last executing test programs:

2.230521193s ago: executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioprio_get$uid(0x0, 0xffffffffffffffff)
lseek(0xffffffffffffffff, 0x0, 0x3)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
openat2(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0x6, 0x0, 0x0)
setsockopt$sock_int(r1, 0x1, 0x5, &(0x7f0000000040), 0x4)
sendmmsg$inet(r1, &(0x7f0000002240), 0x0, 0x0)
r2 = open(&(0x7f0000000140)='./file0\x00', 0x820c2, 0x7)
setxattr$incfs_size(&(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, &(0x7f0000000240)=0x9, 0x8, 0x3)
write(r2, &(0x7f0000002200)="bb8f9f640903127a53527c6fbfe65d43b0e0586f2d40c7e7df58cac83420e83662d6e39bb6d5430622431454eedeeaee423d8f210bc3525fa7927c18d5fbc91ab13c2041136047d8da9375934d00f325499bfe7712208d387d41c31821c2a22d1325b556528e9b790b74053d1ed631c6ec8126d37c87216173138c00cef396868029af5b76bebac5e38b74d8bbc6ae66b6e202b6d505710377710ea7d43edf00e1a4c1c670bb4c263ce777da81abdd5ba5a5c82f67232f9b4d6f21b2e6afa8b38e4642b0daa2acbc0478d89b88e8b2094d4248855e5e81992e60be3afff0f3c3799350615489a901a659abdeca0c615a622ebf64175f990320e0356d4a11ed62eff72b709c23dd65942e8b534d7d775d370c1e435654a2634e6ee3649c4c3bcbe39e866f1eb9972af1a9cef42e701798a53dc92a242aadbac343e1765cf8ea5665e22deda69777e52b1e9e5d3edc022256939e1eee013448294911139d5b9c6241049fecdf9b31f4cdf6cff65d71b5071ef70e1798347c8846aa5b905e83050e3e606986ed3f603d18c5cdeb11cda1ce3abddea9376231af130e19fc7601ec1ab8cb5a7de9e2174547f18225b09a54fc8720dbb91eb69c1be88e601c3c9df4f2758f39a5151951b9c6dbb419ffd783a34c9fad10f201b8724d31865e2fc1fcf48db2be713053b43a0e3943c1e2b08e8a26e946c439d891db2a80b5ffa054bc8d0177d3214056250c61a537d2ec7630fb90395df2cd6aa9c5e573365db580520bdc3f1c6b2be992e1516a4b810a11935dc780699e461d9715f70c6d103ff49bf168f3cff4c0d0d6ba5671fcd2975450b0e1a3474139cb0f2d3476fcd87a8bccbeb2f5f8a821017b879aa5b9d1fafa9f4c429a74cd2da782114d97bf031746a817dd0293c4eddc3a9ecb5afe496f4971474ccd827449409f07cf94dda2e7dbe8520b5afff10a7e3b0b4289a167fc692635b5b7426d9e771b95860b09a3e752c867213c772e48ba30a78feecc7ff26e63e1749c62b52d377ac5cc52db830c965e04ccfcfb24ceacc69cfdc2094124dd27b2d68f699476a2562bab1de117ffc2b0702ee8b0b77f85fecec3a25b37ab7eb06232c9a73b4470f1727c82581d81942abf42d3ea37957927ad3dbd0ebe46678a9f4d25c47acaac83c14210a54b71fed40df017e2be27f01e3e6ea3ea381ca14efd202858e6535ad4f79a8cdf47e385b740a70c14e3651731a45cc0ca4a56f2e903cad0384efcc364caf67e09551d35c682ebc90a9286c4d274ba1b8ced742ede4e55a62db7ef9a96fde2add05b41599fd72a79ba280cc125cb266ef21b7eeafe3ee6aa78eef33fc66454549c3ec298cb683a55a32208cf6ce88b560166159d59e65f30540f62c5437652ea7f2a02f87ca242dd2250f58e75938a9a3ded51ae6598c2aba53287ff5cdaab17be7f4310f8e07e310d52778de79e1c2e4391b254be38910aa1cf6e1ca0e75d24be97d59f7025f16c6fbd549529b74e319c58f50438765ef0e3dc394eeb75dec41b3d80435b17520c97f5cd7ee692fb86d188fb0089fbf737dc1b96b9cc49be23a38a8cd92e5075f349993d7866369dd25eccbe1481477a05fee14e0edd1617921d7fcaa8fdc642e63b64388fa5b63442ff1466b1938d02546750b01ed9c980282ccbe10f204741249aed88c555ed6fdf7f68af9209807a71bbf4f31bef5a4223466da74ba8b034df529aef6ec6610a0d25973961e50e02af22d0ca8be1b9804a5918acbdb536e8f2f441ec9d640ed15133ee747440c86fc4526c9195954528673d25c8390170f3c19cb0b0c30b9e634c7ebae96946ae97c19eabca92226da925d22be37abbe0740938ea899ec42fd529a3b1063981e4c154219df5cf5af60a29b5a8ee530905725a14b28900eae937e705401ba8f632a7bca00d9724a992afdc9ed14aac71b8e3a7ee5ca095888feb195b4e083c3b611a1c2f8d092febe3b9f5f0df61e8d3c31a643c935b76bc1ad4265164e755484beb06610510bc51e8c6da8d71123bbe83a5e4128f41cf5c486d6a60496c300c406f990bee485cbdef794f2663ee66d2b18d8e55210c25c04b1a0c6d9c5f904e72806d2d4f5e5439bcdf146343cdffe4d0d70d42a9959cff9bd50c37cd478b0b0add16aae4dc839b46bca2ac7547144b6a42", 0x601)
fallocate(r2, 0x11, 0x0, 0x1c8000000)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)

1.969091544s ago: executing program 0:
r0 = gettid()
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000580)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000040000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000a000000b703000000000000850000007d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x53)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = memfd_create(&(0x7f00000005c0)=';e\x00\x00\xa4\xd8\xe0\x9c\x7f9\x8aZ]3N\xbb\xe1^\x9c\xe1\x9b6s$0Y\xf8\x90\x00\x00\x00\x00\xd2~l\xf6\x12\xde\xdd\xd5\x1d\x96\xb0a\xad\xcd\x16\xd8G\xae\xd9DZm\xabO\xad\x11%\x7f`@\x16c\xc0\xb6\x1f\xe3\x00\x1a_\xc7\xbf\xa7T\xbe\x13\x8b\xb3r\x8fL\xe6\xba\xe7\x18\xb4$BIj\xa3\xc9\xc6|\x9b\x88\xddPx\x02I\xde\xe8\xcd\x02\xc1\xedc2\x06\xcbM\xfb\x13jZ\x96\xeej\x9b\xe4XjN\xb9>\xdf3U\r \x8dh8T/h)\x90\xff\x99\xd9\x89\xab\xf8P\xacYt]\xa3\xed\xfa\xd2\n\x13\b\xce\xf8z\xed\xadnz\x96\xa3\x9a9R\xd9],t\'V|u\x86\x14s>p1\xcd\x1e\xe11We\xfe3\xe06\x1a^\x04^\xef\xa3\x0fU\x9b1\xc6J\x83\x9d[\\a\xf5\xdc\xa1\xcd\xbe\x9b\xc5z7\xe8VP\x89\x16MK`\xe5\x13\x02\b\x00\x00\x00\xd5\x01\xea\x98\xe6Z\x95j\xe3\x0ek>\x14\x80\rXS\xce\xf9\x0e\x89\xd6\xc6\x1bOm4Lla\r\xce\x17\xb5r&\xf3\x96\xbc\xc39\xa7\x95\xd9F\x17', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r4, &(0x7f0000002140)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000000100)={0x50, 0x0, r5, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r4, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000015000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000001f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a10000000000000000000000000000000000000000000000000000000000000000000000000000000093160000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fffffff3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f40000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff0000000000000000000000000000002000", 0x2000, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
setxattr$security_ima(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200), 0x0, 0x0, 0x0)
getdents64(r6, 0x0, 0x18)
close_range(r3, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='block_split\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700)
write$cgroup_int(r7, &(0x7f0000000200), 0x43400)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000140))
r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r9 = epoll_create1(0x0)
r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r10, &(0x7f0000002bc0))
syz_open_pts(r10, 0x0)
ppoll(&(0x7f0000000000)=[{r9, 0x41}, {r9, 0x8093}], 0x2, 0x0, 0x0, 0x0)
dup3(r8, r8, 0x80000)
bind$inet6(r8, &(0x7f0000000040)={0xa, 0x0, 0x0, @local}, 0x1c)
sendto$inet6(r8, &(0x7f0000000000)="89ff0a24e7fe0434", 0x8, 0x20008040, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @remote}, 0x1c)
pipe2$9p(&(0x7f0000000080), 0x0)

