last executing test programs:

6m38.408858842s ago: executing program 0 (id=196):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="02000000040000000400000008"], 0x48)
close(r2)

6m37.483837237s ago: executing program 0 (id=199):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00', r2}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$tipc(r3, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10, &(0x7f0000004340)=[{&(0x7f0000000f00)="34cbf9c55466da0eadc249236ab3cbf316717306be4c08c8c7da1f1ee04ab4b4eac14995ebdf620ff778a4e3452587e42a3c6aa1bd35dfd99f23b525893bc3b5f9f3bed1986bf8d0dddd7c5cdada611f9bf641e421ed71a842d84fa289a542f941d6e06b2b14e2a706ce30acf7d82f224f3e30cadd9d15f3dddbb29dbeb9f68fb68bedb91e0b1ef48832778fe36699c7ebf101659a8f476c4a065eac71d6d1e7fafc6f25ec2c9a8f431fe347a2d30e912c5b2397613ce784637ec71e37566eb0548b461f71028459c6f137c18737d58b56949d022bf1eaf486692bb76836a233c7879d740ad0beaf5159d3380442824f536a41bb22d08fe53952b9c6fed2605d53311c71b455655f96ea6a87e41e9211e90170b0a2b1a2098175ebcd33d517085d224122264cddadd82a3d11bc4a33ce66108b22b1abc6243d306d8f6b8a2ddb5373c190d8f859a3174a200936b079f85edcac7fc03fb993ec0ff8b83f1fd3f1b888d192d99c7ede5d381784d25410cccf1b0bf26a54f065e1e3ec59cc5704fb658fc980a0ac4287ef884ee82007554be3f1e163c81468d0c26c95e3e12393776e32800bb4f086f19080c4fca3d72e8569a5627ce98f2ae0bdb3ec42c23847d47e10b1c58da7e9cea990da842d96e3a51ed7d892f7b28a10486424a69a9109ebd4d7d5a3768400ac000a6d7556ca192e5cd45efb82001ac7b53e03036b6019a07ffb545cd3853e077f08a015f6232488c1139a9409c95ed005261e36b307406ba5714ef395129345866109341feb6c7c458ce08c147a983b46375ddb3621cee0312ba1a434bcd6081e1a8ae8b6d518988b9965faf9aff86df8173b93342cceaec357a100e59b4d66553633626b0b12e9622b8f8fdfe26545b87c57f8ce8609fb8e19b0f6d1cd64e8de85c7327f543b2f38cf3086b57f85e1aaa4add723e4bc4e3ea2c27acec1e545ae3fc870bd42422f6eaf17a1f82699c9cadf224ea1e5d1705b49118d91cc3731aeed60e41bf15a9613aeda8e63a29bc7a95b2d993d23269a310b91f69d16a71243c0f4080d3359f5ddd63c7032bef14ab25eb7df4b28b2132bcbf94a281c8f5de79885a6d679f145fca292b599bb09a1864726d86b65d4781408320b968e2224c23ce7a56d8892970043737ae47f071aaeb219716bc21e3304e301eb5cd32aea951a70621eb870214a72e6c474c3a20f5bd8e089ba16326cc9a80a1a4f5f0e8f58629e20b1c73eb8af330744b187a5cfdb410466378313700ca44eb6dcbc8f3d70f58e134202546f0b1a3b61a298f2a1184b1533bdad308fa2f960087e0f239d2ccbaee3889ddc1a2bea2183b98854d255a6f708909134fab83f42f13e7604f602e264f4a3b2b2a08c673c7ce2813218159b472d3b20ecbf26dd2f7b3ba5298a4ff7444ea0936e098c126f590b05e7697ed8a3d52ba1abc7285de2f160b9b081cb775a5ab77aad1bb98d47e3da53fc4c11d4db47de1e4e6f56ad671f5d8389b33260cc546e4f0bf34fec9b2abd209e6b89e6e381367774676ed6e6eaffe42b07241c276f3c84f17a0762de83eb769bdf28991ddbc23758f01c9ecfba4ab2ca2118fcedd7adde9ff47f643c13e3ad2f13b576985128f233e329fe269d5745cd2b30e5762452a4ff58fdec30623175f8d575ced1c43411e2869aadbe6f1e79a010bca334cb08d545bc2808f359b7777d1bb5675ee210574b9f72cdeb071e07eeaa0988086213a37a972647cf21d3a3bcbd7359da327bacad41b93c5e0e494669109dddcec781774f248f5663e4fac187d42ffccf68335de2adac4f8d3e1bf04b95a9464960186ed019773ffeda18f9827a61edc5fc4088eb0965cb1bd8af1185aa3972b8f73839b4611e303bcbc1f84a330f60fa0a7795ea3cffe0e338406533e12c7deef0b5906c513eab4619a8f02fdd65dcfb7297ef971c4601ad079f7ad38278ae3ff455b37d5492af546975535450693fd4593c8157b3fdb16fd3a106d2f1509d1c06dabb8933269d790a1c5e5f7bdd4a57e1e670d7043cfed88c365b5f8eefe530ef7da5322df981723332c088fce89c2ceee23b420f64332243b9c606d67d538810a94e0ffbd37a119d8fc4d6caec0def40e62613873c74feabde63e12cb2016c1d35cf1bb95bf59e01a63be8825cb3118b74b106f21eef5ee2f41e5fb39fdde058050f780d98ced247c66fc3a03ba04edaf14d698859ba303d511cf0845dc5e269aef2287770a247fd5ae1299b45819ff41725f9da3e4dab7770eb83992b53ae9a9de69e764f6e3aee3e27cfb1bacf531a91605894ae209da6d25872fb54bf36b2ed450b51aa8ee4875b9bc7e55753f61e12a323d301faceb2ecff0686b1359343a94774a6a098dc2df440725cd8331f527d4e22f8090d8879ef4765849705b99465d7ebdf661b81c303d13b87270dc1f227d5954fcbc93bbce6fde2a1f8d573d9cd8130c173a14706f1e9dabc4d16a5b003dd3239faf91769e25cf007b0623141e4e57f11746cd62f20d73956fa84c6a12e1756b6671a64bd7a474ba425907e1a61ba6d2ffa1149165a713a141bfec0f1af51afebdb84d5f14eb51acc284403627d6ce48fd028dc04e00ed963de37f85d155c33e2b4ceb09044c4f1c7791348216b674a8831a232a638f8bfb396fabbe1f880944bc5dcac55df8abc78f804306c88617acfd4adfbb5a055d3d3e91abb763ad84e701cc5679498e04600570f4b2e57c70542043dc590ab363215e6ab3f0bd89383748783d01c9227229edac723d4e2eaa061a44f2630691f25ca6093775183fdf432e01322203dd654b336670116a6a52a27ff2032b1103a4e4be0cc2fb05b24352d72e374e90cc3db2a5a691c7f6b8d1058d7730433c742d8ce52074318b1bce9bb104cf90c8b7f65293c2b74434661444f38d94d977e03433440517f6155a3cad2621c5502dd6148b867a40e6a40be4c8265ec2164b5257f06da1784e98991f42003ced4ba67c23b8c654b542d2d31168fd853cf56cc2c464d7a8a9fbcd2715968788f8527c597ab5f917753c1f1708d2c19972373c5a22af71847de22b9f1e9d38a04ea4dd291da3099cb836a696350bf1263c3c275c27b8b82f604625451a24490b0b5367c2fd05e699546ddf17709d2e2c2710f4361d9dd6e2de2b4353b7f4f8141f6f989dc1a798a974565978e4f9ec0c59a7dbc04bcab072c8513b9ca782c22cdd31fb116c10081740fd8f7d0cbd5c54f1069297f20b45d79bb9ace8e851a655fedf47b2dc76fd30b9ba9f09c9b50d6910ffcdec7078c36fe1e9b19dbb110197496349560a43c0ab42b4ce286643e73a92246ecb71e95ce0d54114772f8477c7d5604c1a52d2f680c5868cf08a2688dd9fef492a01836112cec824483e77da93d104a9e18d06bddf9a4007740a0537ac1a5e09900acc65d52680212a15b68b0ef887228e06f533c1ca95b8f9d81b9fc6608cb5bacf4b867922999c69d46048ec3f408866789f49fcb176fc99ed9d3e6c357ed2e3ce2665925773e5d86c2ceaf8f18519a00d9d2e19e9a6b16af0a53fd7df6974f5db00494460e7f3de6ff6b642859335e020513bb525adddabf0d7d6ae85e7e56e32ca8acc07fe86b7b445358966ba3914c1dfa7b814d9e846ff02a6a8c8f5713a0f727024b5d1ea7e4ce7c64f9b24dd3337a3df33714c5404403b0304b25a66fe3ac85083965877117b3d721e7922f0ac7e278feeb8dc09f58cbcfbb81b11d4699737f37ac240a24b9c4b2b587e68974f7ca5561856f32e389d32056f7d58e4de24c11bd5c5afaa441120370d0c48341e1b8146a6bbca8c15f23c155d2533e97a8e6496bc00533ec83be8488d020708d97385a03bcbf57cadc2c1e575e1ac134cdb5047f3f88eae0230751626cea1c85da9b74ddace668afebb2dc66d302ddf3c5f8f21ac0c0535d00839457e7cac9282a8e49d018b077e38ea512cf28eacff5d98e880abfb5af2e7c039d2e1f1edaad2642963ef29d715f754e2715caa6af046a298b285e3582d903be726b608619332e1a82be48b0f5adf6838f41ff776e5290de8269794bce8fb971267d036bd6bd30e42df918125d573ced78263251bcae2b7b40f1ba855b4f2472312ea8752c4a0e09468bd25615a6c00a9b44c484c5507b8400537f20890e9499ec94ed2b6aeff21e57c6e8a93d80097f85ac9316b03a5f768721bf7d041bb9a6a03eabd615e3c4d74f56c429d53b8fec4b5e86c5b311a6cd4a86f03e04dab25ad65b68a8b8d9053993fd2440ff2b81768213084c831d31a0f8c646aff9090b5463cbee452abd6318340ec41b50f1deba7ffb60b326751de3f6dbf9b17714299233d5c43071367ece2e53212e7f4e084fea60850d4d16908d9bbbb531fbf72143fdb62d1b40afde3d0b2ac2c94c32e456bbef62f8d677e332aec8ccc8eedbac61e7b89b32d57157a39ad5c456258d9c36db0edc82c2baead990ee78007ed89c8f450e92d5e209cc25f7c13f5909ca404fddbdbeff89cc42350c91e9f1fdf9753c6e95f71257f8cbb97838684461cd1244c938b9939a4e9c7727902b6f1a5434e0a06d3fc221771dd87572ae801c5ce6886122f0c91dae57440ffc7ace4e8e0041a1d245103aaadbfc2ecff622228daed2b0cd30f7f59b2617f6f0571ee4403d84e652d78b8e64d5450b6483ef70582dcda9351f2dddd3a4ac84f514f708d3af6242501bd041beae78e6b29b517b534148ea91ef85653fec824d6ddb0c0fa2555ab2564ba29227b1046b48a11ee0e6aafda9d0b80b0f05a8d057cbeb16264cb579aea3ba2b2000052d03c77844ab7c", 0xd4d}], 0x1}, 0x0)

6m37.274196974s ago: executing program 0 (id=202):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='\n\x00\x00\x00\b\x00\x00\x00B\x00\x00\x00@'], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000080), 0x1003, r0}, 0x38)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000500), 0x0, 0x2, r0}, 0x38)

6m37.029648113s ago: executing program 0 (id=205):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r0}, 0x18)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50)

6m35.680660882s ago: executing program 0 (id=210):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x9, [@enum64={0x6, 0x2, 0x0, 0x13, 0x0, 0x2, [{0x3, 0x1, 0x101}, {0x6, 0x7, 0x3}]}]}, {0x0, [0x5f, 0x61, 0x5f, 0x5f, 0x2e, 0x5f, 0x30]}}, &(0x7f00000004c0)=""/244, 0x45, 0xf4, 0x1}, 0x28)

6m35.306158642s ago: executing program 0 (id=213):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1, 0x42, 0x6, 0x8, 0x0, 0x1}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x8001, 0x0, r1}, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x8000, r2}, 0x38)

6m20.06545407s ago: executing program 32 (id=213):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1, 0x42, 0x6, 0x8, 0x0, 0x1}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x8001, 0x0, r1}, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x8000, r2}, 0x38)

26.986351129s ago: executing program 4 (id=1431):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x400, 0x0)
close(r3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r2, &(0x7f0000000740)=[{&(0x7f0000000880)="89e7ee2c78dad9b4b473fec988cafb", 0xf}], 0x1)

22.724838523s ago: executing program 4 (id=1439):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0xb, 0x8, 0xc, 0x4, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r5}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f0000000380)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x33, 0x0, @private, @broadcast}, {0x0, 0x0, 0x8}}}}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3008c94, &(0x7f0000000400)={[{@dioread_lock}, {@journal_dev={'journal_dev', 0x3d, 0x2}}, {@quota}, {@norecovery}, {@auto_da_alloc}, {@noquota}, {@grpquota}, {@barrier_val}, {@grpjquota}, {@jqfmt_vfsold}]}, 0x45, 0x7bf, &(0x7f0000000e00)="$eJzs3c9rG1ceAPDvyPLPZNdeWNjNngQLu4EQeZ31Jlso1KWHUmgg0J56aGJkxaSWrWDJITamTSiFXgpt6a295Nyfl9Jrfxx6af+PkhJaJzSlh+Iy+hHLtuRKiS2T5vOBid+beaM333lPb148YymAR1Yu/ScTcSwi3kwixhvrk4gYrKWyETP1cnc31gvpksTm5nM/JLUydzbWC9GyT+pII/P3iPjytYgTmd31VlbXFmZLpeJyIz9ZXbw8WVldO3lpcXa+OF9cOj01PX3qzP/OnN6/WH/6du3o9289/e+PZn559W8fv/FVEjNxtLGtNY79kotc45wMpqdwm6f2u7JD8+nLXRRq6QHZgzwYepQ2zECjVY7FeAzs1T6j/TwyAOCgvBIRm50MdNwCADzUkvr1/4nDPg4AoF+avwe4s7FeaC6H+xuJ/rr1ZESM1ONv3t+sb8k27tmN1O6Djt1Jtt0ZSSJiYh/qz0XEe5+9+EG6xAHdhwRo59r1iLgwkds9/ie7nlno1X/ar55vzeR2bDT+Qf98ns5//t9u/pe5N/+JNvOf4Tbv3fuRS7bnd7//Mzf3oZqO0vnf4y3Ptt1tib9hYqCR+1NtzjeYXLxUKqZj258j4ngMDqf5qT3qOH7719udtrXO/358+6X30/rTn1slMjezw9v3mZutzj5IzK1uXY/4R7Zd/On4P1xr/6TD/Pdcl3U889jr73balsafxttcdsd/sDZvRPyrbftvdcxkz+cTJ2vdYbLZKdr4ZCbGOtWfy261f7qk9Tf/L9APafuP7R3/RNL6vGal65e+97TYNzfGv+hUqLX/t4+/ff8fSp6vpYca667OVqvLUxFDybO715/a2reZb5ZP4z/+z/bv/+b416b/v5C+/oUuT0R2ID6sj5j3E//BSuOf66n9e07EyN2FgU717xF/o/+k7T+9bZ9uxr9uD/BBzh0AAAAAAAAAAAAAAAAAAAAAAAAAdCsTEUcjyeTvpTOZfL7+Hd5/jbFMqVypnrhYXlmai9p3ZU/EYKb5UZfjLZ+HOtX4PPxm/tSO/H8j4i8R8c7waC2fL5RLc4cdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0HOnw/f+p74Z3FB44jCMEAA7EiAs7ADxqkmz2sA8BAOi3kZ5Kjx7YcQAA/dPb9R8A+CNw/QeAR8/vXP93/hkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Orc2bPpsvnzxnohzc9dWV1ZKF85OVesLOQXVwr5Qnn5cn6+XJ4vFfOF8mLHF7pW/1Eqly9Px9LK1clqsVKdrKyunV8sryxVz19anJ0vni8O9i0yAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOheZXVtYbZUKi5L7E9iuHFiu9xr4et68XZlNjcPPxyJvRNxrafmfogSMbQ1Soz2f2ACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeEj8FgAA///+gx9z")
openat(0xffffffffffffff9c, 0x0, 0x40, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r6, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000c40)={0x34, r7, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_DEBUG_MSGMASK={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}]}]}, 0x34}}, 0x0)
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f00000004c0)=ANY=[@ANYBLOB="0100000000000000170101c0"])

