.716993][   T60] usb 5-1: Using ep0 maxpacket: 16
[  306.740502][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  306.763423][ T8941] device veth0_vlan entered promiscuous mode
[  306.780070][ T2214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  306.807661][ T2214] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  306.814968][ T2214] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  306.838055][ T2214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  306.847158][   T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  306.867629][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  306.877105][   T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  306.886736][ T8941] device veth1_macvtap entered promiscuous mode
[  306.897236][   T60] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  306.907348][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  306.917788][  T316] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  306.933126][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  306.947052][   T60] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  306.966095][   T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  306.987463][   T60] usb 5-1: config 0 descriptor??
[  307.118090][    T8] device bridge_slave_1 left promiscuous mode
[  307.124136][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  307.195636][  T316] usb 3-1: Using ep0 maxpacket: 16
[  307.351337][    T8] device bridge_slave_0 left promiscuous mode
[  307.377062][  T316] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 11
[  307.388974][  T316] usb 3-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[  307.405634][  T316] usb 3-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[  307.407074][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  307.423280][  T316] usb 3-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[  307.437138][    T8] device veth1_macvtap left promiscuous mode
[  307.447184][    T8] device veth0_vlan left promiscuous mode
[  307.455197][  T316] usb 3-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[  307.474050][  T316] usb 3-1: config 1 interface 0 has no altsetting 0
[  307.486710][  T316] usb 3-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[  307.503830][  T316] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  307.568310][   T60] microsoft 0003:045E:07DA.0034: No inputs registered, leaving
[  307.586664][   T60] microsoft 0003:045E:07DA.0034: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  307.606324][   T60] microsoft 0003:045E:07DA.0034: no inputs found
[  307.624328][   T60] microsoft 0003:045E:07DA.0034: could not initialize ff, continuing anyway
[  307.637419][  T316] ums-sddr09 3-1:1.0: USB Mass Storage device detected
[  307.731830][ T8976] device pim6reg1 entered promiscuous mode
[  307.883907][  T299] usb 5-1: USB disconnect, device number 33
[  307.949192][  T316] ums-sddr09: probe of 3-1:1.0 failed with error -22
[  307.967398][  T316] usb 3-1: USB disconnect, device number 13
[  308.227030][ T8059] handle_bad_sector: 40345 callbacks suppressed
[  308.227052][ T8059] attempt to access beyond end of device
[  308.227052][ T8059] loop0: rw=0, want=57408, limit=40427
[  308.244254][ T8059] attempt to access beyond end of device
[  308.244254][ T8059] loop0: rw=0, want=57416, limit=40427
[  308.255226][ T8059] attempt to access beyond end of device
[  308.255226][ T8059] loop0: rw=0, want=57424, limit=40427
[  308.266982][ T8059] attempt to access beyond end of device
[  308.266982][ T8059] loop0: rw=0, want=57432, limit=40427
[  308.277813][ T8059] attempt to access beyond end of device
[  308.277813][ T8059] loop0: rw=0, want=57440, limit=40427
[  308.288875][ T8059] attempt to access beyond end of device
[  308.288875][ T8059] loop0: rw=0, want=57448, limit=40427
[  308.300101][ T8059] attempt to access beyond end of device
[  308.300101][ T8059] loop0: rw=0, want=57456, limit=40427
[  308.311092][ T8059] attempt to access beyond end of device
[  308.311092][ T8059] loop0: rw=0, want=57464, limit=40427
[  308.322106][ T8059] attempt to access beyond end of device
[  308.322106][ T8059] loop0: rw=0, want=57472, limit=40427
[  308.333120][ T8059] attempt to access beyond end of device
[  308.333120][ T8059] loop0: rw=0, want=57480, limit=40427
[  308.696987][  T962] Bluetooth: hci0: command 0x1003 tx timeout
[  308.728899][ T4450] Bluetooth: hci0: sending frame failed (-49)
[  309.126974][  T962] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  309.947032][  T962] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  309.967726][  T962] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  310.002489][ T9022] incfs: Can't find or create .index dir in ./file0
[  310.036180][ T9022] incfs: mount failed -14
[  310.087066][  T962] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  310.101916][   T30] audit: type=1326 audit(1721076296.433:1890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9023 comm="syz.3.3025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fe8ddfbd9 code=0x7ffc0000
[  310.127395][  T962] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  310.179331][   T30] audit: type=1326 audit(1721076296.433:1891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9023 comm="syz.3.3025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7f8fe8ddfbd9 code=0x7ffc0000
[  310.181817][  T962] usb 5-1: SerialNumber: syz
[  310.275412][   T30] audit: type=1326 audit(1721076296.433:1892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9023 comm="syz.3.3025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fe8ddfbd9 code=0x7ffc0000
[  310.347037][   T30] audit: type=1326 audit(1721076296.473:1893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9023 comm="syz.3.3025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fe8ddfbd9 code=0x7ffc0000
[  310.378118][ T9034] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3024'.
[  310.557040][   T30] audit: type=1326 audit(1721076296.543:1894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9025 comm="syz.3.3026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fe8ddfbd9 code=0x7ffc0000
[  310.580347][   T30] audit: type=1326 audit(1721076296.553:1895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9025 comm="syz.3.3026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8fe8ddfbd9 code=0x7ffc0000
[  310.587642][  T962] usb 5-1: 0:2 : does not exist
[  310.603658][   T30] audit: type=1326 audit(1721076296.553:1896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9025 comm="syz.3.3026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fe8ddfbd9 code=0x7ffc0000
[  310.631681][   T30] audit: type=1326 audit(1721076296.553:1897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9025 comm="syz.3.3026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fe8ddfbd9 code=0x7ffc0000
[  310.665104][   T30] audit: type=1326 audit(1721076296.553:1898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9025 comm="syz.3.3026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f8fe8ddfbd9 code=0x7ffc0000
[  310.689962][  T962] usb 5-1: USB disconnect, device number 34
[  310.743251][  T688] udevd[688]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  310.777049][   T60] Bluetooth: hci0: command 0x1001 tx timeout
[  310.781852][   T30] audit: type=1326 audit(1721076296.553:1899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9025 comm="syz.3.3026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fe8ddfbd9 code=0x7ffc0000
[  310.782905][ T4450] Bluetooth: hci0: sending frame failed (-49)
[  310.876984][   T39] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  310.926558][ T9048] tipc: Failed to remove unknown binding: 66,1,1/0:2405377338/2405377340
[  310.935220][ T9048] tipc: Failed to remove unknown binding: 66,1,1/0:2405377338/2405377340
[  310.944822][ T9048] tipc: Failed to remove unknown binding: 66,1,1/0:2405377338/2405377340
[  311.251888][ T9053] incfs: Can't find or create .index dir in ./file0
[  311.267127][ T9053] incfs: mount failed -14
[  311.397054][   T39] usb 2-1: Using ep0 maxpacket: 16
[  311.537600][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  311.557059][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  311.576964][   T39] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  311.596979][   T39] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  311.605832][   T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  311.640625][   T39] usb 2-1: config 0 descriptor??