1.226091089s ago: executing program 1:
syz_emit_ethernet(0x6e, &(0x7f0000000100)={@multicast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f4adf7", 0x38, 0x3a, 0x0, @dev, @mcast2, {[], @time_exceed={0x3, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "fd9063", 0x0, 0x2f, 0x0, @dev, @mcast1, [@hopopts]}}}}}}}, 0x0)

1.205052092s ago: executing program 1:
r0 = io_uring_setup(0x354e, &(0x7f0000000340))
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r1, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r2, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @private}, 0x2, 0xfffffffd}}, 0x2e)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x90)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/234)
close_range(r0, 0xffffffffffffffff, 0x0)

1.197252624s ago: executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x3c, 0x2, {{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, [@TCA_NETEM_LOSS={0x18, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x14, 0x2, {0xffffffff}}]}, @TCA_NETEM_ECN={0x8, 0x7, 0x1}]}}}]}, 0x6c}}, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
sendto$packet(r0, &(0x7f0000000380)="44c394f305916c4516999da24305", 0xe, 0x0, &(0x7f0000000440)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @dev}, 0x14)

1.085121511s ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
io_setup(0xffff, &(0x7f0000000300)=<r2=>0x0)
io_destroy(r2)

1.039287858s ago: executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x19f, &(0x7f0000000400)={[{@sysvgroups}, {@noblock_validity}, {@min_batch_time={'min_batch_time', 0x3d, 0x82f}}, {@grpquota}, {@debug}, {@debug}, {@grpid}]}, 0x80, 0x542, &(0x7f00000027c0)="$eJzs3c9rJFkdAPBv9XRn50dmO6sedMF1dVdmFp3uycbdDR7WEURPC+J6H2PSE8J00kO6szsJATN/gSCioie9eBH8AwQZ8OJRhAE9K6woohk9COqUdHUlk81UJz2xtzs/Ph+o1KtXP77vVVKVelWPqgDOrBcj4kZEPErT9JWIqOb5pXyIrd7QXe7h9uZ8d0giTd/+WxJJnrezrSQfX8pXOx8RX/tKxDeTJ+O21zduzzWbjdV8ut5ZvlNvr29cW1qeW2wsNlZmZqZfn31j9rXZ60Op5+WIePNLf/ret3/65Td/+dl3/3jzL1e71Y7JfP7eejyF7i4qH7RAr+qVbF/s6K6weoRgx1U5q2HuQtESaZqmj9Lqnpx7IykZAAD7dS9gPxQRn4qIV6Ia5w6+nAUAAABOoPQLk/GfpPeEpsBEn3wAAADgBCllfWCTUi3vCzAZpVKt1uvD+5G4WGq22p3P3GqtrSw8+OFkRExFpXRrqdm4nvcVnopK0p2eztKPp1/dNz0TEc9FxHerF7Lp2nyruTDumx8AAABwRlza1/7/Z7XX/gcAAABOmakns0rjKAcAAADwwSlo/wMAAACnjPY/AAAAnGpffeut7pDufP964Z31tdutd64tNNq3a8tr87X51uqd2mKrtZi9s29577rnCrbXbLXufC5W1u7WO412p95e37i53Fpb6dxcet8nsAEAAIAReu4T93+fRMTW5y9kQ9fEuAsFjER5N5Xk44Kj/w/P9sbvjahQwEgU3cPf771nRlAQYOTKR1orHeS0ARxzlXEXABi75JD5fTvv/CYff3K45QEAAIbvysf6P/8/+BsAWz4RACecgxjOrn0P8tLquAoCjFz2/H/QDr8uFuBUqQzUAxA4zf7v5/+HStOnKhAAADB0k9mQlGr57b3JKJVqtYjL2WcBKsmtpWbjekQ8GxG/q1ae6U5PZ2smh7YZAAAAAAAAAAAAAAAAAAAAAAAAAICeNE0iPciNA+cCAAAAJ0BE6c/Jr3rv8r9SfXly//2BieRf2SeBJyLi3R+9/f27c53O6nQ3/++7+Z0f5PmvjuMOBgAAALDfTjt9px0PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMP0cHtz/uH2Zvrv7c35Ucb96xcjYmo3fjb05pTjfDY+H5WIuPiPJMp71ksi4twQ4m/di4iPFsVPusXaDVkU/8IHHz+m8r1QFP/SEOLDWXa/e/65UXT8leLFbFx8/JUj3jd9VP3Pf7F7/jvX5/i/PGCM5x/8vN43/r2I58vF55+d+Emf+C9FaaD43/j6xka/eemPI65Ecfy9seqd5Tv19vrGtaXlucXGYmNlZmb69dk3Zl+bvV6/tdRs5D8LY3zn4794dFD9L/aJP3VI/V8eqPYR/31wd/vDvWSlKP7Vlwri//on+RJPxi/l//s+nae786/spLd66b1e+NlvXzio/guP6195mt//1QHrP5QDBQAYmvb6xu25ZrOxehISlaOs1W2lF83Kr8jiGNRLYkyJbw11g2mapn3+ou5HxCDbSeI47JYsMd7zEgAAMHyPL/rHXRIAAAAAAAAAAAAAAAAAAAA4u4b4zrCJwtfsFbxZYGs3lXgzMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwbPwvAAD//x4+3Ik=")
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
openat(0xffffffffffffffff, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000001c0)='.\x00', 0x0, 0x10f482a, 0x0)
r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

971.175629ms ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r2}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})

964.91114ms ago: executing program 4:
syz_emit_ethernet(0x6e, &(0x7f0000000100)={@multicast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f4adf7", 0x38, 0x3a, 0x0, @dev, @mcast2, {[], @time_exceed={0x3, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "fd9063", 0x0, 0x2f, 0x0, @dev, @mcast1, [@hopopts]}}}}}}}, 0x0)

950.535052ms ago: executing program 4:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000100))
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r5 = dup3(r4, r3, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000005c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000380)={0x4c, 0x0, &(0x7f0000000740)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000380)={0x4c, 0x0, &(0x7f0000000740)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2ff8, 0x0, &(0x7f0000000240)={0x30, 0x30, 0x30}}}], 0x0, 0x0, 0x0})

941.180923ms ago: executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x82}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70)