19.224193916s ago: executing program 4 (id=1446):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[], 0x2, 0x5505, &(0x7f00000079c0)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, r0}, 0x94)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='uid_map\x00')
quotactl_fd$Q_SYNC(r1, 0xffffffff80000100, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000005c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r5, 0x0)

19.066312189s ago: executing program 3 (id=1447):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xa, 0x4, 0x7fe2, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0x2000000000000111, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x40}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xff, 0x7fff0000}]})
close_range(r4, 0xffffffffffffffff, 0x0)

17.958752518s ago: executing program 3 (id=1452):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001500)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$FUSE_INIT(r3, &(0x7f00000001c0)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x4, 0x800000, 0x4, 0x400, 0x5, 0x1, 0x0, 0x0, 0x1, 0x74}}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000040)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

17.314734471s ago: executing program 3 (id=1454):
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f00000002c0)='_', 0x1}], 0x1, 0x7ffd, 0xffffffff, 0x5)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305839, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x3fffffff404})
syz_genetlink_get_family_id$ipvs(&(0x7f0000000280), 0xffffffffffffffff)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r3, 0x6628)
sendfile(r0, r3, 0x0, 0x100001)

16.928190742s ago: executing program 3 (id=1456):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x0, 0x1, 0x4120932, 0xffffffffffffffff, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
accept4$unix(r2, 0x0, &(0x7f00000001c0), 0x800)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2004}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x8040, 0x0)
ioctl$TCSETS(r3, 0x40045431, 0x0)
syz_open_pts(r3, 0x141601)

15.764650326s ago: executing program 3 (id=1459):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x400, 0x0)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0e000000040000000400000009"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473fec988cafbe863cac50580cd8b", 0x17}, {&(0x7f0000000440)="9c74dfbf77572856c809ff86bb648daf351a32ad5ea7e5599da7a5b3d468381d8ff50420", 0x24}], 0x2)

14.766950326s ago: executing program 4 (id=1463):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001500)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
write$FUSE_INIT(r3, &(0x7f00000001c0)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x4, 0x800000, 0x4, 0x400, 0x5, 0x1, 0x0, 0x0, 0x1, 0x74}}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000040)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

13.790856425s ago: executing program 4 (id=1468):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000040000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = socket$pptp(0x18, 0x1, 0x2)
r3 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
io_uring_setup(0x1de0, &(0x7f00000000c0)={0x0, 0x45d6})
ioctl$MON_IOCX_MFETCH(r3, 0xc0109207, &(0x7f0000000c40)={0x0, 0xfe72})
ioctl$MON_IOCX_GETX(r3, 0x80089203, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$SEG6(0x0, 0xffffffffffffffff)
sendmsg$SEG6_CMD_GET_TUNSRC(r4, 0x0, 0x0)

12.62127353s ago: executing program 4 (id=1470):
syz_clone(0x44044000, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0xffffffffffffffff, 0x87}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_int(r2, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0)
openat$cgroup_procs(r2, &(0x7f0000001a80)='tasks\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
write$cgroup_int(r3, &(0x7f0000000040), 0x1)

8.227748195s ago: executing program 1 (id=1479):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001500)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_INIT(r3, &(0x7f00000001c0)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x4, 0x800000, 0x4, 0x400, 0x5, 0x1, 0x0, 0x0, 0x1, 0x74}}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000040)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

7.157799831s ago: executing program 1 (id=1481):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000a850000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
openat$null(0xffffffffffffff9c, 0x0, 0xe4003, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x4, 0x4, 0x4, 0x10000, 0x808, 0xffffffffffffffff, 0x20000000, '\x00', 0x0, 0xffffffffffffffff, 0x3000000, 0xffffffff}, 0x50)

6.938158029s ago: executing program 1 (id=1482):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x25, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x78}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r0, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, 0xffffffffffffffff, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000036000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x49, 0x0, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{0x1000, 0x3000, 0x3, 0xa9, 0x3, 0xf3, 0x0, 0x6, 0x0, 0x2d, 0xd}, {0x2000, 0x2, 0x3, 0x20, 0x7, 0x3, 0x7f, 0x6, 0x29, 0x0, 0x9, 0x6}, {0x3000, 0x1, 0x3, 0x5, 0x5, 0x1, 0x2, 0x8, 0x5, 0xa7, 0xb}, {0x80a0000, 0xdddd0000, 0x0, 0xe7, 0x5, 0x2, 0x1, 0xf8, 0x8, 0x7, 0x2}, {0x5000, 0xdddd0000, 0x8, 0x44, 0x5, 0x6, 0xa, 0x7f, 0x1, 0x0, 0xe7, 0x3}, {0x80a0000, 0x80a0000, 0x3, 0x80, 0xb1, 0x8, 0x1, 0xe, 0x80, 0xd, 0x1, 0x9}, {0xeeee8000, 0x2, 0xc, 0x1, 0x0, 0x5, 0x1, 0x3, 0x5, 0x81, 0x3, 0x4}, {0x5000, 0x1, 0x0, 0x4, 0x5, 0x3, 0x5, 0x37, 0x2, 0x8, 0xf2, 0xa}, {0xeeef0000, 0x5}, {0xdddd0000, 0x4}, 0x80000031, 0x0, 0x10000, 0x11241e, 0xf, 0x0, 0x3000, [0x8000000000000000, 0x1, 0x15e, 0x3]})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

6.671104731s ago: executing program 1 (id=1483):
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
getxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.nlink\x00', 0x0, 0x0)

6.43693952s ago: executing program 1 (id=1484):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000300)={[{@noauto_da_alloc}, {@errors_remount}]}, 0x3, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==")
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={0xffffffffffffffff, 0xc0, &(0x7f0000000640)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe3b, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000140)={r4}, 0x4)
syz_emit_ethernet(0x36, &(0x7f0000000680)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1b}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x9, 0x28, 0x68, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0x4, 0x2}}}}}}, 0x0)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r5}, &(0x7f0000000540), &(0x7f0000000580)}, 0x20)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000240), 0x3af4701e)

4.550965363s ago: executing program 2 (id=1486):
r0 = socket(0x10, 0x3, 0x0)
r1 = dup2(r0, r0)
sendto$inet6(r1, &(0x7f0000000000)="7800000018001f05b9409b0dffff000d0203be040205060506014007040016000f000000fac8388827a685a168d9a4c6040045653600648dcaaf6c26c291214549932fde4a460c89b6ec0cff3959547f509058ba86c902003a03004a32000400040012000a00000000", 0x69, 0x0, 0x0, 0x0)

4.471173359s ago: executing program 2 (id=1487):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000680)={[{@test_dummy_encryption}, {@init_itable}, {@noload}]}, 0x3, 0x470, &(0x7f0000001240)="$eJzs3MtvG1UXAPAzkzj98qUloZRXyyNQEBWPpGkLdMECEEgsioQEC1haSVqVpi1qjESrSKQsygohJPaIJf8CK9ggxAqJLexRpQp1Q8vKaOyZxHZsp2nsuMW/n+T23Hn43uOZa9+ZayeAoTWd/ZNE7I6I3yNisl5s3mC6/t+N6yvzN6+vzCdRrb77V1Lb7u/rK/PFpsV+E42FSOJAm3qXL146U15aWryQl2crZz+aXb546YXTZ8unFk8tnjty/Pixo3Mvv3TkxZ7kORFpHr31wVdvn/iiKf+WPHpkutvKp6vVHlc3WHsa4tEBtoOtGcmPV6nW/ydjpOHoTcabn60VPh1QA4G+qVar1YnOq1erwH9YEs1lXR6GRfFBX1z/trsOfrVvo4/Bu/Za/QIoy/tG/qivGV27Y1Bqub7tpemIeH/1n2+yR/TnPgQAQJMfsvHP89loZ2U+G3usjz/SeKBhu3vyuaGpiLg3IvZGxH1xLvZFxP0RtW0fjIiHtlh/6yTJxvFPevW2ErtF2fjvlXxuq3n8V4z+YmokL+2p5V9KTp5eWjycvyaHorQrK891qePHN377stO6xvFf9sjqL8aCeTuuju5q3mehXClvJ+dG1y5H7B9tl3+yNhOQRMTDEbG/3ROkm9dx+tnvHum0bvP8u+jBRFP124hn6sd/NVryLyTd5ydn/xdLi4dni7Nio19+vfJOp/q3lX8PZMf//23P/7X8p5LG+drlrddx5Y/PO17TTJfyYAvn/2q5Uh5L3qvFY/myT8qVyoW5iLHkRL3RjcuPrO9blIvts/wPHWzf//fG+itxICKyk/jRiHgsIh7Pj90TEfFkRBzskv/Prz/1Yeuy8SL/O+D4L2zp+K8HY9G6pH0wcuan75sqnVoP8/xvdn//O1aLDuVLbuX971badXtnMwAAANx90ojYHUk6sxan6cxM/Tv8+yLSpfPLledOnv/43EL9NwJTUUqLO12TDfdD5/LL+nr5ckTUv1pQrD8aae2+8dcj47XyzPz5pYVBJw9DbqJD/8/8OTLo1gF95wdbMLz0fxheXft/aefaAey8Df2/a5/f1de2ADurzef/+CDaAey8duN/f+8HhkNL/zftB0PE/X8YXvo/DC/9H4bS8nhs/iP5rkHxTLe5+2bBZMR2WziYIEp3RDP6FkTa9yrG+ntq9S1I7sI2bwgG954EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQS/8GAAD//3hZ0MA=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000001000000e27f000001"], 0x48)
userfaultfd(0x800)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005700)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000005680), &(0x7f00000056c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1b, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000004}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x1e8629867d7bdaee, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
chdir(&(0x7f0000000000)='./file0\x00')
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x41)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)

3.238328508s ago: executing program 2 (id=1488):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x60242, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0x2007})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000080)={0x20000000})

3.156860865s ago: executing program 1 (id=1489):
r0 = syz_mount_image$fuse(0x0, 0x0, 0x89000, &(0x7f0000000300)={{}, 0x2c, {'rootmode', 0x3d, 0x6000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x8000000000000000}}, {@allow_other}, {@allow_other}], [{@fscontext={'fscontext', 0x3d, 'system_u'}}, {@dont_hash}]}}, 0x1, 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
syz_open_procfs(r1, 0x0)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file1\x00', 0x3000801, &(0x7f0000000840)=ANY=[], 0x2, 0x1ea, &(0x7f00000003c0)="$eJzsmb2LE0EYxp+Z3eydhyg2FjYWHniit9ndqFxzxQmWgnCKWgZvPU73LpKskAQEg42NpYVga2NpYWFl4V9gq4UKgoUp7YSR+djdyWYT4gdG9P3BzT7z9c68L9yzsAFBEP8tHz98ff/w3NqlUwD2YxkLZvyzo5/i4Oj6d4/vnHy0fv7J87dPX+8duPuyHI/JPWL28z0ArzYcpGCuOXFk93IRNtO4DI4TRl8Bg6/lN6HQnRgM18yam5Zu7TMiif3rrWTrxk4SB7IJZRPJpmGfLy81HDBsAVhUtxOCWfOdXv9WM0nidlnURHbO2NSPimn1U/fb4FhHVj0hOICrD+4PZN/UBgF4Xr8QHKHRDTBsGr2GBfi+X5TEyv+IW8R3Zsl/vuKZEodW/9Sh4Locf0Pu/7Co/ZY4rDwi/6HzkcPDzAPtNZ/mnvvPC2VcAMam3iwlyYVfiOxVFCoXhT9JZz9u+ZMLN/ePerp7u97p9Vd3dpvb8Xa8F0WNs8HpIDgT1ZUR6XaK/y0qf1qy4tcmrPWYh24zTdthF0jbYd6PdGs57uaL1he1hyv/41g5pmMw887KX5QlmPnj6inVilO98t7EnAiCIAiCIAiCIAiCIAiCIKo5Cgb9S5hg5oNoFdFF9YXyewAAAP//L0Rm/Q==")
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x1a4)
fadvise64(r7, 0xe0ffff, 0x9, 0x3)
io_submit(0x0, 0x2, &(0x7f0000000b00)=[&(0x7f0000000a40)={0x0, 0x0, 0x0, 0x6, 0x2, r6, &(0x7f0000000a00)="8333b85d85ed6cb0a20f71a86a07", 0xe, 0x100, 0x0, 0x3}, 0x0])
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/18, @ANYRES32=0x0, @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
openat(r0, 0x0, 0x76b340, 0x80)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_ACTIVATE(r8, 0x5606, 0x4)

3.007573017s ago: executing program 2 (id=1490):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000700), 0xff, 0x49b, &(0x7f0000001040)="$eJzs3MtvVNUfAPDvnbY8fjzaHyIKglbQSHy0tKCycKFGExeamOgCl7UtiAzU0JoIabQYg0tD4t64NPEvcOfGqAtj4lYTl4aEaGNCcTXmvugwnSltaTvS+XyS6ZxzH3PO9957Zs69p/cG0LH60z9JxPaI+DUievPsrQv0529zs9OjN2anR5Oo1d74M8mWuz47PVouWq63rcgcrkRUPkni+WRhuZMXLp4ZqVbHzxf5wamz7w1OXrj41OmzI6fGT42fGz5+/NjRoWefGX56VeJM47q+78OJ/XtfeevKa6Mnrrz9w9dptfYcyOfXx3FbN5oE1ER/utX+qmUa5z26jLrfDXbUpZPuNlaEZemKiHR39WTtvze6Yn7n9cbLH7dec/P6VBBYM+lv0yIteaYGbGBJtLsGQHuUP/Tp+W/5Wqeux3/CtRciNhXpudnp0bmb8XdHpZjes4bl90fEiZl/vkhfsdzrEAAAK5D1bZ5s1v+rxJ7sPR/r2FmMofRFxP8jYldE3BMRuyPi3ohs2fsi4v585VrvEsvvb8gv7P9Urjat8ypJ+3/P1fX95uriL976uorcjiz+nuTk6er4kWKbHI6ezWl+aJEyvn3pl89azavv/6WvtPyyL1hU4Gp3wwW6sZGpkdXaCNcuRezrbhZ/cnMkID0C9kbEvuV99M4ycfrxr/a3Wuj28S9iFcaZal9GPJbv/5loiL+ULD4+ObglquNHBsujYqEff778eqvy7yj+VXDt4AN5Yn7/NyzR+3eSj9f2RLU6fn5y+WVc/u3Tluc0Kz3+NyVvZmPWP72TT/tgZGrq/FDEpuTVLF+e02XTh+fXLfPl8unxf/hQ8/a/q1gnjT/dSulBfCAiHoyIh4q6PxwRByPi0CLxf//iI+8uEn8SSbRv/1+KGGv6/Xfz+O9L6sfrV5DoOvPdN61GzOv3fy1ptf+PxUz2XZvLvv9uY6kVvMPNBwAAAHeFSkRsj6QykKf7t0elMjCQ/w//7vhfpToxOfXEyYn3z43l9wj0RU+lvNLVW3c9dCiZKT4xzw8X14rL+UeL68afd23N8gOjE9WxNscOnW7bre0/yvaf+qOr3bUD1pz7taBzNbb/SpvqAay/pfz+OxeAjenW9r8l/bO1XXUB1pfzf+hczdr/Rw15/X/YmBY+AOj3Jo+sAzYi/X/oXNo/dC7tHzpSfif8lVjJff0rT5Q3C6z8c7Ys+Q7/TkmUT7xYy7K2xvyUqLQ95A5KpC1mfQudf4YKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA3ezfAAAA//+5XeWQ")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x0)
r1 = socket(0x10, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYRES32=r2, @ANYBLOB="02000000000080008000120008000100767469367400020060"], 0xa0}}, 0x0)
socket(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x10}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r7, &(0x7f0000000200), 0xf000)