[  311.776996][  T314] usb 3-1: new low-speed USB device number 14 using dummy_hcd
[  312.092904][ T9078] tipc: Failed to remove unknown binding: 66,1,1/0:3111079469/3111079471
[  312.118349][   T39] microsoft 0003:045E:07DA.0035: No inputs registered, leaving
[  312.126229][ T9078] tipc: Failed to remove unknown binding: 66,1,1/0:3111079469/3111079471
[  312.137942][   T39] microsoft 0003:045E:07DA.0035: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  312.147081][  T314] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 200, setting to 8
[  312.158856][ T9078] tipc: Failed to remove unknown binding: 66,1,1/0:3111079469/3111079471
[  312.166979][  T314] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 is Bulk; changing to Interrupt
[  312.167974][   T39] microsoft 0003:045E:07DA.0035: no inputs found
[  312.200907][   T39] microsoft 0003:045E:07DA.0035: could not initialize ff, continuing anyway
[  312.207019][  T314] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  312.226975][  T314] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  312.246727][  T314] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  312.281370][  T314] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  312.310998][  T314] usb 3-1: config 0 descriptor??
[  312.391470][ T9082] netlink: 5 bytes leftover after parsing attributes in process `syz.4.3046'.
[  312.412957][ T9082] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[  312.497220][ T9088] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  312.507726][ T9088] tipc: Resetting bearer <eth:syzkaller0>
[  312.526561][ T9087] tipc: Disabling bearer <eth:syzkaller0>
[  312.623101][  T299] usb 2-1: USB disconnect, device number 30
[  312.857040][   T60] Bluetooth: hci0: command 0x1009 tx timeout
[  313.149438][   T39] usb 3-1: USB disconnect, device number 14
[  313.236991][ T8059] handle_bad_sector: 41938 callbacks suppressed
[  313.237012][ T8059] attempt to access beyond end of device
[  313.237012][ T8059] loop0: rw=524288, want=59168, limit=40427
[  313.274550][ T8059] attempt to access beyond end of device
[  313.274550][ T8059] loop0: rw=524288, want=59176, limit=40427
[  313.296195][ T8059] attempt to access beyond end of device
[  313.296195][ T8059] loop0: rw=524288, want=59184, limit=40427
[  313.307805][ T8059] attempt to access beyond end of device
[  313.307805][ T8059] loop0: rw=524288, want=59192, limit=40427
[  313.327067][ T8059] attempt to access beyond end of device
[  313.327067][ T8059] loop0: rw=524288, want=59200, limit=40427
[  313.347059][ T8059] attempt to access beyond end of device
[  313.347059][ T8059] loop0: rw=524288, want=59208, limit=40427
[  313.358666][ T8059] attempt to access beyond end of device
[  313.358666][ T8059] loop0: rw=524288, want=59216, limit=40427
[  313.377016][ T8059] attempt to access beyond end of device
[  313.377016][ T8059] loop0: rw=524288, want=59224, limit=40427
[  313.397031][ T8059] attempt to access beyond end of device
[  313.397031][ T8059] loop0: rw=524288, want=59232, limit=40427
[  313.408812][ T8059] attempt to access beyond end of device
[  313.408812][ T8059] loop0: rw=524288, want=59240, limit=40427
[  314.810352][ T9120] tipc: Started in network mode
[  314.815052][ T9120] tipc: Node identity 3abbd50547bf, cluster identity 4711
[  314.857570][ T9120] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  314.866141][ T9130] tipc: Resetting bearer <eth:syzkaller0>
[  314.926986][ T9119] tipc: Disabling bearer <eth:syzkaller0>
[  315.946989][   T60] usb 3-1: new low-speed USB device number 15 using dummy_hcd
[  316.276988][   T30] kauditd_printk_skb: 23 callbacks suppressed
[  316.277014][   T30] audit: type=1400 audit(1721076302.473:1923): avc:  denied  { create } for  pid=9164 comm="syz.4.3076" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  316.397151][   T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 200, setting to 8
[  316.520765][   T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 is Bulk; changing to Interrupt
[  317.477717][   T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  317.543200][   T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  317.562952][   T60] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  317.577054][   T60] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  317.585609][   T60] usb 3-1: config 0 descriptor??
[  317.825249][ T9183] bridge0: port 1(bridge_slave_0) entered blocking state
[  317.846951][ T9183] bridge0: port 1(bridge_slave_0) entered disabled state
[  317.873833][ T9183] device bridge_slave_0 entered promiscuous mode
[  317.911965][ T9183] bridge0: port 2(bridge_slave_1) entered blocking state
[  317.929677][ T9183] bridge0: port 2(bridge_slave_1) entered disabled state
[  317.958376][ T9183] device bridge_slave_1 entered promiscuous mode
[  317.987314][  T313] usb 3-1: USB disconnect, device number 15
[  318.111231][ T9183] bridge0: port 2(bridge_slave_1) entered blocking state
[  318.118114][ T9183] bridge0: port 2(bridge_slave_1) entered forwarding state
[  318.125211][ T9183] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.131992][ T9183] bridge0: port 1(bridge_slave_0) entered forwarding state
[  318.215449][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  318.224824][  T299] bridge0: port 1(bridge_slave_0) entered disabled state
[  318.240586][  T299] bridge0: port 2(bridge_slave_1) entered disabled state
[  318.247463][ T8059] handle_bad_sector: 30133 callbacks suppressed
[  318.247478][ T8059] attempt to access beyond end of device
[  318.247478][ T8059] loop0: rw=524288, want=58648, limit=40427
[  318.281324][ T9114] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  318.285065][ T8059] attempt to access beyond end of device
[  318.285065][ T8059] loop0: rw=524288, want=58656, limit=40427
[  318.292657][ T9114] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.307212][ T9114] bridge0: port 1(bridge_slave_0) entered forwarding state
[  318.320901][ T8059] attempt to access beyond end of device
[  318.320901][ T8059] loop0: rw=524288, want=58664, limit=40427
[  318.337073][ T9114] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  318.342408][ T8059] attempt to access beyond end of device
[  318.342408][ T8059] loop0: rw=524288, want=58672, limit=40427
[  318.353697][ T9114] bridge0: port 2(bridge_slave_1) entered blocking state
[  318.362939][ T9114] bridge0: port 2(bridge_slave_1) entered forwarding state
[  318.366371][ T8059] attempt to access beyond end of device
[  318.366371][ T8059] loop0: rw=524288, want=58680, limit=40427
[  318.395418][ T8059] attempt to access beyond end of device
[  318.395418][ T8059] loop0: rw=524288, want=58688, limit=40427
[  318.410676][ T9114] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  318.425896][ T8059] attempt to access beyond end of device
[  318.425896][ T8059] loop0: rw=524288, want=58696, limit=40427
[  318.447534][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  318.452405][ T8059] attempt to access beyond end of device
[  318.452405][ T8059] loop0: rw=524288, want=58704, limit=40427
[  318.468254][  T316] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  318.470824][ T9183] device veth0_vlan entered promiscuous mode
[  318.500842][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  318.506513][ T8059] attempt to access beyond end of device
[  318.506513][ T8059] loop0: rw=524288, want=58712, limit=40427
[  318.509303][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  318.530282][ T8059] attempt to access beyond end of device
[  318.530282][ T8059] loop0: rw=524288, want=58720, limit=40427
[  318.551494][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  318.568732][   T30] audit: type=1400 audit(1721076304.903:1924): avc:  denied  { block_suspend } for  pid=9199 comm="syz.2.3085" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  318.590676][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  318.610898][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  318.630292][ T9183] device veth1_macvtap entered promiscuous mode
[  318.659322][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  318.670318][  T347] kernel write not supported for file bpf-prog (pid: 347 comm: kworker/0:4)
[  318.689673][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  318.712075][  T382] device bridge_slave_1 left promiscuous mode
[  318.719176][  T382] bridge0: port 2(bridge_slave_1) entered disabled state
[  318.754600][  T382] device bridge_slave_0 left promiscuous mode
[  318.777128][  T382] bridge0: port 1(bridge_slave_0) entered disabled state
[  318.794166][  T382] device veth1_macvtap left promiscuous mode
[  318.810189][  T382] device veth0_vlan left promiscuous mode
[  318.827013][  T313] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  318.867096][  T316] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  318.920150][ T9219] input: syz0 as /devices/virtual/input/input35
[  318.957081][  T316] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  318.977821][  T316] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  318.979070][  T347] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  318.985627][  T316] usb 2-1: SerialNumber: syz
[  319.047469][  T316] usb 2-1: bad CDC descriptors
[  319.067174][ T9216] tipc: Started in network mode
[  319.071907][ T9216] tipc: Node identity 5a0c0d28e0d4, cluster identity 4711
[  319.087051][ T9216] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  319.111548][ T9220] tipc: Resetting bearer <eth:syzkaller0>
[  319.131291][ T9210] tipc: Disabling bearer <eth:syzkaller0>
[  319.227052][  T313] usb 5-1: config 0 descriptor has 1 excess byte, ignoring
[  319.236343][  T313] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  319.253740][ T9223] SELinux: security_context_str_to_sid(user_u) failed for (dev ?, type ?) errno=-22
[  319.262998][  T313] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 6.00
[  319.263047][  T313] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.263870][  T313] usb 5-1: config 0 descriptor??