931.117885ms ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
syz_mount_image$f2fs(&(0x7f00000004c0), &(0x7f0000000080)='./file0\x00', 0x450, &(0x7f0000005f80)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5e0b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c84268030000000000000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd9701404", @ANYRES32], 0x2, 0x5558, &(0x7f0000000a00)="$eJzs3EtvG9UXAPBju2n/ff4jxIJdR6qQEqm26vQh2BVoxUO0qngsWIFju5Zb2xPFrhOyQoIlYsE3QSCxQmLDZ2DBmh1iAWKHBPLMmBLCo5XdOGl/P2l85t65PnPvyEp0ZiwH8MRaTn75qRRn4nhEVCLiVCmy/VKxZa7m4ZmIOBsR5T9tpaL/j46jEXEiIs5Mkkd8PczHTA59en587vKPr/381bfHjpz87MvvFrdqYNGejYj+Rr6/1c9j2snjnaK/Me5msX9pXMT8QP9u0U7zuNVezzJsNabjGlm82MnHpxv3hpN4u9doTmKnezvr3xjkJxyOO9M82RvuNDazdqu9nsXuMM1iZyef1/ZO/vdyZzjK87SKfO9n6WM0msa8v73dztezcTeLzcGo6M/zpq329iSOi1icLpppr5XNY32WK32wvd4d3NtOxu3NYTcdJJdr9edq9SvV+mbaao/al6qNfuvKpWSl05sMq47ajf7VTpp2eu1aM+2vJiudZrNarycr19rr3cYgqddrF2sXqpdXi73zycs33056rWRlEl/sDu4d7faGye10M8nfsZqs1S4+v5qcqydv3riV3Hrj+vUbt95699o7N1+48epLxaA900pW1i6srVXrF6pr9dUDsP7J/90HXP9olvV/VEz6IdZfmu3ywL/zAQN4aHvq/5hv/V8J9T+w12Gv/2Oe9f+kpFL//3f9W569/p+p/j2o9f8hXj/MRP0PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDE+n7p81eyneW8fbLoP110PVW0SxFRjojf/kYlju7KWSnyLP3D+KW/zOGbUmQZJuc4VmwnIuJqsf36/0d9FQAAAODx9cUHZz/Jq/X8ZXnRE2I/5Tdtyqfem1O+UkQsLf8wp2zlycvTc0qWfb6PxPacsmU3sP43p2T5Lbcj88r2QCrT8OHp+53Zgkp5KO/rdAAAgH1R2RX2twoBAABgP3286AmwGKWYPsqcPgvOvnl//9Hm8V3HAAAAgEOotOgJAAAAAI9cVv/7/T8AAAB4vOW//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzOzv3kpg1EcQB+NhjoPxVV3fcq3cExeoQuuywcoJfgCPQKuQBnILvss4kgwh4hOQIpCuNYoO+TbDM2+s0MsHljYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjSfbWe///749+lObv9ZfLMBgAAADhlW63n9Ytp0/6Uzn9Jp76ldhERZUScqt0HMWplDlJOdeb91Ysx3EXUCYc+xmn7GBE/0/b0tetPAQAAAG7XZrmaNdV6s5v2PSDeU7NoU37+lSmviIhq+pAprTzsvmcKq3/fw/iTKa1ewJpkCmuW3Ianr41yddI2aB3STCaL+kusW2U3/QIAAH1qVwJnqhAAAABuwO++B0A/iuPueJ9x3BzSDcEPrRYAAABwhYq+BwAAAAB0rq7/r+H5f4/+lgAAAABv1jz/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/V8s1zNzl1fvDJnt79MvhkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8sz/3KBACYQxAs4u/ncz9DysRLa1t3oOBkDDFBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8OZ3v/yfcDVHkqltw9x6JFk6NaydGrbODXs/jK+vAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABO9uclBUIgCKJgzvjfSd//sJKgZxAhAhoeVdSiAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC+6He//J+YGmeSudPG0vFIsnbV2Lpq7D1oHD0Yb/8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAudu6fN24yDAD4c77z9Q8gQkAZAqhIDLDQ5FpaOsIAihj4CEhReimBK4U2A60iUBaYUOYuCEaEkEBh63fo3EhdytYhQ5CYQfbZV7e90qM09tH8ftJ773O2877P67OiPLETAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKO2+Ey8lRdzOXmaGcbntxt7GStbv3NNnrm3dnM9aFrceNtE3bz/+5Kfby9U3x+Yqb76qPxkAAAAOhnZZ30fErXR7KeuTmbz+T8tjspr/+2eGcVnP31v37+xtHC52zZf1/2+/3n5hNNHMcJ5s0NW1QX/x/lQ6+7TEqffsQ4/o5Gc+/91LO/9Akvc3n99N8/PZ+vb69Xe7eXiojmwBgEdxvOyLoPx5KOt7TSYGwIHRqRTeZf3fnmk2JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA67G7GU2Xcioj5zp04s7O3sTKuv7Z1c75sp69e3aqOmQ2RRsTq2qCf1riWaXfp8pVPlgeD/sWxQcQDd/334FhE7M/IDwhizK4PJ/jyiH8+prg8o55V/LugNR1pNBokxedTbOnWe9Xtb1Bee49/5Ia+IQEA8MRKi5bV9bfS7aVsW2s24q8f7q7/X6vEMWH9f/uj0zeqc1Xr/15tK5x+C+vnP1u4dPnKG2vnl8/1z/U/ffNE763eyTOnTp1ZyM7V4sJqJP3FptMEAADgf6xbtGr9n8zef///aCWOCev/z7/rfVmdq63+H+vOTb+mMwEAADiIuqPouVf+/KM15ohWtxtfLK+vX+wNX0fvTwxfa033ER0qWrX+b882nRUAAABQh93N1l33/89W4pjw/v/TP774c3XMdkQcibgQEf3jKxcGZ+tbzlSr4w+V84m6Ta8UAACAphwpWvX+f5o//5+MHnlIIuL1V4dx+b+uJqn/2+99/VN1rurz/yfrW+JUSuaG5yPv5yI6c01nBAAAwJPscNGyYv/3dHvp41+OftD1/D8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3f4OAAD//1AjNPw=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r1, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
r2 = creat(&(0x7f0000000140)='./file0\x00', 0x0)
fallocate(r2, 0x0, 0x0, 0x2000402)
ftruncate(r1, 0x0)
open(&(0x7f00009e1000)='./file0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYRESOCT=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(0xffffffffffffffff, 0xc0406619, &(0x7f0000000240)={@desc={0x1, 0x0, @desc2}})
prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0)

877.711563ms ago: executing program 2:
r0 = add_key$keyring(&(0x7f0000000300), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
add_key$user(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x1}, &(0x7f0000000240)="ac", 0x1, r0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15)
keyctl$read(0xb, r0, &(0x7f0000000380)=""/192, 0xc0)

857.935606ms ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0xc}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, &(0x7f0000000300), &(0x7f0000000200)}, 0x20)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r2, 0x40045402, &(0x7f0000000040)=0x1)

839.927979ms ago: executing program 2:
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000180), 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x100000, &(0x7f0000000200)=ANY=[], 0x1, 0x0, 0x0)
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r0, 0x0, 0x0)
mkdir(0x0, 0x0)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000080))
mknodat$loop(0xffffffffffffffff, &(0x7f0000000340)='./file1\x00', 0x0, 0x0)
linkat(0xffffffffffffffff, &(0x7f0000001180)='./file1\x00', 0xffffffffffffffff, &(0x7f00000011c0)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
unlink(0x0)
link(&(0x7f0000000600)='./file1\x00', &(0x7f0000000640)='./bus\x00')
lseek(r0, 0x0, 0x1)