2.582274642s ago: executing program 3 (id=1491):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioprio_set$pid(0x1, r0, 0x0)
request_key(&(0x7f0000000040)='user\x00', &(0x7f0000000080)={'syz', 0x0}, &(0x7f0000000140)='\\\\@[*#)\x00', 0xfffffffffffffffe)
syz_usb_connect$uac1(0x1, 0x8d, &(0x7f0000002c80)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x7b, 0x3, 0x1, 0x0, 0x0, 0x7, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x7fff, 0x7}, [@input_terminal={0xc, 0x24, 0x2, 0x6, 0x205, 0x2, 0x6, 0x4, 0xfb, 0x3}, @mixer_unit={0x8, 0x24, 0x4, 0x6, 0x7, "29d73b"}, @extension_unit={0x8, 0x24, 0x8, 0x4, 0x7f, 0xa, "bd"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x400, 0x9f, 0xd, 0xe, {0x7, 0x25, 0x1, 0x81, 0x1, 0xff}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x20, 0x4, 0xd3, 0x9, {0x7, 0x25, 0x1, 0x0, 0x8, 0xa}}}}}}}]}}, 0x0)

1.065424684s ago: executing program 2 (id=1492):
syz_emit_ethernet(0x7a, &(0x7f00000004c0)={@local, @link_local, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "156909", 0x44, 0x2f, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x88a8, 0x0, 0x6000}, {}, {}, {0xa888, 0x88be, 0x8000000}, {0x8, 0x22eb, 0x0, {{0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4}}}}}}}}}, 0x0)

0s ago: executing program 2 (id=1493):
syz_open_dev$vcsa(0x0, 0x1, 0x40002)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}, 0x400}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001bc0)=[@hoplimit={{0x14, 0x29, 0x34, 0x5}}, @hoplimit={{0x14, 0x29, 0x34, 0x200006}}], 0x30}}], 0x1, 0x4000000)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xc00, 0x0)
ioctl$BTRFS_IOC_SEND(r4, 0x40489426, &(0x7f0000000300)={{r5}, 0x4, &(0x7f00000001c0)=[0x0, 0x8, 0x80000000, 0x5], 0x0, 0x7})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYRES32=r6, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r7}, 0x10)
syz_emit_ethernet(0x46, &(0x7f00000000c0)={@local, @random="7f0a00034011", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x12, 0x0, 0x2802, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, @loopback, @local}, "380086ddffffffff"}}}}}, 0x0)

kernel console output (not intermixed with test programs):