[  319.272174][ T9223] 9pnet: Insufficient options for proto=fd
[  319.407954][  T347] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  319.471373][ T9226] syz.0.3092[9226] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  319.471660][ T9226] syz.0.3092[9226] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  319.541883][   T30] audit: type=1400 audit(1721076305.828:1925): avc:  denied  { create } for  pid=9222 comm="syz.0.3092" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[  319.605752][  T347] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  319.615553][  T347] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  319.617007][  T313] usb 5-1: string descriptor 0 read error: -71
[  319.628267][  T347] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  319.643116][  T347] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.656698][  T347] usb 3-1: config 0 descriptor??
[  319.664009][  T313] usb 5-1: USB disconnect, device number 35
[  319.886724][  T313] usb 2-1: USB disconnect, device number 31
[  320.157861][  T347] plantronics 0003:047F:FFFF.0036: unknown main item tag 0x0
[  320.186535][  T347] plantronics 0003:047F:FFFF.0036: unknown main item tag 0x0
[  320.207213][  T347] plantronics 0003:047F:FFFF.0036: No inputs registered, leaving
[  320.216097][  T347] plantronics 0003:047F:FFFF.0036: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  320.428503][   T30] audit: type=1326 audit(1721076306.768:1926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9247 comm="syz.0.3102" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe33ac78bd9 code=0x0
[  320.486326][ T9114] usb 3-1: USB disconnect, device number 16
[  320.537110][  T347] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  320.573892][ T9252] input: syz0 as /devices/virtual/input/input36
[  320.633835][   T30] audit: type=1400 audit(1721076306.959:1927): avc:  denied  { module_load } for  pid=9247 comm="syz.0.3102" path=2F6D656D66643A1037202864656C6574656429 dev="tmpfs" ino=345 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=system permissive=1
[  320.633871][ T9254] Invalid ELF section header overflow
[  320.777014][  T347] usb 5-1: Using ep0 maxpacket: 32
[  320.884946][   T30] audit: type=1400 audit(1721076307.209:1928): avc:  denied  { read } for  pid=9260 comm="syz.0.3105" name="ppp" dev="devtmpfs" ino=134 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  320.897044][  T347] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  320.910348][   T30] audit: type=1400 audit(1721076307.209:1929): avc:  denied  { open } for  pid=9260 comm="syz.0.3105" path="/dev/ppp" dev="devtmpfs" ino=134 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  320.942802][   T30] audit: type=1400 audit(1721076307.259:1930): avc:  denied  { ioctl } for  pid=9260 comm="syz.0.3105" path="/dev/ppp" dev="devtmpfs" ino=134 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  320.948690][  T347] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  321.064345][  T347] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  321.077381][  T347] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  321.098456][  T347] usb 5-1: config 0 descriptor??
[  321.117089][ T9242] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  321.162443][  T347] hub 5-1:0.0: USB hub found
[  321.171428][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies.  Check SNMP counters.
[  321.227970][   T30] audit: type=1400 audit(1721076307.559:1931): avc:  denied  { append } for  pid=9274 comm="syz.2.3111" name="001" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  321.487174][  T347] hub 5-1:0.0: config failed, can't read hub descriptor (err -22)
[  321.495809][ T9284] device pim6reg1 entered promiscuous mode
[  321.607033][  T347] usbhid 5-1:0.0: can't add hid device: -71
[  321.612993][  T347] usbhid: probe of 5-1:0.0 failed with error -71
[  321.667619][  T347] usb 5-1: USB disconnect, device number 36
[  322.046962][  T313] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  322.244557][   T30] audit: type=1400 audit(1721076308.569:1932): avc:  denied  { map } for  pid=9305 comm="syz.0.3124" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=155 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  322.287020][  T299] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  322.299531][   T30] audit: type=1400 audit(1721076308.599:1933): avc:  denied  { execute } for  pid=9305 comm="syz.0.3124" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=155 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  322.437474][  T313] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  322.466791][  T313] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  322.499640][    T8] tipc: Left network mode
[  322.503870][  T313] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  322.526979][  T299] usb 5-1: Using ep0 maxpacket: 32
[  322.584618][  T313] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  322.599839][  T313] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  322.612674][  T313] usb 2-1: config 0 descriptor??
[  322.821362][  T299] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  322.857957][ T9321] bridge0: port 1(bridge_slave_0) entered blocking state
[  322.864803][ T9321] bridge0: port 1(bridge_slave_0) entered disabled state
[  322.872316][ T9321] device bridge_slave_0 entered promiscuous mode
[  322.887133][ T9321] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.894062][ T9321] bridge0: port 2(bridge_slave_1) entered disabled state
[  322.941912][ T9321] device bridge_slave_1 entered promiscuous mode
[  322.987183][  T299] usb 5-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[  322.996172][  T299] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  323.026976][  T299] usb 5-1: Product: syz
[  323.031100][  T299] usb 5-1: Manufacturer: syz
[  323.046961][  T299] usb 5-1: SerialNumber: syz
[  323.056310][  T299] usb 5-1: config 0 descriptor??