826.744111ms ago: executing program 2:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x8, &(0x7f0000002ec0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000b0000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad03c22624c9f87f9793f50bb546040677b2db431fc79db0c5077da90fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c4089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492454d5878bd57e615d3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3a4d6926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873095cbff90326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288c9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493c97f29b33dcc9ffffffff9c77000000000000ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0f34d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502c9e959ef939ec71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a636c3b0e69102d1567f2e4d9dc080466c51bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc502009f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf790842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc9da71c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000200000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1b3be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fad05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6000010237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b0842bd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920386db4d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945eceda26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9f96756ea5cce7daac4be29bcf58ff30159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf974fcf36cbf6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e3c78b2a78f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397dacafa86966d7ba10413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd574d67ff2a49c4f93c0984b5c2d452340000d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d2cd1fe21ba8eaab827624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c79217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b29637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000002b77000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae4ffffffffb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a73efb16d4b2db6421fd4e3430700bad8240e51067d5d675d0104361c37c61a43b5afd865b60d4cae891b73220f17d25979a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2d7a510000a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7f090000001551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab0300d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c7a1b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e64701b049239e7f5faac16441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4faa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a2689217380400a9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a20ffffffff682139c58ac1deb039a691ad640e12c12fe11d70fe495906f2d5d71778acbd4eee53a3996cb0de84bd2b059d60c0f96a53ea44e0b293865aa68df494f87db976e36ad6c06912244d4c883c4aaa60b4a1392ce0b2f2c51966504652ff871e0f6dfff9f7d34ecf04be0a58c354fb7388ff7796d53174b67d1886e34b81ad8c60da56acc64739c3acab24aa8d0ac92d465074f915608b1b60a948bad401b1a7fb3627bbe6c45123ed44bfdf8cc143bd1b7a663dc3d0476b8e39becffc429e41f66b1e37ae52aacaff0f1dc8ea70b68c25072e20586b19127d75fa71577f265c51000000000000000000000000003bba840af65aff3d8261bc163b57a23d3e3ab2d8bbd314cd5c7699bd08f58b83c07e8c3d36261609e8d5461e2e7633e8377627ccf0613308155aaf7d746c08a685ea9ae0ab702ee4edc393d76a73d00452b1cc6eeadd186f549b56308cea77c416a4b2cbcfe37fc778621a3178baae78ff1b7ded218a3366712b3feb9415141ecb23abfb37f43a1c6dd6354a104b2cb17b90757b6a71459cc758463be2ca2d80aa285ff00fff4381bfcf659dd02147b74f784d06d0c3be24f26405ce09fb31688dbc5430c8a02079d2d128a6b72cc54d6c859d9a2fd8e87f87cd096ec92440c5c6d6905955d0e74a80385011e16f05d3eb815b0333ca5f6d3cf82962a4ed240ef1bcd2ad552c00e10fb9dd9f0ea7987eb6187aa310dfc3d5e63c31118d284b253d8a52d0081eb36e502b6de0ae05836469bf82b5055feaeef92a3e07446d86a971bcfdd7ed1b1cb44ac59faa9fc81d405c65cf0b74709a00000000128309d15ca101afda8a461d1f0f48e28e8a5c8ccccc0d86a9ec1fac367a2b7c6879000000000000000000000000000000000000da408de957a3b509882b212e0169d0a4194b21a144d9c08f5c9460ff45701d0a8db27d34fe973fab987d6ceb2e8524b84f6aedb811c048f5d8e7f8f5879f4a430fa4275f2cb50e0575dacb04b510d19d1a3b21b937f85ec9948cd3efedff8c886ce01119c36e76088b4e452f94b7a45421058132cc74a21b37c587dccdc209ef86010d75e58a806f90a243664cceedfc50915f6f4f6047390c9ac78bb7bf8f01a08d63c925c9a5718ce721cb4207697ff3d524897436f9696321878639ce34af2c3807fb181b1471eff7470f1254b426e2d2550ab5cd8210664f318f4a0b370d63ebc658b4544b6bc4ac192fe39e554bcaab67caaf6e058e46d0eb71d6ec2137c0487602e2175c87581b7b1aecb6158ac1fe65e37e7eb581873c95f3eb4c6e2ebcc2ae55f3d25bbf3bc3b35bfbb4233db7d998a7b6c494992680380caf577b04d6d44883a547f401ab2df13ba6ef0f96e626ed3a4ea196e99ccad3234f9648cb5d6bc140472c0721660b963d6f5bf70f78f541c7a5e7a91e4741317a0d779b44b52d8c2b200d1e2e8674c427ec2d1c2286118dbb839ada07fa4ee86b9e18b4114b2b4dd8d799aa76d07bbd3a6e350be8591aadefef39e1d4b7cf59b2e9a3b23ed81110beca3190faa027dc7cba6a214a5f2ff011db2e77f51cedd449103b3ef36d04d9fa0f67dc78053640f06364c9c745eadd6ab3052750c54137a18ea3eb7e7caf8542934586fea611b94c1800b7ab4bd371da15027d88ac1cdb52c2f73467ee66f05040e1f780da007e87936c91bf1b145bc64a9a7308ce51f01b63fecdd50854d7ade8b448150e31164e9657d6e24d19c03f51757f4816b3843d6f2fd55169220adedb6e9929be0ca1efa6f3a2d6945387c589368bbbfe4c9ac60a07833e96a625352073518414ca0b1dfc96138ddd"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x22}, 0x49)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = io_uring_setup(0x1694, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

699.401891ms ago: executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='ext4_allocate_inode\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000400)='ext4_allocate_inode\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)

680.082584ms ago: executing program 2:
r0 = gettid()
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000580)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000040000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000a000000b703000000000000850000007d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x53)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = memfd_create(&(0x7f00000005c0)=';e\x00\x00\xa4\xd8\xe0\x9c\x7f9\x8aZ]3N\xbb\xe1^\x9c\xe1\x9b6s$0Y\xf8\x90\x00\x00\x00\x00\xd2~l\xf6\x12\xde\xdd\xd5\x1d\x96\xb0a\xad\xcd\x16\xd8G\xae\xd9DZm\xabO\xad\x11%\x7f`@\x16c\xc0\xb6\x1f\xe3\x00\x1a_\xc7\xbf\xa7T\xbe\x13\x8b\xb3r\x8fL\xe6\xba\xe7\x18\xb4$BIj\xa3\xc9\xc6|\x9b\x88\xddPx\x02I\xde\xe8\xcd\x02\xc1\xedc2\x06\xcbM\xfb\x13jZ\x96\xeej\x9b\xe4XjN\xb9>\xdf3U\r \x8dh8T/h)\x90\xff\x99\xd9\x89\xab\xf8P\xacYt]\xa3\xed\xfa\xd2\n\x13\b\xce\xf8z\xed\xadnz\x96\xa3\x9a9R\xd9],t\'V|u\x86\x14s>p1\xcd\x1e\xe11We\xfe3\xe06\x1a^\x04^\xef\xa3\x0fU\x9b1\xc6J\x83\x9d[\\a\xf5\xdc\xa1\xcd\xbe\x9b\xc5z7\xe8VP\x89\x16MK`\xe5\x13\x02\b\x00\x00\x00\xd5\x01\xea\x98\xe6Z\x95j\xe3\x0ek>\x14\x80\rXS\xce\xf9\x0e\x89\xd6\xc6\x1bOm4Lla\r\xce\x17\xb5r&\xf3\x96\xbc\xc39\xa7\x95\xd9F\x17', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r4, &(0x7f0000002140)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000000100)={0x50, 0x0, r5, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r4, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000015000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000001f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a10000000000000000000000000000000000000000000000000000000000000000000000000000000093160000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fffffff3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f40000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff0000000000000000000000000000002000", 0x2000, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
setxattr$security_ima(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200), 0x0, 0x0, 0x0)
getdents64(r6, 0x0, 0x18)
close_range(r3, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='block_split\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700)
write$cgroup_int(r7, &(0x7f0000000200), 0x43400)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000140))
r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r9 = epoll_create1(0x0)
r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r10, &(0x7f0000002bc0))
syz_open_pts(r10, 0x0)
ppoll(&(0x7f0000000000)=[{r9, 0x41}, {r9, 0x8093}], 0x2, 0x0, 0x0, 0x0)
dup3(r8, r8, 0x80000)
bind$inet6(r8, &(0x7f0000000040)={0xa, 0x0, 0x0, @local}, 0x1c)
sendto$inet6(r8, &(0x7f0000000000)="89ff0a24e7fe0434", 0x8, 0x20008040, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @remote}, 0x1c)
pipe2$9p(&(0x7f0000000080), 0x0)