2.581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbf078ebe9 code=0x7ffc0000
[  203.697668][ T7576] netlink: 'syz.4.590': attribute type 15 has an invalid length.
[  203.832326][ T7578] syz.3.589[7578] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  203.832469][ T7578] syz.3.589[7578] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  206.660447][ T7582] loop1: detected capacity change from 0 to 40427
[  206.768616][ T7582] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  206.803215][ T7582] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  206.847993][ T7582] F2FS-fs (loop1): invalid crc value
[  206.864829][ T7582] F2FS-fs (loop1): Failed to start F2FS issue_checkpoint_thread (-4)
[  206.933346][ T5784] Bluetooth: hci3: command 0x0406 tx timeout
[  206.939563][ T5784] Bluetooth: hci1: command 0x0406 tx timeout
[  206.945700][ T5793] Bluetooth: hci0: command 0x0406 tx timeout
[  207.025911][ T5782] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.072598][ T7593] loop3: detected capacity change from 0 to 40427
[  207.110465][ T7593] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x7ffff
[  207.167108][ T7593] F2FS-fs (loop3): invalid crc value
[  207.328896][ T7593] F2FS-fs (loop3): Found nat_bits in checkpoint
[  209.465123][ T7649] netlink: 44 bytes leftover after parsing attributes in process `syz.2.609'.
[  209.499327][ T7649] netlink: 59 bytes leftover after parsing attributes in process `syz.2.609'.
[  209.508386][ T7649] netlink: 59 bytes leftover after parsing attributes in process `syz.2.609'.
[  209.660931][ T7655] loop4: detected capacity change from 0 to 512
[  209.775456][ T7655] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.876951][ T7655] ext4 filesystem being mounted at /70/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  210.101268][ T7643] loop3: detected capacity change from 0 to 40427
[  210.129998][ T7643] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  210.148804][ T7643] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  210.194429][ T7643] F2FS-fs (loop3): invalid crc value
[  210.226558][ T7643] F2FS-fs (loop3): Found nat_bits in checkpoint
[  210.325363][ T7643] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  210.350185][ T7643] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  210.932023][ T7643] syz.3.606: attempt to access beyond end of device
[  210.932023][ T7643] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  210.961714][ T7643] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  211.223880][ T7701] process 'syz.2.628' launched './file0' with NULL argv: empty string added
[  213.204482][ T7450] Bluetooth: hci2: Frame reassembly failed (-84)
[  215.173485][ T5788] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  216.196610][ T7745] loop2: detected capacity change from 0 to 40427
[  216.230144][ T7745] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  216.250913][ T7745] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  216.285980][ T7745] F2FS-fs (loop2): invalid crc value
[  216.374924][ T7745] F2FS-fs (loop2): Found nat_bits in checkpoint
[  217.313530][ T7745] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  217.334266][ T7745] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  217.514824][ T7768] syz.3.634: attempt to access beyond end of device
[  217.514824][ T7768] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  217.610665][ T7745] syz.2.629: attempt to access beyond end of device
[  217.610665][ T7745] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  217.635630][ T7745] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  217.960643][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.403497][   T23] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  218.583215][   T23] usb 5-1: Using ep0 maxpacket: 32
[  218.600643][   T23] usb 5-1: config 0 has an invalid interface number: 184 but max is 0
[  218.643490][   T23] usb 5-1: config 0 has no interface number 0
[  218.675655][   T23] usb 5-1: config 0 interface 184 has no altsetting 0
[  218.702100][   T23] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  218.732222][   T23] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.751489][   T23] usb 5-1: Product: syz
[  218.773417][   T23] usb 5-1: Manufacturer: syz
[  218.783781][   T23] usb 5-1: SerialNumber: syz
[  218.810017][   T23] usb 5-1: config 0 descriptor??
[  218.840162][   T23] smsc75xx v1.0.0
[  219.672178][   T23] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  219.694056][   T23] smsc75xx: probe of 5-1:0.184 failed with error -71
[  219.712073][   T23] usb 5-1: USB disconnect, device number 3
[  221.846321][ T7834] loop3: detected capacity change from 0 to 256
[  221.973348][ T7834] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[  222.379501][ T7841] loop2: detected capacity change from 0 to 512
[  222.521685][ T7841] journal_path: Lookup failure for './bus'
[  222.677860][ T7841] EXT4-fs: error: could not find journal device path
[  223.602609][ T7858] loop3: detected capacity change from 0 to 512
[  223.751888][ T7858] EXT4-fs warning (device loop3): ext4_enable_quotas:7173: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  223.846614][ T7858] EXT4-fs (loop3): mount failed
[  224.487574][ T7876] loop3: detected capacity change from 0 to 256
[  224.673188][ T7876] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011d5f, chksum : 0x09863542, utbl_chksum : 0x000cd30d)
[  224.815120][   T28] audit: type=1800 audit(1755149575.996:5): pid=7876 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.651" name="file2" dev="loop3" ino=1048599 res=0 errno=0
[  225.233334][ T7895] usb usb5: usbfs: process 7895 (syz.1.656) did not claim interface 0 before use
[  226.729104][ T7905] syz.4.658 (7905) used greatest stack depth: 16848 bytes left
[  228.693420][ T7931] netlink: 8 bytes leftover after parsing attributes in process `syz.4.662'.
[  229.060076][ T7940] random: crng reseeded on system resumption
[  229.471312][ T7920] loop4: detected capacity change from 0 to 32768
[  229.783590][ T7946] binder: 7945:7946 ioctl c0306201 0 returned -14
[  231.528983][ T7958] loop4: detected capacity change from 0 to 256
[  233.640865][ T7983] loop1: detected capacity change from 0 to 1024
[  233.723007][ T7983] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  233.773536][ T7983] ext4 filesystem being mounted at /213/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  234.484047][ T7983] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  234.683901][ T7983] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  234.712306][ T7993] bridge1: entered promiscuous mode
[  234.770744][ T7993] bridge1: entered allmulticast mode
[  234.787516][ T7983] EXT4-fs (loop1): This should not happen!! Data will be lost
[  234.787516][ T7983] 
[  234.799416][ T7983] EXT4-fs (loop1): Total free blocks count 0
[  234.808292][ T7983] EXT4-fs (loop1): Free/Dirty block details
[  234.814643][ T7983] EXT4-fs (loop1): free_blocks=4293918720
[  234.820486][ T7983] EXT4-fs (loop1): dirty_blocks=16
[  234.833203][ T7983] EXT4-fs (loop1): Block reservation details
[  234.840600][ T7983] EXT4-fs (loop1): i_reserved_data_blocks=1
[  235.157260][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.334243][ T8007] syz.3.685[8007] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  235.334948][ T8007] syz.3.685[8007] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  238.290513][ T8020] loop2: detected capacity change from 0 to 512
[  239.349101][ T8020] EXT4-fs (loop2): 1 orphan inode deleted
[  239.405363][ T8020] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  239.419980][ T3516] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  239.487862][ T3516] EXT4-fs error (device loop2): ext4_release_dquot:6974: comm kworker/u4:9: Failed to release dquot type 1
[  239.539004][ T8020] ext4 filesystem being mounted at /169/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  239.638257][ T8015] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.411468][ T8048] loop1: detected capacity change from 0 to 128
[  241.668006][ T8039] loop3: detected capacity change from 0 to 40427
[  241.709089][ T8039] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  241.741722][ T8039] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  241.805245][ T8039] F2FS-fs (loop3): invalid crc value
[  241.838276][ T8039] F2FS-fs (loop3): Found nat_bits in checkpoint
[  242.053956][ T8039] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  242.077031][ T8039] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  242.642630][ T5789] syz-executor: attempt to access beyond end of device
[  242.642630][ T5789] loop3: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  242.695086][ T5789] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  243.500624][ T8080] loop3: detected capacity change from 0 to 512
[  243.610839][ T8080] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  243.671385][ T8080] ext4 filesystem being mounted at /182/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  243.768185][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.978944][ T8070] loop4: detected capacity change from 0 to 40427
[  244.018035][ T8070] F2FS-fs (loop4): invalid crc value
[  244.051074][ T8070] F2FS-fs (loop4): Found nat_bits in checkpoint
[  244.198060][ T8070] F2FS-fs (loop4): Start checkpoint disabled!
[  244.242697][ T8070] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  244.457115][ T8093] loop3: detected capacity change from 0 to 128
[  244.480989][ T8093] EXT4-fs (loop3): Test dummy encryption mode enabled
[  244.525051][ T8093] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  244.604603][ T8093] ext4 filesystem being mounted at /185/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  244.942382][ T1098] kworker/u4:7: attempt to access beyond end of device
[  244.942382][ T1098] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  244.968590][ T1098] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  245.196744][ T8093] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  245.342414][ T5789] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  245.769035][  T785] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[  245.983255][  T785] usb 4-1: New USB device found, idVendor=1e7d, idProduct=3232, bcdDevice= 0.00
[  245.992380][  T785] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  246.016239][  T785] usb 4-1: config 0 descriptor??
[  246.585561][  T785] ryos 0003:1E7D:3232.0001: unknown main item tag 0x0
[  246.597905][  T785] ryos 0003:1E7D:3232.0001: item fetching failed at offset 3/4
[  246.616249][  T785] ryos 0003:1E7D:3232.0001: parse failed
[  246.622023][  T785] ryos: probe of 0003:1E7D:3232.0001 failed with error -22
[  246.704915][  T785] usb 4-1: USB disconnect, device number 2
[  251.659414][ T8141] loop1: detected capacity change from 0 to 40427
[  251.676112][ T8141] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  251.695777][   T23] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  251.733682][ T8141] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  251.768351][ T8141] F2FS-fs (loop1): invalid crc value
[  251.790567][ T8141] F2FS-fs (loop1): Found nat_bits in checkpoint
[  251.863700][   T23] usb 4-1: device descriptor read/64, error -71
[  252.003481][ T8141] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  252.020912][ T8141] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  252.133659][   T23] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  252.185194][ T5786] syz-executor: attempt to access beyond end of device
[  252.185194][ T5786] loop1: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  252.223970][ T5786] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  252.296843][   T23] usb 4-1: device descriptor read/64, error -71
[  252.436204][   T23] usb usb4-port1: attempt power cycle
[  252.863609][   T23] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  252.872752][ T8172] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  252.922225][   T23] usb 4-1: device descriptor read/8, error -71
[  253.210788][   T23] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  253.257497][   T23] usb 4-1: device descriptor read/8, error -71
[  253.403442][   T23] usb usb4-port1: unable to enumerate USB device
[  254.105654][   T23] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  254.334635][   T23] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  254.354591][   T23] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  254.376419][   T23] usb 4-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  254.393448][   T23] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.415766][   T23] usb 4-1: config 0 descriptor??
[  254.838337][   T23] hid-steam 0003:28DE:1142.0002: item fetching failed at offset 0/5
[  254.852949][   T23] hid-steam 0003:28DE:1142.0002: steam_probe:parse of hid interface failed
[  254.876162][   T23] hid-steam: probe of 0003:28DE:1142.0002 failed with error -22
[  255.043730][ T5783] usb 4-1: USB disconnect, device number 7
[  255.978675][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  255.985389][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  257.949931][ T8204] syz.1.748[8204] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  257.950074][ T8204] syz.1.748[8204] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  258.122431][ T8206] loop4: detected capacity change from 0 to 128
[  258.230520][   T28] audit: type=1800 audit(1755149609.406:6): pid=8206 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.750" name="file2" dev="loop4" ino=1048602 res=0 errno=0
[  258.670813][ T8214] loop4: detected capacity change from 0 to 512
[  258.729453][ T8214] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  258.859187][ T8214] ext4 filesystem being mounted at /94/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  260.545264][ T8227] EXT4-fs warning (device loop4): ext4_empty_dir:3156: inode #12: comm syz.4.754: directory missing '..'
[  262.407610][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.357825][ T8256] loop4: detected capacity change from 0 to 40427
[  266.508236][ T8256] F2FS-fs (loop4): invalid crc value
[  266.639154][ T8256] F2FS-fs (loop4): Found nat_bits in checkpoint
[  268.307907][ T5792] Bluetooth: hci4: command 0x0406 tx timeout
[  268.374043][ T5871] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  268.586360][ T5871] usb 4-1: Using ep0 maxpacket: 16
[  268.603717][ T5871] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  268.641360][ T5871] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  268.696498][ T5871] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  268.743403][ T5871] usb 4-1: New USB device found, idVendor=045e, idProduct=fc40, bcdDevice=72.a8
[  268.773037][ T5871] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  269.503861][ T8299] syz.1.782[8299] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  269.504002][ T8299] syz.1.782[8299] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  269.630240][ T5871] usb 4-1: config 0 descriptor??
[  269.771016][ T8304] loop4: detected capacity change from 0 to 512
[  269.834642][ T8304] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #15: comm syz.4.784: casefold flag without casefold feature
[  269.852814][ T8304] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.784: couldn't read orphan inode 15 (err -117)
[  269.922167][ T8304] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  270.127854][ T8304] Zero length message leads to an empty skb
[  271.460404][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  271.478600][ T5871] hid-generic 0003:045E:FC40.0003: hidraw0: USB HID v0.00 Device [HID 045e:fc40] on usb-dummy_hcd.3-1/input0
[  271.686478][ T8287] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  271.694262][ T8287] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  271.828096][ T8287] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  271.844684][ T8287] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  271.858306][ T8287] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  271.868976][ T8287] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  271.878587][ T8287] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  271.889687][ T8287] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  272.039031][ T5871] usb 4-1: USB disconnect, device number 8
[  272.133301][ T5788] Bluetooth: hci0: command 0x0406 tx timeout
[  272.166204][ T8327] loop4: detected capacity change from 0 to 1024
[  272.222113][ T8327] EXT4-fs: Ignoring removed bh option
[  272.232514][ T8327] EXT4-fs: inline encryption not supported
[  272.244751][ T8327] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  272.256314][ T8331] loop3: detected capacity change from 0 to 1024
[  272.275595][ T8327] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000]
[  272.295061][ T8331] EXT4-fs: Ignoring removed orlov option
[  272.313772][ T8327] EXT4-fs error (device loop4): ext4_map_blocks:608: inode #3: block 2: comm syz.4.791: lblock 2 mapped to illegal pblock 2 (length 1)
[  272.334860][ T8327] Quota error (device loop4): qtree_write_dquot: dquota write failed
[  272.351501][ T8327] EXT4-fs error (device loop4): ext4_map_blocks:608: inode #3: block 48: comm syz.4.791: lblock 0 mapped to illegal pblock 48 (length 1)
[  272.391326][ T8331] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  272.403827][ T8327] Quota error (device loop4): v2_write_file_info: Can't write info structure
[  272.414355][ T8327] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.791: Failed to acquire dquot type 0
[  272.436403][ T8327] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5902: Corrupt filesystem
[  272.466265][ T8327] EXT4-fs error (device loop4): ext4_evict_inode:252: inode #11: comm syz.4.791: mark_inode_dirty error
[  272.495051][ T8327] EXT4-fs warning (device loop4): ext4_evict_inode:255: couldn't mark inode dirty (err -117)
[  272.506883][ T8327] EXT4-fs (loop4): 1 orphan inode deleted
[  272.514125][ T8327] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  272.535862][ T5974] EXT4-fs error (device loop4): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:10: lblock 1 mapped to illegal pblock 1 (length 1)
[  272.594315][ T5974] Quota error (device loop4): remove_tree: Can't read quota data block 1
[  272.712983][ T5974] EXT4-fs error (device loop4): ext4_release_dquot:6974: comm kworker/u4:10: Failed to release dquot type 0
[  272.774889][ T8339] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  272.843991][ T8327] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[  272.973660][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.893496][ T5788] Bluetooth: hci4: command 0x0406 tx timeout
[  273.899886][ T5788] Bluetooth: hci3: command 0x0406 tx timeout
[  273.906177][ T5792] Bluetooth: hci1: command 0x0406 tx timeout
[  274.228103][ T5792] Bluetooth: hci0: command 0x0406 tx timeout
[  274.340791][ T8350] loop4: detected capacity change from 0 to 1024
[  274.358201][ T8350] EXT4-fs: Ignoring removed i_version option
[  274.369089][ T8350] EXT4-fs: quotafile must be on filesystem root
[  274.427863][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.945458][ T8362] loop3: detected capacity change from 0 to 256
[  275.977656][ T5792] Bluetooth: hci1: command 0x0406 tx timeout
[  275.983921][ T5792] Bluetooth: hci3: command 0x0406 tx timeout
[  275.989969][ T5792] Bluetooth: hci4: command 0x0406 tx timeout
[  277.556040][ T8372] netlink: 96 bytes leftover after parsing attributes in process `syz.1.805'.
[  279.642389][   T28] audit: type=1326 audit(1755149630.816:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8387 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe68bd8ebe9 code=0x7ffc0000
[  279.703258][   T28] audit: type=1326 audit(1755149630.816:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8387 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe68bd8ebe9 code=0x7ffc0000
[  279.738621][ T8391] loop4: detected capacity change from 0 to 512
[  279.752639][ T8391] EXT4-fs: Ignoring removed oldalloc option
[  279.773184][   T28] audit: type=1326 audit(1755149630.816:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8387 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe68bd8ebe9 code=0x7ffc0000
[  279.861798][ T8389] loop3: detected capacity change from 0 to 512
[  279.884407][   T28] audit: type=1326 audit(1755149630.816:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8387 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe68bd8ebe9 code=0x7ffc0000
[  279.918392][ T8391] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  279.938487][ T8389] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  279.963584][ T8391] ext4 filesystem being mounted at /111/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  280.074604][   T28] audit: type=1326 audit(1755149630.816:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8387 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe68bd8ebe9 code=0x7ffc0000
[  280.211251][ T8391] EXT4-fs error (device loop4): ext4_empty_dir:3136: inode #12: comm syz.4.813: invalid size
[  280.290822][   T28] audit: type=1326 audit(1755149630.816:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8387 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe68bd8ebe9 code=0x7ffc0000
[  280.405949][   T28] audit: type=1326 audit(1755149630.856:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8387 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe68bd8ebe9 code=0x7ffc0000
[  280.428828][   T28] audit: type=1326 audit(1755149630.866:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8387 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fe68bd8ebe9 code=0x7ffc0000
[  280.453164][   T28] audit: type=1326 audit(1755149630.996:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8387 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fe68bd8ec23 code=0x7ffc0000
[  280.482615][   T28] audit: type=1326 audit(1755149631.016:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8387 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe68bd8d69f code=0x7ffc0000
[  280.659497][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.955441][ T8419] IPv6: NLM_F_REPLACE set, but no existing node found!
[  283.289253][ T8421] wg2: left promiscuous mode
[  283.294248][ T8421] wg2: left allmulticast mode
[  284.553991][ T8422] wg2: entered promiscuous mode
[  284.558967][ T8422] wg2: entered allmulticast mode
[  286.062899][ T8450] netem: change failed
[  286.371109][   T28] kauditd_printk_skb: 27 callbacks suppressed