[  323.127902][ T9321] bridge0: port 2(bridge_slave_1) entered blocking state
[  323.134856][ T9321] bridge0: port 2(bridge_slave_1) entered forwarding state
[  323.141981][ T9321] bridge0: port 1(bridge_slave_0) entered blocking state
[  323.148746][ T9321] bridge0: port 1(bridge_slave_0) entered forwarding state
[  323.223724][  T962] bridge0: port 1(bridge_slave_0) entered disabled state
[  323.232658][  T313] plantronics 0003:047F:FFFF.0037: unknown main item tag 0x0
[  323.242853][  T962] bridge0: port 2(bridge_slave_1) entered disabled state
[  323.249831][  T313] plantronics 0003:047F:FFFF.0037: unknown main item tag 0x0
[  323.256995][ T8059] handle_bad_sector: 47863 callbacks suppressed
[  323.257009][ T8059] attempt to access beyond end of device
[  323.257009][ T8059] loop0: rw=0, want=58656, limit=40427
[  323.257358][ T8059] attempt to access beyond end of device
[  323.257358][ T8059] loop0: rw=0, want=58664, limit=40427
[  323.263487][  T313] plantronics 0003:047F:FFFF.0037: No inputs registered, leaving
[  323.296821][ T8059] attempt to access beyond end of device
[  323.296821][ T8059] loop0: rw=0, want=58672, limit=40427
[  323.310050][  T313] plantronics 0003:047F:FFFF.0037: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  323.310324][  T299] usb 5-1: USB disconnect, device number 37
[  323.322447][ T8059] attempt to access beyond end of device
[  323.322447][ T8059] loop0: rw=0, want=58680, limit=40427
[  323.341665][  T962] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  323.353315][  T962] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  323.377986][  T962] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  323.386046][  T962] bridge0: port 1(bridge_slave_0) entered blocking state
[  323.392902][  T962] bridge0: port 1(bridge_slave_0) entered forwarding state
[  323.400979][ T8059] attempt to access beyond end of device
[  323.400979][ T8059] loop0: rw=0, want=58688, limit=40427
[  323.412795][  T962] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  323.420924][  T962] bridge0: port 2(bridge_slave_1) entered blocking state
[  323.427779][  T962] bridge0: port 2(bridge_slave_1) entered forwarding state
[  323.442240][ T8059] attempt to access beyond end of device
[  323.442240][ T8059] loop0: rw=0, want=58696, limit=40427
[  323.465822][    T8] device bridge_slave_1 left promiscuous mode
[  323.472926][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  323.481263][    T8] device bridge_slave_0 left promiscuous mode
[  323.487417][ T8059] attempt to access beyond end of device
[  323.487417][ T8059] loop0: rw=0, want=58704, limit=40427
[  323.498959][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  323.507099][    T8] device veth1_macvtap left promiscuous mode
[  323.513189][ T8059] attempt to access beyond end of device
[  323.513189][ T8059] loop0: rw=0, want=58712, limit=40427
[  323.524284][    T8] device veth0_vlan left promiscuous mode
[  323.543070][ T8059] attempt to access beyond end of device
[  323.543070][ T8059] loop0: rw=0, want=58720, limit=40427
[  323.600311][ T9349] syz.3.3140[9349] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  323.600387][ T9349] syz.3.3140[9349] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  323.623680][ T8059] attempt to access beyond end of device
[  323.623680][ T8059] loop0: rw=0, want=58728, limit=40427
[  323.649361][  T316] usb 2-1: USB disconnect, device number 32
[  323.741421][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  323.751408][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  323.767289][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  323.777404][ T9321] device veth0_vlan entered promiscuous mode
[  323.798335][  T962] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  323.806139][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  323.827592][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  323.840860][ T9321] device veth1_macvtap entered promiscuous mode
[  323.856814][  T962] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  323.872536][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  323.882133][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  323.897555][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  323.905830][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  324.448046][   T30] audit: type=1326 audit(1721076310.779:1934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9374 comm="syz.4.3149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddb3d62bd9 code=0x7ffc0000
[  324.497997][   T30] audit: type=1326 audit(1721076310.779:1935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9374 comm="syz.4.3149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7fddb3d62bd9 code=0x7ffc0000
[  324.596970][   T30] audit: type=1326 audit(1721076310.779:1936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9374 comm="syz.4.3149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddb3d62bd9 code=0x7ffc0000
[  324.627104][   T30] audit: type=1326 audit(1721076310.799:1937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9374 comm="syz.4.3149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddb3d62bd9 code=0x7ffc0000
[  324.829794][ T9386] overlayfs: failed to resolve './file2': -2
[  325.124181][ T9403] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  325.140426][    C0] ==================================================================
[  325.148292][    C0] BUG: KASAN: null-ptr-deref in flush_tlb_func+0x43/0x550
[  325.155231][    C0] Read of size 8 at addr 0000000000000329 by task syz.1.3158/9403
[  325.162878][    C0] 
[  325.165039][    C0] CPU: 0 PID: 9403 Comm: syz.1.3158 Not tainted 5.15.151-syzkaller-00415-gdb06c48ab67e #0
[  325.174763][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  325.184671][    C0] Call Trace:
[  325.187780][    C0]  <IRQ>