679.568544ms ago: executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x4003, &(0x7f00000003c0), 0x2, 0x4e6, &(0x7f0000000840)="$eJzs3MtrXNUfAPDvvUnapo9f8qvPPrSjVQyKTZM+Fy6sKHQjCIrUZUzSUpu20kRoS7BRpIILpX+Bj53gX+BKN6LiQnGruBWhSDatLmTkztwbZzozeXWSaZPPB6Y9595z7znn3nuS85ibANatUvZPErE1In6JiL5qtD5Bqfrfzdnp0b9mp0eTKJdf/jOppLsxOz1aJC2O25JHBtKI9L0kdjXJd/LS5TMjExPjF/L44FSah86OnBo/NX5u+OjRgwd6jxwePtSWemZlurHz7fO7dxx/7dqLoyeuvf7dF1l5y/n+2npU9S8xh66GLaUo1V/LGo8v8ex3um014aQ7+zftXGFYtOypzW5XT6X995VzlX198cK7RboNnSwksCKyxr6xYevc77KZcq0kqR4ArBGJJg3rVPGL/sZsNlKdHm0cBzfR3dYuSEddPxaVCmX1vpl/qnu6KyPYUn91bNSzQvnfGxEnZv7+OPtE03kIAID2+upYxOa831F8qnvSuL8m3f/yWaH+iPh/RGyPiHvy/st9EZW0D0TEgzXHJPl60nxKt8Qb+z8/9eaB2u5q22T9v2fyta36/t/c+kV/Vx7bVql/T3Ly9MT4/vyaDETPxiw+1HjquWm1r5//+aNW+Zdq+n/ZJ8u/6Avm5fij+5YJurGRqZHbrXfh+juVC3ulsf5JdCdFKGJHROxcxvmza3b6yc93t9pfV/+sng31/7D1ydswDil/GvFE9f7PxC31j3zdI6msT559c3Dy0uWnT9euTw4dOTx8aHBTTIzvHyyeikbf/3j1pTzYMIxY+P6vrOz+b276/M+tXPYnteu1k0vP4+qv77cc0yz3+d+QvFIJF+tSF0empi4MRWxIZhq3D/937MWR3rr0Wf0H9jZv/9sj/vkkP25XRGQP8UMR8XBE7MnL/khEPBoRe+ep/7fPPfZGqyHknXD/x5Z0/1sFnv0hovmurjPffNmQ8QelRdY/u/8HK6GBfMvYyNSmheo1X0lrA7d9AQEAAOAusCcitkaS7svnOLdGmu7bF7FlbgZlcuqpk+ffOjdWfUegP3rSYqarr2Y+dCifG87i2VHDNfFs/4HKvHG5XC73ZvFs/D6xrbNVh3VvS4v2n/m98ZUWYK1Z0jpaqzfagLvS8tfR2/+FDGB1raHv8wNLpP3D+rXo9r9Sb8EBHdOs/V+JuNmBogCrrFn7f7UD5QBWn/E/rF/aP6xbC75MC6xJi3pJfhmB7cfnSZN0r0ymrQNp1G3JfuLV/RWA/ogicfEFx/lP+Fsa0Z4SdrW1pr119zRtmmZTtCOvSBdM072EP8SwuoH0zihGNbAxIhZ4eucetitF4PJKF6zSCD7r7E8nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA2/dvAAAA//+lFtmI")
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', 0x0, 0x202020, 0x0)

591.480348ms ago: executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000100)=0xcf5)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
ppoll(&(0x7f0000000140)=[{r0, 0x8009}], 0x1, 0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
r2 = dup3(r1, r0, 0x0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x13)
ioctl$TCSETSW2(r2, 0x402c542c, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "04b2c5641bafe203015f8161af3be9b7715843"})

575.44815ms ago: executing program 4:
socket$key(0xf, 0x3, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3014850, &(0x7f00000001c0)={[{@quota}, {@barrier_val={'barrier', 0x3d, 0x1000}}, {@grpjquota}, {@norecovery}, {@dioread_lock}]}, 0x3, 0x4bd, &(0x7f0000000f00)="$eJzs3d9rW9cdAPDvle3ESZzZ2faQBZaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX/AYPQX7VOf+lLoH1Ao+RNKIdC+l1JaQpukD31oqyL5KnFdyZaJbSXW5wPH9557r/z9Hgkd6dxz0Q2gY52JiLGI6IqI8xHRn27PpCXW1kv1uEcP70xWSxKVyo0vkkjSbfX/laTLY+nDeiPiH3+L+Hfy47illdW5iUIhv5TWc+X5xVxpZfXC7PzETH4mvzA2Mnx59MropdGhXWvr1b98+sr/3vrr1fd+f+vj8c/P/aeaVl+6b2M7WrHW4nHrTe+pPRd13RGxtJNgz7GutD097U4EAICWVL/j/zQifh0Rj19vdzYAAADAXqj8qS++SSIqAAAAwIGVqV0Dm2Sy6bUAfZHJZLPr1/D+PI5mCsVS+XfTxeWFqfVrZQeiJzM9W8gPpdcKD0RPUq0P19af1i9uqo9ExImIeKn/SK2enSwWptp98gMAAAA6xLFN4/+v+tfH/wAAAMABM9DuBAAAAIA9Z/wPAAAAB1/T8X/Svb+JAAAAAHvh79euVUulfv/rqZsry3PFmxem8qW57PzyZHayuLSYnSkWZ2q/2Te/3f8rFIuLf4iF5du5cr5UzpVWVsfni8sL5fHafb3H8+4TDQAAAPvvxK/ufZRExNofj9RK1aF0Xwtj9bG9zQ7YS5mdHZ7sVR7A/utqdwJA27jAFzqX+Xhgm4H9y5vqOzxtAAAAPA8Gf/FM8//mA+EFZiAPncv8P3Qu8//Qucz/Q4c7vP0hvc12vL/LuQAAAHumr1aSTDadC+yLTCabjTheuy1ATzI9W8gPRcRPIuLD/p7D1fpwu5MGAAAAAAAAAAAAAAAAAAAAAAAAgBdMpZJEBQAAADjQIjKfJemN/Af7z/ZtPj9wKPm6v7aMiFtv3Hj19kS5vDRc3f7lk+3l19LtF9txBgMAAADYrD5Or4/jAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGA3PXp4Z7Je9jPugz9HxECj+N3RW1v2Rk9EHH2cRPeGxyUR0bUL8dfuRsTJRvGTaloxkGaxOX4mIo60Of6xXYgPnexetf8Za/T+y8SZ2rLx+687Lc/qwZlm/V/mSf/X1aT/O95ijFP338k1jX834lR34/6nHj95xv73X/9cXW22r/JmxGDDz5/kB7Fy5fnFXGll9cLs/MRMfia/MDIyfHn0yuil0aHc9Gwhn/5tGOP/v3z3u63af7RJ/IFt2n+2xfZ/e//2w59tEf/cbxq//ie3iF997n+bfg5U9w/W19fW1zc6/fYHp7dq/1ST9m/3+p9rsf3nr//3kxYPBQD2QWlldW6iUMgvWbFi5eCtXE/f6Dt+eJs7JgAAYNc9/dLf7kwAAAAAAAAAAAAAAAAAAACgc+3Hj5BtjNfbvqYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzp+wAAAP//hqfSmw==")
ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
ioctl$ASHMEM_GET_PIN_STATUS(0xffffffffffffffff, 0x7709, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000500)=@newsa={0x1c4, 0x10, 0x633, 0x0, 0x0, {{@in=@remote, @in6=@mcast2}, {@in6=@private1, 0x0, 0x32}, @in6=@private2, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @algo_auth={0x89, 0x1, {{'md5\x00'}, 0x208, "7dc6a016a5dd446382587fffe765a719947603cd166e7d7072d7f3d77b94d14aa74228a1b57005583e155fae907a97736a14adebc45bd3d7a66164c7dc9edc4dff"}}]}, 0x1c4}}, 0x0)

444.79544ms ago: executing program 3:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000340)={@cgroup, r0, 0x24, 0x0, 0xffffffffffffffff, @prog_id}, 0x20)

435.048612ms ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r2}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})

