last executing test programs:

6.39619336s ago: executing program 2:
syz_open_dev$usbfs(0x0, 0x0, 0x0)
syz_read_part_table(0x605, &(0x7f0000000b00)="$eJzs2z9olGccB/DvRS9nLDQdnLrUOHQqFIOjGVpJTsVCOJWCOGhrETFDiRA46ZEDHdoMSjNIxy5SuEXjpGZwKIpC5yIOLUIGl4IuUjvkLdd7e83V/gk0KZR+Psvz3Mvv+X3fH++tT/hPG0q13BW1X5a3P/jL+mL0t307RzuTUweKoiiOJJUcTzVjX7+6lGRrBrtmV5LhNX2ufrl9+bNn+6udR4efv3ni7sJQv2ctr61t8Odq6x6STXNt4t7ohYuz9UvdH/XWyur7yfWnk41bhxYWlw5W953qPp9P7pf1ve86knNp5nzO5uQ6PvTLKgP57W5+c+LMw3pr5YvO492rr9c7N0/vfbFz+fKd8WSuGzH9u3MDf8Z/oD9/mT83lnyc5MaOK3uatx80nmz5segpI6trDo9vzDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALBxrk0UuXBxtn6pOXHm4Uhr5dNvv3nv+tPJxq1DC4tLB4f3nSrr7pfr1nI9l2bO52xOZiYz+Siz6488VhnIvzfaz6//tD15vHu1mO/cPL33xdTy5TvjZd30Rgz7BwbzWytzY58fW2y9+9aNHVf2NG8/aDzZ0qubGcmHqfb2tU16FwAAAAAAAAAAAAAAAAAAAP6/JqcO7Jx+p3EkqeT4tiQ/fDLUfV6Ul9x/vau/q1y/qyUjSa5uS9rP9lc7jw4/Hz5xd+H7WtI93k4t7SSvfJWjyRv9nPmXkiv/wnT8nZ8DAAD//5T5lCM=")
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000003e00250304000000000000000a"], 0x14}}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff})
setsockopt$MRT6_TABLE(r3, 0x29, 0xcf, &(0x7f0000000240)=0xfe, 0x4)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
splice(r3, 0x0, r4, 0x0, 0x88000cc, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000180)=r2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x24, &(0x7f0000000480)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xccc}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @generic={0xff, 0xb, 0x3, 0x2, 0x1}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffff8000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_fd={0x18, 0x2, 0x1, 0x0, r2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xfb, 0x0, 0x1}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r6}, 0x10)

6.336905849s ago: executing program 4:
syz_open_dev$usbfs(0x0, 0x0, 0x0)
syz_read_part_table(0x605, &(0x7f0000000b00)="$eJzs2z9olGccB/DvRS9nLDQdnLrUOHQqFIOjGVpJTsVCOJWCOGhrETFDiRA46ZEDHdoMSjNIxy5SuEXjpGZwKIpC5yIOLUIGl4IuUjvkLdd7e83V/gk0KZR+Psvz3Mvv+X3fH++tT/hPG0q13BW1X5a3P/jL+mL0t307RzuTUweKoiiOJJUcTzVjX7+6lGRrBrtmV5LhNX2ufrl9+bNn+6udR4efv3ni7sJQv2ctr61t8Odq6x6STXNt4t7ohYuz9UvdH/XWyur7yfWnk41bhxYWlw5W953qPp9P7pf1ve86knNp5nzO5uQ6PvTLKgP57W5+c+LMw3pr5YvO492rr9c7N0/vfbFz+fKd8WSuGzH9u3MDf8Z/oD9/mT83lnyc5MaOK3uatx80nmz5segpI6trDo9vzDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALBxrk0UuXBxtn6pOXHm4Uhr5dNvv3nv+tPJxq1DC4tLB4f3nSrr7pfr1nI9l2bO52xOZiYz+Siz6488VhnIvzfaz6//tD15vHu1mO/cPL33xdTy5TvjZd30Rgz7BwbzWytzY58fW2y9+9aNHVf2NG8/aDzZ0qubGcmHqfb2tU16FwAAAAAAAAAAAAAAAAAAAP6/JqcO7Jx+p3EkqeT4tiQ/fDLUfV6Ul9x/vau/q1y/qyUjSa5uS9rP9lc7jw4/Hz5xd+H7WtI93k4t7SSvfJWjyRv9nPmXkiv/wnT8nZ8DAAD//5T5lCM=")
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000003e00250304000000000000000a"], 0x14}}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff})
setsockopt$MRT6_TABLE(r3, 0x29, 0xcf, &(0x7f0000000240)=0xfe, 0x4)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
splice(r3, 0x0, r4, 0x0, 0x88000cc, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000180)=r2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x24, &(0x7f0000000480)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xccc}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @generic={0xff, 0xb, 0x3, 0x2, 0x1}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffff8000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_fd={0x18, 0x2, 0x1, 0x0, r2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xfb, 0x0, 0x1}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r6}, 0x10)

5.434786417s ago: executing program 4:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b00000000001b000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000006ffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x8031, 0xffffffffffffffff, 0x0)
getrandom(&(0x7f0000000340)=""/4096, 0x412269194f7c77a1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f0000000100)=@getrule={0x14, 0x22, 0x2, 0x70bd25, 0x25dfdbfb, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x8881)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000200))
ioctl$TUNSETFILTEREBPF(0xffffffffffffffff, 0x800454e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0xaa}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)

5.426528639s ago: executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x0, &(0x7f0000000040)=0x100000001, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x0, 0x7, 0x2, 0x0, 0x5}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000002f40)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0xa08886, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x9, 0x2a8, &(0x7f0000000500)="$eJzs3F9IU38Yx/HHPz/1Z+hGRFBQPeVNRRzcrgMdoRENjHJhCcExz2rstI2dsZqEWxB400U3/buuIEIQoosgELvoKpTwrovuvPMiu0oiOjGnudnUMnWS79fF9rDn+zl8z58dtu9g08fvXouGHSNspqS6oUqq2yUns1XilWpZkJMj10fe7zt34eLpQDDYcVa1M9Dt86tq84HR3pvDh8ZSO86/bH5dL+PeS9Mz/qnx3eN7pr93X404GnE0Fk+pqX3xeMrssy3tv+9EDdUztmU6lkZijpUs6YfteCKRUTPW39SYSFqOo2Yso1Ero6m4ppIZNa+YkZgahqFNjYKVDacfBZbvhp7Puq7MpN65bn1OXNfNv9iwidNDhc2df9ctOv93Kj0lbKKim3qDiD2UDqVDhedCPxCWiNhiSat45JvkrxH38Yg7d6nkH2/4R4KTR9++UVWvDNrZ+Xw2HaopzfvEI95CpqBQd54Kdvi0oDT/nzQW5/3ikV3l8/6y+To53FKUN8Qjk5clLrZMjB78MtU19GAhP+hTPdEVXJL/X/oXD9OzzxU6PwAAAAAAAAAArIWhP5VdvzfyA24PqGrTkn4hX+73gaXr861l1+drZW9tZfcdAAAAAIDtwskMRE3btpJ/WeS/yq/Hdv694smt3x+8v3PlMS1tNRPtH3KJrbBff1B87dkS0ygtZH71abXBNev8TlksPq3Ldqrm57f8mJO9H1+sup26X47PcsY2/q4EAAAAYCMsfuhvk2z4VTrbc+xepecEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB2s4a/HJt4WK6l+WLn03KtSu8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADASn4EAAD//xAR0Ao=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x4, 0x0, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x38}, 0x1, 0x300}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x54, r8, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @local}}, {0x14, 0x2, @in={0x2, 0x0, @rand_addr=0x64010101}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f00000064c0))
read$FUSE(0xffffffffffffffff, &(0x7f0000006500)={0x2020}, 0x2020)

4.458426357s ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000400)='jbd2_handle_stats\x00', r2}, 0x10)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
recvfrom(r3, &(0x7f0000000a40)=""/4096, 0x1000, 0x2021, &(0x7f0000000040)=@pppol2tpv3in6={0x18, 0x1, {0x0, r4, 0x2, 0x2, 0x4, 0x3, {0xa, 0x4e21, 0xff800000, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8}}}, 0x80)

4.389678778s ago: executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='ext4_ext_handle_unwritten_extents\x00'}, 0x9)
r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802)
write$evdev(r1, &(0x7f0000000000), 0x100000008)
ioctl$F2FS_IOC_GARBAGE_COLLECT(r1, 0x40044591, 0x0)

3.98360189s ago: executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r0 = getpid() (async)
sched_setaffinity(0x0, 0x3a, &(0x7f0000000240)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) (async)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f0000000000), 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYRES64=r0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10) (async)
ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x40286608, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) (async)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0) (async)
r5 = socket(0x10, 0x803, 0x0)
sendto(r5, &(0x7f00000000c0)="120000001200e7ef377b000000000000dc8c", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r5, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/110, 0x6e}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000300)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f0000000100)=""/16, 0x10}], 0x8, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})
prctl$PR_SET_PTRACER(0x59616d61, r0) (async)
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, &(0x7f0000000080))

3.946867745s ago: executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
r2 = dup(r1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x8, 0x6}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r4}, 0x10)
ioctl$KVM_SET_CPUID(r2, 0xc008ae88, &(0x7f0000000440)=ANY=[])

3.91899015s ago: executing program 1:
syz_open_dev$usbfs(0x0, 0x0, 0x0)
syz_read_part_table(0x605, &(0x7f0000000b00)="$eJzs2z9olGccB/DvRS9nLDQdnLrUOHQqFIOjGVpJTsVCOJWCOGhrETFDiRA46ZEDHdoMSjNIxy5SuEXjpGZwKIpC5yIOLUIGl4IuUjvkLdd7e83V/gk0KZR+Psvz3Mvv+X3fH++tT/hPG0q13BW1X5a3P/jL+mL0t307RzuTUweKoiiOJJUcTzVjX7+6lGRrBrtmV5LhNX2ufrl9+bNn+6udR4efv3ni7sJQv2ctr61t8Odq6x6STXNt4t7ohYuz9UvdH/XWyur7yfWnk41bhxYWlw5W953qPp9P7pf1ve86knNp5nzO5uQ6PvTLKgP57W5+c+LMw3pr5YvO492rr9c7N0/vfbFz+fKd8WSuGzH9u3MDf8Z/oD9/mT83lnyc5MaOK3uatx80nmz5segpI6trDo9vzDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALBxrk0UuXBxtn6pOXHm4Uhr5dNvv3nv+tPJxq1DC4tLB4f3nSrr7pfr1nI9l2bO52xOZiYz+Siz6488VhnIvzfaz6//tD15vHu1mO/cPL33xdTy5TvjZd30Rgz7BwbzWytzY58fW2y9+9aNHVf2NG8/aDzZ0qubGcmHqfb2tU16FwAAAAAAAAAAAAAAAAAAAP6/JqcO7Jx+p3EkqeT4tiQ/fDLUfV6Ul9x/vau/q1y/qyUjSa5uS9rP9lc7jw4/Hz5xd+H7WtI93k4t7SSvfJWjyRv9nPmXkiv/wnT8nZ8DAAD//5T5lCM=")
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000003e00250304000000000000000a"], 0x14}}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
pipe(&(0x7f0000000440)={<r3=>0xffffffffffffffff})
setsockopt$MRT6_TABLE(r3, 0x29, 0xcf, &(0x7f0000000240)=0xfe, 0x4)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
splice(r3, 0x0, r4, 0x0, 0x88000cc, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r4}, &(0x7f0000000040), &(0x7f0000000180)=r2}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='mm_page_alloc\x00'}, 0x10)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xfb, 0x0, 0x1}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r5}, 0x10)

3.599309959s ago: executing program 4:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b00000000001b000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000006ffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x8031, 0xffffffffffffffff, 0x0)
getrandom(&(0x7f0000000340)=""/4096, 0x412269194f7c77a1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f0000000100)=@getrule={0x14, 0x22, 0x2, 0x70bd25, 0x25dfdbfb, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x8881)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000200))
ioctl$TUNSETFILTEREBPF(0xffffffffffffffff, 0x800454e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0xaa}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)

3.430163625s ago: executing program 2:
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f00000003c0)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
r5 = syz_open_dev$usbfs(0x0, 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r5, 0x5522, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r6}, 0x10)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r4, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
ioctl$USBDEVFS_ALLOW_SUSPEND(r4, 0x5522)
ioctl$USBDEVFS_SETINTERFACE(r4, 0x80045510, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES32], 0x0}, 0x90)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
socket$inet(0x2, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0xffffff7f, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x4001, 0x3, 0x2b8, 0x180, 0x0, 0x148, 0x180, 0x148, 0x220, 0x240, 0x240, 0x220, 0x240, 0x7fffffe, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'ip6gretap0\x00', 'veth1_to_batadv\x00', {}, {}, 0x11}, 0x0, 0x118, 0x180, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'vlan0\x00', {0x0, 0x0, 0x1ff, 0x0, 0x0, 0xed, 0x7}}}, @common=@inet=@multiport={{0x50}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x318)
r7 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$VHOST_SET_VRING_BASE(r7, 0xaf01, 0x0)

2.819198608s ago: executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x20040, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = syz_usb_connect$uac1(0x0, 0xa4, &(0x7f00000000c0)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d24070000030769dc000049c40c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05"], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_usb_control_io$uac1(r1, &(0x7f0000000280)={0x14, 0x0, 0x0}, 0x0)
syz_usb_control_io(r1, &(0x7f0000000440)={0x2c, 0x0, &(0x7f0000000240)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0xf0ff}}, 0x0, 0x0, 0x0}, 0x0)

2.812636949s ago: executing program 1:
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080))
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(r4, 0x942e, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r5, 0x28, 0x1, &(0x7f0000000100)=0x80000001, 0x8)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$uinput_user_dev(r6, &(0x7f00000005c0)={'syz1\x00'}, 0x45c)
r7 = dup(r6)
ioctl$UI_DEV_CREATE(r7, 0x5501)
r8 = memfd_create(&(0x7f0000000180)='\x00\xac=W[[\x87\x12\x04\xd5\xbc\x80K\x06\xcd]4(\xa2\xee2>\xa1\x9c\x86x\x1c\x9f\x97\x87\xd9c\xecR\xd6\xe8\xf3Y\x121p^\xc1\x0f\x00\x00\x00\x00\x00\x00\x00t\x00\x00\x00\x00\x00\x00\x00\x05\x00\x00\x00\x00M\xc2N%\x93t[\xf3\xee\xa4\xb4\xfbf\x8dz7\\\x8e\xac\x18\x00\xfd\x89\xe1d\xfa\xcfb\xf3\xdc\xd4CY\x9a\xef\xa3\\\xa7\xa9^\xafL:[\x8e\x83U\xff\xfd\xb0\xfa\xdaL\xa99\x9b\xcfA\xe4n\xa0^\n\x1c\x84\x04\xc5a\xdf\xe5\xd4Hyn\xba:/\xa5\xf4\xaa\xfa\xcd\xc7T\x83\xf5N^\xf2n\xd0=\xb9\t\xdd-F\xacb\xac \xd3\xccj\x13\xa2\x9fLu\'\xed\x91\x867\xaa\xf5\xa0]\xb6\xaa\xea\xfd\xde\xa6\xec\b\x16\x86l:;\xf9\xdb\xcf\x88\"\xca\xe0E\xdb\xec\xf9\xb3\xed\a\x00\x00\x00\x00\x00\x00\x00\xd6.\xf7\x92\xc42\xdf\xefE\xce}\x1b\xda\xdd?\n6\xe1\xb1\xd8Y\x960\xd1\x00\x00\x00\x00\x00\x00MW\x8f\xc6\x82\xe4\x15\xf7\xe9\xd8\xc5b\x0e\x91\xc5\xc76$\x18\xa4\xbe\xe8V\x8d-\xe3\x8fC\xd5\xf5\xd6L\xe3\xce\xa1\x8dz\xce\xa7\xa5\xc8\xcbhM\x1b\xf8\x98\xc4\xfbD6\x88\xfd\xe5i\x8a\xd8\xcfm\x81Z\x19\xf0\xef\xc15\xe8\xcb\xf5\t\t\x00\x17\xfa\x1fqb\xe7\"\xcb4\xb8\xe5/\xd52\x17\x12\x1d\xd8\x87\xb9|\x8d\x83\xea\xcc\x94\xebZ\xae\xaf\x19\xa4\xb2\xc6\xe1\x926B\xb6\x89Z\xa9\xb5/\xbb\x9d&\xeeO\xb3\xb3\xd4\b`\xa9f\x84\xad\t\x1a\xc2\xd5\x88\xbfo\x80V\x93\x9fX\xd7\xff\x03\xb7J\xed\x183\xe3\x7f\xfaq,\xca\x06\xb0\xc9\x92\x93\xa5I\x89\xb7\x85\x90\xb7\x1b0\xce\xd7!\x8fD\x96\xe1 ^>\x9f\x04\x89<\xb7S\x7f\x1a\x88\xab$\xd3y\xc2\xe1\x99\xbch\xd3\x83\xcd\x7f\xc5n\xb1\xc1X \xe2\xbb\x1f\x01\x90\xb1O\x8d\x7f\xa8\xd4\xdbO\xef\x99\xf3\xd3M\x0f\t\x7f\n,\x84\x1f\xfa\xe2\xc8\x99\x97Oq\xae\x9b\x86h\xfa3\xb9\xfd\xbb\xd4^\xc0t\xa7]Y\xe9\x7f[\x11\xb1\xf3m\x17F\x9d\x18\xe2\xe1\x01\xb6f=-?\xbcI\xf2\xd9\xc4>-\xc0E\x9a\x82\xcc7S\xd4\xb6\'\xd2DY\xa5\x83,\xd1\xbc\xc7\xf6\xe0\x1f o\x06\xc2t\x14\xc2\xe0\x92\xc1\x8a\x85>@\xc9\xb0% \xc7\x13l\x8bJ\xe5\xec\x1dE\xf5\xc5\xe2\xe3\x10G7r#\xbc\x95&\x14\x1e\x97\xce\x83>Q@\xfb\xeb=\x1e\xb3\xd5H\x02\x86\xc6\xf3\xe1i\\\x1d\xf4\xc1\xacJC+\xc8}\x1b{\x86\x17\x00\n\"\xec\xa5x\xe6\xb1i\xeb\xb3\xb7I\x90\x9eai\xde\x01\xdc\xfeA\x05Sn\xe6\xe8^\xdf\x8c`\x17\xca\xbd\\QG\xb15\x82*=\xbd\xe9\xaf\x12<\xd7\xe1$\xa4\xdaU\xfb^\xd8!\xacxy\xd5X\xef\x03\xa7\x10\xa1C#S~\x0f\x17\t>X\\mv0\x9eZ\x89\xf4\xae\a\xc8\x16\xd2t\x16\xf3X%Q\xbd\xe9\x86V\xf2\x99^0\xe8xI(\xde-\x04s\x15\x06#2\xef\xef@\xa3t0d^^\xad\xf6\xad\xe0\x16\xf6\xa8\x99!\x0e\x9d+;D&\xebN\x94\x12\x04\x95o\xd6\x9fl\xcb\x16gc\xf5(\xaa_\xec\x9aiE\f\xd4\xc6\xf2\xae\x85n\x995\xcd\xa7\xbb\xf0pz\xaf\tC\x1cq\xaa\x92,Li\r\x95Z\x89\"\xaf]\x95\xb9b_\xe4\xba\xd4\x93\xab\xe1\xb9\xd8E[\xbb\xc9.M+\xbe\x81<z\xf2\xe8\xf4\x93\xe6h\x97\x7f\xaf\xc5\x06g\fI\xa58\xf5\x18x\xc9\xb9\x03\t\x06\x96gf5\xb0\xc8\x86\x14\xe2\x01\x1f\x80\xe7Ol\xba\x93\xaa\x15\x87I7W\x87\xc4;p\xc5\x1e\"K5r\xec6\xac\xf0;\xf8 \xad\xc9\xf0\x16\xce\x17\xa1%f\x12\x80\x03N[qz\xf0q\xbd\xb8s\xe5>N\xd2\xae\xf4\x18\xd0\xe7\x98\x90,\xce\ft\xc4\xc7\x02\xaa\xc7\xeb1;\x86b\x8f\x12{k#c\x1d@\xc31\x00\xd2}f\x8cX\xce\xed\xa4\xe4\xca`<_}\'\xce\x81\xb3O\xae\xa1\xbfwcN,\xf2#\x16\xc4\xad\a&\xb1U\x83w\xd0K\xaa\xdf\x84\xe5\xe4\xdb\xa3G(\x7fv\x93\xb8m\x96\xd89Kb\xa9\x852\xb9\xcaG\x8b\x11\x16\x16\xeeI\x14\xcb\xe4\x9a\x1e\xb6^\xa3\xaa^\xdc\xcfo\xfb\xd6<\xa2\xc6\xbdj\xc4\xb1B\xf3S}\xfeI\xe2e\xec}o\xcfB\xa6\x877\'\x80\x82\t\xec\xc1&\xb8\xa9\x82&\xb8XQ8M@\xaa\x1f\vj\x9aW\xec\x92\x19\xdb^\x9d\x94\x87-&\x00/z\xa2\xd7\x01\\\t\xae~\xed\no\x1a\x9cKG^+\xc9\xe0v\xc0\x96\xc4\xcc\xb7\xdd\xdf\xf9\x01\x91\xe5\to[\x97\xbe\x110\x93\x14\xf8\x8a\x8d\xeb\t\xe7?/C\xaa\xd9\xc4\xc9\xbe\x12\xed\xb3*f\xd1J\x14\x80Iy4\xa9\xf88C\xe3', 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x11, r8, 0x0)
writev(r6, 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

2.366209638s ago: executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='ext4_ext_handle_unwritten_extents\x00'}, 0x9)
r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802)
write$evdev(r1, &(0x7f0000000000), 0x100000008)
ioctl$F2FS_IOC_GARBAGE_COLLECT(r1, 0x40044591, 0x0)