[  325.190473][    C0]  dump_stack_lvl+0x151/0x1b7
[  325.194985][    C0]  ? io_uring_drop_tctx_refs+0x190/0x190
[  325.200554][    C0]  ? update_load_avg+0x43a/0x1150
[  325.205410][    C0]  kasan_report+0x16f/0x1c0
[  325.209758][    C0]  ? flush_tlb_func+0x43/0x550
[  325.214350][    C0]  ? flush_tlb_func+0x43/0x550
[  325.218951][    C0]  kasan_check_range+0x293/0x2a0
[  325.223736][    C0]  __kasan_check_read+0x11/0x20
[  325.228418][    C0]  flush_tlb_func+0x43/0x550
[  325.232835][    C0]  ? kvm_sched_clock_read+0x18/0x40
[  325.237871][    C0]  ? sched_clock+0x9/0x10
[  325.242038][    C0]  ? sched_clock_cpu+0x18/0x3b0
[  325.246726][    C0]  flush_smp_call_function_queue+0x222/0x6a0
[  325.252540][    C0]  ? debug_smp_processor_id+0x17/0x20
[  325.257752][    C0]  ? native_flush_tlb_multi+0x210/0x210
[  325.263133][    C0]  generic_smp_call_function_single_interrupt+0x13/0x20
[  325.269900][    C0]  __sysvec_call_function_single+0x63/0x1b0
[  325.275629][    C0]  sysvec_call_function_single+0x41/0xb0
[  325.281094][    C0]  asm_sysvec_call_function_single+0x1b/0x20
[  325.286918][    C0] RIP: 0010:unwind_next_frame+0x5aa/0x700
[  325.292465][    C0] Code: e8 eb 05 00 00 48 ba 00 00 00 00 00 fc ff df 41 0f b6 04 17 84 c0 0f 85 b6 00 00 00 41 c7 06 00 00 00 00 31 c0 48 83 c4 50 5b <41> 5c 41 5d 41 5e 41 5f 5d c3 44 89 f1 80 e1 07 80 c1 03 38 c1 0f
[  325.313233][    C0] RSP: 0018:ffffc900000076d0 EFLAGS: 00000282
[  325.319108][    C0] RAX: 0000000000007701 RBX: ffffc90000007780 RCX: 0000000000007701
[  325.326920][    C0] RDX: 1ffff92000000ef2 RSI: ffffc90000007810 RDI: ffffc900000077d8
[  325.334731][    C0] RBP: ffffc900000076f0 R08: dffffc0000000000 R09: ffffc90000007780
[  325.342542][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000
[  325.350354][    C0] R13: ffffc900000077d0 R14: ffffc90000007780 R15: 1ffff92000000ef0
[  325.358180][    C0]  __unwind_start+0x318/0x3a0
[  325.362682][    C0]  ? stack_trace_save+0x1c0/0x1c0
[  325.367540][    C0]  arch_stack_walk+0xdb/0x140
[  325.372055][    C0]  ? stack_trace_save+0x113/0x1c0
[  325.376915][    C0]  stack_trace_save+0x113/0x1c0
[  325.381688][    C0]  ? stack_trace_snprint+0xf0/0xf0
[  325.386636][    C0]  ? stack_trace_snprint+0xf0/0xf0
[  325.391582][    C0]  ? __stack_depot_save+0x34/0x470
[  325.396529][    C0]  ? kmem_cache_free+0x116/0x2e0
[  325.401305][    C0]  ? kmem_cache_free+0x116/0x2e0
[  325.406078][    C0]  kasan_set_track+0x4b/0x70
[  325.410514][    C0]  ? kasan_quarantine_put+0x34/0x1a0
[  325.415624][    C0]  kasan_set_free_info+0x23/0x40
[  325.420399][    C0]  ____kasan_slab_free+0x126/0x160
[  325.425346][    C0]  __kasan_slab_free+0x11/0x20
[  325.430130][    C0]  slab_free_freelist_hook+0xbd/0x190
[  325.435326][    C0]  ? __free_vm_area_struct+0x1c/0x20
[  325.440448][    C0]  kmem_cache_free+0x116/0x2e0
[  325.445047][    C0]  ? refcount_inc+0x80/0x80
[  325.449430][    C0]  __free_vm_area_struct+0x1c/0x20
[  325.454333][    C0]  rcu_do_batch+0x57a/0xc10
[  325.458675][    C0]  ? local_bh_enable+0x20/0x20
[  325.463272][    C0]  ? _raw_spin_lock_irqsave+0xf9/0x210
[  325.468569][    C0]  ? _raw_spin_lock+0x1b0/0x1b0
[  325.473254][    C0]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  325.478896][    C0]  ? rcu_report_qs_rnp+0x2bf/0x390
[  325.483845][    C0]  rcu_core+0x517/0x1020
[  325.487925][    C0]  ? rcu_cpu_kthread_park+0x90/0x90
[  325.492959][    C0]  ? sched_clock_cpu+0x18/0x3b0
[  325.497644][    C0]  ? irqtime_account_irq+0x79/0x3c0
[  325.502689][    C0]  rcu_core_si+0x9/0x10
[  325.506671][    C0]  __do_softirq+0x26d/0x5bf
[  325.511016][    C0]  do_softirq+0xf6/0x150
[  325.515091][    C0]  </IRQ>
[  325.517868][    C0]  <TASK>
[  325.520644][    C0]  ? __local_bh_enable_ip+0x80/0x80
[  325.525678][    C0]  ? _raw_spin_lock_bh+0xa4/0x1b0
[  325.530541][    C0]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[  325.535575][    C0]  __local_bh_enable_ip+0x75/0x80
[  325.540434][    C0]  _raw_spin_unlock_bh+0x51/0x60
[  325.545207][    C0]  sock_map_delete_elem+0xcb/0x130
[  325.550164][    C0]  bpf_prog_2c29ac5cdc6b1842+0x3a/0x918
[  325.555535][    C0]  bpf_trace_run2+0xec/0x210
[  325.559962][    C0]  ? bpf_trace_run1+0x1c0/0x1c0
[  325.564651][    C0]  ? kvm_sched_clock_read+0x18/0x40
[  325.569683][    C0]  __bpf_trace_tlb_flush+0x23/0x30
[  325.574628][    C0]  ? perf_trace_tlb_flush+0x3e0/0x3e0
[  325.579837][    C0]  __traceiter_tlb_flush+0x77/0xd0
[  325.584787][    C0]  switch_mm_irqs_off+0x616/0x9b0
[  325.589656][    C0]  __schedule+0xb2b/0x1590
[  325.593899][    C0]  ? __sched_text_start+0x8/0x8
[  325.598588][    C0]  ? preempt_schedule+0xd9/0xe0
[  325.603271][    C0]  preempt_schedule_common+0x9b/0xf0
[  325.608393][    C0]  preempt_schedule+0xd9/0xe0
[  325.612906][    C0]  ? schedule_preempt_disabled+0x20/0x20
[  325.618373][    C0]  ? __printk_safe_exit+0x9/0x20
[  325.623146][    C0]  ? console_trylock+0x190/0x200
[  325.627922][    C0]  preempt_schedule_thunk+0x16/0x18
[  325.632956][    C0]  ? vprintk_emit+0x152/0x340
[  325.637467][    C0]  ? vprintk_emit+0x32a/0x340
[  325.641981][    C0]  vprintk_emit+0x32f/0x340
[  325.646320][    C0]  ? vprintk_store+0x1620/0x1620
[  325.651096][    C0]  ? vprintk+0x69/0x80
[  325.655002][    C0]  vprintk_default+0x26/0x30
[  325.659428][    C0]  vprintk+0x74/0x80
[  325.663160][    C0]  _printk+0xd1/0x111
[  325.666994][    C0]  ? do_setlink+0x3bb/0x3ae0
[  325.671414][    C0]  ? panic+0x751/0x751
[  325.675310][    C0]  ? do_setlink+0x8a2/0x3ae0
[  325.679737][    C0]  ? kfree+0xc8/0x220
[  325.683556][    C0]  do_setlink+0xaa2/0x3ae0
[  325.687808][    C0]  ? compat_start_thread+0x20/0x20
[  325.692757][    C0]  ? __bpf_trace_tlb_flush+0x23/0x30
[  325.697876][    C0]  ? perf_trace_tlb_flush+0x3e0/0x3e0
[  325.703084][    C0]  ? nlmsg_parse_deprecated_strict+0x110/0x110