[  286.371126][   T28] audit: type=1326 audit(1755149637.546:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8459 comm="syz.4.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  286.405223][   T28] audit: type=1326 audit(1755149637.546:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8459 comm="syz.4.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  286.428012][   T28] audit: type=1326 audit(1755149637.576:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8459 comm="syz.4.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  286.455755][   T28] audit: type=1326 audit(1755149637.576:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8459 comm="syz.4.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  286.481012][   T28] audit: type=1326 audit(1755149637.576:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8459 comm="syz.4.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  286.514031][   T28] audit: type=1326 audit(1755149637.576:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8459 comm="syz.4.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  286.538082][   T28] audit: type=1326 audit(1755149637.586:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8459 comm="syz.4.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  286.562937][   T28] audit: type=1326 audit(1755149637.586:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8459 comm="syz.4.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  286.608024][   T28] audit: type=1326 audit(1755149637.636:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8459 comm="syz.4.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  286.639865][   T28] audit: type=1326 audit(1755149637.636:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8459 comm="syz.4.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  291.710076][   T28] audit: type=1326 audit(1755149642.886:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8479 comm="syz.4.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  291.750778][   T28] audit: type=1326 audit(1755149642.896:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8479 comm="syz.4.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  291.780125][   T28] audit: type=1326 audit(1755149642.906:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8479 comm="syz.4.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  291.807466][   T28] audit: type=1326 audit(1755149642.906:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8479 comm="syz.4.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  291.836482][   T28] audit: type=1326 audit(1755149642.906:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8479 comm="syz.4.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  292.078382][ T8461] netlink: 4 bytes leftover after parsing attributes in process `syz.2.836'.
[  292.992969][ T8489] loop3: detected capacity change from 0 to 512
[  293.093377][ T8489] EXT4-fs (loop3): 1 truncate cleaned up
[  293.141993][ T8489] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  293.419322][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.160265][ T8505] loop3: detected capacity change from 0 to 128
[  295.970760][ T8505] EXT4-fs (loop3): Test dummy encryption mode enabled
[  296.013036][ T8505] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  296.064611][ T8505] ext4 filesystem being mounted at /211/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  296.161215][ T8505] xt_hashlimit: size too large, truncated to 1048576
[  298.419646][ T8543] loop4: detected capacity change from 0 to 8192
[  304.586034][   T28] audit: type=1326 audit(1755149655.766:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8577 comm="syz.2.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbf078ebe9 code=0x7ffc0000
[  304.629007][   T28] audit: type=1326 audit(1755149655.766:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8577 comm="syz.2.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbf078ebe9 code=0x7ffc0000
[  304.661081][   T28] audit: type=1326 audit(1755149655.786:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8577 comm="syz.2.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7fcbf078ebe9 code=0x7ffc0000
[  304.701829][   T28] audit: type=1326 audit(1755149655.786:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8577 comm="syz.2.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbf078ebe9 code=0x7ffc0000
[  304.733706][   T28] audit: type=1326 audit(1755149655.786:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8577 comm="syz.2.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbf078ebe9 code=0x7ffc0000
[  304.765314][   T28] audit: type=1326 audit(1755149655.796:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8577 comm="syz.2.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcbf078ebe9 code=0x7ffc0000
[  304.806548][   T28] audit: type=1326 audit(1755149655.796:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8577 comm="syz.2.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbf078ebe9 code=0x7ffc0000
[  304.829430][   T28] audit: type=1326 audit(1755149655.796:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8577 comm="syz.2.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbf078ebe9 code=0x7ffc0000
[  304.893326][   T28] audit: type=1326 audit(1755149655.806:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8577 comm="syz.2.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcbf078ebe9 code=0x7ffc0000
[  304.926582][   T28] audit: type=1326 audit(1755149655.806:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8577 comm="syz.2.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbf078ebe9 code=0x7ffc0000
[  305.296929][ T5789] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  305.302764][ T8582] loop4: detected capacity change from 0 to 512
[  305.398062][ T8582] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  305.429981][ T8589] loop3: detected capacity change from 0 to 1024
[  305.438036][ T8589] EXT4-fs: Ignoring removed nobh option
[  305.443825][ T8589] EXT4-fs: Ignoring removed bh option
[  305.453598][ T8582] ext4 filesystem being mounted at /133/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  305.490286][ T8589] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  305.859200][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.015507][ T8596] overlayfs: conflicting lowerdir path
[  306.799251][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  308.393717][ T8610] syz.3.882[8610] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  308.393878][ T8610] syz.3.882[8610] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  309.053543][ T8610] loop3: detected capacity change from 0 to 512
[  309.284119][ T8610] EXT4-fs (loop3): orphan cleanup on readonly fs
[  309.312965][ T8610] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.882: bad orphan inode 13
[  309.325029][ T8610] ext4_test_bit(bit=12, block=18) = 1
[  309.330510][ T8610] is_bad_inode(inode)=0
[  309.334840][ T8610] NEXT_ORPHAN(inode)=2130706432
[  309.339764][ T8610] max_ino=32
[  309.343042][ T8610] i_nlink=1
[  309.354521][ T8610] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  309.630226][ T8614] loop1: detected capacity change from 0 to 256
[  309.776982][ T8614] FAT-fs (loop1): Directory bread(block 64) failed
[  309.784106][ T8614] FAT-fs (loop1): Directory bread(block 65) failed
[  309.790775][ T8614] FAT-fs (loop1): Directory bread(block 66) failed
[  309.797836][ T8614] FAT-fs (loop1): Directory bread(block 67) failed
[  309.806184][ T8614] FAT-fs (loop1): Directory bread(block 68) failed
[  309.812750][ T8614] FAT-fs (loop1): Directory bread(block 69) failed
[  309.819454][ T8614] FAT-fs (loop1): Directory bread(block 70) failed
[  309.826196][ T8614] FAT-fs (loop1): Directory bread(block 71) failed
[  309.832835][ T8614] FAT-fs (loop1): Directory bread(block 72) failed
[  309.839433][ T8614] FAT-fs (loop1): Directory bread(block 73) failed
[  310.677719][ T8621] loop4: detected capacity change from 0 to 256
[  310.934482][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.878926][ T8631] loop1: detected capacity change from 0 to 256
[  312.972121][ T8631] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  312.982940][ T8631] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  313.016827][ T8631] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  313.454692][ T8631] netlink: 148 bytes leftover after parsing attributes in process `syz.1.888'.
[  313.464063][ T8631] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  313.670275][ T8639] loop4: detected capacity change from 0 to 1024
[  313.949090][ T8639] EXT4-fs: Ignoring removed nobh option
[  313.974593][ T8639] EXT4-fs: Ignoring removed bh option
[  314.791581][ T8639] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  317.536226][ T8652] overlayfs: conflicting lowerdir path
[  317.636360][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  317.643390][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  317.874003][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.747875][ T8684] loop1: detected capacity change from 0 to 1024
[  319.778796][ T8684] EXT4-fs: Ignoring removed bh option
[  319.813278][ T8684] EXT4-fs: Ignoring removed nomblk_io_submit option
[  319.909935][ T8684] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  319.982395][ T8668] loop3: detected capacity change from 0 to 40427
[  320.031501][ T8668] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  320.054070][ T8668] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  320.092554][ T8668] F2FS-fs (loop3): Found nat_bits in checkpoint
[  320.217440][ T8668] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  320.217690][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.237029][ T8668] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  320.818095][ T8702] loop1: detected capacity change from 0 to 128
[  320.887535][   T28] kauditd_printk_skb: 13 callbacks suppressed
[  320.887550][   T28] audit: type=1800 audit(1755149672.066:82): pid=8702 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.908" name="bus" dev="loop1" ino=1048610 res=0 errno=0
[  321.133933][ T8703] syz.1.908: attempt to access beyond end of device
[  321.133933][ T8703] loop1: rw=2049, sector=881, nr_sectors = 160 limit=128
[  321.229701][ T5789] syz-executor: attempt to access beyond end of device
[  321.229701][ T5789] loop3: rw=2051, sector=49152, nr_sectors = 4096 limit=40427
[  321.250073][ T5789] syz-executor: attempt to access beyond end of device
[  321.250073][ T5789] loop3: rw=2051, sector=57344, nr_sectors = 12288 limit=40427
[  321.280359][ T5789] F2FS-fs (loop3): Issue discard(6144, 6144, 512) failed, ret: -5
[  321.298065][ T5789] F2FS-fs (loop3): Issue discard(7168, 7168, 1536) failed, ret: -5
[  321.841537][ T8709] fuse: Bad value for 'user_id'
[  322.399075][ T8720] syz.4.912[8720] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  322.400272][ T8720] syz.4.912[8720] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  323.315317][   T28] audit: type=1326 audit(1755149674.496:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8721 comm="syz.3.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe68bd8ebe9 code=0x7ffc0000
[  323.557222][   T28] audit: type=1326 audit(1755149674.526:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8721 comm="syz.3.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe68bd8ebe9 code=0x7ffc0000
[  323.701874][   T28] audit: type=1326 audit(1755149674.546:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8721 comm="syz.3.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe68bd8ebe9 code=0x7ffc0000
[  323.824767][   T28] audit: type=1326 audit(1755149674.546:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8721 comm="syz.3.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe68bd8ebe9 code=0x7ffc0000
[  323.959054][   T28] audit: type=1326 audit(1755149674.556:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8721 comm="syz.3.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe68bd8ebe9 code=0x7ffc0000
[  324.601639][   T28] audit: type=1326 audit(1755149674.556:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8721 comm="syz.3.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe68bd8ebe9 code=0x7ffc0000
[  324.694488][ T8729] loop1: detected capacity change from 0 to 40427
[  324.706472][ T8729] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  324.714332][ T8729] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  324.734618][   T28] audit: type=1326 audit(1755149674.556:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8721 comm="syz.3.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe68bd8ebe9 code=0x7ffc0000
[  324.869843][   T28] audit: type=1326 audit(1755149674.556:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8721 comm="syz.3.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe68bd8ebe9 code=0x7ffc0000
[  324.905903][ T8729] F2FS-fs (loop1): Found nat_bits in checkpoint
[  325.492589][   T28] audit: type=1326 audit(1755149674.556:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8721 comm="syz.3.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe68bd8ebe9 code=0x7ffc0000
[  326.971361][ T8729] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  326.978773][ T8729] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  328.518281][ T8767] syz.2.928[8767] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  328.519007][ T8767] syz.2.928[8767] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  331.560931][ T8792] loop3: detected capacity change from 0 to 8192
[  331.962868][ T8805] loop4: detected capacity change from 0 to 1024
[  331.990885][ T8805] EXT4-fs: Ignoring removed bh option
[  332.009675][ T8805] EXT4-fs: Ignoring removed nobh option
[  332.018658][ T8805] EXT4-fs: inline encryption not supported
[  332.034481][ T8802] 9pnet: Could not find request transport: xen
[  332.053463][ T8805] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  332.117330][ T8805] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  332.605796][ T8820] syz.1.945[8820] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  332.606463][ T8820] syz.1.945[8820] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  332.686348][ T8820] loop1: detected capacity change from 0 to 512
[  332.775509][ T8820] EXT4-fs (loop1): orphan cleanup on readonly fs
[  332.789300][ T8820] EXT4-fs error (device loop1): ext4_orphan_get:1425: comm syz.1.945: bad orphan inode 13
[  332.800857][ T8820] ext4_test_bit(bit=12, block=18) = 1
[  332.806404][ T8820] is_bad_inode(inode)=0
[  332.810632][ T8820] NEXT_ORPHAN(inode)=2130706432
[  332.815744][ T8820] max_ino=32
[  332.819011][ T8820] i_nlink=1
[  332.830372][ T8820] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  333.472882][ T8805] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4036: comm syz.4.943: Allocating blocks 257-513 which overlap fs metadata
[  333.613595][   T28] kauditd_printk_skb: 29 callbacks suppressed
[  333.613611][   T28] audit: type=1804 audit(1755149684.786:121): pid=8805 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.943" name="/newroot/147/file1/file1" dev="loop4" ino=15 res=1 errno=0
[  333.818138][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.650646][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  337.825671][ T8846] loop4: detected capacity change from 0 to 2048
[  337.877482][ T8846] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  338.047030][ T8846] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.955: bg 0: block 234: padding at end of block bitmap is not set
[  338.129761][ T8846] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 260 with error 28
[  338.231553][ T8846] EXT4-fs (loop4): This should not happen!! Data will be lost
[  338.231553][ T8846] 
[  338.297806][ T8846] EXT4-fs (loop4): Total free blocks count 0
[  338.338307][ T8846] EXT4-fs (loop4): Free/Dirty block details
[  338.577475][ T8846] EXT4-fs (loop4): free_blocks=0
[  338.597809][ T8846] EXT4-fs (loop4): dirty_blocks=272
[  338.953929][ T8846] EXT4-fs (loop4): Block reservation details
[  338.960088][ T8846] EXT4-fs (loop4): i_reserved_data_blocks=17
[  339.809405][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.053194][ T5871] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  342.106719][ T8892] loop4: detected capacity change from 0 to 512
[  342.185332][ T8892] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  342.218420][ T8892] EXT4-fs (loop4): orphan cleanup on readonly fs
[  342.243348][ T5871] usb 2-1: Using ep0 maxpacket: 32
[  342.282376][ T8892] EXT4-fs error (device loop4): ext4_orphan_get:1425: comm syz.4.969: bad orphan inode 15
[  342.295313][ T8884] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  342.344013][ T8884] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  342.363163][ T8892] ext4_test_bit(bit=14, block=18) = 1
[  342.368650][ T8892] is_bad_inode(inode)=0
[  342.372868][ T8892] NEXT_ORPHAN(inode)=1023
[  342.416316][ T8892] max_ino=32
[  342.421285][ T8892] i_nlink=0
[  342.430275][ T5871] usb 2-1: unable to get BOS descriptor or descriptor too short
[  342.443583][ T8892] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2983: inode #15: comm syz.4.969: corrupted xattr block 19: e_value size too large
[  342.449133][ T5871] usb 2-1: no configurations
[  342.484487][ T8892] EXT4-fs warning (device loop4): ext4_evict_inode:272: xattr delete (err -117)
[  342.486497][ T5871] usb 2-1: can't read configurations, error -22
[  342.503550][ T8892] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  343.041503][ T8892] pim6reg1: entered promiscuous mode
[  343.051635][ T8892] pim6reg1: entered allmulticast mode
[  343.520030][ T8901] loop1: detected capacity change from 0 to 2048
[  343.601055][ T8901] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  343.790032][ T8901] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.971: bg 0: block 234: padding at end of block bitmap is not set
[  343.857239][ T8901] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 284 with error 28
[  343.918195][ T8901] EXT4-fs (loop1): This should not happen!! Data will be lost
[  343.918195][ T8901] 
[  343.958890][ T8901] EXT4-fs (loop1): Total free blocks count 0
[  344.000523][ T8901] EXT4-fs (loop1): Free/Dirty block details
[  344.026320][ T8901] EXT4-fs (loop1): free_blocks=0
[  344.051689][ T8901] EXT4-fs (loop1): dirty_blocks=288
[  344.070336][ T8901] EXT4-fs (loop1): Block reservation details
[  344.090190][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  344.110029][ T8901] EXT4-fs (loop1): i_reserved_data_blocks=18
[  344.356806][ T8911] loop4: detected capacity change from 0 to 128
[  344.388638][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  344.415960][ T8911] ext4: Unknown parameter 'func'
[  344.963943][ T8586] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  346.794164][ T8918] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  347.252118][ T8933] loop3: detected capacity change from 0 to 512
[  348.583567][ T8933] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  348.596815][ T8933] ext4 filesystem being mounted at /235/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  350.824499][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.337493][ T8975] loop4: detected capacity change from 0 to 512
[  352.508780][ T8975] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  352.517502][ T8975] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[  352.554996][ T8975] EXT4-fs (loop4): 1 truncate cleaned up
[  352.566891][ T8975] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  352.633716][ T8972] syz.2.993[8972] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  352.664915][ T8972] syz.2.993[8972] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  353.151896][ T8978] loop1: detected capacity change from 0 to 1024
[  353.248104][ T8978] EXT4-fs: Ignoring removed bh option
[  353.325914][ T8978] EXT4-fs: Ignoring removed nobh option
[  353.378787][ T8978] EXT4-fs: inline encryption not supported
[  353.407830][ T8978] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  353.767172][ T8978] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  354.797839][ T8978] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4036: comm syz.1.994: Allocating blocks 257-513 which overlap fs metadata
[  354.916482][ T8991] overlayfs: failed to clone lowerpath
[  354.943121][   T28] audit: type=1804 audit(1755149706.066:122): pid=8978 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.994" name="/newroot/290/file1/file1" dev="loop1" ino=15 res=1 errno=0
[  355.049090][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.079080][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.746416][ T9006] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  356.642464][ T9014] serio: Serial port ttyS3
[  358.608786][ T9031] netlink: 'syz.4.1009': attribute type 1 has an invalid length.
[  358.626930][ T9031] netlink: 'syz.4.1009': attribute type 2 has an invalid length.
[  358.635511][ T9031] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1009'.
[  358.648479][ T9031] netlink: 'syz.4.1009': attribute type 1 has an invalid length.
[  358.656673][ T9031] netlink: 'syz.4.1009': attribute type 2 has an invalid length.
[  358.664900][ T9031] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1009'.
[  359.539057][ T9047] tipc: Started in network mode
[  359.544376][ T9047] tipc: Node identity ac141413, cluster identity 4711
[  359.558076][ T9047] tipc: New replicast peer: 10.1.1.2
[  359.566291][ T9047] tipc: Enabled bearer <udp:syz2>, priority 10
[  360.397056][ T9049] loop4: detected capacity change from 0 to 512
[  360.489270][ T9049] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a802c01c, mo2=0002]
[  360.525537][ T9049] System zones: 0-2, 18-18, 34-35
[  360.550667][ T9049] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  360.599923][ T9049] ext4 filesystem being mounted at /164/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  360.692064][   T27] tipc: Node number set to 2886997011
[  360.764925][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  361.184861][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  361.244745][ T9068] loop3: detected capacity change from 0 to 256
[  361.273595][ T5783] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  361.450233][ T9068] FAT-fs (loop3): Directory bread(block 64) failed
[  361.463233][ T9068] FAT-fs (loop3): Directory bread(block 65) failed
[  361.465869][ T5783] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  361.487309][ T9068] FAT-fs (loop3): Directory bread(block 66) failed
[  361.514624][ T9068] FAT-fs (loop3): Directory bread(block 67) failed
[  361.516738][ T5783] usb 2-1: config 0 interface 0 has no altsetting 0
[  361.535832][ T9068] FAT-fs (loop3): Directory bread(block 68) failed