1.870709574s ago: executing program 1:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
pipe2$9p(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x100)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000080), 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x48, 0xc, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)="154676700fdab594b3b4e53f5071134e833fd8768b043979227aef63a5c854ff7e66008105ec5cb09b9f8d49aadc7f8059f62d5dc5b7e6fd1ddc5b31b5847e8b8a94bf1b7d5009cca3d2f8ed69f2565ea2cfa62784989eee99baa792b0c5e5c5fb6d8b91960abba29b50095faa5cea180d9f81f04ddb4440bb4027333e906059ba974616a50754505983ef5dd3abbed713d13c6da6d088a2dea65fa59773f856db2cfdd42d6ee235693f9bbe8f3979aae875f0ad404bb0be01c4ac5c2405ed440bb2380c38feb4049f40d5ff78ffffdfef65c52dcb80bce48bc40a4d284ec94085292fc2d6eb57e3751e6f7c4c3ceb2250a00c65d2056fdb00e0a2040d", &(0x7f0000000840)="f4ee1193a509aca7bb2e4a15e25171f233a7fa6e4806d77e3e8392d6657af50ac49d885fc3b77782e17ea9201779a3698eb3a2e4c52b105cc1128932e03f22773aec572daa6318adc89650db51bc275737b7982c447fa103fa40094df2a50640f0806e14e3e7ca7d5b9c547df5a5a64f5e018005a7b5428d3ff2b05e02c77560f6464233b9a084ca5418f406480ac57013f2670b6f30f84cad05fc9a5de4069c15103850c53da738b023747ceeba944c5ea61a7bd85ddea053ed1b44832bd0ee25f985ecb156faceeb306c52eb75f364288a50e67eb74bcfb70b8a8ee40dd99b49b1bb5451b12e496235b8cf1dace9f9b8d4522be272b627da3c1b5f1c7d5248a68450e77e1e144c47ac6469adf589b8beac250dd4101b7b033f29de26747106baa35739eb3820df5c8673a3850f817172771ef4fc1324e4635d577ee8f3b625decf6755f923488ca089602e77b7c1dc42c4531dd85320260c9355a3ed60cb646204948d3e3133697b72941f7cd69f44b1908eb0850b3bced8a9fa96841c95dbdc5b6444d748f7cfdb2bdcc492340f00000000009e5b5c0cd6b23cf8bbe49546ebe24a53aaeb206c35986c54550daa2eea338c43acaa98fd", 0x80000000, r2}, 0x38)
bpf$MAP_LOOKUP_ELEM(0x3, &(0x7f0000000380)={r3, &(0x7f0000000a00)="8c0a36c40de933b6e5c61f7b118922ebeb9da9fce0198cb84373e52b23e2a88577c0463fceb2ec4ba0c55a3471c41a8d372dd37d91dc53361a49798acab5c2cb6241aae3ce2ab393fa960797edff963f53ccb5d73eb0053cc69012fb451dea556bac75d45723af718cd563ef01074f28b59a997e3cf46915f2e8c89ac60eb4736b3a701ec5bdaa042ef21d6300017032d78a149d3762369cc3e66e8e267cd83a4f0941213ef27911f5c94d90a623bfea35ff8d88", 0x0, 0x4}, 0x20)
write$P9_RVERSION(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r4 = dup(r1)
write$FUSE_BMAP(r4, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r4, &(0x7f0000000700)=ANY=[@ANYBLOB="3801"], 0x138)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000000), 0x208e24b)
r8 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r8, 0x0, 0x0)
syz_usb_control_io$hid(r8, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="002222000000963fcbbae33a2313060000070c0000002adeb7070900be0083000000000b09007a15"], 0x0}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00005d4000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000040)="66470fc7360fd87ae80fc7746a000f20c035020000000f22c026450f090f01d1c4c145f32a8f6970963826430f01bf00000100420f2ded", 0x37}], 0xaaaaaaaaaaaac32, 0x0, 0x0, 0x0)
preadv(r7, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000710000009500000000000000927612fbe8598eca47b5447233f58f81edec631c6c9e246ba44eccc9a3efaecc3d2a4207ad3a394b8468821a2dc72790285b74e6717579f3bb28ba8009b5003d434a5220c4a71a2393ad88051049dd9f9609b3997f4896e0d4164208d0c57c5cd3200f94fdabe7583587ced0dd151760aea53441345fce7b1653b96b2b97922a4946163d23afabe683441c59e2a2d13861663e47b255f12515c458ecef711b6b11d1eb4078c425b695e11d3a045311e72591351a140b13b55154aa23bbf0823c7faf0dd831094735ee80a0fc3ad88f25d8574a529056f679d9d5948c6bb6ce45d5d841e2382b"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r10 = dup2(r9, r9)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r10}, 0x10)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)

1.842323588s ago: executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'\x00', 0x100}) (async, rerun: 64)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (rerun: 64)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1e100, 0x0)
syz_open_dev$usbfs(&(0x7f0000000140), 0x0, 0x8040) (async)
close(r0) (async)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)) (async, rerun: 32)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) (rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffeca50000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000380)='kmem_cache_free\x00', r4}, 0x10) (async)
r6 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r6, 0x1, 0x8, &(0x7f0000000000), 0x4) (async)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="3400000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002d00128009000100766574680000000004000280"], 0x34}}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r8, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) (async)
setsockopt$sock_int(r8, 0x1, 0x8, &(0x7f0000000000), 0x4)
r9 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000a00)=@newtaction={0x44c, 0x31, 0x0, 0x0, 0x0, {}, [{0x438, 0x1, [@m_police={0x434, 0x0, 0x0, 0x0, {{0xb}, {0x408, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8]}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x44c}}, 0x0) (async)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast}) (async)
close(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r11, 0xf507, 0x0) (async)
ioctl$SIOCSIFHWADDR(r1, 0x8943, &(0x7f0000002280)={'tunl0\x00'})
ioctl$BTRFS_IOC_SUBVOL_CREATE(r10, 0x5000940e, &(0x7f0000000e80)={{r5}, "c28c928014736119d96bf2d08b4e7a55f0ee9cbfdabe572c0bcd9aa9f4c45da2a879e5015b2d910fc8bd944e0fc36d3c117cbc06665339f0db2a20f94d0547a2f3d38e0f580cef81fdf2fba76e61b91b43add2f70f349055788c3de48b6787ce98fc51ea761d6d2ab5ecc17cf2b1955c8e02f68dc98fa38bc7fc07fb83445c9db4b3e516f371e7bf05c20c51c15b5dcef52f4192fa58afa6cc6326d5c268da97b3cf951c2cd0185ffe51ad9ffabd21692fe549e11425575125df183af01834de083f04946f5f970458b7074688eefdcce294d40c0b8ce74e1a71106cdd66d09d5e47383eecc0f40cfa44edccf8a17cbe77791d0c53d964444350e85068382d04f2b3e9b52514efdca8498651111c4978f0c617a8b80ecc392c65f56f03c48943668d67c85be9c4f9dfc934457576cdad9b2c1dc26e6e285a53379125ab4919a872041fc15fd56251497109672cc95cc75e729b985041ad0074ee3abe1ca8cd1a79deb1fc0577df4ea984df5f265dff8567244edd58387873a63f55bde117c6b0a309296fee34a978680ae475d25819814854c52c64abf26831cdfa49f768e141bf51c5f561b670001c293a22320b1599c280c8ee20d26ca07f2958668554ccc6f73e5354b68362ac59a44d7d9df16a82ec2d620ba830d3bcdc7050ebd0de2603a2f22fb1da872a0cec34bc225b9242da71892323638bc742972f0bd565d06b541fc20ee9d3180304942f4f4546021d23f091f48309304a4ba67331576b4878e3bb7447d720cf627a63ffe64126b2220306d347d41775e44e87e0e79595d598966006a76d845c6159870aaabd94dacaf49a565e85a1f89776e63ec0374d06931e54f0f2af0bb15a866b67bec60c97fdbd09169e8bba5da3ea1c432ed4238400a7fe4c26a90ae94841313b8e64804f53d72d60108fc3272484a38803327a19fa0d54d6631e39532cef5a2d7468aab18425ee9149d429f20be88c590dc589badaad95136b3e0b8efc228d40a64b181bb05ac8edcb1ce4590f2aa961a0d0c2fa8e1e36d243567c8fefd97ee8c111462dac1b33e48529098a2df66f130a7f8b362af5a907a54ff47beac69445cf0592873a9b3a69a4230f2a6929e3ac6a3f5d7ae12562f52564e3a135a303adb9b94568145a7790815263071d7deb736bc3a7f650804b3f1133950b82df9375acdf36129310107e12fb46e9a1a5a9705b13f6c2debda7830b849990d53fbf6c8fd154967e84e46b99aabdd8eb86ec61d6c28a96da644a71dff9747f5783b45089a34af1319cd31b0f951732449b78c26139ad9af8c6db4d226f6425796ef6acf030fbd6e1587fef6eb45fe654a1dd95eb911177cbfe04a08d4f4b0841b56d6cb83423893f41d2e3f1c3768401a362e3fe8863decb5363f15db9518dd277348dd67229db7bd672fbffa8016ef821a67932b87a286e6b6df8d9e6e0798a4920a9353c8aa0cfec7672f5c521611c69f0edab555a5f4d32d98ebd5aa772d6c3ce302a0731c7fcce53c501cd95b75d111354998a976b6cb74da6415bd98d130ab2a896c756ead0c1096e6274be5c4e190f9f4a12b0a267b3d21e68e5134aee35d5f9b5a11513e5cf4e9c0615b4e4dc7bb3f0c4fa1acc7a3af92c42b97920524e85d2a2fc75ad99e1379145f66f59cdde639be61f78e38791a27b8994f2798ccca62380f614788e921d3ad2c367fc9c5facb6e43e368ef53649719e7a66b96dc0099c5bf7280f35d514a22b48aceff35df99c41dcb824303d8ef88dfbadbec532dff0487fd7b6b6f9b4738120e17612760038bf518c24e9cfacd61938fb2e5e534e1be1dc6afe4e5dfdb7cc02d9eb6217a22e6fbef6644d6500e1b000541e83aaaa9638c4700aba161fa4aba1b4b79c7f246e01ec02bfe532a0961b7d5d8490dcfad466e0b844879f9bd2d04be60784821dbc2821fe80df7ac8afbd57f0a922e25edea4dd99eb3da11c774277107d73d1e23f39131bf73948c57400e9b6e987e0296daa0a632f27f1cb7a7ea6c0979e3ec1f1964af3c52de42048c5da02f13861540f7b1c320cf49710b577d07d931f363c013676b9f236361529be6c543d3b5bcc3b8839d5b513daa1e31c5c5251405a21df5fe68d03738046f49ca0c70472a8ae823f8ccde9c004599d8da42ef25a3ef5402af619d07d9147d6e3e6465ae40923f168ba276e7c68be1b8a781f50cf3be839adf35436fc52fd8b06180b1aa1d0845b62934736a61f49f1a5278455c1e58da81e9ba33c5e1e087c5efc2f872ed00dfbe12bc87d95582e9f3f1cec55a536552d8de00827aff59774b9b1c57151a52c53f8b2c1ce6d55ecbd75dfb80c1213cf0a33ff3ce71d162fdad2eaeae74141020c476ada18c58c0dc64195a013fb9a34c3f74175cfe674980cd65834d4a250e657b9ec35c486375383bd8337500b48009e222bbe99bfc7b6789a8b1a6bc8f52ff2a24b8a9fc284d21c3e735030b8ef4c9036a3064ff00d06e49c957da49fc52dc4dcd59327e4aa128cea0bfa95e2d64394a2b870557b6380e2317f1ebbbe006175363e6ea7629bcb199a4ae2e2ba91c0082f9f491ca4c6da5d95f1328c10d8d84330d602890b11f529d4b307ff789a6cc6371ab778733418d6ed53e64a88a0d6d527f652593512918a9d407342fd2e09cc4c6d4fb14c422e48d83a4a4aa9f3523709f7df5784adac6477929c2889f3d49c11ef170f336d369dbec9fe3cb6bda907cfa40af6fe3cbbda7c86a1866765b004f94929c04a662328449f1a30f0f66f9aa3af86fd6e82466858bd5fb957bf0d0f78b76d143e4fe711daad2d5a326927a57cbb17fb3adc3ef9f0aa098e3dab346805be43c4e788f8d306f45dd810e25cf69a9ad22d40bb87848b5d2d1be261b7c30fcf9ac00c05f3d766ecfd32f637e6bfb1d4c464ed8b18f8b2af133ef1fb0197ecef31a5de78c48986ee871e3e86cc494104555df646a9f6b9e74372e732b83829bed97609520691c99bb779a7261cac520404787dcdd1a67b1c4541887ee100cb40c6d0ea7de97570e49b574c201f718774dccb1a0a5eb9c1f78a1a86912dff2b5e2ddca98238b27c83ac3df90d4e362f5925bd2e7c5fdcc5431fbf214366c8a372e0681406b91ad7ac0ecf577461912fc2c6bf187906634530f4c0674623fd7bacd735f306f700191d2eb05f841206c13a85da6a2b0d5cf193ba406d02745ba4b8a334126ab610e4da924ad040b87bd2dfd60951f54f3a69a708587345a554381069b9a1d8c85edcc032cf6cc9b970b0449421f85f88b15b9e3c087bf7d508eb6f6d842ca403b383cd1bdc3320eea4e3768ef429b09502fdd71f400d8b1703ec4754466afc2b468c378ce23814f6940dbce6be211bdef09dc3319a50ebbbbf64c35a80dbfeaf03269ad70441e9f3173f3ae8296bb69683bf53c755e80c284f11d0908092f468f4abf3849bf35fd55ed62de839ee9eab0c66848224d765d38651e7d299f247534c2fab8da860f8198dbef6cb167ba690575a4aee0bfe6041adff7e73120247c1de9e907a9eb3b97e2df45a035be39f6a6e92b646b7a4332024f5d949b947a1c9cb25efcf71fd170a43ffaeafa171ce4433978560f9af8145b1c5fca0206f751d93d983d8f84fe2df4804be0ed83be841211b3c79898f7ad831281d59d371df71635f88f86f72a29c51c3026ba8606a9df35e8c5c58876789f362263a767c22849bf65aaf2f236a81b19dbe759402f281b6a4b9536e44f0d70664a87df2c315f345dc9bf628d136aa6c932927470bf3f662b239d8c8ff4380e00770dfc6a12f401d72477206dcb5556a53672e87c73bea22dbee666bcdac97fe1cafa4f28bf43075a81dfd294bf412268b565f5066c4edce6974ec152641f8e4ce85c6b693651b013cf6a23a2c1ed2c821db4a8d1d600082d529ab012fe1b9a98c2236acde1b52e7f23ef43fc5f369507e1b977836a67d8e0e44aff1b463e0adb6df17c4a82ae81bdfa555b76d101274738bbbb99a76d863c4ce433f3f73e05af5dbf401de32e85b3f49edd80da2809a6caef7c3fe7e3b62f619c86671e7fd400a67367e12167b81cdf0d62d993fe35cd3382f8c6bcb5ded42ffb32274c8bebac20778176dca505e77d689bf38fd61884bf9ca76524cc64ee319a3721fa73e95dc01ad54ec0fa77930cd150ce9ede864569664087737313df491887f91f3b942b1a7ad9884f282775968d19f7fc441a4bb026ec50e69e4ce39d9b74e1407b477e9e5d63a4e15c7136941782eff1a59381eb7ae316d2ae9db54034b8b47546de399b25cdc818654ab7659c49e60043f8fd7745b254b8927b86b7463cca59979bb3751b489bf89f3ac3a9cec0fe9cef19fa382f5926b39824365ceb15317afbe12f3e79ebd005b5476f33f6cf7f9bda1d5b5f837d7a049a17b128501910b2ec67673b5683e65c84a6151c68ac57d7b2bfcefb909a74c574912072ee986aedff1a85873599f01895f37701af802055411c278d0e0b3ffafec6b9af1601839112f8aa5a4cc3b55c3af25d6dc881614bcf9029848aa0ebe8a0305068c269c7473e14a8a910ce12bfbd22898a3c1abea13a55701263caf8a06a92730acd7158f57caa54d39f531da01afc16930028984bf7447a1112de22e44787a4c410a787280fa61a8fd7d5061ad475b23c60a28409cbec14ac73923186ca8309addc5914bf7035c3f7b66e7197cffd0d6699eaec1b7bf041197a11b4ead585d2027b21351e1b2c0246a3988f8863abe390708dd72e977dfed3d75bc1d01de2a9f9e409cd8b3672df7eca515f3f33093b907c4c684757e45910b2e9ee5e25758a501b73f295e29e1dc067eb1d2357229b75ce65797c1546534132cf315d9ec2405b45a3776e5af069e6dd1bfe5e80b2bb587c96ebabaab9b389c68cbb99126a63f9e42fafd11fd0369cfc6bc24390cd1f5ddb9c0db57cfb483ba1d78ad88e814274bc63574a9cd675f793daa7ada6420fdb96c0f12f1df169e17af477da14f92da0da22130c25550494e6519f1d5bea848624ef3665ae451f70d06f48792eb3becab469b1bfadf7069f760be169be301986b7c44558c9cbe5ead407451fd4a38aa8db7b3b6752ea9eae8d2ef3115c0c19e9955b12daa1ad177d39ca6b3e1628fc285925032dfcd11924a1af74272ad5584633da0a018433fa25311f09f1bab9b081dd36a60fe31b6964695ed28d98f91f59210a00d1afdcc63d199e9ea5479d8f768b0fd0655d3474cd3d02d4f6a4fe06372ab53f517ba64ffd545720886631db0b619d59c81301f50a0dbce9303f2786cca64c075290eecbd727613136e4c13ffdf64689fcc002728dd591e010dbf592f1f4ecb8a866c46383f2c3d5a6646ff115ed2a620417b84bb6b53050b2dc6266f6323b6de29c5ed99f35c23a3f5dbc5356efec26648a56fe204ef32f05abb83dfae5731afc152e097a6a7eac4bfc214ae6f800c9c2032e9f854df1b7600beb368ac163b722abdcfba17ca0134a9900d03a812c732280cc2cff424fd54fa3c8556ccadd3ecf1a018d9cb6e3363eaa2473249f58898a37482ba093b2a6d9eeb8205a7cc95221f03424d3862e39a8036b0b8a7a66282c0da21379d5a91702413b3e0004622e77e35c185c18fee2e2e95ef7fa30f84075c45b251a4eb3865381a1d24757d9e4b1ac6c22a7e3fc1b0ea5c987924098e1f9e0aeaf33b24494986980370e636fb29f332353a55d16ef8ee31c50d8957c4b1398d0ab409fe12266591fb87dbcc8c60ccdcb32124360d9731d406c5b25d21c8db"}) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
getpid()

1.814073572s ago: executing program 0:
r0 = socket(0x10, 0x2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000100)={0x35}, 0x10)
write(r0, &(0x7f0000000040)="1c0000001a009b8a14e5f40700426e2400000000ff00000000000000", 0x23)
recvmmsg(r0, &(0x7f0000004900)=[{{0x0, 0x5, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, &(0x7f0000004a40)={0x0, 0x3938700})

1.776854399s ago: executing program 0:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
r2 = dup(r1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x8, 0x6}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r4}, 0x10)
ioctl$KVM_SET_CPUID(r2, 0xc008ae88, &(0x7f0000000440)=ANY=[])

1.752182542s ago: executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
fcntl$dupfd(r3, 0x0, r3)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r5}, 0x10)
epoll_create1(0x0)
select(0x40, &(0x7f0000000140), 0x0, &(0x7f0000000400)={0xca}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020701200000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b7030000000000008500000073000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
timer_create(0x0, &(0x7f0000000100)={0x0, 0x1e, 0x0, @thr={&(0x7f0000000380), &(0x7f00000004c0)="b55bc3d37c1e33c63fe5f2f7e2b5e3a8952d04962652e391d1bab8a61ca208a76e569f4eab6f69b218c583ca28746fbf7cb35383f6c6b0abd60d16cce022fd7e99"}}, &(0x7f00000002c0)=<r7=>0x0)
timer_gettime(r7, &(0x7f0000000400))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000cc0), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
syz_emit_ethernet(0x5f, &(0x7f0000000340)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @remote, @void, {@llc_tr={0x11, {@snap={0xab, 0x1, 'n', "221456", 0x0, "5294d8f6d4aa5769981967337a2bcf8a7e13e1940a83a88846210af47c677ccfab3ed41027723ad0731bfa84229109447d864f34a1008eb2ccd7dee05d542740684a5116c7f395c01c"}}}}}, 0x0)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r9)
socket$inet_udp(0x2, 0x2, 0x0)

1.11197267s ago: executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000d00), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000ec0)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_FEATURES_WANTED={0x18, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}]}]}, 0x4c}}, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000940)={r4, 0xe0, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000180)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0], <r5=>0x0, 0x4a, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f00000004c0), &(0x7f00000008c0), 0x8, 0x79, 0x8, 0x8, &(0x7f0000000900)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x1d, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000001000000000000000300000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000180000009f000000000000000500000018450000fcffffff000000000000000004b408000700000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000060000008520000004000000bf91000000000000b7020000020000008500000085000000b7000000000000009500"/208], 0x0, 0x2, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000004}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cgroup.controllers\x00', 0x275a, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$incfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
mount$incfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000340), 0x0, 0x0)
chdir(&(0x7f0000000080)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)

1.070574616s ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0x1}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
rename(0x0, &(0x7f0000000300)='./file0\x00')

1.018831494s ago: executing program 3:
r0 = userfaultfd(0x80801)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000100)={0x80000001})
epoll_wait(r1, &(0x7f0000000000)=[{}], 0x1, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
sendmsg$inet6(r2, &(0x7f0000000480)={&(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1400000000000000290000000b00000000000009000000d10066a8000000000000290000000b00"/49], 0x30}, 0x0)

994.497698ms ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000007d2700000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
open$dir(&(0x7f0000000080)='./file0\x00', 0x4080, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000016000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
r5 = socket$packet(0x11, 0x2, 0x300)
bind$packet(r5, &(0x7f0000000140)={0x11, 0x4, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14)
syz_emit_ethernet(0x56, &(0x7f0000000340)=ANY=[], 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000007d2700000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) (async)
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0) (async)
open$dir(&(0x7f0000000080)='./file0\x00', 0x4080, 0x0) (async)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000016000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) (async)
socket$packet(0x11, 0xa, 0x300) (async)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10) (async)
socket$packet(0x11, 0x2, 0x300) (async)
bind$packet(r5, &(0x7f0000000140)={0x11, 0x4, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async)
syz_emit_ethernet(0x56, &(0x7f0000000340)=ANY=[], 0x0) (async)

845.113281ms ago: executing program 0:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000480)}}, {{&(0x7f0000000340)={0x2, 0x4e21, @rand_addr=0x64010101}, 0x10, &(0x7f0000000600)=[{&(0x7f00000005c0)="02c82c8ea1503aec7e5380fe2de26d63b14da17352f3641dc5009d3e4e1a91da645c1212a956f293dbc75dcf5f9ebe892d", 0x31}, {&(0x7f0000000900)="a1cd9f9716af01d4d8f7de436b552d401b0d509c75020c1af51eda88f0d4c29d121d626f48f69555c18c6d3a2555f67dbacd648691b828435a5198463406851ae0ad4944bc3eddc241e1078efe4aec6eafbc82a6acb032dc7a0e4a2ffcf33654d35bb6e9202c3d5804a632d8585ed9158a8f65fb088e6f8081e53b91ef1ef0f49deae4117b142e591ad3b75b689adcc72946cad74324d61292437a8af34c826d7225c0232f2a0e33e92e968324c03db37a524d8fd09fdbf32bb8669d9707", 0xbe}], 0x2, &(0x7f0000000a80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @loopback}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @broadcast, @rand_addr=0x64010101}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x4}}, @ip_retopts={{0x84, 0x0, 0x7, {[@rr={0x7, 0x17, 0xb7, [@loopback, @multicast1, @local, @broadcast, @multicast2]}, @timestamp_addr={0x44, 0x2c, 0xef, 0x1, 0xc, [{@remote, 0x1f}, {@multicast1, 0x6}, {@loopback}, {@empty}, {@broadcast, 0x4}]}, @rr={0x7, 0x27, 0xd6, [@initdev={0xac, 0x1e, 0x1, 0x0}, @empty, @private=0xa010102, @multicast1, @rand_addr=0x64010100, @remote, @broadcast, @local, @dev={0xac, 0x14, 0x14, 0x34}]}, @timestamp_addr={0x44, 0x4, 0x18, 0x1, 0x7}, @generic={0x7, 0x3, "f4"}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x81}}], 0xf8}}], 0x2, 0x20000001)