[  325.709074][    C0]  ? finish_task_switch+0x167/0x7b0
[  325.714108][    C0]  ? __schedule+0xcd4/0x1590
[  325.718534][    C0]  ? __sched_text_start+0x8/0x8
[  325.723222][    C0]  ? __kasan_check_read+0x11/0x20
[  325.728080][    C0]  ? preempt_schedule_irq+0xe7/0x140
[  325.733210][    C0]  ? __cond_resched+0x20/0x20
[  325.737715][    C0]  ? __nla_validate+0x50/0x50
[  325.742227][    C0]  ? irqentry_exit_cond_resched+0x2a/0x30
[  325.747783][    C0]  ? irqentry_exit+0x30/0x40
[  325.752210][    C0]  ? sysvec_reschedule_ipi+0x7d/0x150
[  325.757418][    C0]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[  325.762887][    C0]  rtnl_newlink+0x1779/0x2050
[  325.767404][    C0]  ? rtnl_setlink+0x540/0x540
[  325.771910][    C0]  ? bpf_send_signal_common+0x329/0x420
[  325.777298][    C0]  ? compat_start_thread+0x20/0x20
[  325.782238][    C0]  ? kvm_sched_clock_read+0x18/0x40
[  325.787285][    C0]  ? __kasan_check_write+0x14/0x20
[  325.792219][    C0]  ? mutex_lock+0xb6/0x1e0
[  325.796474][    C0]  ? wait_for_completion_killable_timeout+0x10/0x10
[  325.802899][    C0]  ? __rcu_read_unlock+0x7e/0xd0
[  325.807670][    C0]  ? rtnl_setlink+0x540/0x540
[  325.812182][    C0]  rtnetlink_rcv_msg+0x951/0xc40
[  325.816961][    C0]  ? compat_start_thread+0x20/0x20
[  325.821912][    C0]  ? rtnetlink_bind+0x80/0x80
[  325.826417][    C0]  ? native_set_ldt+0x360/0x360
[  325.831104][    C0]  ? __bpf_trace_tlb_flush+0x23/0x30
[  325.836225][    C0]  ? perf_trace_tlb_flush+0x3e0/0x3e0
[  325.841433][    C0]  ? _raw_spin_unlock+0x4d/0x70
[  325.846119][    C0]  ? finish_task_switch+0x167/0x7b0
[  325.851159][    C0]  ? __schedule+0xcd4/0x1590
[  325.855606][    C0]  ? __kasan_check_write+0x14/0x20
[  325.860528][    C0]  ? _raw_spin_lock+0xa4/0x1b0
[  325.865126][    C0]  ? _raw_spin_trylock_bh+0x190/0x190
[  325.870335][    C0]  ? __kasan_check_read+0x11/0x20
[  325.875194][    C0]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  325.880865][    C0]  ? rcu_preempt_deferred_qs_irqrestore+0x709/0x9f0
[  325.887261][    C0]  netlink_rcv_skb+0x1cf/0x410
[  325.891859][    C0]  ? rtnetlink_bind+0x80/0x80
[  325.896382][    C0]  ? netlink_ack+0xb10/0xb10
[  325.900803][    C0]  rtnetlink_rcv+0x1c/0x20
[  325.905052][    C0]  netlink_unicast+0x8df/0xac0
[  325.909653][    C0]  ? netlink_detachskb+0x90/0x90
[  325.914427][    C0]  ? security_netlink_send+0x7b/0xa0
[  325.919547][    C0]  netlink_sendmsg+0xa0a/0xd20
[  325.924148][    C0]  ? netlink_getsockopt+0x560/0x560
[  325.929221][    C0]  ? __schedule+0xcd4/0x1590
[  325.933609][    C0]  ? security_socket_sendmsg+0x82/0xb0
[  325.938902][    C0]  ? netlink_getsockopt+0x560/0x560
[  325.943936][    C0]  ____sys_sendmsg+0x59e/0x8f0
[  325.948539][    C0]  ? __sys_sendmsg_sock+0x40/0x40
[  325.953397][    C0]  ? import_iovec+0xe5/0x120
[  325.957823][    C0]  ___sys_sendmsg+0x252/0x2e0
[  325.962336][    C0]  ? ktime_get_mono_fast_ns+0x1bf/0x1e0
[  325.967721][    C0]  ? __sys_sendmsg+0x260/0x260
[  325.972319][    C0]  ? bpf_trace_run1+0x1c0/0x1c0
[  325.977005][    C0]  ? __bpf_trace_tlb_flush+0x23/0x30
[  325.982124][    C0]  ? perf_trace_tlb_flush+0x3e0/0x3e0
[  325.987337][    C0]  ? __fdget+0x1bc/0x240
[  325.991412][    C0]  __se_sys_sendmsg+0x19a/0x260
[  325.996099][    C0]  ? __x64_sys_sendmsg+0x90/0x90
[  326.000874][    C0]  ? switch_fpu_return+0x1ed/0x3d0
[  326.005821][    C0]  ? __kasan_check_read+0x11/0x20
[  326.010685][    C0]  __x64_sys_sendmsg+0x7b/0x90
[  326.015279][    C0]  do_syscall_64+0x3d/0xb0
[  326.019533][    C0]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  326.025261][    C0] RIP: 0033:0x7fc6d7a38bd9
[  326.029515][    C0] Code: Unable to access opcode bytes at RIP 0x7fc6d7a38baf.
[  326.036718][    C0] RSP: 002b:00007fc6d6cba048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  326.044962][    C0] RAX: ffffffffffffffda RBX: 00007fc6d7bc6f60 RCX: 00007fc6d7a38bd9
[  326.052774][    C0] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004
[  326.060610][    C0] RBP: 00007fc6d7aa7e60 R08: 0000000000000000 R09: 0000000000000000
[  326.068404][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  326.076208][    C0] R13: 000000000000000b R14: 00007fc6d7bc6f60 R15: 00007fff0ce5a788
[  326.084022][    C0]  </TASK>
[  326.086883][    C0] ==================================================================
[  326.094781][    C0] Disabling lock debugging due to kernel taint
[  326.100814][    C0] general protection fault, probably for non-canonical address 0xdffffc0000000065: 0000 [#1] PREEMPT SMP KASAN
[  326.112316][    C0] KASAN: null-ptr-deref in range [0x0000000000000328-0x000000000000032f]
[  326.120559][    C0] CPU: 0 PID: 9403 Comm: syz.1.3158 Tainted: G    B             5.15.151-syzkaller-00415-gdb06c48ab67e #0
[  326.131673][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  326.141564][    C0] RIP: 0010:flush_tlb_func+0x4a/0x550
[  326.146788][    C0] Code: 8b 35 0a 96 cd 7e 65 66 44 8b 25 11 96 cd 7e 49 8d 9e 28 03 00 00 48 89 df be 08 00 00 00 e8 7d 98 7c 00 48 89 d8 48 c1 e8 03 <42> 80 3c 38 00 74 08 48 89 df e8 87 96 7c 00 4c 8b 3b 66 44 89 65
[  326.166213][    C0] RSP: 0018:ffffc90000007500 EFLAGS: 00010006
[  326.172114][    C0] RAX: 0000000000000065 RBX: 0000000000000329 RCX: ffff888139dce2c0
[  326.179925][    C0] RDX: 0000000080010104 RSI: 0000000000000092 RDI: 00000000ffffffff
[  326.187737][    C0] RBP: ffffc90000007570 R08: ffffffff8141703b R09: 0000000000000003
[  326.195548][    C0] R10: fffffbfff0e5284c R11: dffffc0000000001 R12: 1ffff1103ee00000
[  326.203360][    C0] R13: ffff8881f7137180 R14: 0000000000000001 R15: dffffc0000000000
[  326.211172][    C0] FS:  00007fc6d6cba6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  326.219937][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  326.226359][    C0] CR2: 000000110c2f15af CR3: 000000011ffc7000 CR4: 00000000003506b0