352.845745ms ago: executing program 1:
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./control\x00', 0x200080, &(0x7f0000000200), 0x3, 0x569, &(0x7f0000000580)="$eJzs3c+PG1cdAPDvzP6wk6bdBHqAqpAAhYCieLNOG1W9NLmAUFUJUXFAHNJl11ktseMQe0t3icT2bwAJBCf4EzggcUDqiQM3jkgcEFI5IAWIQAkCJKMZz26crK068a9m9/ORJvPjzZvve3HG782z4xfAkXUmInYjYjEi3o6IpeJ4Uixxubtk5927e3vt/t3ba0l0Om/9PcnTs2PRkyfzTHHNckR8/SsR304Oxm1t71xfrddrt4r95Xbj5nJre+f8ZmN1o7ZRu1GtXlq5dOHVi69Ux1bX041f3vny5hvf+M2vP/XB73e/9P2sWCeKtN56jFO36gv7cTLzEfHGJILNwFyxXjyQ8mL/DJcnWx4eTxoRH4uIz+b3/1LM5f86AYDDrNP5aXSWevcBgMMue/4/UU7SSkSkadEJqHTH8J6P42m92Wqfu9bcurHeHSs7GQvptc167cKp0h+/m5+8kGT7K3lanp7vVx/ZvxgRpyLiR6Vj+X5lrVlfn02XBwCOvGfyz8CK9j8i/lVK00plqKx9PtUDAJ4a5VkXAACYut72vzTDcgAA0+P5HwCOniHa/+LD/t2JlwUAmA7P/wBw9Gj/AeDoedz233cEAeCp9rU338yWzv3i96/X39neut585/x6rXW90thaq6w1b92sbDSbG/lv9jQeynysZ7voE9SbzZsrL8fWu8vtWqu93Nreudpobt1oX81/1/tqbWGqtQMA+jl1+v0/JBGx+9qxfImeuRy01XC4pbMuADAzc6Nk1kGAp9qTzfb1n7GXA5i+oZrwvJPwu4mXBZiNvj/mXe67+bCfPEYQ3zOGj5Sznxx+/P/gHM/A08z4PxxdTzb+//rYywFM35ON/wOHQaeTPDrn/+J+EgBwKI3wFb7OD8bVCQFm6sMm8x7L5/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwyJyIiO9EklbyucDT7M+0Uol4NiJOxkJybbNeuxARz8XpiFgoZfsrsy40ADCi9K9JMf/X2aWXTjyaupj8u5SvI+J7P3vrx++uttu3VrLj/9g/XtqbPqz6IN8I8woCAMPplIY8MW+/q8W650H+3t3ba3vLpArZz50r8b9iKuK1+3dv50s3ZT6ygxHlvC9x/J9JzBd5yhHxQkTMjSH+7nsR8Yl+9U/ysZGTxcynvfGjiP3sVOOnD8VP87TuOut8fXwMZYGj5v0rEXG53/2Xxpl83f/+L+fvUKO7c6V7sb33vvs98eeLSHN94mf3/JlhY7z8268eONhZ6qa9F/HCfL/4yX78ZED8l4aM/6cXP/3D1wekdX4ecTb6x++Ntdxu3Fxube+c32ysbtQ2ylGtXlq5dOHVi69Ul/Mx6uW9keqD/vbauecGlS2r//EB8ct967+4n/fzQ9b/F/99+1ufebBbejT+Fz/X//V/vm/8rqxN/MLDYTqD4q8e/9XA6buz+OsD6v9hr/+5YSofER/8ZWd9yFMBgClobe9cX63Xa7dG2sieQsdxnQMbWRGHO3mvuzha0D/HJGrxhBsLk/pbnfjG/H5fcbxX/mZ2xSlXJx17LUbauDetWLN7TwKm48FNP+uSAAAAAAAAAAAAAAAAg0zjvy7Nuo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcXv8PAAD//4vC0Ck=")
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x200000000000011, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
pipe(&(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f00000001c0), 0xfffffef3)
pipe(&(0x7f0000000100)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f00000001c0)='4', 0x1)
pipe2(&(0x7f0000000000)={<r5=>0xffffffffffffffff}, 0x0)
close(r5)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSWINSZ(r5, 0x540a, &(0x7f0000005ac0))
tee(r3, r2, 0x3, 0x0)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000180), r1)
sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20011000}, 0xc, &(0x7f0000000800)={&(0x7f0000000b00)=ANY=[@ANYRESHEX=r3, @ANYRES16=r6, @ANYBLOB="100027bd7000ffdbdf2525000000080001007063690011000200303030303a30303a31302e300000000008008a00", @ANYRES32=r1, @ANYBLOB="d8b13781c004000000000000009192f4f2f90600b40b2f6f38aeefd365ef15c49804af7b79ea835434a3692f34d586346e1e51"], 0x38}, 0x1, 0x0, 0x0, 0x20040804}, 0x20000081)
rt_sigaction(0xd, &(0x7f0000000000)={&(0x7f0000000380)="36d2d8f2438395ff1f965a00c4c1185c840561ee00007b7bc4816a512425160000006f6aa1c463f962d60064660fd054060aa89ef3ae7864640f2a6cda00c412c12e1129", 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000100))
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000dfe33a124b505692109562fb27870fe94617afe6bfc94a204800000000000000000041297d263858b200000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x78)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000001c0)="88"}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(r1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_writepages_result\x00'}, 0x10)

331.007678ms ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r4, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}}, 0x0)

46.694013ms ago: executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000240)={'tunl0\x00', &(0x7f00000001c0)={'gre0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x15, 0x4, 0x0, 0x0, 0x54, 0x0, 0x0, 0xfd, 0x0, 0x0, @remote, @private=0xa010101, {[@generic={0x0, 0x5, "4d16a5"}, @ra={0x94, 0x4}, @timestamp_addr={0x44, 0x14, 0x0, 0x1, 0x0, [{@loopback}, {@local}]}, @timestamp={0x44, 0x1c, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @ra={0x94, 0x4}]}}}}})

45.719722ms ago: executing program 3:
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
pipe2$9p(&(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r3 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
write$FUSE_DIRENTPLUS(r3, &(0x7f00000005c0)=ANY=[@ANYBLOB="b8"], 0xb8)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}})
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r4, &(0x7f0000000180)='./file0/file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

14.568228ms ago: executing program 1:
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000004000000000000000000190095"], &(0x7f00000001c0)='syzkaller\x00'}, 0x90)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r2}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0xfdef, &(0x7f0000000780)=ANY=[@ANYBLOB], 0x0)

9.596258ms ago: executing program 3:
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='freezer.self_freezing\x00', 0x0, 0x0)
preadv2(r1, &(0x7f0000000280)=[{&(0x7f00000008c0)=""/211, 0xd3}], 0x1, 0x0, 0x0, 0x0)

0s ago: executing program 3:
r0 = io_uring_setup(0x354e, &(0x7f0000000340))
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r1, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r2, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @private}, 0x2, 0xfffffffd}}, 0x2e)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x90)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/234)
close_range(r0, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