758.379524ms ago: executing program 4:
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080))
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(r4, 0x942e, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r5, 0x28, 0x1, &(0x7f0000000100)=0x80000001, 0x8)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$uinput_user_dev(r6, &(0x7f00000005c0)={'syz1\x00'}, 0x45c)
r7 = dup(r6)
ioctl$UI_DEV_CREATE(r7, 0x5501)
r8 = memfd_create(&(0x7f0000000180)='\x00\xac=W[[\x87\x12\x04\xd5\xbc\x80K\x06\xcd]4(\xa2\xee2>\xa1\x9c\x86x\x1c\x9f\x97\x87\xd9c\xecR\xd6\xe8\xf3Y\x121p^\xc1\x0f\x00\x00\x00\x00\x00\x00\x00t\x00\x00\x00\x00\x00\x00\x00\x05\x00\x00\x00\x00M\xc2N%\x93t[\xf3\xee\xa4\xb4\xfbf\x8dz7\\\x8e\xac\x18\x00\xfd\x89\xe1d\xfa\xcfb\xf3\xdc\xd4CY\x9a\xef\xa3\\\xa7\xa9^\xafL:[\x8e\x83U\xff\xfd\xb0\xfa\xdaL\xa99\x9b\xcfA\xe4n\xa0^\n\x1c\x84\x04\xc5a\xdf\xe5\xd4Hyn\xba:/\xa5\xf4\xaa\xfa\xcd\xc7T\x83\xf5N^\xf2n\xd0=\xb9\t\xdd-F\xacb\xac \xd3\xccj\x13\xa2\x9fLu\'\xed\x91\x867\xaa\xf5\xa0]\xb6\xaa\xea\xfd\xde\xa6\xec\b\x16\x86l:;\xf9\xdb\xcf\x88\"\xca\xe0E\xdb\xec\xf9\xb3\xed\a\x00\x00\x00\x00\x00\x00\x00\xd6.\xf7\x92\xc42\xdf\xefE\xce}\x1b\xda\xdd?\n6\xe1\xb1\xd8Y\x960\xd1\x00\x00\x00\x00\x00\x00MW\x8f\xc6\x82\xe4\x15\xf7\xe9\xd8\xc5b\x0e\x91\xc5\xc76$\x18\xa4\xbe\xe8V\x8d-\xe3\x8fC\xd5\xf5\xd6L\xe3\xce\xa1\x8dz\xce\xa7\xa5\xc8\xcbhM\x1b\xf8\x98\xc4\xfbD6\x88\xfd\xe5i\x8a\xd8\xcfm\x81Z\x19\xf0\xef\xc15\xe8\xcb\xf5\t\t\x00\x17\xfa\x1fqb\xe7\"\xcb4\xb8\xe5/\xd52\x17\x12\x1d\xd8\x87\xb9|\x8d\x83\xea\xcc\x94\xebZ\xae\xaf\x19\xa4\xb2\xc6\xe1\x926B\xb6\x89Z\xa9\xb5/\xbb\x9d&\xeeO\xb3\xb3\xd4\b`\xa9f\x84\xad\t\x1a\xc2\xd5\x88\xbfo\x80V\x93\x9fX\xd7\xff\x03\xb7J\xed\x183\xe3\x7f\xfaq,\xca\x06\xb0\xc9\x92\x93\xa5I\x89\xb7\x85\x90\xb7\x1b0\xce\xd7!\x8fD\x96\xe1 ^>\x9f\x04\x89<\xb7S\x7f\x1a\x88\xab$\xd3y\xc2\xe1\x99\xbch\xd3\x83\xcd\x7f\xc5n\xb1\xc1X \xe2\xbb\x1f\x01\x90\xb1O\x8d\x7f\xa8\xd4\xdbO\xef\x99\xf3\xd3M\x0f\t\x7f\n,\x84\x1f\xfa\xe2\xc8\x99\x97Oq\xae\x9b\x86h\xfa3\xb9\xfd\xbb\xd4^\xc0t\xa7]Y\xe9\x7f[\x11\xb1\xf3m\x17F\x9d\x18\xe2\xe1\x01\xb6f=-?\xbcI\xf2\xd9\xc4>-\xc0E\x9a\x82\xcc7S\xd4\xb6\'\xd2DY\xa5\x83,\xd1\xbc\xc7\xf6\xe0\x1f o\x06\xc2t\x14\xc2\xe0\x92\xc1\x8a\x85>@\xc9\xb0% \xc7\x13l\x8bJ\xe5\xec\x1dE\xf5\xc5\xe2\xe3\x10G7r#\xbc\x95&\x14\x1e\x97\xce\x83>Q@\xfb\xeb=\x1e\xb3\xd5H\x02\x86\xc6\xf3\xe1i\\\x1d\xf4\xc1\xacJC+\xc8}\x1b{\x86\x17\x00\n\"\xec\xa5x\xe6\xb1i\xeb\xb3\xb7I\x90\x9eai\xde\x01\xdc\xfeA\x05Sn\xe6\xe8^\xdf\x8c`\x17\xca\xbd\\QG\xb15\x82*=\xbd\xe9\xaf\x12<\xd7\xe1$\xa4\xdaU\xfb^\xd8!\xacxy\xd5X\xef\x03\xa7\x10\xa1C#S~\x0f\x17\t>X\\mv0\x9eZ\x89\xf4\xae\a\xc8\x16\xd2t\x16\xf3X%Q\xbd\xe9\x86V\xf2\x99^0\xe8xI(\xde-\x04s\x15\x06#2\xef\xef@\xa3t0d^^\xad\xf6\xad\xe0\x16\xf6\xa8\x99!\x0e\x9d+;D&\xebN\x94\x12\x04\x95o\xd6\x9fl\xcb\x16gc\xf5(\xaa_\xec\x9aiE\f\xd4\xc6\xf2\xae\x85n\x995\xcd\xa7\xbb\xf0pz\xaf\tC\x1cq\xaa\x92,Li\r\x95Z\x89\"\xaf]\x95\xb9b_\xe4\xba\xd4\x93\xab\xe1\xb9\xd8E[\xbb\xc9.M+\xbe\x81<z\xf2\xe8\xf4\x93\xe6h\x97\x7f\xaf\xc5\x06g\fI\xa58\xf5\x18x\xc9\xb9\x03\t\x06\x96gf5\xb0\xc8\x86\x14\xe2\x01\x1f\x80\xe7Ol\xba\x93\xaa\x15\x87I7W\x87\xc4;p\xc5\x1e\"K5r\xec6\xac\xf0;\xf8 \xad\xc9\xf0\x16\xce\x17\xa1%f\x12\x80\x03N[qz\xf0q\xbd\xb8s\xe5>N\xd2\xae\xf4\x18\xd0\xe7\x98\x90,\xce\ft\xc4\xc7\x02\xaa\xc7\xeb1;\x86b\x8f\x12{k#c\x1d@\xc31\x00\xd2}f\x8cX\xce\xed\xa4\xe4\xca`<_}\'\xce\x81\xb3O\xae\xa1\xbfwcN,\xf2#\x16\xc4\xad\a&\xb1U\x83w\xd0K\xaa\xdf\x84\xe5\xe4\xdb\xa3G(\x7fv\x93\xb8m\x96\xd89Kb\xa9\x852\xb9\xcaG\x8b\x11\x16\x16\xeeI\x14\xcb\xe4\x9a\x1e\xb6^\xa3\xaa^\xdc\xcfo\xfb\xd6<\xa2\xc6\xbdj\xc4\xb1B\xf3S}\xfeI\xe2e\xec}o\xcfB\xa6\x877\'\x80\x82\t\xec\xc1&\xb8\xa9\x82&\xb8XQ8M@\xaa\x1f\vj\x9aW\xec\x92\x19\xdb^\x9d\x94\x87-&\x00/z\xa2\xd7\x01\\\t\xae~\xed\no\x1a\x9cKG^+\xc9\xe0v\xc0\x96\xc4\xcc\xb7\xdd\xdf\xf9\x01\x91\xe5\to[\x97\xbe\x110\x93\x14\xf8\x8a\x8d\xeb\t\xe7?/C\xaa\xd9\xc4\xc9\xbe\x12\xed\xb3*f\xd1J\x14\x80Iy4\xa9\xf88C\xe3', 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x11, r8, 0x0)
writev(r6, 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

473.340578ms ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000007d2700000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
open$dir(&(0x7f0000000080)='./file0\x00', 0x4080, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000016000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
r5 = socket$packet(0x11, 0x2, 0x300)
bind$packet(r5, &(0x7f0000000140)={0x11, 0x4, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14)
syz_emit_ethernet(0x56, &(0x7f0000000340)=ANY=[], 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000007d2700000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) (async)
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0) (async)
open$dir(&(0x7f0000000080)='./file0\x00', 0x4080, 0x0) (async)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000016000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) (async)
socket$packet(0x11, 0xa, 0x300) (async)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10) (async)
socket$packet(0x11, 0x2, 0x300) (async)
bind$packet(r5, &(0x7f0000000140)={0x11, 0x4, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async)
syz_emit_ethernet(0x56, &(0x7f0000000340)=ANY=[], 0x0) (async)

458.75473ms ago: executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
r2 = getpid()
sched_setscheduler(r2, 0x0, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x8, &(0x7f0000002a40)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x30, r8, 0x1, 0x0, 0x0, {{}, {}, {0x14}}}, 0x30}}, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, 0x0, 0x8)
connect$inet6(r5, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004b80)=[{{0x0, 0x0, &(0x7f0000000040)}}], 0x1, 0x4000c000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000000000850000007200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x0, 0xd, &(0x7f00000001c0)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xaf5}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0xf, 0x0, 0x0, 0x0, 0x6}, @func={0x85, 0x0, 0x1, 0x0, 0xffffffffffffffff}, @generic={0x0, 0xe, 0x8, 0x8, 0x5}], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)

371.971204ms ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0xffffffffffffff02)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0x9, 0x0, &(0x7f0000000000)="fd5b6f91a4f7727c7b", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0)
preadv(r5, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_enter\x00', r6}, 0x10)
getpgrp(0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000002c0)={'syztnl1\x00', &(0x7f0000000280)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @private, @broadcast}}}})
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000380)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000ac0)='./file0\x00', 0x2, &(0x7f0000000480)=ANY=[@ANYRES32=r2], 0x1, 0x552b, &(0x7f0000000b00)="$eJzs3M2LG2UcB/BfdrvdvlkX8eCtA0XYhSY02xf0tmqLL9hSfDl40myShrRJZtmk6dqTB4/iwb/Diyh48ij+A4KgZ2/iQfEmKJlnKt3WorjZza77+cDsd+bJ5JfnCcsuv0mYAA6tpey3XypxOo5HxHxEnIoo9ivlVlhL8UxEnImIuQe2Sjn+18DRiDgREacnxVPNSvnQJ+fGZy/9/NqvX323eOTkZ1/+MLtVA7P2bET0N9L+3X7KvJPyVjneGHeL7F8cl5ke6N8uj/OUd9vrRYW7jfvnNYq80Enn5xt3hpO82Ws0J9np3izGNwbpBYfjzv06xRNuNTaL41Z7vcjuMC+ycy/Na+te+tt2bzhKdVplvfeL8jEa3c803t5qp/Us3i6yORiV46lu3mpvTXJcZvly0cx7rWIe6zt5p/e317uDO1vZuL057OaD7FKt/lytfrla38xb7VH7YrXRb12+mC13epPTqqN2Y22tk+edXrvWzPsr2XKn2azW69nylfZ6tzHI6vXahdr56qWVcu9c9vL1t7NeK1ue5IvdwZ1RtzfMbuabWXrGSrZau/D8Sna2nr157UZ2442rV6/deOvdK+9cf+Haqy+VJz0yrWx59fzqarV+vrpaX9nb9fenuP7J//rHr/9oPLL+D8tJT3H9sCOVWU8A4ODR/wN77dNvUh7k/j/+S/+/of9/2Cz738Pe/++H9cOO6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6tHxc+f6XYWUrHJ8vxJ8qhp8rjSkTMRcQff2M+jm6rOV/WWXjM+QsPzeHrShQVJq+xWG4nImKt3H5/crffBQAAAPj/+uKDMx+nbj39WJr1hNhL6aLN3Kn3plSvEhELSz9NoUqUF5vi6Z3PKpn8fh+JrSlVKy5gHZtSsXTJ7ci0qv0r89vi2ANRSTH3TxW+3cXZAQAAu2N7J7C3XQgAAAB76aNZT4DZKD5pLb+LX36BfzFF+YHg8W1HAAAAwAFUmfUEAAAAgF1X9P/75/5/3xf77v8HAAAA05Xu/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAnO/eTkzoQxwH810Lf4/3LIy9v71XcwTE8gXHhwqXhAN7BcAS8ghfgDLjzCAYMbYnWYIJhaoV8PklbZtJ8Z0rY/GZIAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaNNDMRvfXZ/c7JuzXO0nzdMAAAAA2yyK2bj8MKzav+r+P3XXv7qdRUQeEdtq9158a2T26pzinfuLN3O4jygT1mN8r4+fEXFaH09/2/4WAAAA4HjNJ9NRVa1Xp2HXE+IzVYs2+e+zRHlZRBTDx0Rp+fr0P1FY+fvux1WitHIBa5AorFpy6+948+VtiiF7jcvg1SWrLnmKUQAAgK+lWQnsWoUAAABweC66ngDdyGKzlbnZCy7/ef+yIfij0QIAAAAOUNb1BAAAAIDWlfW/9/8BAADAcave/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECbFsVsPJ9MR43O84/nLFf7SfdEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM/szzsKhEAYhMHe9Z3J3P+w0qChsUkVCB9/YzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG9+95f/E1PjTDL32lh6HknWTo2tU2Pv3Dj6w/j6NQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLE/LykQAkEQBXPG/076/oeVBD2DCBHQ8KiiFg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAF/3ul/8TU+NMMnfaWDoeSdauGltXjb0HjaMH4+3fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLFz/75xU3EAwL9nn68/ABECyhCEQGKAhabX0tKVARQx8CcgRem1BK78aDPQqkLKwoYyd0EwIoQEClv/h86t1KVsHTIUialDkX12+npU4mhV+9p8PtLz+9qy/L7PiaJ8/XwHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0dt+Pg02cl5uFSZzVx67fubxe9jem+tLV7ZvLZSvjXrtpz7279+K1dL+31F0uAAAA7B95U99HxK1iZ7Xss4Wq/i+ac8qa/8cXJnFTz0/X/U3f1P5l++P326/sDbQwGae86JmN8ejov1PpP7lZzrcX//OMfnXnq2cvefUDyT7aenm3qO5n7/tr1z4YVOGBNrIFAB7Fkaavg+b/obIfdpkYAPtGPym8m/o/X+g2JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA2DLbiuSbuRcRy/35cunHn8nrVT+1f3b653LSTV65sp9csL1FExJmN8ehoWxN5Cly4eOnztfF4dL794PWI6G70OvhkhnMiusxQ8LhBVv+uz0s+T0fQ8R8mAACeOUXdyrr+VrGzWh7rLUbc++nB+v+tJI60/p/q0/r/9qcnr6djpfX/sLUZzr+VzXNfrVy4eOmdjXNrZ0dnR1+8e2z43vD4qRMnTq1Uz0pWPDEBAADg8Qzqltb/2WLE7tT6/+Ekjhnr/69/GH6bjpWr/x/q/qJf15kAAADsby+98fdfvYcc7w0G8c3a5ub54WS7t39ssu0g1f/tQN3S+j9f7DorAAAAoA27W70H1v9PJ3HMuP7//M+v/ppeM4+IQ/X6/5H1L8en25tOR+7OdFYbHyd+4lMFAABgrh2qW7r+X1Tv/2d7rzxkEfH2m5O4/hrAmer//MPvfknHSt//P97eFOdStjS5H1W/FNFf6jojAAAAnmUH61YW+38WO6uf/Xb444H3/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADa9k8AAAD//9JEQ60=")
timer_create(0x0, &(0x7f0000000180)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)=<r8=>0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0xc00)
timer_gettime(r8, &(0x7f0000000140))
timer_settime(r8, 0x1, &(0x7f0000000040)={{0x0, 0x989680}}, &(0x7f0000000080))
getsockopt$IP_VS_SO_GET_VERSION(r5, 0x0, 0x480, &(0x7f0000000340), &(0x7f00000003c0)=0x40)

218.294048ms ago: executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x40086602, &(0x7f0000000540)={'\x00', @dev})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x6, 0x1008, 0x8, 0x0, r0, 0x4, '\x00', 0x0, r0, 0x0, 0x0, 0x3}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$netlink(0x10, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f0000000780)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f0000000580), 0x12)
r5 = openat$cgroup_int(r3, &(0x7f0000000180)='cpuset.memory_spread_page\x00', 0x2, 0x0)
write$cgroup_int(r5, &(0x7f0000000240)=0x7ffffffd, 0x12)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0003}]})
rt_sigaction(0x19, &(0x7f0000000340)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440))
r6 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\b\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0)
fallocate(r6, 0x0, 0x400000000000000, 0x7)

0s ago: executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r2 = dup(r1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x8, 0x6}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r4}, 0x10)
ioctl$KVM_SET_CPUID(r2, 0xc008ae88, &(0x7f0000000440)=ANY=[])

kernel console output (not intermixed with test programs):