[  361.546959][ T5783] usb 2-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.00
[  361.570001][ T9068] FAT-fs (loop3): Directory bread(block 69) failed
[  361.574183][ T5783] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  361.590561][ T9068] FAT-fs (loop3): Directory bread(block 70) failed
[  361.625167][ T5783] usb 2-1: config 0 descriptor??
[  361.631375][ T9068] FAT-fs (loop3): Directory bread(block 71) failed
[  361.659084][ T9068] FAT-fs (loop3): Directory bread(block 72) failed
[  361.682052][ T9068] FAT-fs (loop3): Directory bread(block 73) failed
[  362.829586][ T5783] input: HID 054c:03d5 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:054C:03D5.0004/input/input5
[  362.883328][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  362.885045][    T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!!
[  363.005769][ T5783] sony 0003:054C:03D5.0004: input,hidraw0: USB HID v0.00 Joystick [HID 054c:03d5] on usb-dummy_hcd.1-1/input0
[  363.033416][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  363.063523][ T5783] usb 2-1: USB disconnect, device number 4
[  363.451318][ T9082] fido_id[9082]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/2-1/report_descriptor': No such file or directory
[  363.513628][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  364.467889][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  364.482206][ T9088] loop1: detected capacity change from 0 to 40427
[  364.510896][ T9088] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  364.681898][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  364.784245][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  364.886715][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  365.632507][ T9088] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  365.702892][ T9088] F2FS-fs (loop1): Found nat_bits in checkpoint
[  365.784074][   T28] audit: type=1326 audit(1755149716.956:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9104 comm="syz.3.1033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe68bd8ebe9 code=0x7ffc0000
[  365.866512][ T9088] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  365.886161][   T28] audit: type=1326 audit(1755149716.966:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9104 comm="syz.3.1033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe68bd8ebe9 code=0x7ffc0000
[  365.908816][ T9088] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  365.943304][   T28] audit: type=1326 audit(1755149716.986:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9104 comm="syz.3.1033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7fe68bd8ebe9 code=0x7ffc0000
[  365.999649][   T28] audit: type=1326 audit(1755149716.986:126): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=9104 comm="syz.3.1033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe68bd8ebe9 code=0x7ffc0000
[  366.029381][   T28] audit: type=1326 audit(1755149716.986:127): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=9104 comm="syz.3.1033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe68bd8ebe9 code=0x7ffc0000
[  366.166319][ T9110] loop4: detected capacity change from 0 to 512
[  366.279039][ T9110] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #15: comm syz.4.1034: casefold flag without casefold feature
[  366.293637][ T9110] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.1034: couldn't read orphan inode 15 (err -117)
[  366.307770][ T9110] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  368.849841][ T9127] capability: warning: `syz.3.1040' uses deprecated v2 capabilities in a way that may be insecure
[  369.805854][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.530980][ T9146] loop4: detected capacity change from 0 to 512
[  370.741456][ T9146] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #15: comm syz.4.1047: casefold flag without casefold feature
[  370.767826][ T9146] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.1047: couldn't read orphan inode 15 (err -117)
[  370.782021][ T9146] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  370.903626][ T9153] loop1: detected capacity change from 0 to 128
[  370.992647][ T9153] EXT4-fs (loop1): Test dummy encryption mode enabled
[  371.091815][ T9153] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  371.111534][ T9153] ext4 filesystem being mounted at /299/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  371.650216][ T5786] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  372.377634][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  374.365041][ T9180] loop3: detected capacity change from 0 to 4096
[  374.435527][ T9180] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  376.686697][ T9204] binder: BINDER_SET_CONTEXT_MGR already set
[  376.693122][ T9204] binder: 9199:9204 ioctl 4018620d 200000000040 returned -16
[  376.966232][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.345028][   T12] Bluetooth: Error in BCSP hdr checksum
[  378.533785][ T5793] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  378.819548][ T9228] syz.2.1067[9228] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  378.819703][ T9228] syz.2.1067[9228] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  378.863882][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  378.886652][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  379.440940][ T9234] bridge1: entered promiscuous mode
[  379.446312][ T9234] bridge1: entered allmulticast mode
[  385.912840][ T9267] loop1: detected capacity change from 0 to 40427
[  385.963602][ T9267] F2FS-fs (loop1): invalid crc value
[  385.993815][ T9267] F2FS-fs (loop1): Found nat_bits in checkpoint
[  386.179592][ T9267] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  386.556366][ T5786] syz-executor: attempt to access beyond end of device
[  386.556366][ T5786] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  386.601984][ T5786] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  388.164337][ T9302] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1089'.
[  388.266192][ T9304] loop4: detected capacity change from 0 to 256
[  388.301238][ T9304] FAT-fs (loop4): Unrecognized mount option "shor�name=mixed" or missing value
[  389.912249][ T9323] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1094'.
[  390.050328][ T9329] loop3: detected capacity change from 0 to 256
[  390.081156][ T9329] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  390.127374][ T9329] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  390.190104][ T9329] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  390.310290][ T9334] capability: warning: `syz.2.1101' uses 32-bit capabilities (legacy support in use)
[  390.442061][ T9337] loop1: detected capacity change from 0 to 512
[  390.516079][ T9338] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1097'.
[  390.610159][ T9337] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.1100: casefold flag without casefold feature
[  390.695254][ T9337] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.1100: couldn't read orphan inode 15 (err -117)
[  390.800935][ T9337] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  392.026144][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  392.869244][ T9334] overlayfs: failed to clone upperpath
[  393.100760][   T28] audit: type=1326 audit(1755149744.266:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9356 comm="syz.3.1105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe68bd8ebe9 code=0x7ffc0000
[  393.166800][   T28] audit: type=1326 audit(1755149744.266:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9356 comm="syz.3.1105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7fe68bd8ebe9 code=0x7ffc0000
[  393.233750][   T28] audit: type=1326 audit(1755149744.266:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9356 comm="syz.3.1105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe68bd8ebe9 code=0x7ffc0000
[  393.334438][ T9365] pim6reg1: entered promiscuous mode
[  393.350042][ T9365] pim6reg1: entered allmulticast mode
[  394.487119][ T9379] loop1: detected capacity change from 0 to 512
[  394.567760][ T9379] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.1111: casefold flag without casefold feature
[  394.674901][ T9379] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.1111: couldn't read orphan inode 15 (err -117)
[  394.730235][ T9379] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  395.759143][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  397.548859][ T9410] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  398.107063][ T9412] loop1: detected capacity change from 0 to 256
[  398.529793][ T9418] loop3: detected capacity change from 0 to 512
[  398.605161][ T9418] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.1125: casefold flag without casefold feature
[  398.676248][ T9418] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1125: couldn't read orphan inode 15 (err -117)
[  398.693346][ T9418] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  401.286757][ T9444] loop1: detected capacity change from 0 to 256
[  401.510409][   T28] audit: type=1326 audit(1755149752.686:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9445 comm="syz.4.1132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  401.614919][   T28] audit: type=1326 audit(1755149752.716:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9445 comm="syz.4.1132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  401.659611][   T28] audit: type=1326 audit(1755149752.726:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9445 comm="syz.4.1132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=126 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  401.687852][   T28] audit: type=1326 audit(1755149752.726:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9445 comm="syz.4.1132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  401.718758][   T28] audit: type=1326 audit(1755149752.726:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9445 comm="syz.4.1132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  401.772226][   T28] audit: type=1326 audit(1755149752.726:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9445 comm="syz.4.1132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  401.797521][ T9453] input: syz0 as /devices/virtual/input/input6
[  401.835112][   T28] audit: type=1326 audit(1755149752.726:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9445 comm="syz.4.1132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  401.890208][   T28] audit: type=1326 audit(1755149752.766:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9447 comm="syz.2.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbf078ebe9 code=0x7ffc0000
[  401.924506][   T28] audit: type=1326 audit(1755149752.766:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9447 comm="syz.2.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbf078ebe9 code=0x7ffc0000
[  401.954151][   T28] audit: type=1326 audit(1755149752.766:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9447 comm="syz.2.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7fcbf078ebe9 code=0x7ffc0000
[  402.217360][ T9462] loop4: detected capacity change from 0 to 1024
[  402.264497][ T9462] EXT4-fs: Ignoring removed bh option
[  402.288606][ T9462] EXT4-fs: Ignoring removed nobh option
[  402.300917][ T9462] EXT4-fs: inline encryption not supported
[  402.325699][ T9462] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  402.416769][ T9462] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  402.526740][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  402.575306][ T9462] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4036: comm syz.4.1138: Allocating blocks 257-513 which overlap fs metadata
[  402.714510][ T9471] overlayfs: failed to resolve './file0': -2
[  402.773806][ T9472] loop3: detected capacity change from 0 to 256
[  402.940191][ T9474] syz.1.1141 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  402.962792][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  403.848568][ T9490] loop4: detected capacity change from 0 to 1024
[  403.860221][ T9490] EXT4-fs: Ignoring removed i_version option
[  403.884472][ T9490] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  403.932075][ T9490] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:478: comm syz.4.1145: Invalid block bitmap block 0 in block_group 0
[  403.973836][ T9490] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.1145: Failed to acquire dquot type 0
[  403.989467][ T9490] EXT4-fs error (device loop4): ext4_free_blocks:6681: comm syz.4.1145: Freeing blocks not in datazone - block = 0, count = 4096
[  404.011990][ T9490] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.1145: Invalid inode bitmap blk 0 in block_group 0
[  404.032694][ T1083] EXT4-fs error (device loop4): ext4_release_dquot:6974: comm kworker/u4:6: Failed to release dquot type 0
[  404.071350][ T9490] EXT4-fs error (device loop4) in ext4_free_inode:363: Corrupt filesystem
[  404.081125][ T9490] EXT4-fs (loop4): 1 orphan inode deleted
[  404.101811][ T9490] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  404.143276][ T9494] loop3: detected capacity change from 0 to 2048
[  404.214073][ T9494] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  404.333845][ T9494] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.1147: bg 0: block 234: padding at end of block bitmap is not set
[  404.370448][ T9494] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 266 with error 28
[  404.397783][ T9494] EXT4-fs (loop3): This should not happen!! Data will be lost
[  404.397783][ T9494] 
[  404.408635][ T9494] EXT4-fs (loop3): Total free blocks count 0
[  404.416099][ T9494] EXT4-fs (loop3): Free/Dirty block details
[  404.422222][ T9494] EXT4-fs (loop3): free_blocks=0
[  404.427559][ T9494] EXT4-fs (loop3): dirty_blocks=272
[  404.432997][ T9494] EXT4-fs (loop3): Block reservation details
[  404.439256][ T9494] EXT4-fs (loop3): i_reserved_data_blocks=17
[  404.542265][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  404.566193][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  407.109699][ T5793] Bluetooth: hci2: command 0x1003 tx timeout
[  407.133839][ T5792] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  407.572024][ T5783] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  407.766416][ T5783] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  407.788285][ T5783] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  407.809807][ T5783] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  407.830365][ T5783] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  407.848568][ T5783] usb 4-1: SerialNumber: syz
[  408.405559][ T5783] usb 4-1: 0:2 : does not exist
[  408.796124][ T5783] usb 4-1: USB disconnect, device number 9
[  408.863861][ T8586] udevd[8586]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  409.759421][ T9556] syz.4.1167[9556] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  409.759558][ T9556] syz.4.1167[9556] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  409.873631][   T28] kauditd_printk_skb: 24 callbacks suppressed
[  409.873645][   T28] audit: type=1326 audit(1755149761.056:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9557 comm="syz.1.1168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8f38ebe9 code=0x7ffc0000
[  410.011482][   T28] audit: type=1326 audit(1755149761.096:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9557 comm="syz.1.1168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f3d8f38ebe9 code=0x7ffc0000
[  410.169930][   T28] audit: type=1326 audit(1755149761.096:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9557 comm="syz.1.1168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8f38ebe9 code=0x7ffc0000
[  410.209073][   T28] audit: type=1326 audit(1755149761.306:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9562 comm="syz.4.1170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  410.260495][   T28] audit: type=1326 audit(1755149761.306:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9562 comm="syz.4.1170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  410.318456][   T28] audit: type=1326 audit(1755149761.306:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9562 comm="syz.4.1170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=137 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  410.502407][ T9571] loop1: detected capacity change from 0 to 512
[  410.590910][   T28] audit: type=1326 audit(1755149761.306:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9562 comm="syz.4.1170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  412.037490][ T9571] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  412.050651][ T9571] ext4 filesystem being mounted at /335/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  412.091499][ T9571] overlayfs: failed to resolve './file1': -2
[  413.667455][ T9599] loop3: detected capacity change from 0 to 256
[  413.770128][ T9599] FAT-fs (loop3): Directory bread(block 64) failed
[  413.776903][ T9599] FAT-fs (loop3): Directory bread(block 65) failed
[  413.783842][ T9599] FAT-fs (loop3): Directory bread(block 66) failed
[  413.790394][ T9599] FAT-fs (loop3): Directory bread(block 67) failed
[  413.797153][ T9599] FAT-fs (loop3): Directory bread(block 68) failed
[  413.803786][ T9599] FAT-fs (loop3): Directory bread(block 69) failed
[  413.810422][ T9599] FAT-fs (loop3): Directory bread(block 70) failed
[  413.817247][ T9599] FAT-fs (loop3): Directory bread(block 71) failed
[  413.823980][ T9599] FAT-fs (loop3): Directory bread(block 72) failed
[  413.830555][ T9599] FAT-fs (loop3): Directory bread(block 73) failed
[  413.867888][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  418.400495][ T9609] loop3: detected capacity change from 0 to 40427
[  419.229765][ T9632] loop1: detected capacity change from 0 to 512
[  419.308273][ T9632] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.1189: casefold flag without casefold feature
[  419.343585][ T9632] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.1189: couldn't read orphan inode 15 (err -117)
[  419.400679][ T9632] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  420.144200][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  420.544999][ T9654] loop1: detected capacity change from 0 to 512
[  420.630428][ T9654] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  420.691438][ T9654] ext4 filesystem being mounted at /340/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  420.974871][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  421.442724][ T9662] loop1: detected capacity change from 0 to 2048
[  421.502297][ T9664] loop4: detected capacity change from 0 to 2048
[  421.579274][ T9664] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  421.679193][ T9669] input: syz1 as /devices/virtual/input/input7
[  421.779297][ T9664] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.1199: bg 0: block 234: padding at end of block bitmap is not set
[  421.841534][ T8586] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  421.889314][ T9664] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 150 with error 28
[  421.938589][ T9664] EXT4-fs (loop4): This should not happen!! Data will be lost
[  421.938589][ T9664] 
[  421.965424][ T9664] EXT4-fs (loop4): Total free blocks count 0
[  421.991755][ T9664] EXT4-fs (loop4): Free/Dirty block details
[  422.008199][ T9664] EXT4-fs (loop4): free_blocks=0
[  422.038958][ T9664] EXT4-fs (loop4): dirty_blocks=160
[  422.049362][ T9664] EXT4-fs (loop4): Block reservation details
[  422.089404][ T9664] EXT4-fs (loop4): i_reserved_data_blocks=10
[  423.694637][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  425.271947][ T9705] loop3: detected capacity change from 0 to 1024
[  425.297437][ T9705] EXT4-fs: Ignoring removed orlov option
[  425.310407][ T9705] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  425.390549][ T9711] loop4: detected capacity change from 0 to 512
[  425.520844][ T9711] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #15: comm syz.4.1212: casefold flag without casefold feature
[  425.546074][ T9705] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  425.581448][ T9711] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.1212: couldn't read orphan inode 15 (err -117)
[  426.008526][ T9711] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  426.563200][ T9711] overlayfs: statfs failed on './file0'
[  426.734311][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  427.659320][   T28] audit: type=1326 audit(1755149778.836:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.4.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  427.759458][   T28] audit: type=1326 audit(1755149778.866:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.4.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  427.800297][   T28] audit: type=1326 audit(1755149778.886:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.4.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  427.843130][   T28] audit: type=1326 audit(1755149778.886:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.4.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  427.903150][   T28] audit: type=1326 audit(1755149778.886:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.4.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  427.946133][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  427.976923][   T28] audit: type=1326 audit(1755149778.886:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.4.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  428.037709][   T28] audit: type=1326 audit(1755149778.886:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.4.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  428.142457][   T28] audit: type=1326 audit(1755149778.886:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.4.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  428.165579][   T28] audit: type=1326 audit(1755149778.886:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.4.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  428.241262][   T28] audit: type=1326 audit(1755149778.886:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.4.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  429.675384][ T9759] loop1: detected capacity change from 0 to 512
[  429.704161][ T9759] FAT-fs (loop1): Unrecognized mount option "�t���%��zm��S^b�3�4‚�1MU�P�U|ם�����d���rf�O_7l���rЫ����6Z#��������_Z�);�;E/�4lN4�>��r���0s>[�[�
[  429.704161][ T9759] ��f��I�q_�Ȕ7�y�w����⒈�W�� ������e��H�;��3�*�Dh�f���k�I��GIZ�.�3��" or missing value
[  430.277036][ T9774] 9pnet_fd: Insufficient options for proto=fd
[  431.537267][ T9790] loop1: detected capacity change from 0 to 512