ady
[  837.986107][   T19] bridge0: port 1(bridge_slave_0) entered disabled state
[  837.994659][   T19] bridge0: port 2(bridge_slave_1) entered disabled state
[  838.004664][  T315] usb 2-1: invalid MIDI in EP 0
[  838.011362][  T315] snd-usb-audio: probe of 2-1:0.2 failed with error -22
[  838.018425][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  838.018889][  T315] usb 2-1: USB disconnect, device number 55
[  838.030813][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  838.046605][ T1078] bridge0: port 1(bridge_slave_0) entered blocking state
[  838.053514][ T1078] bridge0: port 1(bridge_slave_0) entered forwarding state
[  838.060900][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  838.069330][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  838.076120][ T2072] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.1'.
[  838.077683][ T1078] bridge0: port 2(bridge_slave_1) entered blocking state
[  838.093227][ T1078] bridge0: port 2(bridge_slave_1) entered forwarding state
[  838.111198][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  838.120212][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  838.128744][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  838.137167][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  838.173402][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  838.181850][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  838.192087][ T2057] device veth0_vlan entered promiscuous mode
[  838.215745][  T234] device bridge_slave_1 left promiscuous mode
[  838.222061][  T234] bridge0: port 2(bridge_slave_1) entered disabled state
[  838.237294][ T2076] loop2: detected capacity change from 0 to 256
[  838.243955][  T234] device bridge_slave_0 left promiscuous mode
[  838.256299][  T234] bridge0: port 1(bridge_slave_0) entered disabled state
[  838.275938][  T234] device veth1_macvtap left promiscuous mode
[  838.525514][  T234] device veth0_vlan left promiscuous mode
[  838.600733][ T2084] loop0: detected capacity change from 0 to 256
[  838.723752][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  838.733689][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  838.759934][ T2057] device veth1_macvtap entered promiscuous mode
[  838.779665][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  838.788194][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  838.803843][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  838.820112][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  838.836504][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  838.863375][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  838.874776][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  838.891211][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  838.907596][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  839.071366][   T19] usb 1-1: new high-speed USB device number 81 using dummy_hcd
[  839.195741][ T2103] loop3: detected capacity change from 0 to 256
[  839.204464][ T2103] exfat: Deprecated parameter 'utf8'
[  839.209688][ T2103] exfat: Deprecated parameter 'namecase'
[  839.215419][ T2103] exfat: Deprecated parameter 'namecase'
[  839.220905][ T2103] exfat: Deprecated parameter 'utf8'
[  839.226024][ T2103] exfat: Deprecated parameter 'utf8'
[  839.250881][ T2103] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d)
[  839.366338][ T2104] device pim6reg1 entered promiscuous mode
[  839.437699][ T2118] xt_bpf: check failed: parse error
[  839.503555][ T2125] loop1: detected capacity change from 0 to 512
[  839.513600][ T2125] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  839.522344][ T2125] ext4 filesystem being mounted at /root/syzkaller-testdir929007611/syzkaller.rv99Ky/14/bus supports timestamps until 2038 (0x7fffffff)
[  839.603231][ T2130] loop2: detected capacity change from 0 to 256
[  839.869902][   T19] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  839.908996][   T19] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  839.923544][   T19] usb 1-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  839.932461][   T19] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  839.941226][   T19] usb 1-1: config 0 descriptor??
[  840.031305][   T24] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[  840.100850][ T2137] xt_SECMARK: invalid security context 'system_u:object_r:devicekit_exec_t:s0'
[  840.422148][   T19] arvo 0003:1E7D:30D4.008F: unknown main item tag 0x0
[  840.428823][   T19] arvo 0003:1E7D:30D4.008F: item fetching failed at offset 5/7
[  840.436540][   T19] arvo 0003:1E7D:30D4.008F: parse failed
[  840.442324][   T19] arvo: probe of 0003:1E7D:30D4.008F failed with error -22
[  840.451359][   T24] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  840.464061][   T24] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  840.473089][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  840.483892][   T24] usb 2-1: config 0 descriptor??
[  840.531598][ T2150] overlayfs: failed to resolve './file0': -2
[  840.549642][   T24] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  840.759103][ T2131] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  840.767408][ T2131] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  840.935804][ T2158] device pim6reg1 entered promiscuous mode
[  841.008386][ T2160] loop3: detected capacity change from 0 to 128
[  841.306343][ T2166] loop2: detected capacity change from 0 to 40427
[  841.315624][ T2166] F2FS-fs (loop2): Found nat_bits in checkpoint
[  841.339061][ T2166] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  841.360313][ T2166] syz-executor.2: attempt to access beyond end of device
[  841.360313][ T2166] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  841.454186][T32348] syz-executor.2: attempt to access beyond end of device
[  841.454186][T32348] loop2: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  841.468453][T32348] syz-executor.2: attempt to access beyond end of device
[  841.468453][T32348] loop2: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  841.492471][  T234] kworker/u4:3: attempt to access beyond end of device
[  841.492471][  T234] loop2: rw=1, sector=45104, nr_sectors = 8 limit=40427
[  841.506495][  T234] kworker/u4:3: attempt to access beyond end of device
[  841.506495][  T234] loop2: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  841.563426][  T234] tipc: Left network mode
[  841.703046][   T24] usb 1-1: USB disconnect, device number 81
[  841.745505][ T2172] bridge0: port 1(bridge_slave_0) entered blocking state
[  841.752411][ T2172] bridge0: port 1(bridge_slave_0) entered disabled state
[  841.759553][ T2172] device bridge_slave_0 entered promiscuous mode
[  841.768449][ T2172] bridge0: port 2(bridge_slave_1) entered blocking state
[  841.775351][ T2172] bridge0: port 2(bridge_slave_1) entered disabled state
[  841.782691][ T2172] device bridge_slave_1 entered promiscuous mode
[  841.833917][ T2172] bridge0: port 2(bridge_slave_1) entered blocking state
[  841.840809][ T2172] bridge0: port 2(bridge_slave_1) entered forwarding state
[  841.848003][ T2172] bridge0: port 1(bridge_slave_0) entered blocking state
[  841.854778][ T2172] bridge0: port 1(bridge_slave_0) entered forwarding state
[  841.922884][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  841.930584][   T19] bridge0: port 1(bridge_slave_0) entered disabled state
[  841.938988][   T19] bridge0: port 2(bridge_slave_1) entered disabled state
[  841.956065][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  841.964218][   T19] bridge0: port 1(bridge_slave_0) entered blocking state
[  841.971066][   T19] bridge0: port 1(bridge_slave_0) entered forwarding state
[  841.978328][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  841.986411][   T19] bridge0: port 2(bridge_slave_1) entered blocking state
[  841.993278][   T19] bridge0: port 2(bridge_slave_1) entered forwarding state
[  842.011124][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  842.019076][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  842.035369][ T2172] device veth0_vlan entered promiscuous mode
[  842.045496][ T4670] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  842.054038][ T4670] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  842.062188][ T4670] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  842.069498][ T4670] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  842.083460][ T2172] device veth1_macvtap entered promiscuous mode
[  842.092408][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  842.100678][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  842.108732][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  842.116827][  T234] device bridge_slave_1 left promiscuous mode
[  842.123375][  T234] bridge0: port 2(bridge_slave_1) entered disabled state
[  842.130750][  T234] device bridge_slave_0 left promiscuous mode
[  842.137482][  T234] bridge0: port 1(bridge_slave_0) entered disabled state
[  842.145468][  T234] device veth1_macvtap left promiscuous mode
[  842.151528][  T234] device veth0_vlan left promiscuous mode
[  842.192401][ T1078] usb 4-1: new high-speed USB device number 85 using dummy_hcd
[  842.261319][ T4670] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  842.266673][ T2191] syz-executor.0[2191] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  842.269208][ T2191] syz-executor.0[2191] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  842.269407][ T4670] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  842.300571][ T4670] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  842.309067][ T4670] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  842.441602][ T1078] usb 4-1: Using ep0 maxpacket: 32
[  842.523379][ T1845] EXT4-fs (loop1): unmounting filesystem.
[  842.525172][  T315] usb 2-1: USB disconnect, device number 56
[  842.561494][ T1078] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  842.570044][ T1078] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  842.578856][ T1078] usb 4-1: config 1 has no interface number 1
[  842.584951][ T1078] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  842.597602][ T1078] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  842.701329][   T24] usb 3-1: new high-speed USB device number 71 using dummy_hcd
[  842.849438][ T1078] usb 4-1: string descriptor 0 read error: -22
[  842.855547][ T1078] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  842.864511][ T1078] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  842.912195][ T1078] usb 4-1: 2:1 : no UAC_FORMAT_TYPE desc
[  842.932895][ T2220] syz-executor.0[2220] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  842.932943][ T2220] syz-executor.0[2220] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  842.971507][  T315] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[  843.091416][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  843.102250][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  843.111822][   T24] usb 3-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  843.120657][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  843.129119][   T24] usb 3-1: config 0 descriptor??
[  843.132745][ T1078] usb 4-1: USB disconnect, device number 85
[  843.261344][   T19] usb 1-1: new high-speed USB device number 82 using dummy_hcd
[  843.371350][  T315] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  843.382481][  T315] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  843.392499][  T315] usb 2-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  843.401355][  T315] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  843.409822][  T315] usb 2-1: config 0 descriptor??
[  843.501337][   T19] usb 1-1: Using ep0 maxpacket: 32
[  843.601963][   T24] arvo 0003:1E7D:30D4.0090: unknown main item tag 0x0
[  843.608618][   T24] arvo 0003:1E7D:30D4.0090: item fetching failed at offset 5/7