bridge: link becomes ready
[  308.200619][ T1396] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  308.201434][   T24] audit: type=1326 audit(1719161116.100:19201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7083 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e45e260a9 code=0x7ffc0000
[  308.209035][ T1396] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.239258][ T1396] bridge0: port 1(bridge_slave_0) entered forwarding state
[  308.247123][   T24] audit: type=1326 audit(1719161116.100:19202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7083 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e45e260a9 code=0x7ffc0000
[  308.271084][   T24] audit: type=1326 audit(1719161116.120:19203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7083 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1e45e260a9 code=0x7ffc0000
[  308.303783][   T24] audit: type=1326 audit(1719161116.120:19204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7083 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e45e260a9 code=0x7ffc0000
[  308.317660][ T1396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  308.336140][   T24] audit: type=1326 audit(1719161116.120:19205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7083 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e45e260a9 code=0x7ffc0000
[  308.338785][ T1396] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  308.360135][   T24] audit: type=1326 audit(1719161116.120:19206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7083 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1e45e260a9 code=0x7ffc0000
[  308.368059][ T1396] bridge0: port 2(bridge_slave_1) entered blocking state
[  308.398453][ T1396] bridge0: port 2(bridge_slave_1) entered forwarding state
[  308.429817][   T24] audit: type=1326 audit(1719161116.120:19207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7083 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e45e260a9 code=0x7ffc0000
[  308.453327][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  308.461857][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  308.469730][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  308.480138][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  308.516018][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  308.550315][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  308.603740][ T7065] device veth0_vlan entered promiscuous mode
[  308.619582][ T1395] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  308.634315][ T1395] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  308.682497][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  308.689804][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  308.717044][ T7065] device veth1_macvtap entered promiscuous mode
[  308.728055][ T1395] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  308.741182][ T1395] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  308.761077][ T1395] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  308.781673][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  308.789990][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  308.813866][ T7091] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.820751][ T7091] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.828181][ T7091] device bridge_slave_0 entered promiscuous mode
[  308.948162][ T1395] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  308.956516][ T1395] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  308.966798][ T7112] input: syz1 as /devices/virtual/input/input69
[  308.973332][ T7091] bridge0: port 2(bridge_slave_1) entered blocking state
[  308.981272][ T7091] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.988764][ T7091] device bridge_slave_1 entered promiscuous mode
[  309.176019][ T7091] bridge0: port 2(bridge_slave_1) entered blocking state
[  309.183227][ T7091] bridge0: port 2(bridge_slave_1) entered forwarding state
[  309.190339][ T7091] bridge0: port 1(bridge_slave_0) entered blocking state
[  309.197199][ T7091] bridge0: port 1(bridge_slave_0) entered forwarding state
[  309.313491][ T7091] device veth0_vlan entered promiscuous mode
[  309.341411][ T7091] device veth1_macvtap entered promiscuous mode
[  309.481927][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  309.497998][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  309.522765][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  309.543974][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  309.559390][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  309.572336][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  309.580344][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  309.588593][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  309.596985][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  309.605238][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  309.612779][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  309.620170][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  309.681802][  T312] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[  309.865156][ T7153] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  309.931890][  T312] usb 3-1: Using ep0 maxpacket: 16
[  309.952383][  T110] device bridge_slave_1 left promiscuous mode
[  309.960131][  T110] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.969118][  T110] device bridge_slave_0 left promiscuous mode
[  309.975963][  T110] bridge0: port 1(bridge_slave_0) entered disabled state
[  309.984391][  T110] device bridge_slave_1 left promiscuous mode
[  309.990369][  T110] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.998008][  T110] device bridge_slave_0 left promiscuous mode
[  310.004176][  T110] bridge0: port 1(bridge_slave_0) entered disabled state
[  310.012640][  T110] device veth1_macvtap left promiscuous mode
[  310.018880][  T110] device veth0_vlan left promiscuous mode
[  310.025231][  T110] device veth1_macvtap left promiscuous mode
[  310.031120][  T110] device veth0_vlan left promiscuous mode
[  310.198404][ T1395] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[  310.252373][  T312] usb 3-1: New USB device found, idVendor=23a7, idProduct=fedc, bcdDevice=e0.0b
[  310.261482][  T312] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  310.269967][  T312] usb 3-1: Product: syz
[  310.275863][  T312] usb 3-1: Manufacturer: syz
[  310.280271][  T312] usb 3-1: SerialNumber: syz
[  310.287433][  T312] usb 3-1: config 0 descriptor??
[  310.294776][ T7162] device pim6reg1 entered promiscuous mode
[  310.441646][ T1395] usb 2-1: Using ep0 maxpacket: 16
[  310.620237][ T1395] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 8
[  310.801683][  T312] usb 3-1: MIDIStreaming interface descriptor not found
[  310.812841][  T312] usb 3-1: USB disconnect, device number 56
[  310.841958][ T7181] input: syz1 as /devices/virtual/input/input70
[  310.892473][ T1395] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  310.901383][ T1395] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  310.909182][ T1395] usb 2-1: Product: syz
[  310.913243][ T1395] usb 2-1: Manufacturer: syz
[  310.917679][ T1395] usb 2-1: SerialNumber: syz
[  310.922896][ T1395] usb 2-1: config 0 descriptor??
[  310.962411][ T1395] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  310.970191][ T1395] usb 2-1: Detected FT232RL
[  311.071634][ T1397] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[  311.171667][ T1395] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  311.191885][ T1395] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  311.211714][ T1395] ftdi_sio 2-1:0.0: GPIO initialisation failed: -71
[  311.218856][ T1395] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  311.239435][ T1395] usb 2-1: USB disconnect, device number 62
[  311.245778][ T1395] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  311.254978][ T1395] ftdi_sio 2-1:0.0: device disconnected
[  311.312845][ T7183] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  311.342709][ T7183] EXT4-fs (loop4): failed to initialize system zone (-117)
[  311.349885][ T7183] EXT4-fs (loop4): mount failed
[  311.431796][ T1397] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  311.443196][ T1397] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  311.453182][ T1397] usb 1-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[  311.462109][ T1397] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  311.472192][ T1397] usb 1-1: config 0 descriptor??
[  312.111746][ T1397] usbhid 1-1:0.0: can't add hid device: -71
[  312.117673][ T1397] usbhid: probe of 1-1:0.0 failed with error -71
[  312.124957][ T1397] usb 1-1: USB disconnect, device number 57
[  312.632136][ T7215] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  312.643787][ T7211] F2FS-fs (loop4): invalid crc value
[  312.661612][ T7215] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  312.671049][ T7215] F2FS-fs (loop2): invalid crc value
[  312.697140][ T7211] F2FS-fs (loop4): Found nat_bits in checkpoint
[  312.712592][ T7215] F2FS-fs (loop2): Found nat_bits in checkpoint
[  312.752532][ T7211] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1
[  312.774603][ T7211] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  312.804929][ T2942] attempt to access beyond end of device
[  312.804929][ T2942] loop4: rw=2049, want=45104, limit=40427
[  312.856105][ T7215] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  312.866244][ T7215] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  313.088127][ T7238] device pim6reg1 entered promiscuous mode
[  313.851942][ T7246]  loop0: p1 p2 p3 p4
[  313.855827][ T7246] loop0: p1 size 108922248 extends beyond EOD, truncated
[  313.863472][ T7246] loop0: p2 start 861536256 is beyond EOD, truncated
[  313.870128][ T7246] loop0: p3 start 851968 is beyond EOD, truncated
[  313.876395][ T7246] loop0: p4 size 65536 extends beyond EOD, truncated
[  313.901622][ T1319] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[  313.919883][ T1397] usb 3-1: new low-speed USB device number 57 using dummy_hcd
[  313.957364][ T7252] device pim6reg1 entered promiscuous mode
[  314.052785][ T7258] erofs: (device loop4): mounted with root inode @ nid 36.
[  314.061121][   T24] kauditd_printk_skb: 23 callbacks suppressed
[  314.061134][   T24] audit: type=1400 audit(1719161122.050:19231): avc:  denied  { mount } for  pid=7257 comm="syz-executor.4" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  314.161624][ T1397] usb 3-1: Invalid ep0 maxpacket: 16
[  314.243330][ T7263] F2FS-fs (loop0): invalid crc value
[  314.250089][ T7263] F2FS-fs (loop0): Found nat_bits in checkpoint
[  314.261746][  T334] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  314.283191][ T7263] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1
[  314.290012][ T7263] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  314.301712][ T1319] usb 2-1: config 1 has an invalid interface number: 3 but max is 2
[  314.309516][ T1319] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  314.311727][ T1397] usb 3-1: new low-speed USB device number 58 using dummy_hcd
[  314.318304][ T1319] usb 2-1: config 1 has no interface number 1
[  314.331340][ T1319] usb 2-1: too many endpoints for config 1 interface 3 altsetting 0: 187, using maximum allowed: 30
[  314.342011][ T1319] usb 2-1: config 1 interface 3 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 187
[  314.342434][ T6769] attempt to access beyond end of device
[  314.342434][ T6769] loop0: rw=2049, want=45104, limit=40427
[  314.354830][ T1319] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  314.561649][ T1397] usb 3-1: Invalid ep0 maxpacket: 16
[  314.567037][ T1397] usb usb3-port1: attempt power cycle
[  314.602346][ T1319] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  314.611641][ T1319] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  314.619541][ T1319] usb 2-1: Product: syz
[  314.623723][ T1319] usb 2-1: Manufacturer: syz
[  314.628227][ T1319] usb 2-1: SerialNumber: syz
[  314.691662][  T334] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  314.703241][  T334] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  314.713789][  T334] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  314.722849][  T334] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  314.735688][  T334] usb 4-1: config 0 descriptor??
[  314.981652][ T1397] usb 3-1: new low-speed USB device number 59 using dummy_hcd
[  315.071696][ T1397] usb 3-1: Invalid ep0 maxpacket: 16
[  315.221651][ T1397] usb 3-1: new low-speed USB device number 60 using dummy_hcd
[  315.301672][  T334] usbhid 4-1:0.0: can't add hid device: -71
[  315.307543][  T334] usbhid: probe of 4-1:0.0 failed with error -71
[  315.311702][ T1397] usb 3-1: Invalid ep0 maxpacket: 16
[  315.314820][  T334] usb 4-1: USB disconnect, device number 15
[  315.321017][ T1397] usb usb3-port1: unable to enumerate USB device
[  315.366868][   T24] audit: type=1326 audit(1719161123.360:19232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e45e260a9 code=0x7ffc0000
[  315.390918][   T24] audit: type=1326 audit(1719161123.360:19233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e45e260a9 code=0x7ffc0000
[  315.415491][   T24] audit: type=1326 audit(1719161123.360:19234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1e45e260a9 code=0x7ffc0000
[  315.439814][   T24] audit: type=1326 audit(1719161123.390:19235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e45e260a9 code=0x7ffc0000
[  315.468513][   T24] audit: type=1326 audit(1719161123.390:19236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1e45e260a9 code=0x7ffc0000
[  315.492618][   T24] audit: type=1326 audit(1719161123.410:19237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e45e260a9 code=0x7ffc0000
[  315.516535][   T24] audit: type=1326 audit(1719161123.410:19238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f1e45e260a9 code=0x7ffc0000
[  315.540954][   T24] audit: type=1326 audit(1719161123.410:19239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e45e260a9 code=0x7ffc0000
[  315.564975][   T24] audit: type=1326 audit(1719161123.410:19240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f1e45e260a9 code=0x7ffc0000
[  315.891625][ T1397] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[  316.386362][ T1397] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  316.396409][ T1397] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  316.481731][ T1397] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  316.490647][ T1397] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  316.498434][ T1397] usb 1-1: SerialNumber: syz
[  316.833839][ T1397] usb 1-1: 0:2 : does not exist
[  316.834072][ T1319] hub 2-1:1.3: bad descriptor, ignoring hub
[  316.844363][ T1319] hub: probe of 2-1:1.3 failed with error -5
[  316.872232][ T1319] usb 2-1: USB disconnect, device number 63
[  316.952715][ T7302] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  316.976692][ T7302] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1047: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  316.991392][ T7302] EXT4-fs (loop2): 1 truncate cleaned up
[  316.996978][ T7302] EXT4-fs (loop2): mounted filesystem without journal. Opts: nodelalloc,block_validity,sysvgroups,,errors=continue
[  317.017452][ T2942] erofs: (device loop4): erofs_read_inode: bogus i_mode (0) @ nid 305
[  317.025646][ T2942] erofs: (device loop4): erofs_read_inode: bogus i_mode (0) @ nid 305
[  317.175718][  T334] usb 1-1: USB disconnect, device number 58
[  317.212383][ T7309] bridge0: port 1(bridge_slave_0) entered blocking state
[  317.219304][ T7309] bridge0: port 1(bridge_slave_0) entered disabled state
[  317.232030][ T7309] device bridge_slave_0 entered promiscuous mode
[  317.249152][ T7309] bridge0: port 2(bridge_slave_1) entered blocking state
[  317.256499][ T7309] bridge0: port 2(bridge_slave_1) entered disabled state
[  317.272057][ T7309] device bridge_slave_1 entered promiscuous mode
[  317.420937][ T7309] bridge0: port 2(bridge_slave_1) entered blocking state
[  317.427894][ T7309] bridge0: port 2(bridge_slave_1) entered forwarding state
[  317.434988][ T7309] bridge0: port 1(bridge_slave_0) entered blocking state
[  317.441790][ T7309] bridge0: port 1(bridge_slave_0) entered forwarding state
[  317.467302][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  317.476021][  T334] bridge0: port 1(bridge_slave_0) entered disabled state
[  317.483327][  T334] bridge0: port 2(bridge_slave_1) entered disabled state
[  317.503191][ T1304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  317.511182][ T1304] bridge0: port 1(bridge_slave_0) entered blocking state
[  317.518054][ T1304] bridge0: port 1(bridge_slave_0) entered forwarding state
[  317.525787][ T1304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  317.533958][ T1304] bridge0: port 2(bridge_slave_1) entered blocking state
[  317.540820][ T1304] bridge0: port 2(bridge_slave_1) entered forwarding state
[  317.548179][ T1304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  317.555981][ T1304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  317.575356][ T1304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  317.587878][ T7309] device veth0_vlan entered promiscuous mode
[  317.595732][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  317.605294][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  317.613191][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  317.627816][ T7309] device veth1_macvtap entered promiscuous mode
[  317.635628][ T1304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  317.660898][ T1304] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  317.737036][ T1304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  317.784870][ T1319] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  317.831528][ T1319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  317.940615][ T7318] EXT4-fs (loop4): Encoding requested by superblock is unknown
[  318.034999][  T110] device bridge_slave_1 left promiscuous mode
[  318.041094][  T110] bridge0: port 2(bridge_slave_1) entered disabled state
[  318.048460][  T334] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[  318.053853][ T7313] EXT4-fs error (device loop2): ext4_xattr_block_get:546: inode #15: comm syz-executor.2: corrupted xattr block 19
[  318.068074][ T7313] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[  318.068124][  T110] device bridge_slave_0 left promiscuous mode
[  318.083457][  T110] bridge0: port 1(bridge_slave_0) entered disabled state
[  318.095513][  T110] device veth1_macvtap left promiscuous mode
[  318.461600][ T1316] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  318.741705][  T334] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  318.753938][  T334] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  318.765427][  T334] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  318.774590][  T334] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  318.783133][  T334] usb 1-1: config 0 descriptor??
[  318.802389][ T7343] erofs: (device loop2): mounted with root inode @ nid 36.
[  318.853268][ T1316] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  318.863293][ T1316] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  318.971699][ T1316] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  318.980617][ T1316] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  318.988644][ T1316] usb 4-1: SerialNumber: syz
[  319.141631][ T1397] usb 3-1: new high-speed USB device number 61 using dummy_hcd
[  319.161621][ T1319] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[  319.262436][ T1316] usb 4-1: 0:2 : does not exist
[  319.331724][  T334] usbhid 1-1:0.0: can't add hid device: -71
[  319.337583][  T334] usbhid: probe of 1-1:0.0 failed with error -71
[  319.344333][  T334] usb 1-1: USB disconnect, device number 59
[  319.381674][ T1397] usb 3-1: Using ep0 maxpacket: 16
[  319.501643][ T1397] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 11
[  319.510480][ T1397] usb 3-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[  319.519946][ T1397] usb 3-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[  319.529391][ T1397] usb 3-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[  319.538899][ T1397] usb 3-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[  319.541978][ T1319] usb 2-1: config 1 has an invalid descriptor of length 102, skipping remainder of the config
[  319.548485][ T1397] usb 3-1: config 1 interface 0 has no altsetting 0
[  319.559157][ T1319] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  319.565004][ T1397] usb 3-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[  319.582493][ T1397] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.622224][ T1397] ums-sddr09 3-1:1.0: USB Mass Storage device detected
[  319.651653][ T1319] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  319.660707][ T1319] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  319.668513][ T1319] usb 2-1: SerialNumber: syz
[  319.673151][ T1396] usb 4-1: USB disconnect, device number 16
[  319.842426][ T1397] scsi host1: usb-storage 3-1:1.0
[  319.932308][ T1319] usb 2-1: 0:2 : does not exist
[  320.213685][ T1319] usb 2-1: USB disconnect, device number 64
[  320.253664][ T7362] fuse: Unknown parameter 'gYoup_id'
[  320.363241][ T7360] F2FS-fs (loop3): invalid crc value
[  320.369511][ T7360] F2FS-fs (loop3): Found nat_bits in checkpoint
[  320.406816][ T7360] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  320.452099][ T7372]  loop0: p1 < > p4
[  320.456389][ T7372] loop0: p4 size 8388608 extends beyond EOD, truncated
[  320.473957][ T6757] attempt to access beyond end of device
[  320.473957][ T6757] loop3: rw=2049, want=45104, limit=40427
[  320.599623][   T24] kauditd_printk_skb: 78 callbacks suppressed
[  320.599638][   T24] audit: type=1326 audit(1719161128.590:19319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7371 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e45e260a9 code=0x7ffc0000
[  320.629561][   T24] audit: type=1326 audit(1719161128.600:19320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7371 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e45e260a9 code=0x7ffc0000
[  320.671397][   T24] audit: type=1326 audit(1719161128.600:19321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7371 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1e45e260a9 code=0x7ffc0000
[  320.695550][   T24] audit: type=1326 audit(1719161128.650:19322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7371 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e45e260a9 code=0x7ffc0000
[  320.719572][   T24] audit: type=1326 audit(1719161128.650:19323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7371 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e45e260a9 code=0x7ffc0000
[  320.743468][   T24] audit: type=1326 audit(1719161128.660:19324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7371 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1e45e260a9 code=0x7ffc0000
[  320.767686][   T24] audit: type=1326 audit(1719161128.660:19325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7371 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e45e260a9 code=0x7ffc0000
[  320.791682][   T24] audit: type=1326 audit(1719161128.660:19326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7371 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1e45e23827 code=0x7ffc0000
[  320.815532][   T24] audit: type=1326 audit(1719161128.660:19327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7371 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1e45de94e9 code=0x7ffc0000
[  320.839494][   T24] audit: type=1326 audit(1719161128.660:19328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7371 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1e45e23827 code=0x7ffc0000
[  320.872610][ T1397] scsi 1:0:0:0: Direct-Access     Sandisk  ImageMate SDDR09 0177 PQ: 0 ANSI: 0
[  321.591628][ T1319] usb 2-1: new high-speed USB device number 65 using dummy_hcd
[  321.785728][ T1312] usb 3-1: USB disconnect, device number 61
[  321.797003][ T7091] erofs: (device loop2): erofs_read_inode: bogus i_mode (0) @ nid 305
[  321.805385][ T7091] erofs: (device loop2): erofs_read_inode: bogus i_mode (0) @ nid 305
[  321.839993][ T1316] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  321.840837][  T110] sd 1:0:0:0: [sdb] Read Capacity(10) failed: Result: hostbyte=0x01 driverbyte=0x00
[  321.856846][  T110] sd 1:0:0:0: [sdb] Sense not available.
[  321.862469][  T110] sd 1:0:0:0: [sdb] 0 512-byte logical blocks: (0 B/0 B)
[  321.869337][  T110] sd 1:0:0:0: [sdb] 0-byte physical blocks
[  321.875188][  T110] sd 1:0:0:0: [sdb] Write Protect is off
[  321.880741][  T110] sd 1:0:0:0: [sdb] Asking for cache data failed
[  321.887061][  T110] sd 1:0:0:0: [sdb] Assuming drive cache: write through
[  322.001723][ T1396] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[  322.034885][  T110] sd 1:0:0:0: [sdb] Read Capacity(10) failed: Result: hostbyte=0x07 driverbyte=0x00
[  322.089917][  T110] sd 1:0:0:0: [sdb] Sense not available.