[  431.581117][ T9789] xt_bpf: check failed: parse error
[  431.590062][ T9790] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.1233: casefold flag without casefold feature
[  431.614628][ T9790] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.1233: couldn't read orphan inode 15 (err -117)
[  431.675313][ T9790] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  431.721806][ T9797] loop3: detected capacity change from 0 to 1024
[  431.729496][ T9797] EXT4-fs: Ignoring removed mblk_io_submit option
[  431.736162][ T9797] EXT4-fs: Ignoring removed bh option
[  431.795227][ T9797] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  431.869903][ T9797] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  432.439640][ T9804] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1234'.
[  432.450451][ T9804] netlink: 'syz.2.1234': attribute type 2 has an invalid length.
[  432.697979][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  433.128170][ T9806] loop1: detected capacity change from 0 to 2048
[  433.234505][ T9806] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  434.012027][ T9806] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.1236: bg 0: block 234: padding at end of block bitmap is not set
[  434.062648][ T9806] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 370 with error 28
[  434.095507][ T9806] EXT4-fs (loop1): This should not happen!! Data will be lost
[  434.095507][ T9806] 
[  434.132124][ T9806] EXT4-fs (loop1): Total free blocks count 0
[  434.154345][ T9806] EXT4-fs (loop1): Free/Dirty block details
[  434.174025][ T9806] EXT4-fs (loop1): free_blocks=0
[  434.183277][ T9806] EXT4-fs (loop1): dirty_blocks=384
[  434.188557][ T9806] EXT4-fs (loop1): Block reservation details
[  434.204755][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  434.222887][ T9806] EXT4-fs (loop1): i_reserved_data_blocks=24
[  434.478450][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  434.823194][ T9578] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  435.013854][ T9578] usb 5-1: Using ep0 maxpacket: 32
[  435.025891][ T9578] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  435.063364][ T9578] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  435.087700][ T9578] usb 5-1: config 0 interface 0 has no altsetting 0
[  435.112828][ T9578] usb 5-1: New USB device found, idVendor=056a, idProduct=032c, bcdDevice= 0.00
[  435.135115][ T9578] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  435.155936][ T9578] usb 5-1: config 0 descriptor??
[  435.302648][ T9831] loop3: detected capacity change from 0 to 512
[  435.363336][ T9831] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.1244: casefold flag without casefold feature
[  435.388140][ T9831] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1244: couldn't read orphan inode 15 (err -117)
[  435.450089][ T9831] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  435.654773][ T9578] wacom 0003:056A:032C.0005: hidraw0: USB HID vb.27 Device [HID 056a:032c] on usb-dummy_hcd.4-1/input0
[  435.818105][ T5871] usb 5-1: USB disconnect, device number 4
[  436.318324][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  436.421469][ T9847] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1248'.
[  437.344243][ T9856] loop4: detected capacity change from 0 to 1024
[  437.351623][ T9856] EXT4-fs: Ignoring removed bh option
[  437.357163][ T9856] EXT4-fs: inline encryption not supported
[  437.368789][ T9856] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  437.387120][ T9856] EXT4-fs error (device loop4): ext4_map_blocks:608: inode #3: block 2: comm syz.4.1250: lblock 2 mapped to illegal pblock 2 (length 1)
[  437.403697][ T9856] Quota error (device loop4): qtree_write_dquot: dquota write failed
[  437.411913][ T9856] EXT4-fs error (device loop4): ext4_map_blocks:608: inode #3: block 48: comm syz.4.1250: lblock 0 mapped to illegal pblock 48 (length 1)
[  437.427300][ T9856] Quota error (device loop4): v2_write_file_info: Can't write info structure
[  437.436213][ T9856] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.1250: Failed to acquire dquot type 0
[  437.460932][ T9856] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5902: Corrupt filesystem
[  437.471679][ T9856] EXT4-fs error (device loop4): ext4_evict_inode:252: inode #11: comm syz.4.1250: mark_inode_dirty error
[  437.493894][ T9856] EXT4-fs warning (device loop4): ext4_evict_inode:255: couldn't mark inode dirty (err -117)
[  437.505944][ T9856] EXT4-fs (loop4): 1 orphan inode deleted
[  437.513131][ T9856] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  437.535622][   T58] EXT4-fs error (device loop4): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:4: lblock 1 mapped to illegal pblock 1 (length 1)
[  437.557423][   T58] Quota error (device loop4): remove_tree: Can't read quota data block 1
[  437.578279][   T58] EXT4-fs error (device loop4): ext4_release_dquot:6974: comm kworker/u4:4: Failed to release dquot type 0
[  438.154399][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  438.202334][ T9872] loop3: detected capacity change from 0 to 256
[  438.215587][ T6656] EXT4-fs error (device loop4): __ext4_get_inode_loc:4483: comm syz-executor: Invalid inode table block 1 in block_group 0
[  438.268456][ T6656] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5902: Corrupt filesystem
[  438.297262][ T6656] EXT4-fs error (device loop4): ext4_quota_off:7222: inode #3: comm syz-executor: mark_inode_dirty error
[  438.787878][ T9872] FAT-fs (loop3): Directory bread(block 64) failed
[  438.973146][ T9872] FAT-fs (loop3): Directory bread(block 65) failed
[  439.000412][ T9872] FAT-fs (loop3): Directory bread(block 66) failed
[  439.033137][ T9872] FAT-fs (loop3): Directory bread(block 67) failed
[  439.055792][ T9872] FAT-fs (loop3): Directory bread(block 68) failed
[  439.084552][ T9872] FAT-fs (loop3): Directory bread(block 69) failed
[  439.091335][ T9872] FAT-fs (loop3): Directory bread(block 70) failed
[  439.111457][ T9872] FAT-fs (loop3): Directory bread(block 71) failed
[  439.143618][ T9872] FAT-fs (loop3): Directory bread(block 72) failed
[  439.150334][ T9872] FAT-fs (loop3): Directory bread(block 73) failed
[  439.245698][ T9880] loop4: detected capacity change from 0 to 512
[  439.317134][ T9880] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #15: comm syz.4.1257: casefold flag without casefold feature
[  439.382790][ T9880] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.1257: couldn't read orphan inode 15 (err -117)
[  439.404920][ T9863] loop1: detected capacity change from 0 to 40427
[  439.432288][ T9863] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  439.440850][ T9863] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  439.452094][ T9863] F2FS-fs (loop1): invalid crc value
[  439.480516][ T9880] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  439.501813][ T9863] F2FS-fs (loop1): Found nat_bits in checkpoint
[  439.705720][ T9863] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  439.737375][ T9863] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  439.841182][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  439.968557][ T9863] syz.1.1252: attempt to access beyond end of device
[  439.968557][ T9863] loop1: rw=2049, sector=45096, nr_sectors = 544 limit=40427
[  440.008553][ T9893] syz.1.1252: attempt to access beyond end of device
[  440.008553][ T9893] loop1: rw=2049, sector=45096, nr_sectors = 544 limit=40427
[  440.166082][ T1083] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  440.204683][ T1083] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  440.221360][   T28] audit: type=1326 audit(1755149791.396:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9899 comm="syz.4.1263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  440.269143][   T28] audit: type=1326 audit(1755149791.396:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9899 comm="syz.4.1263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  440.300187][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  440.306688][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  440.312307][   T28] audit: type=1326 audit(1755149791.436:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9899 comm="syz.4.1263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  440.397683][   T28] audit: type=1326 audit(1755149791.446:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9899 comm="syz.4.1263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  440.483991][   T28] audit: type=1326 audit(1755149791.446:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9899 comm="syz.4.1263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  440.534610][   T28] audit: type=1326 audit(1755149791.446:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9899 comm="syz.4.1263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  440.558319][   T28] audit: type=1326 audit(1755149791.446:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9899 comm="syz.4.1263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  440.967642][ T9909] loop3: detected capacity change from 0 to 2048
[  442.222443][ T9914] loop1: detected capacity change from 0 to 131072
[  442.440889][ T9914] F2FS-fs (loop1): Wrong CP boundary, start(512) end(1536) blocks(0)
[  442.449512][ T9914] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  442.502654][ T9914] F2FS-fs (loop1): invalid crc value
[  442.922449][ T9909] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  443.019308][ T9914] F2FS-fs (loop1): Found nat_bits in checkpoint
[  443.106883][ T9914] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  443.114119][ T9914] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  444.200336][ T9931] loop4: detected capacity change from 0 to 512
[  444.305689][ T9921] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  444.352061][ T9931] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #15: comm syz.4.1268: casefold flag without casefold feature
[  444.409358][ T9931] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.1268: couldn't read orphan inode 15 (err -117)
[  444.443648][ T9931] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  444.449795][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  444.844752][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  445.352542][ T9948] loop4: detected capacity change from 0 to 512
[  445.444243][ T9948] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  445.545025][ T9948] EXT4-fs (loop4): 1 truncate cleaned up
[  445.560485][ T9948] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  446.511466][ T9956] loop3: detected capacity change from 0 to 512
[  446.551428][ T9956] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.1277: casefold flag without casefold feature
[  446.667765][ T9956] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1277: couldn't read orphan inode 15 (err -117)
[  446.736159][ T9956] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  447.246898][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  447.384711][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  447.590233][ T9960] loop3: detected capacity change from 0 to 2048
[  447.639061][ T9960] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  447.809108][ T9960] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.1278: bg 0: block 234: padding at end of block bitmap is not set
[  447.845389][ T9960] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 446 with error 28
[  447.874225][ T9960] EXT4-fs (loop3): This should not happen!! Data will be lost
[  447.874225][ T9960] 
[  447.899924][ T9960] EXT4-fs (loop3): Total free blocks count 0
[  447.920319][ T9960] EXT4-fs (loop3): Free/Dirty block details
[  447.935321][ T9960] EXT4-fs (loop3): free_blocks=0
[  447.950596][ T9960] EXT4-fs (loop3): dirty_blocks=448
[  447.956056][ T9960] EXT4-fs (loop3): Block reservation details
[  447.972356][ T9960] EXT4-fs (loop3): i_reserved_data_blocks=28
[  448.096680][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  448.304904][ T9954] overlayfs: failed to resolve './file0': -2
[  449.466744][ T9962] loop4: detected capacity change from 0 to 40427
[  449.486275][ T9962] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  449.499136][ T9962] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  449.539448][ T9962] F2FS-fs (loop4): Found nat_bits in checkpoint
[  449.720990][ T9962] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  449.734354][ T9962] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  450.197648][ T6656] syz-executor: attempt to access beyond end of device
[  450.197648][ T6656] loop4: rw=2051, sector=49152, nr_sectors = 4096 limit=40427
[  450.222660][ T6656] syz-executor: attempt to access beyond end of device
[  450.222660][ T6656] loop4: rw=2051, sector=57344, nr_sectors = 12288 limit=40427
[  450.274035][ T6656] F2FS-fs (loop4): Issue discard(6144, 6144, 512) failed, ret: -5
[  450.304246][ T6656] F2FS-fs (loop4): Issue discard(7168, 7168, 1536) failed, ret: -5
[  450.700307][ T9999] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1288'.
[  455.952598][T10055] loop3: detected capacity change from 0 to 512
[  456.017369][T10055] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.1305: casefold flag without casefold feature
[  456.072482][T10055] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1305: couldn't read orphan inode 15 (err -117)
[  456.116675][T10055] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  456.284544][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  456.465420][   T28] kauditd_printk_skb: 19 callbacks suppressed
[  456.465436][   T28] audit: type=1326 audit(1755149807.636:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10065 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8f38ebe9 code=0x7ffc0000
[  456.512715][   T28] audit: type=1326 audit(1755149807.636:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10065 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8f38ebe9 code=0x7ffc0000
[  456.546511][   T28] audit: type=1326 audit(1755149807.676:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10065 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d8f38ebe9 code=0x7ffc0000
[  456.569938][   T28] audit: type=1326 audit(1755149807.676:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10065 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8f38ebe9 code=0x7ffc0000
[  456.592785][   T28] audit: type=1326 audit(1755149807.676:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10065 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8f38ebe9 code=0x7ffc0000
[  456.615805][   T28] audit: type=1326 audit(1755149807.676:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10065 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d8f38ebe9 code=0x7ffc0000
[  456.649477][   T28] audit: type=1326 audit(1755149807.676:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10065 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8f38ebe9 code=0x7ffc0000
[  456.672294][   T28] audit: type=1326 audit(1755149807.676:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10065 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8f38ebe9 code=0x7ffc0000
[  456.749761][   T28] audit: type=1326 audit(1755149807.676:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10065 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d8f38ebe9 code=0x7ffc0000
[  456.791201][   T28] audit: type=1326 audit(1755149807.676:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10065 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8f38ebe9 code=0x7ffc0000
[  456.927093][T10079] loop4: detected capacity change from 0 to 512
[  457.034442][T10079] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #15: comm syz.4.1314: casefold flag without casefold feature
[  457.108988][T10079] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.1314: couldn't read orphan inode 15 (err -117)
[  457.157648][T10079] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  457.232268][T10084] loop1: detected capacity change from 0 to 512
[  457.262539][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  457.371000][T10084] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.1316: casefold flag without casefold feature
[  457.405281][T10089] mmap: syz.4.1318 (10089) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  457.464759][T10084] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.1316: couldn't read orphan inode 15 (err -117)
[  457.477136][T10089] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1318'.
[  457.487550][T10084] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  457.584142][T10084] overlayfs: failed to resolve './file1': -2
[  457.648128][T10092] loop4: detected capacity change from 0 to 512
[  457.696003][T10092] EXT4-fs: Ignoring removed oldalloc option
[  457.743307][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  457.805101][T10092] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  457.840240][T10092] ext4 filesystem being mounted at /226/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  457.941599][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  457.963814][   T27] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  458.105764][T10102] overlayfs: upper fs does not support file handles, falling back to index=off.
[  458.219848][   T27] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  458.247175][   T27] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  458.267100][   T27] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  458.278427][   T27] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  458.295859][   T27] usb 4-1: config 0 descriptor??
[  458.785446][T10114] loop4: detected capacity change from 0 to 512
[  458.831651][T10114] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #15: comm syz.4.1327: casefold flag without casefold feature
[  458.916387][   T27] usb 4-1: language id specifier not provided by device, defaulting to English
[  458.963299][T10114] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.1327: couldn't read orphan inode 15 (err -117)
[  459.003831][T10114] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  459.184869][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  459.400832][T10120] loop4: detected capacity change from 0 to 2048
[  459.479142][T10120] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  459.534034][   T27] input: HID 256c:006d as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0006/input/input12
[  459.591330][T10120] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.1328: bg 0: block 234: padding at end of block bitmap is not set
[  459.646086][T10120] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 132 with error 28
[  459.667665][   T27] input: HID 256c:006d as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0006/input/input13
[  459.694685][T10120] EXT4-fs (loop4): This should not happen!! Data will be lost
[  459.694685][T10120] 
[  459.747312][T10120] EXT4-fs (loop4): Total free blocks count 0
[  459.786120][   T27] uclogic 0003:256C:006D.0006: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.3-1/input0
[  459.804298][T10120] EXT4-fs (loop4): Free/Dirty block details
[  459.833670][T10120] EXT4-fs (loop4): free_blocks=0
[  459.838698][T10120] EXT4-fs (loop4): dirty_blocks=144
[  459.862875][   T27] usb 4-1: USB disconnect, device number 10
[  459.875793][T10120] EXT4-fs (loop4): Block reservation details
[  459.882751][T10120] EXT4-fs (loop4): i_reserved_data_blocks=9
[  459.981447][T10126] fido_id[10126]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory
[  460.113460][T10128] overlayfs: failed to resolve './file1': -2
[  460.131728][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  460.336179][T10132] loop4: detected capacity change from 0 to 1024
[  460.358450][T10132] EXT4-fs: Ignoring removed orlov option
[  460.384540][T10132] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  460.701075][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  462.235578][T10158] loop4: detected capacity change from 0 to 2048
[  462.274722][T10158] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  462.642529][T10158] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.1339: bg 0: block 234: padding at end of block bitmap is not set
[  463.042923][T10158] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 128 with error 28
[  463.073295][T10158] EXT4-fs (loop4): This should not happen!! Data will be lost
[  463.073295][T10158] 
[  463.108957][T10158] EXT4-fs (loop4): Total free blocks count 0
[  463.136752][T10158] EXT4-fs (loop4): Free/Dirty block details
[  463.142749][T10158] EXT4-fs (loop4): free_blocks=0
[  463.148322][T10158] EXT4-fs (loop4): dirty_blocks=144
[  463.154467][T10158] EXT4-fs (loop4): Block reservation details
[  463.160523][T10158] EXT4-fs (loop4): i_reserved_data_blocks=9
[  463.206105][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  463.375987][T10174] netlink: 'syz.4.1342': attribute type 12 has an invalid length.
[  463.646094][T10177] netlink: 'syz.4.1342': attribute type 15 has an invalid length.
[  464.111589][T10186] loop3: detected capacity change from 0 to 512
[  464.124405][    T9] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  464.240335][T10186] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.1348: casefold flag without casefold feature
[  464.314505][    T9] usb 2-1: Using ep0 maxpacket: 32
[  464.330967][T10186] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1348: couldn't read orphan inode 15 (err -117)
[  464.361347][    T9] usb 2-1: config 0 interface 0 altsetting 15 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  464.399955][T10186] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  464.418284][    T9] usb 2-1: config 0 interface 0 altsetting 15 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  464.483240][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[  464.530088][    T9] usb 2-1: New USB device found, idVendor=6666, idProduct=8801, bcdDevice= 0.00
[  464.600859][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  464.649429][    T9] usb 2-1: config 0 descriptor??
[  464.784574][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  465.959434][    T9] smartjoyplus 0003:6666:8801.0007: item fetching failed at offset 5/8
[  466.050234][    T9] smartjoyplus 0003:6666:8801.0007: parse failed
[  466.100324][    T9] smartjoyplus: probe of 0003:6666:8801.0007 failed with error -22
[  466.186145][    T9] usb 2-1: USB disconnect, device number 5
[  466.289270][T10203] loop3: detected capacity change from 0 to 256
[  466.311663][T10201] loop4: detected capacity change from 0 to 2048