[  326.234174][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000080000000
[  326.241983][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  326.249798][    C0] Call Trace:
[  326.252919][    C0]  <IRQ>
[  326.255612][    C0]  ? __die_body+0x62/0xb0
[  326.259789][    C0]  ? die_addr+0x9f/0xd0
[  326.263772][    C0]  ? exc_general_protection+0x311/0x4b0
[  326.269153][    C0]  ? asm_exc_general_protection+0x27/0x30
[  326.274709][    C0]  ? check_panic_on_warn+0x5b/0xb0
[  326.279675][    C0]  ? flush_tlb_func+0x4a/0x550
[  326.284266][    C0]  ? kvm_sched_clock_read+0x18/0x40
[  326.289287][    C0]  ? sched_clock+0x9/0x10
[  326.293451][    C0]  ? sched_clock_cpu+0x18/0x3b0
[  326.298139][    C0]  flush_smp_call_function_queue+0x222/0x6a0
[  326.303953][    C0]  ? debug_smp_processor_id+0x17/0x20
[  326.309160][    C0]  ? native_flush_tlb_multi+0x210/0x210
[  326.314544][    C0]  generic_smp_call_function_single_interrupt+0x13/0x20
[  326.321314][    C0]  __sysvec_call_function_single+0x63/0x1b0
[  326.327043][    C0]  sysvec_call_function_single+0x41/0xb0
[  326.332511][    C0]  asm_sysvec_call_function_single+0x1b/0x20
[  326.338324][    C0] RIP: 0010:unwind_next_frame+0x5aa/0x700
[  326.343879][    C0] Code: e8 eb 05 00 00 48 ba 00 00 00 00 00 fc ff df 41 0f b6 04 17 84 c0 0f 85 b6 00 00 00 41 c7 06 00 00 00 00 31 c0 48 83 c4 50 5b <41> 5c 41 5d 41 5e 41 5f 5d c3 44 89 f1 80 e1 07 80 c1 03 38 c1 0f
[  326.363322][    C0] RSP: 0018:ffffc900000076d0 EFLAGS: 00000282
[  326.369228][    C0] RAX: 0000000000007701 RBX: ffffc90000007780 RCX: 0000000000007701
[  326.377038][    C0] RDX: 1ffff92000000ef2 RSI: ffffc90000007810 RDI: ffffc900000077d8
[  326.384846][    C0] RBP: ffffc900000076f0 R08: dffffc0000000000 R09: ffffc90000007780
[  326.392656][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000
[  326.400468][    C0] R13: ffffc900000077d0 R14: ffffc90000007780 R15: 1ffff92000000ef0
[  326.408292][    C0]  __unwind_start+0x318/0x3a0
[  326.412795][    C0]  ? stack_trace_save+0x1c0/0x1c0
[  326.417657][    C0]  arch_stack_walk+0xdb/0x140
[  326.422167][    C0]  ? stack_trace_save+0x113/0x1c0
[  326.427029][    C0]  stack_trace_save+0x113/0x1c0
[  326.431714][    C0]  ? stack_trace_snprint+0xf0/0xf0
[  326.436661][    C0]  ? stack_trace_snprint+0xf0/0xf0
[  326.441608][    C0]  ? __stack_depot_save+0x34/0x470
[  326.446556][    C0]  ? kmem_cache_free+0x116/0x2e0
[  326.451329][    C0]  ? kmem_cache_free+0x116/0x2e0
[  326.456102][    C0]  kasan_set_track+0x4b/0x70
[  326.460536][    C0]  ? kasan_quarantine_put+0x34/0x1a0
[  326.465651][    C0]  kasan_set_free_info+0x23/0x40
[  326.470423][    C0]  ____kasan_slab_free+0x126/0x160
[  326.475372][    C0]  __kasan_slab_free+0x11/0x20
[  326.479971][    C0]  slab_free_freelist_hook+0xbd/0x190
[  326.485179][    C0]  ? __free_vm_area_struct+0x1c/0x20
[  326.490301][    C0]  kmem_cache_free+0x116/0x2e0
[  326.494900][    C0]  ? refcount_inc+0x80/0x80
[  326.499238][    C0]  __free_vm_area_struct+0x1c/0x20
[  326.504198][    C0]  rcu_do_batch+0x57a/0xc10
[  326.508530][    C0]  ? local_bh_enable+0x20/0x20
[  326.513125][    C0]  ? _raw_spin_lock_irqsave+0xf9/0x210
[  326.518421][    C0]  ? _raw_spin_lock+0x1b0/0x1b0
[  326.523107][    C0]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  326.528749][    C0]  ? rcu_report_qs_rnp+0x2bf/0x390
[  326.533696][    C0]  rcu_core+0x517/0x1020
[  326.537779][    C0]  ? rcu_cpu_kthread_park+0x90/0x90
[  326.542809][    C0]  ? sched_clock_cpu+0x18/0x3b0
[  326.547500][    C0]  ? irqtime_account_irq+0x79/0x3c0
[  326.552532][    C0]  rcu_core_si+0x9/0x10
[  326.556522][    C0]  __do_softirq+0x26d/0x5bf
[  326.560866][    C0]  do_softirq+0xf6/0x150
[  326.564944][    C0]  </IRQ>
[  326.567718][    C0]  <TASK>
[  326.570497][    C0]  ? __local_bh_enable_ip+0x80/0x80
[  326.575529][    C0]  ? _raw_spin_lock_bh+0xa4/0x1b0
[  326.580391][    C0]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[  326.585425][    C0]  __local_bh_enable_ip+0x75/0x80
[  326.590284][    C0]  _raw_spin_unlock_bh+0x51/0x60
[  326.595059][    C0]  sock_map_delete_elem+0xcb/0x130
[  326.600008][    C0]  bpf_prog_2c29ac5cdc6b1842+0x3a/0x918
[  326.605386][    C0]  bpf_trace_run2+0xec/0x210
[  326.609826][    C0]  ? bpf_trace_run1+0x1c0/0x1c0
[  326.614503][    C0]  ? kvm_sched_clock_read+0x18/0x40
[  326.619536][    C0]  __bpf_trace_tlb_flush+0x23/0x30
[  326.624484][    C0]  ? perf_trace_tlb_flush+0x3e0/0x3e0
[  326.629829][    C0]  __traceiter_tlb_flush+0x77/0xd0
[  326.634782][    C0]  switch_mm_irqs_off+0x616/0x9b0
[  326.639628][    C0]  __schedule+0xb2b/0x1590
[  326.643877][    C0]  ? __sched_text_start+0x8/0x8
[  326.648566][    C0]  ? preempt_schedule+0xd9/0xe0
[  326.653250][    C0]  preempt_schedule_common+0x9b/0xf0
[  326.658373][    C0]  preempt_schedule+0xd9/0xe0
[  326.662889][    C0]  ? schedule_preempt_disabled+0x20/0x20
[  326.668354][    C0]  ? __printk_safe_exit+0x9/0x20
[  326.673129][    C0]  ? console_trylock+0x190/0x200
[  326.677902][    C0]  preempt_schedule_thunk+0x16/0x18
[  326.682935][    C0]  ? vprintk_emit+0x152/0x340
[  326.687449][    C0]  ? vprintk_emit+0x32a/0x340
[  326.691964][    C0]  vprintk_emit+0x32f/0x340
[  326.696302][    C0]  ? vprintk_store+0x1620/0x1620
[  326.701074][    C0]  ? vprintk+0x69/0x80
[  326.704981][    C0]  vprintk_default+0x26/0x30
[  326.709409][    C0]  vprintk+0x74/0x80
[  326.713141][    C0]  _printk+0xd1/0x111
[  326.716969][    C0]  ? do_setlink+0x3bb/0x3ae0
[  326.721385][    C0]  ? panic+0x751/0x751
[  326.725296][    C0]  ? do_setlink+0x8a2/0x3ae0
[  326.729717][    C0]  ? kfree+0xc8/0x220
[  326.733537][    C0]  do_setlink+0xaa2/0x3ae0
[  326.737789][    C0]  ? compat_start_thread+0x20/0x20
[  326.742736][    C0]  ? __bpf_trace_tlb_flush+0x23/0x30
[  326.747857][    C0]  ? perf_trace_tlb_flush+0x3e0/0x3e0