[  322.135390][  T110] sd 1:0:0:0: [sdb] Attached SCSI removable disk
[  322.230967][ T7415] bridge0: port 1(bridge_slave_0) entered blocking state
[  322.237938][ T7415] bridge0: port 1(bridge_slave_0) entered disabled state
[  322.245067][ T1319] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  322.245563][ T7415] device bridge_slave_0 entered promiscuous mode
[  322.259274][ T1319] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  322.263325][ T7415] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.278381][ T1319] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  322.278401][ T1319] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  322.287602][ T7415] bridge0: port 2(bridge_slave_1) entered disabled state
[  322.295986][ T1319] usb 2-1: config 0 descriptor??
[  322.302619][ T7415] device bridge_slave_1 entered promiscuous mode
[  322.349181][ T7415] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.356067][ T7415] bridge0: port 2(bridge_slave_1) entered forwarding state
[  322.361807][ T1396] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  322.363152][ T7415] bridge0: port 1(bridge_slave_0) entered blocking state
[  322.374055][ T1396] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  322.380591][ T7415] bridge0: port 1(bridge_slave_0) entered forwarding state
[  322.399188][ T1304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  322.400468][ T1396] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  322.416738][ T1396] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  322.425128][ T1304] bridge0: port 1(bridge_slave_0) entered disabled state
[  322.425232][ T1396] usb 1-1: config 0 descriptor??
[  322.436950][ T1304] bridge0: port 2(bridge_slave_1) entered disabled state
[  322.448464][ T1397] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  322.456607][ T1397] bridge0: port 1(bridge_slave_0) entered blocking state
[  322.461709][ T1316] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  322.463466][ T1397] bridge0: port 1(bridge_slave_0) entered forwarding state
[  322.473755][ T1316] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  322.489888][ T1397] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  322.498030][ T1397] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.504884][ T1397] bridge0: port 2(bridge_slave_1) entered forwarding state
[  322.515520][ T1304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  322.526349][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  322.543490][ T7415] device veth0_vlan entered promiscuous mode
[  322.551765][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  322.559957][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  322.568118][ T1316] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  322.578331][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  322.585676][ T1316] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  322.593860][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  322.601123][ T1316] usb 4-1: SerialNumber: syz
[  322.610902][ T7415] device veth1_macvtap entered promiscuous mode
[  322.626394][ T1312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  322.636697][ T1312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  322.650181][ T1312] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  322.674602][ T7420] syz-executor.4[7420] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  322.674670][ T7420] syz-executor.4[7420] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  322.733061][ T1229] device bridge_slave_1 left promiscuous mode
[  322.753121][ T1229] bridge0: port 2(bridge_slave_1) entered disabled state
[  322.760587][ T1229] device bridge_slave_0 left promiscuous mode
[  322.766674][ T1229] bridge0: port 1(bridge_slave_0) entered disabled state
[  322.775049][ T1229] device veth1_macvtap left promiscuous mode
[  322.780889][ T1229] device veth0_vlan left promiscuous mode
[  322.832074][ T1319] usbhid 2-1:0.0: can't add hid device: -71
[  322.837886][ T1319] usbhid: probe of 2-1:0.0 failed with error -71
[  322.845284][ T1319] usb 2-1: USB disconnect, device number 65
[  322.862448][ T1316] usb 4-1: 0:2 : does not exist
[  322.917790][ T1396] plantronics 0003:047F:FFFF.0032: No inputs registered, leaving
[  322.934661][ T1396] plantronics 0003:047F:FFFF.0032: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  323.273666][ T1319] usb 4-1: USB disconnect, device number 17
[  323.298338][ T1395] usb 1-1: USB disconnect, device number 60
[  323.583255][ T7440] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[  323.593127][ T7440] ext4 filesystem being mounted at /root/syzkaller-testdir2945071664/syzkaller.dju5JI/17/bus supports timestamps until 2038 (0x7fffffff)
[  323.851629][ T1395] usb 3-1: new high-speed USB device number 62 using dummy_hcd
[  323.908203][ T7454] syz-executor.0[7454] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  323.908281][ T7454] syz-executor.0[7454] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  324.061652][ T1402] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  324.211647][ T1395] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11
[  324.231579][ T1395] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024
[  324.251631][ T1395] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  324.270672][ T1395] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  324.301642][ T7447] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  324.441734][ T1402] usb 4-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[  324.450672][ T1402] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  324.459162][ T1402] usb 4-1: config 0 descriptor??
[  324.472618][ T7456] F2FS-fs (loop1): Wrong CP boundary, start(512) end(198144) blocks(1024)
[  324.481022][ T7456] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  324.489760][ T7456] F2FS-fs (loop1): invalid crc value
[  324.496619][ T7456] F2FS-fs (loop1): Found nat_bits in checkpoint
[  324.527891][ T7456] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  324.534809][ T7456] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  324.671666][ T1396] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[  324.701627][ T7472] incfs: ino conflict with backing FS 4
[  324.713911][ T7472] incfs: ino conflict with backing FS 6
[  324.781872][ T1402] asix 4-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[  324.821937][ T1395] aiptek 3-1:17.0: Aiptek using 400 ms programming speed
[  324.856032][ T1395] input: Aiptek as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.0/input/input71
[  324.873045][ T1395] usb 3-1: USB disconnect, device number 62
[  325.059230][ T1396] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  325.070077][ T1396] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  325.079658][ T1396] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  325.088709][ T1396] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  325.097232][ T1396] usb 1-1: config 0 descriptor??
[  325.122581][ T7474] bridge0: port 1(bridge_slave_0) entered blocking state
[  325.129505][ T7474] bridge0: port 1(bridge_slave_0) entered disabled state
[  325.136862][ T7474] device bridge_slave_0 entered promiscuous mode
[  325.146275][ T7474] bridge0: port 2(bridge_slave_1) entered blocking state
[  325.153363][ T7474] bridge0: port 2(bridge_slave_1) entered disabled state
[  325.160557][ T7474] device bridge_slave_1 entered promiscuous mode
[  325.203572][ T7474] bridge0: port 2(bridge_slave_1) entered blocking state
[  325.210451][ T7474] bridge0: port 2(bridge_slave_1) entered forwarding state
[  325.217539][ T7474] bridge0: port 1(bridge_slave_0) entered blocking state
[  325.224317][ T7474] bridge0: port 1(bridge_slave_0) entered forwarding state
[  325.231652][ T1402] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  325.241449][ T1402] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  325.251774][ T1316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  325.259871][ T1316] bridge0: port 1(bridge_slave_0) entered disabled state
[  325.267388][ T1316] bridge0: port 2(bridge_slave_1) entered disabled state
[  325.278420][ T1397] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  325.286506][ T1397] bridge0: port 1(bridge_slave_0) entered blocking state
[  325.293346][ T1397] bridge0: port 1(bridge_slave_0) entered forwarding state
[  325.312971][ T1397] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  325.321182][ T1397] bridge0: port 2(bridge_slave_1) entered blocking state
[  325.328056][ T1397] bridge0: port 2(bridge_slave_1) entered forwarding state
[  325.335970][ T1397] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  325.344196][ T1397] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  325.364035][ T1395] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  325.374921][ T1319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  325.383225][ T1319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  325.390507][ T1319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  325.400437][ T7474] device veth0_vlan entered promiscuous mode
[  325.411317][ T1397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  325.420461][ T7474] device veth1_macvtap entered promiscuous mode
[  325.430474][ T1319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  325.441828][ T1402] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  325.452973][ T1402] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  325.463811][ T1319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  325.604709][ T1229] device bridge_slave_1 left promiscuous mode
[  325.611238][ T1229] bridge0: port 2(bridge_slave_1) entered disabled state
[  325.622950][ T1229] device bridge_slave_0 left promiscuous mode
[  325.629375][ T1229] bridge0: port 1(bridge_slave_0) entered disabled state
[  325.644606][ T1396] usbhid 1-1:0.0: can't add hid device: -71
[  325.650899][ T1396] usbhid: probe of 1-1:0.0 failed with error -71
[  325.662466][ T1396] usb 1-1: USB disconnect, device number 61
[  325.687474][ T1229] device veth1_macvtap left promiscuous mode
[  326.061982][ T1316] usb 3-1: new high-speed USB device number 63 using dummy_hcd
[  326.160213][ T7497] fscrypt: AES-128-CTS-CBC using implementation "cts(cbc-aes-aesni)"
[  326.169243][ T7497] fscrypt: AES-128-CBC-ESSIV using implementation "essiv(cbc-aes-aesni,sha256-avx2)"
[  326.184570][ T1402] asix 4-1:0.0 eth1: register 'asix' at usb-dummy_hcd.3-1, ASIX AX88178 USB 2.0 Ethernet, 02:98:85:08:a1:87
[  326.196865][ T1402] usb 4-1: USB disconnect, device number 18
[  326.202786][ T1402] asix 4-1:0.0 eth1: unregister 'asix' usb-dummy_hcd.3-1, ASIX AX88178 USB 2.0 Ethernet
[  326.400552][ T7505] 9pnet: Insufficient options for proto=fd
[  326.901638][ T1316] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  326.912346][ T1316] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  327.001704][ T1316] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  327.015266][ T1316] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  327.047001][ T1316] usb 3-1: SerialNumber: syz
[  327.333282][ T7531] erofs: (device loop4): mounted with root inode @ nid 36.
[  327.342392][ T1316] usb 3-1: 0:2 : does not exist
[  327.354574][ T7531] attempt to access beyond end of device
[  327.354574][ T7531] loop4: rw=0, want=48, limit=16
[  327.438859][ T7537] usb usb8: usbfs: process 7537 (syz-executor.4) did not claim interface 0 before use
[  327.656486][ T7554] 9pnet: Insufficient options for proto=fd
[  327.802869][ T1402] usb 3-1: USB disconnect, device number 63
[  327.841632][ T1304] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  328.431665][ T1304] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  328.450597][ T1304] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  328.473563][ T1304] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  328.499841][ T1304] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  328.523228][ T1304] usb 4-1: config 0 descriptor??
[  329.081607][ T1304] usbhid 4-1:0.0: can't add hid device: -71
[  329.087484][ T1304] usbhid: probe of 4-1:0.0 failed with error -71
[  329.102513][ T1304] usb 4-1: USB disconnect, device number 19
[  329.471719][ T1316] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[  329.692462][ T7587] EXT4-fs (loop4): Unrecognized mount option "" or missing value
[  329.891649][ T1316] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  329.901970][ T1316] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  329.910815][ T1316] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  329.919807][ T1316] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  329.928415][ T1316] usb 2-1: config 0 descriptor??
[  330.151594][  T334] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  330.348119][ T7602] FAT-fs (loop2): Directory bread(block 64) failed
[  330.354637][ T7602] FAT-fs (loop2): Directory bread(block 65) failed
[  330.360933][ T7602] FAT-fs (loop2): Directory bread(block 66) failed
[  330.367328][ T7602] FAT-fs (loop2): Directory bread(block 67) failed
[  330.373633][ T7602] FAT-fs (loop2): Directory bread(block 68) failed
[  330.379913][ T7602] FAT-fs (loop2): Directory bread(block 69) failed
[  330.386314][ T7602] FAT-fs (loop2): Directory bread(block 70) failed
[  330.392597][ T7602] FAT-fs (loop2): Directory bread(block 71) failed
[  330.398943][ T7602] FAT-fs (loop2): Directory bread(block 72) failed
[  330.405284][ T7602] FAT-fs (loop2): Directory bread(block 73) failed
[  330.773097][  T334] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  330.783167][  T334] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  330.879001][ T7612] 9pnet: Insufficient options for proto=fd
[  330.885705][  T334] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  330.895839][  T334] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  330.903696][  T334] usb 4-1: SerialNumber: syz
[  331.402205][  T334] usb 4-1: 0:2 : does not exist
[  331.822501][  T334] usb 4-1: USB disconnect, device number 20
[  332.194984][ T1397] usb 2-1: USB disconnect, device number 66
[  332.711729][  T334] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  333.111664][  T334] usb 4-1: config 1 has an invalid descriptor of length 102, skipping remainder of the config
[  333.141611][  T334] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  333.241671][  T334] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  333.250533][  T334] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  333.288748][  T334] usb 4-1: SerialNumber: syz
[  333.552200][  T334] usb 4-1: 0:2 : does not exist
[  333.562691][   T24] kauditd_printk_skb: 973 callbacks suppressed
[  333.562713][   T24] audit: type=1326 audit(1719161141.560:20302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7651 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  333.642108][   T24] audit: type=1326 audit(1719161141.560:20303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7651 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  333.691913][   T24] audit: type=1326 audit(1719161141.560:20304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7651 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  333.738999][   T24] audit: type=1326 audit(1719161141.560:20305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7651 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  333.787303][   T24] audit: type=1326 audit(1719161141.560:20306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7651 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  333.812097][   T24] audit: type=1326 audit(1719161141.560:20307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7651 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f969df32827 code=0x7ffc0000
[  333.835900][   T24] audit: type=1326 audit(1719161141.590:20308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7651 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f969def84e9 code=0x7ffc0000
[  333.859655][   T24] audit: type=1326 audit(1719161141.590:20309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7651 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  333.913388][  T334] usb 4-1: USB disconnect, device number 21
[  333.922367][   T24] audit: type=1326 audit(1719161141.590:20310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7651 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f969df32827 code=0x7ffc0000
[  333.955636][   T24] audit: type=1326 audit(1719161141.590:20311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7651 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f969def84e9 code=0x7ffc0000
[  335.161590][  T334] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[  335.368811][ T7681] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.4'.
[  335.601669][  T334] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  335.611802][  T334] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  335.701682][  T334] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  335.710543][  T334] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  335.744773][  T334] usb 2-1: SerialNumber: syz
[  336.003067][  T334] usb 2-1: 0:2 : does not exist
[  336.441622][ T1397] usb 2-1: USB disconnect, device number 67
[  336.771040][ T7706] overlayfs: statfs failed on './file0'
[  337.108663][ T7716] 9pnet: Insufficient options for proto=fd
[  337.121380][ T7710] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[  337.138867][ T7713] FAT-fs (loop3): Directory bread(block 64) failed
[  337.146538][ T7713] FAT-fs (loop3): Directory bread(block 65) failed
[  337.153188][ T7713] FAT-fs (loop3): Directory bread(block 66) failed
[  337.159672][ T7713] FAT-fs (loop3): Directory bread(block 67) failed
[  337.166129][ T7713] FAT-fs (loop3): Directory bread(block 68) failed
[  337.172594][ T7713] FAT-fs (loop3): Directory bread(block 69) failed
[  337.179018][ T7713] FAT-fs (loop3): Directory bread(block 70) failed
[  337.185507][ T7713] FAT-fs (loop3): Directory bread(block 71) failed
[  337.191954][ T7713] FAT-fs (loop3): Directory bread(block 72) failed
[  337.198390][ T7713] FAT-fs (loop3): Directory bread(block 73) failed
[  339.497030][ T7766] FAT-fs (loop4): Directory bread(block 64) failed
[  339.503639][ T7766] FAT-fs (loop4): Directory bread(block 65) failed
[  339.510013][ T7766] FAT-fs (loop4): Directory bread(block 66) failed
[  339.516479][ T7766] FAT-fs (loop4): Directory bread(block 67) failed
[  339.523038][ T7766] FAT-fs (loop4): Directory bread(block 68) failed
[  339.529830][ T7766] FAT-fs (loop4): Directory bread(block 69) failed
[  339.536525][ T7766] FAT-fs (loop4): Directory bread(block 70) failed
[  339.543040][ T7766] FAT-fs (loop4): Directory bread(block 71) failed
[  339.549548][ T7766] FAT-fs (loop4): Directory bread(block 72) failed
[  339.555960][ T7766] FAT-fs (loop4): Directory bread(block 73) failed
[  339.591633][ T1304] usb 3-1: new high-speed USB device number 64 using dummy_hcd
[  339.667646][ T7771] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  339.681601][  T334] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  340.545516][  T334] usb 4-1: Using ep0 maxpacket: 16
[  340.555378][ T7781] EXT4-fs (sda1): Unrecognized mount option "GPL" or missing value
[  340.611686][ T1304] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  340.621957][ T1304] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  340.666542][   T24] kauditd_printk_skb: 337 callbacks suppressed
[  340.666555][   T24] audit: type=1400 audit(1719161148.660:20649): avc:  denied  { append } for  pid=7784 comm="syz-executor.1" name="pfkey" dev="proc" ino=4026532967 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  340.671791][  T334] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  340.706480][  T334] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  340.719402][  T334] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  340.728351][  T334] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  340.741640][ T1304] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  340.750484][ T1304] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  340.758632][  T334] usb 4-1: config 0 descriptor??
[  340.763523][ T1304] usb 3-1: SerialNumber: syz
[  340.931579][ T1319] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[  341.012341][ T1304] usb 3-1: 0:2 : does not exist
[  341.171567][ T1319] usb 2-1: Using ep0 maxpacket: 16
[  341.291656][ T1319] usb 2-1: config 1 interface 0 altsetting 5 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  341.311559][ T1319] usb 2-1: config 1 interface 0 has no altsetting 0
[  341.432754][ T1396] usb 3-1: USB disconnect, device number 64
[  341.471674][ T1319] usb 2-1: New USB device found, idVendor=28bd, idProduct=0909, bcdDevice= 0.40
[  341.480527][ T1319] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  341.493684][ T1319] usb 2-1: Product: 꿃뺌馯9焰⤋�⩜�⠓�펻�헱辧濡ඩㆳ�ᅢ缱槿诡ٚ
[  341.503822][ T1319] usb 2-1: Manufacturer: 薓寧鰬ḙ㽊惱갤豗깈壵凬콃꨸ﮩ䳹⣉陽�ᨓ䃋ౣ际͞⸫崄�옗䷯ᙯ�虦ﾺ谆�豈휩徴륔맇櫎掕㦻⃛ƞᖈ닋Ⱡ⛧璦쀓哜䖞䦪�ﯸ�⩄橾�՜曋�쩈鄂屘댡龂ᨑ鼧㠶�ݰ㟭�Ợ䲦 蛓甥⽸葘閒┃Α��셇ⷳᇕ�㲖벮�왙�뒔⒣⿡˖ﷵ˸哴㸒ﴑ숔�ᤠ橓쌴
[  341.548007][ T1319] usb 2-1: SerialNumber: �떊♟��噸쉆ꇄ턭
[  342.221625][ T1319] usbhid 2-1:1.0: can't add hid device: -71
[  342.227519][ T1319] usbhid: probe of 2-1:1.0 failed with error -71
[  342.242400][ T1319] usb 2-1: USB disconnect, device number 68
[  342.375367][ T7811] F2FS-fs (loop2): Found nat_bits in checkpoint
[  342.422326][ T7811] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  342.440507][   T24] audit: type=1400 audit(1719161150.430:20650): avc:  denied  { rename } for  pid=7810 comm="syz-executor.2" name="#5d" dev="loop2" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  342.462956][   T24] audit: type=1400 audit(1719161150.430:20651): avc:  denied  { reparent } for  pid=7810 comm="syz-executor.2" name="#5d" dev="loop2" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  342.487263][ T7415] attempt to access beyond end of device
[  342.487263][ T7415] loop2: rw=524288, want=45072, limit=40427
[  342.499358][ T7415] attempt to access beyond end of device
[  342.499358][ T7415] loop2: rw=0, want=45072, limit=40427
[  342.515228][ T7819] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  342.531640][  T334] usbhid 4-1:0.0: can't add hid device: -71
[  342.550006][  T334] usbhid: probe of 4-1:0.0 failed with error -71
[  342.557305][  T334] usb 4-1: USB disconnect, device number 22
[  342.577720][  T110] attempt to access beyond end of device
[  342.577720][  T110] loop2: rw=2049, want=41120, limit=40427
[  342.629761][   T24] audit: type=1400 audit(1719161150.620:20652): avc:  denied  { read } for  pid=7830 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  343.035254][ T7847] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[  343.054457][ T7847] ext4 filesystem being mounted at /root/syzkaller-testdir1896448398/syzkaller.t4PI7S/65/control supports timestamps until 2038 (0x7fffffff)
[  343.073428][ T7847] EXT4-fs error (device loop3): ext4_map_blocks:600: inode #2: block 18: comm syz-executor.3: lblock 23 mapped to illegal pblock 18 (length 1)
[  343.088352][   T24] audit: type=1400 audit(1719161151.090:20653): avc:  denied  { watch } for  pid=7852 comm="syz-executor.4" path="/proc/7852/fd" dev="proc" ino=51992 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  343.460294][  T110] device bridge_slave_1 left promiscuous mode
[  343.466803][  T110] bridge0: port 2(bridge_slave_1) entered disabled state
[  343.476539][  T110] device bridge_slave_0 left promiscuous mode
[  343.512923][  T110] bridge0: port 1(bridge_slave_0) entered disabled state
[  343.530487][  T110] device veth1_macvtap left promiscuous mode
[  343.536396][  T110] device veth0_vlan left promiscuous mode
[  343.677782][ T7865] bridge0: port 1(bridge_slave_0) entered blocking state
[  343.685745][ T7865] bridge0: port 1(bridge_slave_0) entered disabled state
[  343.690687][ T1395] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  343.693154][ T7865] device bridge_slave_0 entered promiscuous mode
[  343.708364][ T7865] bridge0: port 2(bridge_slave_1) entered blocking state
[  343.715319][ T7865] bridge0: port 2(bridge_slave_1) entered disabled state
[  343.722778][ T7865] device bridge_slave_1 entered promiscuous mode
[  343.781022][ T1316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  343.788433][ T1316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  343.797116][ T1402] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  343.805303][ T1402] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  343.813614][ T1402] bridge0: port 1(bridge_slave_0) entered blocking state
[  343.820439][ T1402] bridge0: port 1(bridge_slave_0) entered forwarding state
[  343.827858][ T1402] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  343.842733][ T1402] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  343.850849][ T1402] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  343.858765][ T1401] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[  343.866728][ T1402] bridge0: port 2(bridge_slave_1) entered blocking state
[  343.873578][ T1402] bridge0: port 2(bridge_slave_1) entered forwarding state