[  466.321220][T10203] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  466.379796][T10201] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  466.395094][T10203] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  466.464552][T10203] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  466.624031][T10201] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.1351: bg 0: block 234: padding at end of block bitmap is not set
[  466.638443][   T28] kauditd_printk_skb: 11 callbacks suppressed
[  466.638457][   T28] audit: type=1804 audit(1755149817.796:226): pid=10203 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1350" name="/newroot/316/bus/bus" dev="loop3" ino=1048613 res=1 errno=0
[  466.677698][T10201] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 246 with error 28
[  466.691209][T10201] EXT4-fs (loop4): This should not happen!! Data will be lost
[  466.691209][T10201] 
[  466.702183][T10201] EXT4-fs (loop4): Total free blocks count 0
[  466.711299][T10201] EXT4-fs (loop4): Free/Dirty block details
[  466.723336][T10201] EXT4-fs (loop4): free_blocks=0
[  466.732819][T10201] EXT4-fs (loop4): dirty_blocks=256
[  466.746023][T10201] EXT4-fs (loop4): Block reservation details
[  466.752153][T10201] EXT4-fs (loop4): i_reserved_data_blocks=16
[  467.085587][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  467.520054][T10212] loop1: detected capacity change from 0 to 40427
[  467.529927][T10212] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  467.542168][T10212] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  467.602555][T10212] F2FS-fs (loop1): invalid crc value
[  467.640296][T10212] F2FS-fs (loop1): Found nat_bits in checkpoint
[  467.818102][T10212] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  467.835522][T10212] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  468.154130][ T9781] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  468.182213][ T9781] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  469.543360][T10241] loop3: detected capacity change from 0 to 128
[  469.589762][T10239] loop4: detected capacity change from 0 to 2048
[  470.613290][T10239] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  470.922503][T10253] loop1: detected capacity change from 0 to 512
[  470.964027][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  470.979359][T10253] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.1358: casefold flag without casefold feature
[  471.007066][T10253] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.1358: couldn't read orphan inode 15 (err -117)
[  471.024765][T10253] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  471.040931][T10255] loop3: detected capacity change from 0 to 1024
[  471.130542][T10255] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  471.155877][   T28] audit: type=1326 audit(1755149822.326:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10259 comm="syz.4.1366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  471.302870][   T28] audit: type=1326 audit(1755149822.336:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10259 comm="syz.4.1366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=267 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  471.372544][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  471.399622][   T28] audit: type=1326 audit(1755149822.336:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10259 comm="syz.4.1366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  472.086364][T10268] loop1: detected capacity change from 0 to 128
[  472.127159][T10268] EXT4-fs (loop1): Test dummy encryption mode enabled
[  472.197008][T10268] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  472.239076][T10268] ext4 filesystem being mounted at /372/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  472.294590][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  472.321462][ T5786] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  472.360824][T10273] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1371'.
[  472.567215][T10277] loop4: detected capacity change from 0 to 2048
[  473.449465][T10277] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  473.495686][T10284] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  473.598823][T10277] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 56 with error 28
[  473.690179][T10277] EXT4-fs (loop4): This should not happen!! Data will be lost
[  473.690179][T10277] 
[  473.708823][T10277] EXT4-fs (loop4): Total free blocks count 0
[  473.770707][T10277] EXT4-fs (loop4): Free/Dirty block details
[  473.789007][T10277] EXT4-fs (loop4): free_blocks=0
[  473.801440][T10277] EXT4-fs (loop4): dirty_blocks=64
[  473.808531][T10277] EXT4-fs (loop4): Block reservation details
[  473.832212][T10277] EXT4-fs (loop4): i_reserved_data_blocks=4
[  474.205847][T10291] xt_hashlimit: max too large, truncated to 1048576
[  474.291332][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  474.646170][   T28] audit: type=1326 audit(1755149825.826:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10299 comm="syz.2.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbf078ebe9 code=0x7ffc0000
[  474.699475][   T28] audit: type=1326 audit(1755149825.826:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10299 comm="syz.2.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbf078ebe9 code=0x7ffc0000
[  474.735289][T10298] loop4: detected capacity change from 0 to 512
[  474.743637][   T28] audit: type=1326 audit(1755149825.846:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10299 comm="syz.2.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcbf078ebe9 code=0x7ffc0000
[  474.768955][   T28] audit: type=1326 audit(1755149825.846:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10299 comm="syz.2.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbf078ebe9 code=0x7ffc0000
[  474.826829][T10298] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #15: comm syz.4.1376: casefold flag without casefold feature
[  474.875084][T10298] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.1376: couldn't read orphan inode 15 (err -117)
[  474.894305][   T28] audit: type=1326 audit(1755149825.846:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10299 comm="syz.2.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcbf078ebe9 code=0x7ffc0000
[  474.951410][T10298] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  475.002020][   T28] audit: type=1326 audit(1755149825.846:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10299 comm="syz.2.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbf078ebe9 code=0x7ffc0000
[  475.039592][   T28] audit: type=1326 audit(1755149825.846:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10299 comm="syz.2.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7fcbf078ebe9 code=0x7ffc0000
[  475.062741][   T28] audit: type=1326 audit(1755149825.846:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10299 comm="syz.2.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbf078ebe9 code=0x7ffc0000
[  475.129972][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  475.625262][T10319] loop4: detected capacity change from 0 to 2048
[  475.708807][T10319] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  476.278123][T10334] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1386'.
[  476.508387][T10319] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.1385: bg 0: block 234: padding at end of block bitmap is not set
[  476.555190][T10319] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1154 with error 28
[  476.618334][T10319] EXT4-fs (loop4): This should not happen!! Data will be lost
[  476.618334][T10319] 
[  476.651795][T10319] EXT4-fs (loop4): Total free blocks count 0
[  476.672937][T10319] EXT4-fs (loop4): Free/Dirty block details
[  476.678987][T10319] EXT4-fs (loop4): free_blocks=0
[  476.684004][T10319] EXT4-fs (loop4): dirty_blocks=1168
[  476.689367][T10319] EXT4-fs (loop4): Block reservation details
[  476.695665][T10319] EXT4-fs (loop4): i_reserved_data_blocks=73
[  478.818569][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  478.859768][T10342] loop1: detected capacity change from 0 to 512
[  478.947844][T10342] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.1392: casefold flag without casefold feature
[  479.105550][T10342] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.1392: couldn't read orphan inode 15 (err -117)
[  479.136887][T10342] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  479.243212][T10342] overlayfs: statfs failed on './file0'
[  479.397627][T10349] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  480.279192][T10354] loop4: detected capacity change from 0 to 512
[  480.294394][T10354] FAT-fs (loop4): Unrecognized mount option "allow_utime=00000000000�&B��4~0004" or missing value
[  480.349821][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  480.455424][T10354] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  480.467069][T10357] loop3: detected capacity change from 0 to 256
[  481.430905][T10372] loop3: detected capacity change from 0 to 2048
[  482.125298][T10372] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  483.341511][T10308] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  483.394440][T10371] loop4: detected capacity change from 0 to 2048
[  483.508595][T10371] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  483.896923][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  484.062205][T10380] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  484.680410][T10371] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 572 with error 28
[  484.761014][T10371] EXT4-fs (loop4): This should not happen!! Data will be lost
[  484.761014][T10371] 
[  484.773269][T10371] EXT4-fs (loop4): Total free blocks count 0
[  484.779325][T10371] EXT4-fs (loop4): Free/Dirty block details
[  484.803054][T10371] EXT4-fs (loop4): free_blocks=0
[  484.808092][T10371] EXT4-fs (loop4): dirty_blocks=576
[  484.823177][T10371] EXT4-fs (loop4): Block reservation details
[  484.829244][T10371] EXT4-fs (loop4): i_reserved_data_blocks=36
[  484.962801][T10392] loop3: detected capacity change from 0 to 512
[  485.040979][T10392] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.1404: casefold flag without casefold feature
[  485.082069][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  485.087763][T10392] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1404: couldn't read orphan inode 15 (err -117)
[  485.117764][T10392] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  485.220973][T10392] overlayfs: statfs failed on './file0'
[  485.348239][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  489.548296][T10420] loop4: detected capacity change from 0 to 40427
[  489.568780][T10420] F2FS-fs (loop4): Unrecognized mount option "whint_mode=user-based" or missing value
[  491.159590][T10428] loop4: detected capacity change from 0 to 40427
[  491.174390][T10428] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  491.190293][T10428] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  491.209127][T10428] F2FS-fs (loop4): invalid crc value
[  491.239309][T10428] F2FS-fs (loop4): Found nat_bits in checkpoint
[  491.312890][T10428] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  491.320083][T10428] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  491.410589][T10426] wireguard0: entered promiscuous mode
[  491.416381][T10426] wireguard0: entered allmulticast mode
[  491.913636][T10444] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  492.399643][T10454] loop4: detected capacity change from 0 to 2048
[  492.484538][T10454] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  493.413437][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  497.111279][   T28] audit: type=1326 audit(1755149848.286:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10474 comm="syz.4.1428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  497.202254][   T28] audit: type=1326 audit(1755149848.286:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10474 comm="syz.4.1428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  497.312633][   T28] audit: type=1326 audit(1755149848.316:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10474 comm="syz.4.1428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  497.404396][   T28] audit: type=1326 audit(1755149848.316:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10474 comm="syz.4.1428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ffc18ebe9 code=0x7ffc0000
[  497.830566][T10487] loop3: detected capacity change from 0 to 2048
[  497.872551][T10487] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  498.140030][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  501.632390][T10496] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1434'.
[  501.744192][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  501.750593][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  502.200968][T10524] loop3: detected capacity change from 0 to 2048
[  502.727701][T10526] loop4: detected capacity change from 0 to 2048
[  503.342837][T10526] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  504.803805][T10529] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  504.885330][T10524] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  505.210961][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  505.324664][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  506.019448][T10559] loop1: detected capacity change from 0 to 128
[  506.522165][T10550] loop4: detected capacity change from 0 to 40427
[  506.574005][T10550] F2FS-fs (loop4): invalid crc value
[  506.614711][T10550] F2FS-fs (loop4): Found nat_bits in checkpoint
[  506.639867][T10569] loop3: detected capacity change from 0 to 512
[  506.684240][T10569] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.1452: casefold flag without casefold feature
[  506.823442][T10569] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1452: couldn't read orphan inode 15 (err -117)
[  506.864822][T10569] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  507.041438][T10550] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  507.060045][T10569] overlayfs: statfs failed on './file0'
[  507.188516][T10573] loop1: detected capacity change from 0 to 2048
[  507.236562][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  507.302762][T10573] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  507.429042][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  509.071094][T10600] tipc: Started in network mode
[  509.090982][T10600] tipc: Node identity 363c91f457e9, cluster identity 4711
[  509.114567][T10600] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  509.146599][T10592] tipc: Resetting bearer <eth:syzkaller0>
[  509.363157][ T9578] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  509.586239][ T9578] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  509.602102][ T9578] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  509.612735][ T9578] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  509.627073][ T9578] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  509.639709][ T9578] usb 2-1: config 0 descriptor??
[  510.133350][ T5822] tipc: Node number set to 1641386484
[  510.207478][T10607] loop4: detected capacity change from 0 to 512
[  510.265735][T10607] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #15: comm syz.4.1463: casefold flag without casefold feature
[  510.270628][ T9578] usb 2-1: language id specifier not provided by device, defaulting to English
[  510.300784][T10607] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.1463: couldn't read orphan inode 15 (err -117)
[  510.333198][T10607] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  510.426264][T10607] overlayfs: statfs failed on './file0'
[  510.671703][ T9578] uclogic 0003:256C:006D.0008: interface is invalid, ignoring
[  511.376058][ T9578] usb 2-1: USB disconnect, device number 6
[  511.450957][ T6656] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  517.046812][T10653] loop1: detected capacity change from 0 to 512
[  517.119226][T10653] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.1479: casefold flag without casefold feature
[  517.151998][T10653] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.1479: couldn't read orphan inode 15 (err -117)
[  517.199054][T10653] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  517.259145][T10653] overlayfs: failed to resolve './file0': -2
[  517.341758][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  518.683550][T10670] loop1: detected capacity change from 0 to 512
[  518.808253][T10670] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  519.056827][T10670] EXT4-fs (loop1): 1 truncate cleaned up
[  519.081400][T10670] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  521.357703][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  521.716335][T10592] tipc: Disabling bearer <eth:syzkaller0>
[  522.730994][T10694] loop1: detected capacity change from 0 to 16
[  522.784662][T10694] erofs: (device loop1): mounted with root inode @ nid 36.
[  522.947598][T10694] syz.1.1489: attempt to access beyond end of device
[  522.947598][T10694] loop1: rw=524288, sector=16, nr_sectors = 16 limit=16
[  522.962951][T10694] syz.1.1489: attempt to access beyond end of device
[  522.962951][T10694] loop1: rw=524288, sector=8, nr_sectors = 16 limit=16
[  523.072385][T10694] syz.1.1489: attempt to access beyond end of device
[  523.072385][T10694] loop1: rw=0, sector=8, nr_sectors = 16 limit=16
[  524.340564][T10698] ip6_tunnel: non-ECT from fc01:0000:0000:0000:0000:0000:0000:0001 with DS=0x1
[  525.621124][ T5786] BUG: Bad page state in process syz-executor  pfn:57312
[  525.628947][ T5786] page:ffffea00015cc480 refcount:0 mapcount:0 mapping:ffff88805c031278 index:0x2 pfn:0x57312
[  525.639253][ T5786] aops:z_erofs_cache_aops ino:0
[  525.644222][ T5786] flags: 0xfff00000000001(locked|node=0|zone=1|lastcpupid=0x7ff)
[  525.651983][ T5786] page_type: 0xffffffff()
[  525.656808][ T5786] raw: 00fff00000000001 dead000000000100 dead000000000122 ffff88805c031278
[  525.665797][ T5786] raw: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[  525.674582][ T5786] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  525.681930][ T5786] page_owner tracks the page as allocated
[  525.688211][ T5786] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x192840(GFP_NOWAIT|__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 10694, tgid 10684 (syz.1.1489), ts 522943270920, free_ts 498401102877
[  525.710433][    C1] vkms_vblank_simulate: vblank timer overrun
[  525.716533][ T5786]  post_alloc_hook+0x1cd/0x210
[  525.721337][ T5786]  get_page_from_freelist+0x195c/0x19f0
[  525.726995][ T5786]  __alloc_pages+0x1e3/0x460
[  525.731629][ T5786]  z_erofs_do_read_page+0x20c0/0x3680
[  525.737265][ T5786]  z_erofs_readahead+0x862/0xd50
[  525.742248][ T5786]  read_pages+0x177/0x840
[  525.746784][ T5786]  page_cache_ra_unbounded+0x692/0x770
[  525.752316][ T5786]  force_page_cache_ra+0x2c1/0x320
[  525.758327][ T5786]  generic_fadvise+0x44f/0x730
[  525.763612][ T5786]  __x64_sys_fadvise64+0x140/0x180
[  525.768778][ T5786]  do_syscall_64+0x55/0xb0
[  525.773356][ T5786]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  525.779339][ T5786] page last free stack trace:
[  525.784114][ T5786]  free_unref_page_prepare+0x7ce/0x8e0
[  525.789622][ T5786]  free_unref_page+0x32/0x2e0
[  525.794438][ T5786]  kasan_depopulate_vmalloc_pte+0x75/0x90
[  525.800208][ T5786]  __apply_to_page_range+0x84c/0xd50
[  525.805589][ T5786]  kasan_release_vmalloc+0x97/0xb0
[  525.810789][ T5786]  __purge_vmap_area_lazy+0x1640/0x1990
[  525.816438][ T5786]  drain_vmap_area_work+0x40/0xd0
[  525.821502][ T5786]  process_scheduled_works+0xa45/0x15b0
[  525.827152][ T5786]  worker_thread+0xa55/0xfc0
[  525.831782][ T5786]  kthread+0x2fa/0x390
[  525.835955][ T5786]  ret_from_fork+0x48/0x80
[  525.840414][ T5786]  ret_from_fork_asm+0x11/0x20
[  525.845387][ T5786] Modules linked in:
[  525.849334][ T5786] CPU: 1 PID: 5786 Comm: syz-executor Not tainted 6.6.101-syzkaller #0
[  525.857613][ T5786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  525.867723][ T5786] Call Trace:
[  525.871034][ T5786]  <TASK>
[  525.874008][ T5786]  dump_stack_lvl+0x16c/0x230
[  525.878729][ T5786]  ? show_regs_print_info+0x20/0x20
[  525.883975][ T5786]  ? swiotlb_print_info+0x70/0x70
[  525.889054][ T5786]  bad_page+0x14b/0x170
[  525.893247][ T5786]  free_unref_page_prepare+0x887/0x8e0
[  525.898757][ T5786]  free_unref_page+0x32/0x2e0
[  525.903515][ T5786]  ? __folio_put+0xef/0x210
[  525.908047][ T5786]  erofs_try_to_free_all_cached_pages+0x295/0x600
[  525.914500][ T5786]  erofs_shrink_workstation+0x118/0x290
[  525.920074][ T5786]  ? erofs_shrinker_unregister+0x170/0x170
[  525.925896][ T5786]  ? io_schedule+0xd0/0xd0
[  525.930327][ T5786]  ? kobject_put+0x43c/0x470
[  525.934943][ T5786]  erofs_shrinker_unregister+0x5d/0x170
[  525.940527][ T5786]  erofs_put_super+0x4e/0x150
[  525.945220][ T5786]  ? erofs_free_inode+0xb0/0xb0
[  525.950085][ T5786]  generic_shutdown_super+0x134/0x2b0
[  525.955484][ T5786]  kill_block_super+0x44/0x90
[  525.960191][ T5786]  erofs_kill_sb+0x4c/0x140
[  525.964740][ T5786]  deactivate_locked_super+0x97/0x100
[  525.970146][ T5786]  cleanup_mnt+0x429/0x4c0
[  525.974597][ T5786]  task_work_run+0x1ce/0x250
[  525.979219][ T5786]  ? task_work_cancel+0x240/0x240
[  525.984286][ T5786]  ? exit_to_user_mode_loop+0x3b/0x110
[  525.989773][ T5786]  exit_to_user_mode_loop+0xe6/0x110
[  525.995079][ T5786]  exit_to_user_mode_prepare+0xb1/0x140
[  526.000645][ T5786]  syscall_exit_to_user_mode+0x1a/0x50
[  526.006142][ T5786]  do_syscall_64+0x61/0xb0
[  526.010571][ T5786]  ? clear_bhb_loop+0x40/0x90
[  526.015256][ T5786]  ? clear_bhb_loop+0x40/0x90
[  526.019953][ T5786]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  526.025872][ T5786] RIP: 0033:0x7f3d8f38ff17
[  526.030307][ T5786] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  526.049921][ T5786] RSP: 002b:00007ffd9d76bf48 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  526.058358][ T5786] RAX: 0000000000000000 RBX: 00007f3d8f411c05 RCX: 00007f3d8f38ff17
[  526.066341][ T5786] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd9d76c000
[  526.074325][ T5786] RBP: 00007ffd9d76c000 R08: 0000000000000000 R09: 0000000000000000
[  526.082305][ T5786] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd9d76d090
[  526.090370][ T5786] R13: 00007f3d8f411c05 R14: 000000000007fea7 R15: 00007ffd9d76d0d0
[  526.098366][ T5786]  </TASK>
[  526.101469][    C1] vkms_vblank_simulate: vblank timer overrun
[  526.107702][ T5786] Disabling lock debugging due to kernel taint
[  526.114622][   T27] usb 4-1: new low-speed USB device number 11 using dummy_hcd