[  326.753064][    C0]  ? nlmsg_parse_deprecated_strict+0x110/0x110
[  326.759053][    C0]  ? finish_task_switch+0x167/0x7b0
[  326.764099][    C0]  ? __schedule+0xcd4/0x1590
[  326.768513][    C0]  ? __sched_text_start+0x8/0x8
[  326.773203][    C0]  ? __kasan_check_read+0x11/0x20
[  326.778062][    C0]  ? preempt_schedule_irq+0xe7/0x140
[  326.783182][    C0]  ? __cond_resched+0x20/0x20
[  326.787696][    C0]  ? __nla_validate+0x50/0x50
[  326.792214][    C0]  ? irqentry_exit_cond_resched+0x2a/0x30
[  326.797766][    C0]  ? irqentry_exit+0x30/0x40
[  326.802190][    C0]  ? sysvec_reschedule_ipi+0x7d/0x150
[  326.807398][    C0]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[  326.812868][    C0]  rtnl_newlink+0x1779/0x2050
[  326.817382][    C0]  ? rtnl_setlink+0x540/0x540
[  326.821891][    C0]  ? bpf_send_signal_common+0x329/0x420
[  326.827278][    C0]  ? compat_start_thread+0x20/0x20
[  326.832222][    C0]  ? kvm_sched_clock_read+0x18/0x40
[  326.837262][    C0]  ? __kasan_check_write+0x14/0x20
[  326.842201][    C0]  ? mutex_lock+0xb6/0x1e0
[  326.846456][    C0]  ? wait_for_completion_killable_timeout+0x10/0x10
[  326.852878][    C0]  ? __rcu_read_unlock+0x7e/0xd0
[  326.857652][    C0]  ? rtnl_setlink+0x540/0x540
[  326.862162][    C0]  rtnetlink_rcv_msg+0x951/0xc40
[  326.866939][    C0]  ? compat_start_thread+0x20/0x20
[  326.871884][    C0]  ? rtnetlink_bind+0x80/0x80
[  326.876397][    C0]  ? native_set_ldt+0x360/0x360
[  326.881084][    C0]  ? __bpf_trace_tlb_flush+0x23/0x30
[  326.886205][    C0]  ? perf_trace_tlb_flush+0x3e0/0x3e0
[  326.891413][    C0]  ? _raw_spin_unlock+0x4d/0x70
[  326.896128][    C0]  ? finish_task_switch+0x167/0x7b0
[  326.901143][    C0]  ? __schedule+0xcd4/0x1590
[  326.905563][    C0]  ? __kasan_check_write+0x14/0x20
[  326.910507][    C0]  ? _raw_spin_lock+0xa4/0x1b0
[  326.915108][    C0]  ? _raw_spin_trylock_bh+0x190/0x190
[  326.920334][    C0]  ? __kasan_check_read+0x11/0x20
[  326.925175][    C0]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  326.930817][    C0]  ? rcu_preempt_deferred_qs_irqrestore+0x709/0x9f0
[  326.937241][    C0]  netlink_rcv_skb+0x1cf/0x410
[  326.941852][    C0]  ? rtnetlink_bind+0x80/0x80
[  326.946353][    C0]  ? netlink_ack+0xb10/0xb10
[  326.950783][    C0]  rtnetlink_rcv+0x1c/0x20
[  326.955033][    C0]  netlink_unicast+0x8df/0xac0
[  326.959637][    C0]  ? netlink_detachskb+0x90/0x90
[  326.964411][    C0]  ? security_netlink_send+0x7b/0xa0
[  326.969527][    C0]  netlink_sendmsg+0xa0a/0xd20
[  326.974130][    C0]  ? netlink_getsockopt+0x560/0x560
[  326.979161][    C0]  ? __schedule+0xcd4/0x1590
[  326.983593][    C0]  ? security_socket_sendmsg+0x82/0xb0
[  326.988883][    C0]  ? netlink_getsockopt+0x560/0x560
[  326.993916][    C0]  ____sys_sendmsg+0x59e/0x8f0
[  326.998518][    C0]  ? __sys_sendmsg_sock+0x40/0x40
[  327.003389][    C0]  ? import_iovec+0xe5/0x120
[  327.007804][    C0]  ___sys_sendmsg+0x252/0x2e0
[  327.012317][    C0]  ? ktime_get_mono_fast_ns+0x1bf/0x1e0
[  327.017698][    C0]  ? __sys_sendmsg+0x260/0x260
[  327.022298][    C0]  ? bpf_trace_run1+0x1c0/0x1c0
[  327.026986][    C0]  ? __bpf_trace_tlb_flush+0x23/0x30
[  327.032107][    C0]  ? perf_trace_tlb_flush+0x3e0/0x3e0
[  327.037317][    C0]  ? __fdget+0x1bc/0x240
[  327.041392][    C0]  __se_sys_sendmsg+0x19a/0x260
[  327.046080][    C0]  ? __x64_sys_sendmsg+0x90/0x90
[  327.050851][    C0]  ? switch_fpu_return+0x1ed/0x3d0
[  327.055801][    C0]  ? __kasan_check_read+0x11/0x20
[  327.060663][    C0]  __x64_sys_sendmsg+0x7b/0x90
[  327.065261][    C0]  do_syscall_64+0x3d/0xb0
[  327.069512][    C0]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  327.075329][    C0] RIP: 0033:0x7fc6d7a38bd9
[  327.079585][    C0] Code: Unable to access opcode bytes at RIP 0x7fc6d7a38baf.
[  327.086784][    C0] RSP: 002b:00007fc6d6cba048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  327.095065][    C0] RAX: ffffffffffffffda RBX: 00007fc6d7bc6f60 RCX: 00007fc6d7a38bd9
[  327.102842][    C0] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004
[  327.110665][    C0] RBP: 00007fc6d7aa7e60 R08: 0000000000000000 R09: 0000000000000000
[  327.118463][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  327.126284][    C0] R13: 000000000000000b R14: 00007fc6d7bc6f60 R15: 00007fff0ce5a788
[  327.134091][    C0]  </TASK>
[  327.136951][    C0] Modules linked in:
[  327.140688][    C0] ---[ end trace 9357617e5363a815 ]---
[  327.146080][    C0] RIP: 0010:flush_tlb_func+0x4a/0x550
[  327.151287][    C0] Code: 8b 35 0a 96 cd 7e 65 66 44 8b 25 11 96 cd 7e 49 8d 9e 28 03 00 00 48 89 df be 08 00 00 00 e8 7d 98 7c 00 48 89 d8 48 c1 e8 03 <42> 80 3c 38 00 74 08 48 89 df e8 87 96 7c 00 4c 8b 3b 66 44 89 65
[  327.170728][    C0] RSP: 0018:ffffc90000007500 EFLAGS: 00010006
[  327.176629][    C0] RAX: 0000000000000065 RBX: 0000000000000329 RCX: ffff888139dce2c0
[  327.184442][    C0] RDX: 0000000080010104 RSI: 0000000000000092 RDI: 00000000ffffffff
[  327.192254][    C0] RBP: ffffc90000007570 R08: ffffffff8141703b R09: 0000000000000003
[  327.200063][    C0] R10: fffffbfff0e5284c R11: dffffc0000000001 R12: 1ffff1103ee00000
[  327.207877][    C0] R13: ffff8881f7137180 R14: 0000000000000001 R15: dffffc0000000000
[  327.215687][    C0] FS:  00007fc6d6cba6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  327.224465][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  327.230881][    C0] CR2: 000000110c2f15af CR3: 000000011ffc7000 CR4: 00000000003506b0
[  327.238694][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000080000000
[  327.246503][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  327.254321][    C0] Kernel panic - not syncing: Fatal exception in interrupt
[  328.363583][    C0] Shutting down cpus with NMI
[  328.368413][    C0] Kernel Offset: disabled
[  328.372547][    C0] Rebooting in 86400 seconds..