[  343.881183][ T1402] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  343.891126][ T1397] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  343.905835][ T1397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  343.917993][ T1319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  343.925972][ T1319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  343.931721][ T1395] usb 4-1: Using ep0 maxpacket: 16
[  343.938535][ T1319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  343.947135][ T7865] device veth0_vlan entered promiscuous mode
[  343.957815][ T1319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  343.966886][ T7865] device veth1_macvtap entered promiscuous mode
[  343.981012][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  343.990556][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  344.031645][ T1402] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[  344.091691][ T1395] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  344.102565][ T1395] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  344.120401][ T1395] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  344.129477][ T1395] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  344.139533][ T1401] usb 2-1: Using ep0 maxpacket: 16
[  344.152452][ T1395] usb 4-1: config 0 descriptor??
[  344.228527][ T7905] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'.
[  344.238927][ T7905] bridge0: port 2(bridge_slave_1) entered disabled state
[  344.245975][ T7905] bridge0: port 1(bridge_slave_0) entered disabled state
[  344.256413][ T7905] device bridge_slave_1 left promiscuous mode
[  344.263241][ T7905] bridge0: port 2(bridge_slave_1) entered disabled state
[  344.270685][ T7905] device bridge_slave_0 left promiscuous mode
[  344.276924][ T7905] bridge0: port 1(bridge_slave_0) entered disabled state
[  344.391713][ T1402] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  344.409857][ T1402] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  344.431615][ T1401] usb 2-1: New USB device found, idVendor=23a7, idProduct=fedc, bcdDevice=e0.0b
[  344.440537][ T1401] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  344.461586][ T1402] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  344.470431][ T1402] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  344.478424][ T1401] usb 2-1: Product: syz
[  344.482473][ T1401] usb 2-1: Manufacturer: syz
[  344.486807][ T1401] usb 2-1: SerialNumber: syz
[  344.512463][ T1402] usb 1-1: config 0 descriptor??
[  344.517419][ T1401] usb 2-1: config 0 descriptor??
[  344.653009][ T7914] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=63767 sclass=netlink_route_socket pid=7914 comm=syz-executor.4
[  344.667235][   T24] audit: type=1400 audit(1719161152.660:20654): avc:  denied  { write } for  pid=7911 comm="syz-executor.4" name="vga_arbiter" dev="devtmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  344.712731][   T24] audit: type=1326 audit(1719161152.710:20655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28dae170a9 code=0x7ffc0000
[  344.737640][   T24] audit: type=1326 audit(1719161152.710:20656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28dae170a9 code=0x7ffc0000
[  344.761661][   T24] audit: type=1326 audit(1719161152.710:20657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7f28dae170a9 code=0x7ffc0000
[  344.786071][   T24] audit: type=1326 audit(1719161152.710:20658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28dae170a9 code=0x7ffc0000
[  344.867777][ T7924] binder: 7923:7924 unknown command 0
[  344.873426][ T7924] binder: 7923:7924 ioctl c0306201 200001c0 returned -22
[  345.041693][ T1401] usb 2-1: MIDIStreaming interface descriptor not found
[  345.049941][ T1401] usb 2-1: USB disconnect, device number 69
[  345.181617][ T1396] usb 3-1: new high-speed USB device number 65 using dummy_hcd
[  345.421648][ T1396] usb 3-1: Using ep0 maxpacket: 8
[  345.541683][ T1396] usb 3-1: config 0 has no interfaces?
[  345.701691][ T1396] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  345.721638][ T1402] uclogic 0003:256C:006D.0033: failed retrieving string descriptor #100: -71
[  345.730250][ T1402] uclogic 0003:256C:006D.0033: failed retrieving pen parameters: -71
[  345.738325][ T1396] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  345.746132][ T1396] usb 3-1: Product: syz
[  345.750093][ T1396] usb 3-1: Manufacturer: syz
[  345.754614][ T1402] uclogic 0003:256C:006D.0033: failed probing pen v1 parameters: -71
[  345.762492][ T1396] usb 3-1: SerialNumber: syz
[  345.771571][ T1402] uclogic 0003:256C:006D.0033: failed probing parameters: -71
[  345.778973][ T1402] uclogic: probe of 0003:256C:006D.0033 failed with error -71
[  345.786529][ T1396] usb 3-1: config 0 descriptor??
[  345.801733][ T1397] usb 2-1: new high-speed USB device number 70 using dummy_hcd
[  345.809984][ T1402] usb 1-1: USB disconnect, device number 62
[  346.024576][  T334] usb 3-1: USB disconnect, device number 65
[  346.041578][ T1397] usb 2-1: Using ep0 maxpacket: 8
[  346.161649][ T1397] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  346.170215][ T1397] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  346.180154][ T1397] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  346.361701][ T1395] usbhid 4-1:0.0: can't add hid device: -71
[  346.367584][ T1395] usbhid: probe of 4-1:0.0 failed with error -71
[  346.374756][ T1395] usb 4-1: USB disconnect, device number 23
[  346.421746][ T1397] usb 2-1: string descriptor 0 read error: -22
[  346.427802][ T1397] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  346.437099][ T1397] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  346.492231][ T1397] usb 2-1: 0:2 : does not exist
[  346.695629][ T7940] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  346.712397][ T1396] usb 2-1: USB disconnect, device number 70
[  346.821600][ T1397] usb 3-1: new high-speed USB device number 66 using dummy_hcd
[  347.061578][ T1397] usb 3-1: Using ep0 maxpacket: 32
[  347.141107][   T24] kauditd_printk_skb: 26 callbacks suppressed
[  347.141122][   T24] audit: type=1400 audit(1719161155.130:20685): avc:  denied  { mount } for  pid=7962 comm="syz-executor.0" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  347.172836][   T24] audit: type=1400 audit(1719161155.170:20686): avc:  denied  { unmount } for  pid=6769 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  347.192835][ T1397] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  347.267904][ T1397] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  347.282875][ T1397] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  347.291787][ T1397] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  347.335865][ T1397] hub 3-1:4.0: USB hub found
[  347.601686][ T1396] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  347.612138][ T1397] hub 3-1:4.0: config failed, hub has too many ports! (err -19)
[  347.981702][ T1396] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  347.992503][ T1396] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  348.002095][ T1396] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  348.010897][ T1396] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  348.019361][ T1397] usb 3-1: USB disconnect, device number 66
[  348.026656][ T1396] usb 4-1: config 0 descriptor??
[  348.233339][ T7993] FAT-fs (loop0): count of clusters too big (3758096408)
[  348.240261][ T7993] FAT-fs (loop0): Can't find a valid FAT filesystem
[  348.581637][ T1397] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[  348.821557][ T1397] usb 1-1: Using ep0 maxpacket: 8
[  348.941656][ T1397] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  348.956053][ T1397] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  348.974662][ T1397] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  349.173548][ T1397] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  349.182802][ T1397] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  349.190605][ T1397] usb 1-1: Product: syz
[  349.194968][ T1397] usb 1-1: Manufacturer: syz
[  349.199381][ T1397] usb 1-1: SerialNumber: syz
[  349.221659][ T1396] uclogic 0003:256C:006D.0034: failed retrieving string descriptor #100: -71
[  349.230260][ T1396] uclogic 0003:256C:006D.0034: failed retrieving pen parameters: -71
[  349.242287][ T1397] cdc_ncm 1-1:1.0: bind() failure
[  349.252357][ T1396] uclogic 0003:256C:006D.0034: failed probing pen v1 parameters: -71
[  349.260908][ T1396] uclogic 0003:256C:006D.0034: failed probing parameters: -71
[  349.268696][ T1396] uclogic: probe of 0003:256C:006D.0034 failed with error -71
[  349.280432][ T1396] usb 4-1: USB disconnect, device number 24
[  349.894973][ T8077] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  349.908280][ T8077] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  349.927734][ T8077] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  349.937709][ T8077] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  349.966627][ T8079] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  349.979047][ T8079] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  350.601576][ T1401] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  350.982551][ T1401] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  351.022596][ T1401] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  351.093414][ T1401] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  351.131858][ T1401] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  351.140998][ T1401] usb 4-1: config 0 descriptor??
[  351.196759][ T1402] usb 1-1: USB disconnect, device number 63
[  351.631672][ T1397] usb 2-1: new high-speed USB device number 71 using dummy_hcd
[  351.992696][ T1397] usb 2-1: config 1 has an invalid descriptor of length 102, skipping remainder of the config
[  352.003294][ T1397] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  352.091690][ T1397] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  352.100729][ T1397] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  352.108496][ T1397] usb 2-1: SerialNumber: syz
[  352.376326][ T1397] usb 2-1: 0:2 : does not exist
[  352.421653][ T1401] uclogic 0003:256C:006D.0035: failed retrieving string descriptor #100: -71
[  352.436242][ T1401] uclogic 0003:256C:006D.0035: failed retrieving pen parameters: -71
[  352.452417][ T1401] uclogic 0003:256C:006D.0035: failed probing pen v1 parameters: -71
[  352.460924][ T1401] uclogic 0003:256C:006D.0035: failed probing parameters: -71
[  352.469052][ T1401] uclogic: probe of 0003:256C:006D.0035 failed with error -71
[  352.483360][ T1401] usb 4-1: USB disconnect, device number 25
[  352.642825][ T1397] usb 2-1: USB disconnect, device number 71
[  352.861593][ T1396] usb 3-1: new high-speed USB device number 67 using dummy_hcd
[  353.101692][ T1396] usb 3-1: Using ep0 maxpacket: 16
[  353.392078][ T1396] usb 3-1: New USB device found, idVendor=23a7, idProduct=fedc, bcdDevice=e0.0b
[  353.457436][ T1396] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  353.466712][ T1396] usb 3-1: Product: syz
[  353.470726][ T1396] usb 3-1: Manufacturer: syz
[  353.475312][ T1396] usb 3-1: SerialNumber: syz
[  353.480222][ T1396] usb 3-1: config 0 descriptor??
[  353.868649][   T24] audit: type=1400 audit(1719161161.860:20687): avc:  denied  { read } for  pid=8163 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  353.981691][ T1396] usb 3-1: MIDIStreaming interface descriptor not found
[  353.990906][ T1396] usb 3-1: USB disconnect, device number 67
[  354.382555][ T8173] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev incremental-fs, type incremental-fs) errno=-22
[  354.702716][ T8175] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz-executor.0: inode #1: comm syz-executor.0: iget: illegal inode #
[  354.717514][ T8175] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz-executor.0: error while reading EA inode 1 err=-117
[  354.730642][ T8175] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz-executor.0: inode #1: comm syz-executor.0: iget: illegal inode #
[  354.744563][ T8175] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz-executor.0: error while reading EA inode 1 err=-117
[  354.764153][ T8175] EXT4-fs (loop0): 1 orphan inode deleted
[  354.769712][ T8175] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_ioprio=0x0000000000000007,debug_want_extra_isize=0x000000000000005c,minixdf,nodelalloc,grpquota,usrjquota=,,errors=continue
[  354.971595][  T334] usb 3-1: new high-speed USB device number 68 using dummy_hcd
[  355.150406][ T8199] fuse: Bad value for 'user_id'
[  355.571696][  T334] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  355.582791][  T334] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  355.594480][  T334] usb 3-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  355.603477][  T334] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  355.611963][  T334] usb 3-1: config 0 descriptor??
[  356.191609][  T334] usbhid 3-1:0.0: can't add hid device: -71
[  356.197440][  T334] usbhid: probe of 3-1:0.0 failed with error -71
[  356.204412][  T334] usb 3-1: USB disconnect, device number 68
[  356.241626][ T1401] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  356.521594][ T1401] usb 4-1: Using ep0 maxpacket: 16
[  356.651646][ T1395] usb 1-1: new high-speed USB device number 64 using dummy_hcd
[  356.659134][ T1401] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  356.669903][ T1401] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  356.682683][ T1401] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  356.691561][ T1401] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  356.700228][ T1401] usb 4-1: config 0 descriptor??
[  356.901598][ T1395] usb 1-1: Using ep0 maxpacket: 16
[  357.221695][ T1395] usb 1-1: New USB device found, idVendor=23a7, idProduct=fedc, bcdDevice=e0.0b
[  357.230549][ T1395] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  357.238386][ T1395] usb 1-1: Product: syz
[  357.242419][ T1395] usb 1-1: Manufacturer: syz
[  357.246768][ T1395] usb 1-1: SerialNumber: syz
[  357.251935][ T1395] usb 1-1: config 0 descriptor??
[  357.741765][ T1395] usb 1-1: MIDIStreaming interface descriptor not found
[  357.750278][ T1395] usb 1-1: USB disconnect, device number 64
[  357.782550][ T8250] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[  357.801727][ T8250] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue
[  357.991670][  T334] usb 2-1: new high-speed USB device number 72 using dummy_hcd
[  358.351687][  T334] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  358.362456][  T334] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  358.372004][  T334] usb 2-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  358.611450][  T334] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  358.620053][  T334] usb 2-1: config 0 descriptor??
[  359.071608][ T1395] usb 3-1: new high-speed USB device number 69 using dummy_hcd
[  359.081934][ T1401] usbhid 4-1:0.0: can't add hid device: -71
[  359.093101][ T1401] usbhid: probe of 4-1:0.0 failed with error -71
[  359.100075][ T1401] usb 4-1: USB disconnect, device number 26
[  359.161659][  T334] usbhid 2-1:0.0: can't add hid device: -71
[  359.167509][  T334] usbhid: probe of 2-1:0.0 failed with error -71
[  359.174580][  T334] usb 2-1: USB disconnect, device number 72
[  359.461784][ T1395] usb 3-1: config 1 has an invalid descriptor of length 102, skipping remainder of the config
[  359.472037][ T1401] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  359.479365][ T1395] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  359.571710][ T1395] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  359.580620][ T1395] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  359.588388][ T1395] usb 3-1: SerialNumber: syz
[  359.861670][ T1401] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  359.872186][ T1395] usb 3-1: 0:2 : does not exist
[  359.876914][ T1401] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  359.901586][  T334] usb 2-1: new high-speed USB device number 73 using dummy_hcd
[  359.981777][ T1401] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  359.990690][ T1401] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  359.998508][ T1401] usb 4-1: SerialNumber: syz
[  360.141622][  T334] usb 2-1: Using ep0 maxpacket: 8
[  360.143232][ T1395] usb 3-1: USB disconnect, device number 69
[  360.261684][  T334] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  360.271690][  T334] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18
[  360.272425][ T1401] usb 4-1: 0:2 : does not exist
[  360.371691][  T334] usb 2-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00
[  360.380541][  T334] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  360.388561][  T334] usb 2-1: SerialNumber: syz
[  360.432258][  T334] hub 2-1:1.0: bad descriptor, ignoring hub
[  360.437998][  T334] hub: probe of 2-1:1.0 failed with error -5
[  360.444003][  T334] cdc_ether 2-1:1.0: skipping garbage
[  360.449184][  T334] usb 2-1: bad CDC descriptors
[  360.641613][ T1395] usb 1-1: new high-speed USB device number 65 using dummy_hcd
[  360.694032][ T1401] usb 4-1: USB disconnect, device number 27
[  360.881587][ T1395] usb 1-1: Using ep0 maxpacket: 16
[  361.181767][ T1395] usb 1-1: New USB device found, idVendor=23a7, idProduct=fedc, bcdDevice=e0.0b
[  361.190641][ T1395] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  361.198752][ T1395] usb 1-1: Product: syz
[  361.202780][ T1395] usb 1-1: Manufacturer: syz
[  361.207174][ T1395] usb 1-1: SerialNumber: syz
[  361.217221][ T1395] usb 1-1: config 0 descriptor??
[  361.326092][ T8322] input: syz1 as /devices/virtual/input/input88
[  361.721753][ T1395] usb 1-1: MIDIStreaming interface descriptor not found
[  361.730025][ T1395] usb 1-1: USB disconnect, device number 65
[  361.912482][ T1401] usb 3-1: new high-speed USB device number 70 using dummy_hcd
[  362.238353][ T8341] FAT-fs (loop0): Directory bread(block 64) failed
[  362.244803][ T8341] FAT-fs (loop0): Directory bread(block 65) failed
[  362.251143][ T8341] FAT-fs (loop0): Directory bread(block 66) failed
[  362.257574][ T8341] FAT-fs (loop0): Directory bread(block 67) failed
[  362.263934][ T8341] FAT-fs (loop0): Directory bread(block 68) failed
[  362.270239][ T8341] FAT-fs (loop0): Directory bread(block 69) failed
[  362.271680][ T1401] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  362.276612][ T8341] FAT-fs (loop0): Directory bread(block 70) failed
[  362.287539][ T1401] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  362.293622][ T8341] FAT-fs (loop0): Directory bread(block 71) failed
[  362.303309][ T1401] usb 3-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  362.309488][ T8341] FAT-fs (loop0): Directory bread(block 72) failed
[  362.318686][ T1401] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  362.324666][ T8341] FAT-fs (loop0): Directory bread(block 73) failed
[  362.346238][ T1401] usb 3-1: config 0 descriptor??
[  362.481595][ T1393] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  362.691650][ T1401] usbhid 3-1:0.0: can't add hid device: -71
[  362.697560][ T1401] usbhid: probe of 3-1:0.0 failed with error -71
[  362.705006][ T1401] usb 3-1: USB disconnect, device number 70
[  362.791609][  T334] usb 1-1: new high-speed USB device number 66 using dummy_hcd
[  362.841631][ T1393] usb 4-1: config 1 has an invalid descriptor of length 102, skipping remainder of the config
[  362.851807][ T1393] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  362.931688][ T1392] usb 2-1: reset high-speed USB device number 73 using dummy_hcd
[  362.939493][ T1393] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  362.948507][ T1393] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  362.956339][ T1393] usb 4-1: SerialNumber: syz
[  362.974156][ T8352] syz-executor.4[8352] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  362.974196][ T8353] syz-executor.4[8353] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  362.974203][ T8352] syz-executor.4[8352] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  362.985799][ T1392] usb 2-1: device reset changed ep0 maxpacket size!
[  363.016196][ T1392] usb 2-1: USB disconnect, device number 73
[  363.212294][ T1393] usb 4-1: 0:2 : does not exist
[  363.221650][  T334] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  363.232430][  T334] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  363.242059][  T334] usb 1-1: New USB device found, idVendor=06cb, idProduct=73f5, bcdDevice= 0.00
[  363.251085][  T334] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  363.260960][  T334] usb 1-1: config 0 descriptor??
[  363.268875][ T8358] input: syz1 as /devices/virtual/input/input89
[  363.371585][ T1392] usb 2-1: new high-speed USB device number 74 using dummy_hcd
[  363.492809][ T1393] usb 4-1: USB disconnect, device number 28
[  363.505999][   T24] audit: type=1400 audit(1719161171.500:20688): avc:  denied  { setattr } for  pid=8345 comm="syz-executor.0" name="file0" dev="9p" ino=7016996764471618667 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=blk_file permissive=1
[  363.631620][  T334] usbhid 1-1:0.0: can't add hid device: -71
[  363.637479][  T334] usbhid: probe of 1-1:0.0 failed with error -71
[  363.644318][  T334] usb 1-1: USB disconnect, device number 66
[  363.731649][ T1392] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  363.742613][ T1392] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  363.821703][ T1392] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  363.830674][ T1392] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  363.838549][ T1392] usb 2-1: SerialNumber: syz
[  363.996838][   T24] audit: type=1400 audit(1719161171.990:20689): avc:  denied  { wake_alarm } for  pid=8363 comm="syz-executor.2" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  364.092352][ T1392] usb 2-1: 0:2 : does not exist
[  364.291599][  T334] usb 3-1: new high-speed USB device number 71 using dummy_hcd
[  364.533088][ T1319] usb 2-1: USB disconnect, device number 74
[  364.731571][  T334] usb 3-1: Using ep0 maxpacket: 8
[  364.817016][ T8383] 9pnet: Insufficient options for proto=fd
[  364.871656][  T334] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  365.300425][   T24] audit: type=1400 audit(1719161173.290:20690): avc:  denied  { ioctl } for  pid=8388 comm="syz-executor.0" path="socket:[54464]" dev="sockfs" ino=54464 ioctlcmd=0x6628 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  365.371665][  T334] usb 3-1: New USB device found, idVendor=8086, idProduct=0b03, bcdDevice=f4.28
[  365.382347][  T334] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  365.390232][  T334] usb 3-1: Product: syz
[  365.394227][  T334] usb 3-1: Manufacturer: syz
[  365.398664][  T334] usb 3-1: SerialNumber: syz
[  365.403772][  T334] usb 3-1: config 0 descriptor??
[  365.843596][ T8403] input: syz1 as /devices/virtual/input/input90
[  365.872474][ T8364] 9pnet: Could not find request transport: f
[  365.901605][  T334] uvcvideo: Found UVC 0.00 device syz (8086:0b03)
[  365.907947][  T334] uvcvideo: No valid video chain found.
[  365.922144][  T334] usb 3-1: USB disconnect, device number 71
[  366.032832][ T8405] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  366.041819][ T8405] ext4 filesystem being mounted at /root/syzkaller-testdir2672648636/syzkaller.f44iRi/69/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  366.235282][ T8423] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
[  366.249518][ T8423] bridge1: port 1(gretap1) entered blocking state
[  366.256000][ T8423] bridge1: port 1(gretap1) entered disabled state
[  366.265483][ T8423] device gretap1 entered promiscuous mode
[  366.362932][ T1393] usb 1-1: new high-speed USB device number 67 using dummy_hcd
[  366.671709][ T1394] usb 3-1: new high-speed USB device number 72 using dummy_hcd
[  366.721698][ T1393] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  366.733817][ T1393] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  366.738849][ T8436] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  366.743457][ T1393] usb 1-1: New USB device found, idVendor=046d, idProduct=c534, bcdDevice= 0.00
[  366.761522][ T1393] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  366.770200][ T1393] usb 1-1: config 0 descriptor??
[  366.817093][ T8441] FAT-fs (loop4): Directory bread(block 64) failed
[  366.823680][ T8441] FAT-fs (loop4): Directory bread(block 65) failed
[  366.830123][ T8441] FAT-fs (loop4): Directory bread(block 66) failed
[  366.836496][ T8441] FAT-fs (loop4): Directory bread(block 67) failed
[  366.842882][ T8441] FAT-fs (loop4): Directory bread(block 68) failed
[  366.849105][ T8441] FAT-fs (loop4): Directory bread(block 69) failed
[  366.855509][ T8441] FAT-fs (loop4): Directory bread(block 70) failed
[  366.861826][ T8441] FAT-fs (loop4): Directory bread(block 71) failed
[  366.868212][ T8441] FAT-fs (loop4): Directory bread(block 72) failed
[  366.874530][ T8441] FAT-fs (loop4): Directory bread(block 73) failed
[  367.071681][ T1394] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  367.081677][ T1394] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  367.101613][ T1395] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  367.170627][ T1394] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  367.179966][ T1394] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  367.188234][ T1394] usb 3-1: SerialNumber: syz
[  367.311954][ T1393] usbhid 1-1:0.0: can't add hid device: -71
[  367.319165][ T1393] usbhid: probe of 1-1:0.0 failed with error -71
[  367.332817][ T1393] usb 1-1: USB disconnect, device number 67
[  367.390629][ T1395] usb 4-1: Using ep0 maxpacket: 8
[  367.522243][ T1394] usb 3-1: 0:2 : does not exist
[  367.601675][ T1395] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  367.610610][ T1395] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  367.619250][ T1395] usb 4-1: config 0 descriptor??
[  367.762880][ T1394] usb 3-1: USB disconnect, device number 72
[  368.202056][ T1395] asix 4-1:0.0 (unnamed net_device) (uninitialized): Error reading PHYID register: 01
[  368.432057][ T1395] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32
[  368.581109][ T8460] fscrypt: key with description 'fscrypt:0000111122223333' has invalid payload
[  368.591015][ T8460] fscrypt: key with description 'fscrypt:0000111122223333' has invalid payload
[  368.901325][ T8471] input: syz1 as /devices/virtual/input/input91
[  368.908047][ T1395] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  368.918823][ T1395] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x00b0: ffffffb9
[  368.951710][ T1395] asix: probe of 4-1:0.0 failed with error -71
[  368.958690][ T1395] usb 4-1: USB disconnect, device number 29
[  369.512430][   T24] audit: type=1326 audit(1719161177.510:20691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8491 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9938ce0a9 code=0x7ffc0000
[  369.536868][   T24] audit: type=1326 audit(1719161177.510:20692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8491 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9938ce0a9 code=0x7ffc0000
[  369.563760][   T24] audit: type=1326 audit(1719161177.510:20693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8491 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7fb9938ce0a9 code=0x7ffc0000
[  369.594765][   T24] audit: type=1326 audit(1719161177.510:20694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8491 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9938ce0a9 code=0x7ffc0000
[  369.618866][   T24] audit: type=1326 audit(1719161177.510:20695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8491 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9938ce0a9 code=0x7ffc0000
[  369.643226][   T24] audit: type=1326 audit(1719161177.510:20696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8491 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9938ce0a9 code=0x7ffc0000
[  369.667359][   T24] audit: type=1326 audit(1719161177.510:20697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8491 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9938ce0a9 code=0x7ffc0000
[  369.701782][   T24] audit: type=1326 audit(1719161177.510:20698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8491 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9938ce0a9 code=0x7ffc0000
[  369.726653][   T24] audit: type=1326 audit(1719161177.550:20699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8481 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  369.750822][   T24] audit: type=1326 audit(1719161177.560:20700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8481 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  369.870956][ T1394] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  370.440039][ T1316] usb 1-1: new high-speed USB device number 68 using dummy_hcd
[  370.751827][ T1394] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  370.772849][ T1394] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  370.871653][ T1394] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  370.871666][ T1316] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  370.871686][ T1316] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  370.880516][ T1394] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  370.880537][ T1394] usb 4-1: SerialNumber: syz
[  370.915452][ T1316] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1b3e, bcdDevice= 0.00
[  370.931542][ T1316] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  370.949980][ T1316] usb 1-1: config 0 descriptor??
[  371.202432][ T1394] usb 4-1: 0:2 : does not exist
[  371.443164][ T1394] usb 4-1: USB disconnect, device number 30
[  371.453131][ T1316] hid-generic 0003:1B1C:1B3E.0036: unknown main item tag 0x0
[  371.460467][ T1316] hid-generic 0003:1B1C:1B3E.0036: unknown main item tag 0x0
[  371.467599][ T1316] hid-generic 0003:1B1C:1B3E.0036: unknown main item tag 0x0
[  371.474979][ T1316] hid-generic 0003:1B1C:1B3E.0036: unknown main item tag 0x0
[  371.482250][ T1316] hid-generic 0003:1B1C:1B3E.0036: unknown main item tag 0x0
[  371.489708][ T1316] hid-generic 0003:1B1C:1B3E.0036: failed to start in urb: -90
[  371.497616][ T1316] hid-generic 0003:1B1C:1B3E.0036: hidraw0: USB HID v0.00 Device [HID 1b1c:1b3e] on usb-dummy_hcd.0-1/input0
[  371.511577][ T1312] usb 3-1: new high-speed USB device number 73 using dummy_hcd
[  371.653457][ T1392] usb 1-1: USB disconnect, device number 68
[  371.771582][ T1312] usb 3-1: Using ep0 maxpacket: 16
[  372.081666][ T1312] usb 3-1: New USB device found, idVendor=23a7, idProduct=fedc, bcdDevice=e0.0b
[  372.090708][ T1312] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  372.098441][ T1312] usb 3-1: Product: syz
[  372.102451][ T1312] usb 3-1: Manufacturer: syz
[  372.106833][ T1312] usb 3-1: SerialNumber: syz
[  372.111884][ T1312] usb 3-1: config 0 descriptor??
[  372.841093][ T1312] usb 3-1: MIDIStreaming interface descriptor not found
[  372.850666][ T1312] usb 3-1: USB disconnect, device number 73
[  372.933432][ T8566] JBD2: no valid journal superblock found
[  372.939257][ T8566] EXT4-fs (loop3): error loading journal
[  373.299970][ T8572] device syzkaller0 entered promiscuous mode
[  373.931582][ T1317] usb 2-1: new high-speed USB device number 75 using dummy_hcd
[  374.341172][ T1317] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  374.351317][ T1317] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  374.732093][ T1317] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  374.741538][ T1317] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  374.749412][ T1317] usb 2-1: SerialNumber: syz
[  374.754306][ T1316] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  375.011582][ T1316] usb 4-1: Using ep0 maxpacket: 16
[  375.033085][ T1317] usb 2-1: 0:2 : does not exist
[  375.239109][   T24] kauditd_printk_skb: 1458 callbacks suppressed
[  375.239122][   T24] audit: type=1400 audit(1719161183.230:22159): avc:  denied  { write } for  pid=8613 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  375.265253][   T24] audit: type=1400 audit(1719161183.230:22160): avc:  denied  { read } for  pid=8613 comm="syz-executor.0" path="socket:[55023]" dev="sockfs" ino=55023 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  375.293407][ T1317] usb 2-1: USB disconnect, device number 75
[  375.311653][ T1316] usb 4-1: New USB device found, idVendor=23a7, idProduct=fedc, bcdDevice=e0.0b
[  375.320633][ T1316] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  375.328524][ T1316] usb 4-1: Product: syz
[  375.332634][ T1316] usb 4-1: Manufacturer: syz
[  375.337029][ T1316] usb 4-1: SerialNumber: syz
[  375.341997][ T1316] usb 4-1: config 0 descriptor??
[  375.441586][  T334] usb 3-1: new high-speed USB device number 74 using dummy_hcd
[  375.821675][ T1316] usb 4-1: MIDIStreaming interface descriptor not found
[  375.829863][ T1316] usb 4-1: USB disconnect, device number 31
[  375.841613][  T334] usb 3-1: config 1 has an invalid descriptor of length 102, skipping remainder of the config
[  375.851729][  T334] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  375.931710][  T334] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  375.940646][  T334] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  375.948404][  T334] usb 3-1: SerialNumber: syz
[  376.041634][ T1395] usb 2-1: new high-speed USB device number 76 using dummy_hcd
[  376.212236][  T334] usb 3-1: 0:2 : does not exist
[  376.572912][  T334] usb 3-1: USB disconnect, device number 74
[  376.581631][ T1395] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  376.592441][ T1395] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  376.602030][ T1395] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  376.614720][ T1395] usb 2-1: New USB device found, idVendor=d16a, idProduct=00fd, bcdDevice= 0.00
[  376.623514][ T1395] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  376.632006][ T1395] usb 2-1: config 0 descriptor??
[  376.781586][ T1316] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  377.161682][ T1316] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  377.172581][ T1316] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  377.182209][ T1316] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  377.201259][ T1316] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  377.234835][ T1316] usb 4-1: config 0 descriptor??
[  377.336920][ T8644] 9pnet: Insufficient options for proto=fd
[  377.343062][ T8644] overlayfs: failed to resolve './file1': -2
[  377.781647][ T1316] usbhid 4-1:0.0: can't add hid device: -71
[  377.787946][ T1316] usbhid: probe of 4-1:0.0 failed with error -71
[  377.798046][ T1316] usb 4-1: USB disconnect, device number 32
[  377.841723][ T1395] usbhid 2-1:0.0: can't add hid device: -71
[  377.847630][ T1395] usbhid: probe of 2-1:0.0 failed with error -71
[  377.860794][ T1395] usb 2-1: USB disconnect, device number 76
[  378.232482][ T1319] usb 3-1: new high-speed USB device number 75 using dummy_hcd
[  378.414909][ T1395] usb 1-1: new high-speed USB device number 69 using dummy_hcd
[  378.773362][ T8703] EXT4-fs error (device loop4): __ext4_iget:4958: inode #11: block 1: comm syz-executor.4: invalid block
[  378.784802][ T8703] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz-executor.4: couldn't read orphan inode 11 (err -117)
[  378.797517][ T8703] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,minixdf,max_dir_size_kb=0x0000000000000009,data_err=abort,grpquota,noinit_itable,inode_readahead_blks=0x0000000000400000,i_version,acl,,errors=continue
[  378.821271][   T24] audit: type=1400 audit(1719161186.810:22161): avc:  denied  { create } for  pid=8702 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1
[  378.891564][ T1395] usb 1-1: Using ep0 maxpacket: 16
[  378.901671][ T1319] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  378.912033][ T1319] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  378.921102][   T24] audit: type=1326 audit(1719161186.910:22162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8706 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  378.945506][   T24] audit: type=1326 audit(1719161186.910:22163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8706 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  378.969585][   T24] audit: type=1326 audit(1719161186.920:22164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8706 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  378.993751][   T24] audit: type=1326 audit(1719161186.920:22165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8706 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  379.021650][ T1319] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  379.032757][ T1319] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  379.034231][   T24] audit: type=1326 audit(1719161186.920:22166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8706 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  379.044924][ T1319] usb 3-1: SerialNumber: syz
[  379.079862][   T24] audit: type=1326 audit(1719161186.920:22167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8706 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  379.116254][   T24] audit: type=1326 audit(1719161186.940:22168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8706 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  379.241740][ T1395] usb 1-1: New USB device found, idVendor=23a7, idProduct=fedc, bcdDevice=e0.0b
[  379.270904][ T1395] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  379.287497][ T1395] usb 1-1: Product: syz
[  379.300519][ T1395] usb 1-1: Manufacturer: syz
[  379.306094][ T1395] usb 1-1: SerialNumber: syz
[  379.323437][ T1395] usb 1-1: config 0 descriptor??
[  379.402667][ T8718] EXT4-fs (loop3): Ignoring removed orlov option
[  379.424166][ T8718] EXT4-fs (loop3): mounted filesystem without journal. Opts: orlov,errors=remount-ro,
[  379.831661][ T1395] usb 1-1: MIDIStreaming interface descriptor not found
[  379.842947][ T1319] usb 3-1: 0:2 : does not exist
[  379.843473][ T1395] usb 1-1: USB disconnect, device number 69
[  379.889031][ T1319] usb 3-1: USB disconnect, device number 75
[  380.160106][ T8743] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=8743 comm=syz-executor.2
[  380.173527][ T8743] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=8743 comm=syz-executor.2
[  380.187314][ T8733] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  380.196155][ T8743] fuse: Bad value for 'fd'
[  380.200600][ T8733] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  380.217104][ T8733] F2FS-fs (loop3): invalid crc value
[  380.237075][ T8733] F2FS-fs (loop3): Found nat_bits in checkpoint
[  380.285772][ T8733] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  380.292750][ T8733] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  380.581653][ T1393] usb 3-1: new high-speed USB device number 76 using dummy_hcd
[  380.648410][ T6757] attempt to access beyond end of device
[  380.648410][ T6757] loop3: rw=2049, want=40968, limit=40427
[  380.761769][ T8769] erofs: Unknown parameter 'ÿÿÿÿ'
[  380.961674][ T1393] usb 3-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 108
[  380.973998][ T1393] usb 3-1: config 0 has an invalid descriptor of length 32, skipping remainder of the config
[  380.984261][ T1393] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  380.997235][ T1393] usb 3-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  381.006114][ T1393] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  381.063805][ T1393] usb 3-1: config 0 descriptor??
[  381.072766][   T24] kauditd_printk_skb: 1951 callbacks suppressed
[  381.072781][   T24] audit: type=1326 audit(1719161189.070:24120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8781 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  381.112627][ T1393] usb-storage 3-1:0.0: USB Mass Storage device detected
[  381.114130][   T24] audit: type=1326 audit(1719161189.070:24121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8781 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  381.152250][ T1393] usb-storage 3-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[  381.153294][   T24] audit: type=1326 audit(1719161189.070:24122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8781 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  381.189084][ T1319] usb 1-1: new high-speed USB device number 70 using dummy_hcd
[  381.196719][   T24] audit: type=1326 audit(1719161189.070:24123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8781 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  381.221106][   T24] audit: type=1326 audit(1719161189.070:24124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8781 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  381.245261][   T24] audit: type=1326 audit(1719161189.070:24125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8781 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  381.269306][   T24] audit: type=1326 audit(1719161189.070:24126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8781 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  381.293265][   T24] audit: type=1326 audit(1719161189.070:24127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8781 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  381.321854][   T24] audit: type=1326 audit(1719161189.070:24128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8781 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  381.345806][   T24] audit: type=1326 audit(1719161189.070:24129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8781 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  381.483577][ T8803] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  381.554926][ T8807] input: syz1 as /devices/virtual/input/input92
[  381.601634][ T1319] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  381.611555][ T1319] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  381.701675][ T1319] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  381.710536][ T1319] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  381.731543][ T1319] usb 1-1: SerialNumber: syz
[  382.042428][ T1319] usb 1-1: 0:2 : does not exist
[  382.283484][ T1319] usb 1-1: USB disconnect, device number 70
[  382.898210][ T8819] device veth0_vlan left promiscuous mode
[  382.906306][ T8819] device veth0_vlan entered promiscuous mode
[  383.310432][ T1393] usb 3-1: USB disconnect, device number 76
[  383.429514][ T8843] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  383.438189][ T8843] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  383.842085][ T8847]  loop2: p1 < > p4
[  383.846295][ T8847] loop2: p4 size 8388608 extends beyond EOD, truncated
[  383.853034][ T1319] usb 2-1: new high-speed USB device number 77 using dummy_hcd
[  383.922121][ T8850]  loop4: p1 < > p4
[  383.926476][ T8850] loop4: p4 size 8388608 extends beyond EOD, truncated
[  384.091587][ T1319] usb 2-1: Using ep0 maxpacket: 8
[  384.193074][ T8697] usb 1-1: new high-speed USB device number 71 using dummy_hcd
[  384.221888][ T1319] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  384.236469][ T1319] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  384.257725][ T1319] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  384.273839][ T1319] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  384.294322][ T1319] usb 2-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  384.310128][ T1319] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  384.324684][ T1319] usb 2-1: config 0 descriptor??
[  384.581630][ T8697] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  384.598834][ T8697] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  384.711654][ T8697] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  384.721250][ T8697] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  384.729105][ T8697] usb 1-1: SerialNumber: syz
[  384.822616][ T1319] kye 0003:0458:5011.0037: unknown main item tag 0x0
[  384.829727][ T1319] kye 0003:0458:5011.0037: hidraw0: USB HID v0.00 Device [HID 0458:5011] on usb-dummy_hcd.1-1/input0
[  384.840604][ T1319] kye 0003:0458:5011.0037: tablet-enabling feature report not found
[  384.848502][ T1319] kye 0003:0458:5011.0037: tablet enabling failed
[  385.042659][ T8889] udc-core: couldn't find an available UDC or it's busy
[  385.060789][ T8889] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  385.071563][ T1395] usb 2-1: USB disconnect, device number 77
[  385.167970][ T8900] tipc: Started in network mode
[  385.172818][ T8900] tipc: Own node identity ac1414aa, cluster identity 4711
[  385.180385][ T8900] tipc: New replicast peer: 100.1.1.1
[  385.186576][ T8900] tipc: Enabled bearer <udp:syz2>, priority 10
[  385.215682][ T8899] input: syz1 as /devices/virtual/input/input93
[  385.349450][ T8697] usb 1-1: 0:2 : does not exist
[  385.393031][ T8697] usb 1-1: USB disconnect, device number 71
[  386.023890][ T8913]  loop0: p1 p4
[  386.027307][ T8913] loop0: p1 size 8388608 extends beyond EOD, truncated
[  386.041738][ T8913] loop0: p4 start 4278190080 is beyond EOD, truncated
[  386.081670][   T24] kauditd_printk_skb: 12013 callbacks suppressed
[  386.081686][   T24] audit: type=1326 audit(1719161194.070:36143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8901 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f969df32827 code=0x7ffc0000
[  386.127065][ T8919] syz-executor.3[8919] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  386.127128][ T8919] syz-executor.3[8919] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  386.139013][   T24] audit: type=1326 audit(1719161194.120:36144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8901 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f969def84e9 code=0x7ffc0000
[  386.174371][   T24] audit: type=1326 audit(1719161194.120:36145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8901 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  386.198912][ T8920] syz-executor.3[8920] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  386.198979][ T8920] syz-executor.3[8920] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  386.222396][   T24] audit: type=1400 audit(1719161194.220:36146): avc:  denied  { relabelfrom } for  pid=8918 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  386.291181][   T24] audit: type=1400 audit(1719161194.230:36147): avc:  denied  { relabelto } for  pid=8918 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  386.301586][ T1394] tipc: 32-bit node address hash set to aa1414ac
[  386.461789][   T24] audit: type=1326 audit(1719161194.450:36148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8929 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  386.523135][   T24] audit: type=1326 audit(1719161194.450:36149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8929 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  386.574532][   T24] audit: type=1326 audit(1719161194.450:36150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8929 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  386.628834][   T24] audit: type=1326 audit(1719161194.460:36151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8929 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f969df350a9 code=0x7ffc0000
[  386.663236][ T8938] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  386.685060][ T8938] FAT-fs (loop0): error, clusters badly computed (1 != 30720)
[  386.702546][ T8938] FAT-fs (loop0): Filesystem has been set read-only
[  386.715012][   T24] audit: type=1326 audit(1719161194.500:36152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8929 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f969df32827 code=0x7ffc0000
[  386.721738][ T8938] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 1042)
[  387.579218][ T8955] input: syz1 as /devices/virtual/input/input94
[  387.681620][ T1392] usb 3-1: new high-speed USB device number 77 using dummy_hcd
[  388.051620][ T1392] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  388.077174][ T1392] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  388.124499][ T8977] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  388.181679][ T1392] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  388.197566][ T1392] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  388.218045][ T1392] usb 3-1: SerialNumber: syz
[  388.252006][ T8981]  loop3: p1 < > p4
[  388.257259][ T8981] loop3: p4 size 8388608 extends beyond EOD, truncated
[  389.079269][ T1392] usb 3-1: 0:2 : does not exist
[  389.252189][ T8697] usb 2-1: new high-speed USB device number 78 using dummy_hcd
[  389.304053][ T1392] usb 3-1: USB disconnect, device number 77
[  389.360207][ T9004] bridge0: port 1(bridge_slave_0) entered blocking state
[  389.370983][ T9004] bridge0: port 1(bridge_slave_0) entered disabled state
[  389.378594][ T9004] device bridge_slave_0 entered promiscuous mode
[  389.388390][ T9004] bridge0: port 2(bridge_slave_1) entered blocking state
[  389.395389][ T9004] bridge0: port 2(bridge_slave_1) entered disabled state
[  389.405684][ T9004] device bridge_slave_1 entered promiscuous mode
[  389.460242][ T9004] bridge0: port 2(bridge_slave_1) entered blocking state
[  389.467266][ T9004] bridge0: port 2(bridge_slave_1) entered forwarding state
[  389.474367][ T9004] bridge0: port 1(bridge_slave_0) entered blocking state
[  389.481097][ T9004] bridge0: port 1(bridge_slave_0) entered forwarding state
[  389.501321][ T1401] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  389.509077][ T1401] bridge0: port 1(bridge_slave_0) entered disabled state
[  389.517570][ T1401] bridge0: port 2(bridge_slave_1) entered disabled state
[  389.534320][ T1394] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  389.542381][ T1394] bridge0: port 1(bridge_slave_0) entered blocking state
[  389.549213][ T1394] bridge0: port 1(bridge_slave_0) entered forwarding state
[  389.559683][ T9013] input: syz1 as /devices/virtual/input/input95
[  389.566023][ T1394] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  389.574511][ T1394] bridge0: port 2(bridge_slave_1) entered blocking state
[  389.581352][ T1394] bridge0: port 2(bridge_slave_1) entered forwarding state
[  389.604898][ T1394] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  389.612775][ T1394] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  389.626755][ T9004] device veth0_vlan entered promiscuous mode
[  389.634042][ T1392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  389.642488][ T1392] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  389.650029][ T1392] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  389.658537][ T1392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  389.675363][ T9004] device veth1_macvtap entered promiscuous mode
[  389.683009][ T1394] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  389.703212][ T1394] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  389.713208][ T1394] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  389.825931][  T342] device bridge_slave_1 left promiscuous mode
[  389.836979][  T342] bridge0: port 2(bridge_slave_1) entered disabled state
[  389.852255][  T342] device bridge_slave_0 left promiscuous mode
[  389.864146][  T342] bridge0: port 1(bridge_slave_0) entered disabled state
[  389.881009][  T342] device veth1_macvtap left promiscuous mode
[  389.892435][  T342] device veth0_vlan left promiscuous mode
[  490.231463][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  490.238242][    C1] rcu: 	0-...!: (0 ticks this GP) idle=a16/1/0x4000000000000000 softirq=36145/36147 fqs=2 last_accelerate: 22c7/4a00 dyntick_enabled: 1
[  490.251929][    C1] 	(detected by 1, t=10002 jiffies, g=48529, q=178)
[  490.258359][    C1] Sending NMI from CPU 1 to CPUs 0:
[  490.265392][    C1] NMI backtrace for cpu 0
[  490.265401][    C1] CPU: 0 PID: 9028 Comm: syz-executor.1 Tainted: G        W         5.10.215-syzkaller-00370-gb58b8f9dad93 #0
[  490.265412][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  490.265416][    C1] RIP: 0010:kvm_wait+0xec/0x150
[  490.265426][    C1] Code: 03 42 0f b6 04 20 84 c0 75 6a 41 0f b6 45 00 44 38 f0 75 26 41 f7 c7 00 02 00 00 75 0f 0f 1f 44 00 00 0f 00 2d c5 4f d5 03 f4 <eb> 0e 0f 1f 44 00 00 0f 00 2d b6 4f d5 03 fb f4 4c 89 7c 24 18 ff
[  490.265431][    C1] RSP: 0000:ffffc90000c56ca0 EFLAGS: 00000046
[  490.265439][    C1] RAX: 0000000000000003 RBX: 1ffff9200018ad98 RCX: ffffffff8150b884
[  490.265444][    C1] RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffffc90000c56ce0
[  490.265448][    C1] RBP: ffffc90000c56d50 R08: dffffc0000000000 R09: ffffed1025d33691
[  490.265453][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  490.265458][    C1] R13: ffff88812e99b480 R14: 0000000000000003 R15: 0000000000000046
[  490.265463][    C1] FS:  00007f969d2af6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  490.265468][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  490.265472][    C1] CR2: 0000786c6c257830 CR3: 000000012dead000 CR4: 00000000003526b0
[  490.265477][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  490.265482][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  490.265485][    C1] Call Trace:
[  490.265487][    C1]  <NMI>
[  490.265490][    C1]  ? show_regs+0x58/0x60
[  490.265494][    C1]  ? nmi_cpu_backtrace+0x133/0x160
[  490.265497][    C1]  ? kvm_wait+0xec/0x150
[  490.265500][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  490.265504][    C1]  ? nmi_handle+0xa8/0x280
[  490.265507][    C1]  ? kvm_wait+0xec/0x150
[  490.265510][    C1]  ? default_do_nmi+0x69/0x160
[  490.265513][    C1]  ? exc_nmi+0xad/0x100
[  490.265516][    C1]  ? end_repeat_nmi+0x16/0x31
[  490.265520][    C1]  ? __pv_queued_spin_lock_slowpath+0x6d4/0xc70
[  490.265524][    C1]  ? kvm_wait+0xec/0x150
[  490.265527][    C1]  ? kvm_wait+0xec/0x150
[  490.265530][    C1]  ? kvm_wait+0xec/0x150
[  490.265532][    C1]  </NMI>
[  490.265536][    C1]  ? kvm_arch_para_hints+0x30/0x30
[  490.265551][    C1]  __pv_queued_spin_lock_slowpath+0x72f/0xc70
[  490.265555][    C1]  ? __pv_queued_spin_unlock_slowpath+0x280/0x280
[  490.265559][    C1]  _raw_spin_lock_irqsave+0x1a0/0x210
[  490.265562][    C1]  ? _raw_spin_lock+0x1b0/0x1b0
[  490.265566][    C1]  force_sig_info_to_task+0x67/0x320
[  490.265569][    C1]  ? bsearch+0x96/0xc0
[  490.265572][    C1]  force_sig_fault+0x125/0x1c0
[  490.265576][    C1]  ? force_sig_fault_to_task+0x1c0/0x1c0
[  490.265579][    C1]  ? ex_handler_uaccess+0x3e/0xc0
[  490.265583][    C1]  ? ex_handler_fprestore+0xf0/0xf0
[  490.265586][    C1]  ? fixup_exception+0x94/0xd0
[  490.265589][    C1]  no_context+0x2e1/0xf20
[  490.265592][    C1]  ? is_prefetch+0x5c0/0x5c0
[  490.265595][    C1]  ? 0xffffffffa0002748
[  490.265598][    C1]  ? is_bpf_text_address+0x172/0x190
[  490.265602][    C1]  ? __kernel_text_address+0x9b/0x110
[  490.265605][    C1]  __bad_area_nosemaphore+0xcd/0x440
[  490.265608][    C1]  bad_area_nosemaphore+0x2d/0x40
[  490.265612][    C1]  exc_page_fault+0x3ea/0x5b0
[  490.265615][    C1]  asm_exc_page_fault+0x1e/0x30
[  490.265618][    C1] RIP: 0010:__get_user_nocheck_8+0x10/0x13
[  490.265629][    C1] Code: 0f b7 10 31 c0 0f 01 ca c3 90 0f 01 cb 0f ae e8 8b 10 31 c0 0f 01 ca c3 66 90 0f 01 cb 0f ae e8 48 8b 10 31 c0 0f 01 ca c3 90 <0f> 01 ca 31 d2 48 c7 c0 f2 ff ff ff c3 cc cc cc 55 48 89 e5 53 89
[  490.265632][    C1] RSP: 0000:ffffc90000c573a0 EFLAGS: 00050006
[  490.265639][    C1] RAX: 0000786c6c257830 RBX: 00007fffffffeff0 RCX: ffff8881188a13c0
[  490.265644][    C1] RDX: ffffc90002c77000 RSI: 0000786c6c257830 RDI: 00007fffffffeff0
[  490.265648][    C1] RBP: ffffc90000c57430 R08: ffffffff8100e820 R09: ffffed1023114279
[  490.265653][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  490.265659][    C1] R13: ffff8881188a13c0 R14: 0000786c6c257830 R15: ffff8881188a13c0
[  490.265662][    C1]  ? perf_callchain_user+0x3f0/0x1170
[  490.265666][    C1]  ? perf_callchain_user+0x404/0x1170
[  490.265669][    C1]  get_perf_callchain+0x549/0x810
[  490.265673][    C1]  ? put_callchain_entry+0xb0/0xb0
[  490.265676][    C1]  ? __kasan_slab_alloc+0xc3/0xe0
[  490.265679][    C1]  ? slab_post_alloc_hook+0x61/0x2f0
[  490.265682][    C1]  ? kmem_cache_alloc+0x168/0x2e0
[  490.265686][    C1]  ? __sigqueue_alloc+0x19e/0x2f0
[  490.265689][    C1]  __bpf_get_stack+0x378/0x570
[  490.265692][    C1]  ? asm_exc_page_fault+0x1e/0x30
[  490.265695][    C1]  ? __put_user_nocheck_8+0x11/0x21
[  490.265699][    C1]  ? stack_map_get_build_id_offset+0x1460/0x1460
[  490.265702][    C1]  bpf_get_stack+0x31/0x40
[  490.265706][    C1]  bpf_get_stack_raw_tp+0x1b2/0x220
[  490.265709][    C1]  bpf_prog_b8a90dd1efcc4ad9+0x3d/0x8b8
[  490.265712][    C1]  bpf_trace_run5+0x176/0x320
[  490.265716][    C1]  ? bpf_trace_run4+0x2e0/0x2e0
[  490.265719][    C1]  __bpf_trace_signal_generate+0x3c/0x50
[  490.265722][    C1]  __send_signal+0xb39/0xb90
[  490.265725][    C1]  send_signal+0x4c1/0x5e0
[  490.265729][    C1]  force_sig_info_to_task+0x272/0x320
[  490.265732][    C1]  force_sig_fault+0x125/0x1c0
[  490.265736][    C1]  ? force_sig_fault_to_task+0x1c0/0x1c0
[  490.265739][    C1]  ? __kasan_slab_free+0x11/0x20
[  490.265742][    C1]  ? ex_handler_uaccess+0x3e/0xc0
[  490.265746][    C1]  ? ex_handler_fprestore+0xf0/0xf0
[  490.265749][    C1]  ? fixup_exception+0x94/0xd0
[  490.265752][    C1]  no_context+0x2e1/0xf20
[  490.265755][    C1]  ? audit_log_end+0x1c8/0x230
[  490.265758][    C1]  ? audit_seccomp+0x1a8/0x1e0
[  490.265761][    C1]  ? is_prefetch+0x5c0/0x5c0
[  490.265765][    C1]  ? __seccomp_filter+0xd03/0x1e10
[  490.265768][    C1]  __bad_area_nosemaphore+0xcd/0x440
[  490.265771][    C1]  bad_area+0x69/0x80
[  490.265774][    C1]  exc_page_fault+0x439/0x5b0
[  490.265777][    C1]  asm_exc_page_fault+0x1e/0x30
[  490.265781][    C1] RIP: 0010:__put_user_nocheck_8+0x11/0x21
[  490.265791][    C1] Code: 0f 01 ca c3 66 0f 1f 44 00 00 48 bb f9 ef ff ff ff 7f 00 00 48 39 d9 73 14 0f 01 cb 48 89 01 31 c9 0f 01 ca c3 0f 1f 44 00 00 <0f> 01 ca b9 f2 ff ff ff c3 cc cc cc cc cc cc cc 55 48 89 e5 41 57
[  490.265795][    C1] RSP: 0000:ffffc90000c57d98 EFLAGS: 00050283
[  490.265801][    C1] RAX: 000000006678516e RBX: 00007fffffffeff9 RCX: 0000000000000019
[  490.265806][    C1] RDX: ffffc90002c77000 RSI: 0000000000000ad3 RDI: 0000000000000ad4
[  490.265811][    C1] RBP: ffffc90000c57e48 R08: ffffffff815b6394 R09: ffffc90000c57de0
[  490.265816][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc90000c57de0
[  490.265820][    C1] R13: dffffc0000000000 R14: 1ffff9200018afb8 R15: 0000000000000019
[  490.265824][    C1]  ? ktime_get_real_ts64+0x1f4/0x2e0
[  490.265827][    C1]  ? __x64_sys_gettimeofday+0xf9/0x240
[  490.265831][    C1]  ? __ia32_sys_stime32+0x160/0x160
[  490.265834][    C1]  ? __secure_computing+0xf0/0x300
[  490.265837][    C1]  emulate_vsyscall+0xe33/0x13d0
[  490.265840][    C1]  exc_page_fault+0x147/0x5b0
[  490.265843][    C1]  ? asm_exc_page_fault+0x8/0x30
[  490.265847][    C1]  asm_exc_page_fault+0x1e/0x30
[  490.265850][    C1] RIP: 0033:_end+0x783da000/0x0
[  490.265854][    C1] Code: Unable to access opcode bytes at RIP 0xffffffffff5fffd6.
[  490.265858][    C1] RSP: 002b:00007f969d2aeb38 EFLAGS: 00010246
[  490.265865][    C1] RAX: ffffffffffffffda RBX: 00007f969e06bf80 RCX: 00007f969df350a9
[  490.265869][    C1] RDX: 00007f969d2aeb40 RSI: 00007f969d2aec70 RDI: 0000000000000019
[  490.265874][    C1] RBP: 00007f969dfa4074 R08: 0000000000000000 R09: 0000000000000000
[  490.265879][    C1] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000
[  490.265883][    C1] R13: 000000000000000b R14: 00007f969e06bf80 R15: 00007ffc7c450f78
[  490.265895][    C1] rcu: rcu_preempt kthread starved for 9998 jiffies! g48529 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  490.990680][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  491.000479][    C1] rcu: RCU grace-period kthread stack dump:
[  491.006210][    C1] task:rcu_preempt     state:R  running task     stack:    0 pid:   13 ppid:     2 flags:0x10004000
[  491.016795][    C1] Call Trace:
[  491.019933][    C1]  __schedule+0xbe6/0x1330
[  491.024224][    C1]  ? release_firmware_map_entry+0x192/0x192
[  491.029907][    C1]  ? _raw_spin_lock_irqsave+0xf9/0x210
[  491.035200][    C1]  ? _raw_spin_lock+0x1b0/0x1b0
[  491.039886][    C1]  schedule+0x13d/0x1d0
[  491.043881][    C1]  schedule_timeout+0x18c/0x360
[  491.048567][    C1]  ? prepare_to_swait_event+0x39f/0x3e0
[  491.053946][    C1]  ? console_conditional_schedule+0x10/0x10
[  491.059673][    C1]  ? run_local_timers+0x160/0x160
[  491.064542][    C1]  rcu_gp_kthread+0xefc/0x23a0
[  491.069141][    C1]  ? dyntick_save_progress_counter+0x1c0/0x1c0
[  491.075127][    C1]  ? rcu_barrier_callback+0x50/0x50
[  491.080160][    C1]  ? _raw_spin_lock+0x1b0/0x1b0
[  491.084850][    C1]  ? __kasan_check_read+0x11/0x20
[  491.089724][    C1]  ? __kthread_parkme+0xb9/0x1c0
[  491.094482][    C1]  kthread+0x34b/0x3d0
[  491.098385][    C1]  ? rcu_barrier_callback+0x50/0x50
[  491.103417][    C1]  ? kthread_blkcg+0xd0/0xd0
[  491.107846][    C1]  ret_from_fork+0x1f/0x30
[  638.954535][    C1] watchdog: BUG: soft lockup - CPU#1 stuck for 123s! [syz-executor.0:9032]
[  638.962935][    C1] Modules linked in:
[  638.966886][    C1] CPU: 1 PID: 9032 Comm: syz-executor.0 Tainted: G        W         5.10.215-syzkaller-00370-gb58b8f9dad93 #0
[  638.978328][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  638.988231][    C1] RIP: 0010:smp_call_function_single+0x278/0x510
[  638.994382][    C1] Code: 0f 85 18 02 00 00 44 8b 6c 24 48 44 89 ee 83 e6 01 31 ff e8 7a f0 0a 00 41 83 e5 01 75 0a e8 bf ec 0a 00 e9 eb 00 00 00 f3 90 <42> 0f b6 04 23 84 c0 75 15 f7 44 24 48 01 00 00 00 0f 84 cd 00 00
[  639.014348][    C1] RSP: 0018:ffffc900012fee20 EFLAGS: 00000246
[  639.020243][    C1] RAX: ffffffff815fc0c4 RBX: 1ffff9200025fdcd RCX: 0000000000040000
[  639.028138][    C1] RDX: ffffc90002a76000 RSI: 000000000003ffff RDI: 0000000000040000
[  639.036088][    C1] RBP: ffffc900012fef10 R08: ffffffff815fc096 R09: ffffed103ee0aec9
[  639.043882][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  639.051692][    C1] R13: 0000000000000001 R14: ffffc900012fee68 R15: 0000000000000000
[  639.059504][    C1] FS:  00007f1e4517f6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  639.068268][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  639.074693][    C1] CR2: 0000001b32a21000 CR3: 00000001188b4000 CR4: 00000000003526a0
[  639.082504][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  639.090314][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  639.098122][    C1] Call Trace:
[  639.101252][    C1]  <IRQ>
[  639.103949][    C1]  ? show_regs+0x58/0x60
[  639.108025][    C1]  ? watchdog_timer_fn+0x471/0x590
[  639.112974][    C1]  ? proc_watchdog_cpumask+0xd0/0xd0
[  639.118094][    C1]  ? __hrtimer_run_queues+0x3d7/0xa50
[  639.123300][    C1]  ? hrtimer_interrupt+0x8b0/0x8b0
[  639.128247][    C1]  ? ktime_get_update_offsets_now+0x266/0x280
[  639.134148][    C1]  ? hrtimer_interrupt+0x39a/0x8b0
[  639.139199][    C1]  ? __sysvec_apic_timer_interrupt+0xfd/0x3c0
[  639.145105][    C1]  ? asm_call_irq_on_stack+0xf/0x20
[  639.150113][    C1]  </IRQ>
[  639.152902][    C1]  ? sysvec_apic_timer_interrupt+0x85/0xe0
[  639.158549][    C1]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[  639.164531][    C1]  ? smp_call_function_single+0x266/0x510
[  639.170081][    C1]  ? smp_call_function_single+0x294/0x510
[  639.175635][    C1]  ? smp_call_function_single+0x278/0x510
[  639.181205][    C1]  ? flush_tlb_all+0x20/0x20
[  639.185617][    C1]  ? flush_smp_call_function_from_idle+0x1b0/0x1b0
[  639.191952][    C1]  ? flush_tlb_all+0x20/0x20
[  639.196381][    C1]  smp_call_function_many_cond+0x94e/0xa30
[  639.202028][    C1]  ? flush_tlb_all+0x20/0x20
[  639.206447][    C1]  ? get_page_from_freelist+0x2d8c/0x2f30
[  639.212087][    C1]  ? smp_call_function_many+0x40/0x40
[  639.217297][    C1]  ? flush_tlb_all+0x20/0x20
[  639.221720][    C1]  on_each_cpu+0xa8/0x1a0
[  639.225890][    C1]  ? smp_call_function+0x90/0x90
[  639.230661][    C1]  ? find_next_bit+0xc7/0x100
[  639.235173][    C1]  ? cpumask_next+0x11/0x30
[  639.239513][    C1]  ? cpumask_next+0x23/0x30
[  639.243852][    C1]  flush_tlb_kernel_range+0x40/0x1c0
[  639.248978][    C1]  __purge_vmap_area_lazy+0x102/0x1620
[  639.254270][    C1]  ? __kasan_check_write+0x14/0x20
[  639.259215][    C1]  ? pcpu_free_vm_areas+0xc0/0xc0
[  639.264078][    C1]  ? __alloc_pages_nodemask+0xaf0/0xaf0
[  639.269458][    C1]  ? find_next_bit+0xc7/0x100
[  639.273968][    C1]  ? cpumask_next+0x11/0x30
[  639.278311][    C1]  _vm_unmap_aliases+0x334/0x3b0
[  639.283085][    C1]  vm_unmap_aliases+0x19/0x20
[  639.287620][    C1]  change_page_attr_set_clr+0x308/0x1050
[  639.293068][    C1]  ? __set_memory_prot+0x100/0x100
[  639.298019][    C1]  ? get_random_u64+0x5b0/0x5b0
[  639.302699][    C1]  ? __kmalloc+0x1aa/0x330
[  639.306960][    C1]  ? is_vmalloc_or_module_addr+0xd/0x50
[  639.312336][    C1]  ? __kasan_check_write+0x14/0x20
[  639.317281][    C1]  ? _raw_spin_lock+0xa4/0x1b0
[  639.321887][    C1]  set_memory_ro+0xa1/0xe0
[  639.326133][    C1]  ? set_memory_nx+0x130/0x130
[  639.330732][    C1]  ? bpf_int_jit_compile+0x60d5/0x9dc0
[  639.336028][    C1]  ? _raw_spin_unlock+0x4d/0x70
[  639.340718][    C1]  bpf_int_jit_compile+0x9829/0x9dc0
[  639.345840][    C1]  ? emit_bpf_dispatcher+0xc10/0xc10
[  639.350963][    C1]  bpf_prog_select_runtime+0x735/0x9c0
[  639.356275][    C1]  __se_sys_bpf+0x1080e/0x11cb0
[  639.360943][    C1]  ? __kasan_check_write+0x14/0x20
[  639.365881][    C1]  ? __x64_sys_bpf+0x90/0x90
[  639.370310][    C1]  ? futex_wake+0x630/0x790
[  639.374656][    C1]  ? do_futex+0x13c5/0x17b0
[  639.378989][    C1]  ? ioctl_has_perm+0x1f8/0x560
[  639.383675][    C1]  ? do_vfs_ioctl+0x102e/0x1a30
[  639.388363][    C1]  ? ioctl_has_perm+0x3f0/0x560
[  639.393050][    C1]  ? __x32_compat_sys_ioctl+0x90/0x90
[  639.398259][    C1]  ? futex_exit_release+0x1e0/0x1e0
[  639.403290][    C1]  ? _raw_spin_lock_irq+0xa5/0x1b0
[  639.408238][    C1]  ? recalc_sigpending+0x1a5/0x230
[  639.413186][    C1]  ? __set_current_blocked+0x2a5/0x2f0
[  639.418480][    C1]  ? __kasan_check_write+0x14/0x20
[  639.423512][    C1]  ? ktime_get_boot_fast_ns+0x19d/0x1d0
[  639.428898][    C1]  ? bpf_trace_run2+0xf4/0x280
[  639.433500][    C1]  ? __bpf_trace_sys_enter+0x62/0x70
[  639.438617][    C1]  __x64_sys_bpf+0x7b/0x90
[  639.442875][    C1]  do_syscall_64+0x34/0x70
[  639.447123][    C1]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[  639.452850][    C1] RIP: 0033:0x7f1e45e260a9
[  639.457110][    C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  639.476714][    C1] RSP: 002b:00007f1e4517f0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  639.484963][    C1] RAX: ffffffffffffffda RBX: 00007f1e45f5d050 RCX: 00007f1e45e260a9
[  639.492865][    C1] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005
[  639.500671][    C1] RBP: 00007f1e45e95074 R08: 0000000000000000 R09: 0000000000000000
[  639.508480][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  639.516294][    C1] R13: 000000000000006e R14: 00007f1e45f5d050 R15: 00007ffc8e3efd88
[  639.524108][    C1] Sending NMI from CPU 1 to CPUs 0:
[  639.531148][    C1] NMI backtrace for cpu 0
[  639.531157][    C1] CPU: 0 PID: 9028 Comm: syz-executor.1 Tainted: G        W         5.10.215-syzkaller-00370-gb58b8f9dad93 #0
[  639.531163][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  639.531166][    C1] RIP: 0010:kvm_wait+0xec/0x150
[  639.531176][    C1] Code: 03 42 0f b6 04 20 84 c0 75 6a 41 0f b6 45 00 44 38 f0 75 26 41 f7 c7 00 02 00 00 75 0f 0f 1f 44 00 00 0f 00 2d c5 4f d5 03 f4 <eb> 0e 0f 1f 44 00 00 0f 00 2d b6 4f d5 03 fb f4 4c 89 7c 24 18 ff
[  639.531180][    C1] RSP: 0000:ffffc90000c56ca0 EFLAGS: 00000046
[  639.531188][    C1] RAX: 0000000000000003 RBX: 1ffff9200018ad98 RCX: ffffffff8150b884
[  639.531193][    C1] RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffffc90000c56ce0
[  639.531198][    C1] RBP: ffffc90000c56d50 R08: dffffc0000000000 R09: ffffed1025d33691
[  639.531202][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  639.531207][    C1] R13: ffff88812e99b480 R14: 0000000000000003 R15: 0000000000000046
[  639.531213][    C1] FS:  00007f969d2af6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  639.531217][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  639.531222][    C1] CR2: 0000786c6c257830 CR3: 000000012dead000 CR4: 00000000003526b0
[  639.531226][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  639.531231][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  639.531234][    C1] Call Trace:
[  639.531236][    C1]  <NMI>
[  639.531239][    C1]  ? show_regs+0x58/0x60
[  639.531243][    C1]  ? nmi_cpu_backtrace+0x133/0x160
[  639.531245][    C1]  ? kvm_wait+0xec/0x150
[  639.531249][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  639.531252][    C1]  ? nmi_handle+0xa8/0x280
[  639.531255][    C1]  ? kvm_wait+0xec/0x150
[  639.531258][    C1]  ? kvm_wait+0xec/0x150
[  639.531262][    C1]  ? default_do_nmi+0x69/0x160
[  639.531265][    C1]  ? exc_nmi+0xad/0x100
[  639.531268][    C1]  ? end_repeat_nmi+0x16/0x31
[  639.531272][    C1]  ? __pv_queued_spin_lock_slowpath+0x6d4/0xc70
[  639.531275][    C1]  ? kvm_wait+0xec/0x150
[  639.531278][    C1]  ? kvm_wait+0xec/0x150
[  639.531281][    C1]  ? kvm_wait+0xec/0x150
[  639.531283][    C1]  </NMI>
[  639.531286][    C1]  ? kvm_arch_para_hints+0x30/0x30
[  639.531290][    C1]  __pv_queued_spin_lock_slowpath+0x72f/0xc70
[  639.531294][    C1]  ? __pv_queued_spin_unlock_slowpath+0x280/0x280
[  639.531297][    C1]  _raw_spin_lock_irqsave+0x1a0/0x210
[  639.531301][    C1]  ? _raw_spin_lock+0x1b0/0x1b0
[  639.531304][    C1]  force_sig_info_to_task+0x67/0x320
[  639.531307][    C1]  ? bsearch+0x96/0xc0
[  639.531310][    C1]  force_sig_fault+0x125/0x1c0
[  639.531314][    C1]  ? force_sig_fault_to_task+0x1c0/0x1c0
[  639.531317][    C1]  ? ex_handler_uaccess+0x3e/0xc0
[  639.531320][    C1]  ? ex_handler_fprestore+0xf0/0xf0
[  639.531323][    C1]  ? fixup_exception+0x94/0xd0
[  639.531326][    C1]  no_context+0x2e1/0xf20
[  639.531329][    C1]  ? is_prefetch+0x5c0/0x5c0
[  639.531332][    C1]  ? 0xffffffffa0002748
[  639.531336][    C1]  ? is_bpf_text_address+0x172/0x190
[  639.531339][    C1]  ? __kernel_text_address+0x9b/0x110
[  639.531342][    C1]  __bad_area_nosemaphore+0xcd/0x440
[  639.531346][    C1]  bad_area_nosemaphore+0x2d/0x40
[  639.531349][    C1]  exc_page_fault+0x3ea/0x5b0
[  639.531352][    C1]  asm_exc_page_fault+0x1e/0x30
[  639.531356][    C1] RIP: 0010:__get_user_nocheck_8+0x10/0x13
[  639.531366][    C1] Code: 0f b7 10 31 c0 0f 01 ca c3 90 0f 01 cb 0f ae e8 8b 10 31 c0 0f 01 ca c3 66 90 0f 01 cb 0f ae e8 48 8b 10 31 c0 0f 01 ca c3 90 <0f> 01 ca 31 d2 48 c7 c0 f2 ff ff ff c3 cc cc cc 55 48 89 e5 53 89
[  639.531370][    C1] RSP: 0000:ffffc90000c573a0 EFLAGS: 00050006
[  639.531376][    C1] RAX: 0000786c6c257830 RBX: 00007fffffffeff0 RCX: ffff8881188a13c0
[  639.531381][    C1] RDX: ffffc90002c77000 RSI: 0000786c6c257830 RDI: 00007fffffffeff0
[  639.531385][    C1] RBP: ffffc90000c57430 R08: ffffffff8100e820 R09: ffffed1023114279
[  639.531390][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  639.531394][    C1] R13: ffff8881188a13c0 R14: 0000786c6c257830 R15: ffff8881188a13c0
[  639.531398][    C1]  ? perf_callchain_user+0x3f0/0x1170
[  639.531401][    C1]  ? perf_callchain_user+0x404/0x1170
[  639.531405][    C1]  get_perf_callchain+0x549/0x810
[  639.531408][    C1]  ? put_callchain_entry+0xb0/0xb0
[  639.531411][    C1]  ? __kasan_slab_alloc+0xc3/0xe0
[  639.531415][    C1]  ? slab_post_alloc_hook+0x61/0x2f0
[  639.531418][    C1]  ? kmem_cache_alloc+0x168/0x2e0
[  639.531421][    C1]  ? __sigqueue_alloc+0x19e/0x2f0
[  639.531425][    C1]  __bpf_get_stack+0x378/0x570
[  639.531428][    C1]  ? asm_exc_page_fault+0x1e/0x30
[  639.531432][    C1]  ? __put_user_nocheck_8+0x11/0x21
[  639.531436][    C1]  ? stack_map_get_build_id_offset+0x1460/0x1460
[  639.531439][    C1]  bpf_get_stack+0x31/0x40
[  639.531442][    C1]  bpf_get_stack_raw_tp+0x1b2/0x220
[  639.531446][    C1]  bpf_prog_b8a90dd1efcc4ad9+0x3d/0x8b8
[  639.531449][    C1]  bpf_trace_run5+0x176/0x320
[  639.531452][    C1]  ? bpf_trace_run4+0x2e0/0x2e0
[  639.531456][    C1]  __bpf_trace_signal_generate+0x3c/0x50
[  639.531459][    C1]  __send_signal+0xb39/0xb90
[  639.531462][    C1]  send_signal+0x4c1/0x5e0
[  639.531466][    C1]  force_sig_info_to_task+0x272/0x320
[  639.531469][    C1]  force_sig_fault+0x125/0x1c0
[  639.531472][    C1]  ? force_sig_fault_to_task+0x1c0/0x1c0
[  639.531476][    C1]  ? __kasan_slab_free+0x11/0x20
[  639.531479][    C1]  ? ex_handler_uaccess+0x3e/0xc0
[  639.531482][    C1]  ? ex_handler_fprestore+0xf0/0xf0
[  639.531486][    C1]  ? fixup_exception+0x94/0xd0
[  639.531489][    C1]  no_context+0x2e1/0xf20
[  639.531492][    C1]  ? audit_log_end+0x1c8/0x230
[  639.531495][    C1]  ? audit_seccomp+0x1a8/0x1e0
[  639.531498][    C1]  ? is_prefetch+0x5c0/0x5c0
[  639.531501][    C1]  ? __seccomp_filter+0xd03/0x1e10
[  639.531505][    C1]  __bad_area_nosemaphore+0xcd/0x440
[  639.531508][    C1]  bad_area+0x69/0x80
[  639.531511][    C1]  exc_page_fault+0x439/0x5b0
[  639.531514][    C1]  asm_exc_page_fault+0x1e/0x30
[  639.531518][    C1] RIP: 0010:__put_user_nocheck_8+0x11/0x21
[  639.531528][    C1] Code: 0f 01 ca c3 66 0f 1f 44 00 00 48 bb f9 ef ff ff ff 7f 00 00 48 39 d9 73 14 0f 01 cb 48 89 01 31 c9 0f 01 ca c3 0f 1f 44 00 00 <0f> 01 ca b9 f2 ff ff ff c3 cc cc cc cc cc cc cc 55 48 89 e5 41 57
[  639.531532][    C1] RSP: 0000:ffffc90000c57d98 EFLAGS: 00050283
[  639.531538][    C1] RAX: 000000006678516e RBX: 00007fffffffeff9 RCX: 0000000000000019
[  639.531543][    C1] RDX: ffffc90002c77000 RSI: 0000000000000ad3 RDI: 0000000000000ad4
[  639.531547][    C1] RBP: ffffc90000c57e48 R08: ffffffff815b6394 R09: ffffc90000c57de0
[  639.531552][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc90000c57de0
[  639.531556][    C1] R13: dffffc0000000000 R14: 1ffff9200018afb8 R15: 0000000000000019
[  639.531560][    C1]  ? ktime_get_real_ts64+0x1f4/0x2e0
[  639.531563][    C1]  ? __x64_sys_gettimeofday+0xf9/0x240
[  639.531566][    C1]  ? __ia32_sys_stime32+0x160/0x160
[  639.531570][    C1]  ? __secure_computing+0xf0/0x300
[  639.531573][    C1]  emulate_vsyscall+0xe33/0x13d0
[  639.531576][    C1]  exc_page_fault+0x147/0x5b0
[  639.531579][    C1]  ? asm_exc_page_fault+0x8/0x30
[  639.531582][    C1]  asm_exc_page_fault+0x1e/0x30
[  639.531585][    C1] RIP: 0033:_end+0x783da000/0x0
[  639.531590][    C1] Code: Unable to access opcode bytes at RIP 0xffffffffff5fffd6.
[  639.531593][    C1] RSP: 002b:00007f969d2aeb38 EFLAGS: 00010246
[  639.531600][    C1] RAX: ffffffffffffffda RBX: 00007f969e06bf80 RCX: 00007f969df350a9
[  639.531604][    C1] RDX: 00007f969d2aeb40 RSI: 00007f969d2aec70 RDI: 0000000000000019
[  639.531609][    C1] RBP: 00007f969dfa4074 R08: 0000000000000000 R09: 0000000000000000
[  639.531614][    C1] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000
[  639.531618][    C1] R13: 000000000000000b R14: 00007f969e06bf80 R15: 00007ffc7c450f78