[  843.616216][   T24] arvo 0003:1E7D:30D4.0090: parse failed
[  843.621652][   T24] arvo: probe of 0003:1E7D:30D4.0090 failed with error -22
[  843.626262][   T19] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  843.638696][   T19] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 128, using maximum allowed: 30
[  843.647792][ T2230] loop3: detected capacity change from 0 to 512
[  843.649531][   T19] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 128
[  843.668511][   T19] usb 1-1: New USB device found, idVendor=d5ff, idProduct=0066, bcdDevice=d8.b0
[  843.677574][   T19] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  843.686033][   T19] usb 1-1: config 0 descriptor??
[  843.692887][ T2230] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  843.701747][ T2230] ext4 filesystem being mounted at /root/syzkaller-testdir644518383/syzkaller.qxzEA1/7/bus supports timestamps until 2038 (0x7fffffff)
[  843.722027][   T19] usb 1-1: bad CDC descriptors
[  843.935570][  T315] sony 0003:054C:0268.0091: unbalanced collection at end of report description
[  843.949741][  T315] sony 0003:054C:0268.0091: parse failed
[  843.955686][  T315] sony: probe of 0003:054C:0268.0091 failed with error -22
[  844.035068][T24953] usb 1-1: USB disconnect, device number 82
[  844.151348][   T24] usb 4-1: new high-speed USB device number 86 using dummy_hcd
[  844.159086][   T19] usb 2-1: USB disconnect, device number 57
[  844.552019][ T2241] loop0: detected capacity change from 0 to 512
[  844.559019][ T2241] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  844.567992][   T24] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  844.572358][ T2241] EXT4-fs (loop0): failed to initialize system zone (-117)
[  844.580788][   T24] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  844.587941][ T2241] EXT4-fs (loop0): mount failed
[  844.596962][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  844.610427][   T24] usb 4-1: config 0 descriptor??
[  844.661611][   T24] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  844.791294][ T2245] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.0'.
[  844.801581][ T2245] device gretap0 entered promiscuous mode
[  844.812109][ T2245] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.0'.
[  844.821506][ T2245] 0ªX¹¦D: renamed from gretap0
[  844.829024][ T2245] device 
30ªX¹¦D left promiscuous mode
[  844.836654][ T2245] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  844.888510][ T2234] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  844.897064][ T2234] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  844.918666][   T28] kauditd_printk_skb: 40 callbacks suppressed
[  844.918714][   T28] audit: type=1400 audit(1986821024.214:43471): avc:  denied  { getopt } for  pid=2248 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  845.356901][T24953] usb 3-1: USB disconnect, device number 71
[  845.368651][ T2255] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  845.377999][ T2255] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  845.385028][ T2255] IPv6: NLM_F_CREATE should be set when creating new route
[  845.392820][ T2255] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  845.399858][ T2255] IPv6: NLM_F_CREATE should be set when creating new route
[  845.458770][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.466189][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.473547][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.480780][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.488006][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.495368][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.502679][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.509897][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.517300][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.524552][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.531741][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.538940][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.546172][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.553383][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.560573][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.567927][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.575170][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.582400][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.589567][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.596878][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.604088][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.611432][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.618721][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.626126][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.633546][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.641010][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.648272][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.655468][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.662684][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.669861][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.677166][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.684525][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.691767][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.698952][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.706183][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.713380][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.720556][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.727946][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.735172][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.742347][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.749545][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.756754][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.774002][   T24] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0
[  845.796380][   T24] hid-generic 0000:0000:0000.0092: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  845.804585][ T2278] syz-executor.1[2278] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  845.805884][ T2278] syz-executor.1[2278] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  845.808438][   T24] hid-generic 0000:0000:0000.0093: item fetching failed at offset 0/1
[  845.837186][   T24] hid-generic: probe of 0000:0000:0000.0093 failed with error -22
[  845.857955][   T28] audit: type=1400 audit(1986821025.154:43472): avc:  denied  { accept } for  pid=2280 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  845.955850][ T2286] loop2: detected capacity change from 0 to 512
[  845.963027][ T2286] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  845.983271][ T2286] EXT4-fs (loop2): failed to initialize system zone (-117)
[  845.989365][ T2296] device gretap0 entered promiscuous mode
[  845.990413][ T2286] EXT4-fs (loop2): mount failed
[  845.996044][ T2296] device vlan2 entered promiscuous mode
[  846.006779][ T2296] device gretap0 left promiscuous mode
[  846.287836][ T2306] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.2'.
[  846.334237][ T2306] device gretap0 entered promiscuous mode
[  846.366180][ T2307] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.2'.
[  846.399491][ T2307] 0ªX¹¦D: renamed from gretap0
[  846.423713][ T2307] device 
30ªX¹¦D left promiscuous mode
[  846.453256][ T2307] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  846.671899][   T24] usb 4-1: USB disconnect, device number 86
[  846.678563][ T2057] EXT4-fs (loop3): unmounting filesystem.
[  848.682580][ T2328] syz-executor.4[2328] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  848.682651][ T2328] syz-executor.4[2328] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  848.707598][ T2329] loop1: detected capacity change from 0 to 1024
[  848.752612][ T2329] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  848.774662][ T2329] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  848.794212][ T2329] EXT4-fs error (device loop1): ext4_get_journal_inode:5720: inode #5: comm syz-executor.1: unexpected bad inode w/o EXT4_IGET_BAD
[  848.819536][ T2329] EXT4-fs (loop1): no journal found
[  848.840370][ T2329] EXT4-fs (loop1): can't get journal size
[  848.856709][ T2329] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  848.890118][ T1845] EXT4-fs (loop1): unmounting filesystem.
[  849.026464][ T2346] loop2: detected capacity change from 0 to 40427
[  849.035110][ T2346] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  849.041340][ T1078] usb 4-1: new high-speed USB device number 87 using dummy_hcd
[  849.043111][ T2346] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  849.059192][ T2346] F2FS-fs (loop2): invalid crc value
[  849.066007][ T2346] F2FS-fs (loop2): Found nat_bits in checkpoint
[  849.126109][ T2346] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  849.133425][ T2346] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  849.166696][ T2372] loop0: detected capacity change from 0 to 512
[  849.173976][ T2372] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  849.174141][ T2346] syz-executor.2: attempt to access beyond end of device
[  849.174141][ T2346] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  849.192579][ T2372] EXT4-fs (loop0): failed to initialize system zone (-117)
[  849.210045][ T2372] EXT4-fs (loop0): mount failed
[  849.232234][ T2172] syz-executor.2: attempt to access beyond end of device
[  849.232234][ T2172] loop2: rw=2051, sector=45096, nr_sectors = 8 limit=40427
[  849.246630][ T2172] F2FS-fs (loop2): Issue discard(5637, 5637, 1) failed, ret: -5
[  849.281324][ T1078] usb 4-1: Using ep0 maxpacket: 16
[  849.406328][ T2392] loop2: detected capacity change from 0 to 1024
[  849.412680][ T1078] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  849.424229][ T1078] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  849.433985][ T1078] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  849.442921][ T2392] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  849.455252][ T1078] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  849.463201][ T2392] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  849.473393][ T1078] usb 4-1: config 0 descriptor??
[  849.478753][ T2392] EXT4-fs error (device loop2): ext4_get_journal_inode:5720: inode #5: comm syz-executor.2: unexpected bad inode w/o EXT4_IGET_BAD
[  849.493135][ T2394] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.0'.
[  849.502332][ T2392] EXT4-fs (loop2): no journal found
[  849.507359][ T2392] EXT4-fs (loop2): can't get journal size
[  849.522853][ T2394] device 
30ªX¹¦D entered promiscuous mode
[  849.525014][ T2392] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  849.544664][ T2397] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.0'.
[  849.553885][ T2397] 1ªX¹¦D: renamed from 
30ªX¹¦D
[  849.559399][ T2397] device 
31ªX¹¦D left promiscuous mode
[  849.570059][ T2172] EXT4-fs (loop2): unmounting filesystem.
[  849.572448][ T2397] A link change request failed with some changes committed already. Interface 
31ªX¹¦D may have been left with an inconsistent configuration, please check.
[  849.673306][ T2396] bridge0: port 1(bridge_slave_0) entered blocking state
[  849.686321][ T2396] bridge0: port 1(bridge_slave_0) entered disabled state
[  849.693158][ T2409] input: syz0 as /devices/virtual/input/input135
[  849.693660][ T2396] device bridge_slave_0 entered promiscuous mode
[  849.708929][ T2396] bridge0: port 2(bridge_slave_1) entered blocking state
[  849.716092][ T2396] bridge0: port 2(bridge_slave_1) entered disabled state
[  849.724910][ T2396] device bridge_slave_1 entered promiscuous mode
[  849.823340][ T2396] bridge0: port 2(bridge_slave_1) entered blocking state
[  849.830312][ T2396] bridge0: port 2(bridge_slave_1) entered forwarding state
[  849.837382][ T2396] bridge0: port 1(bridge_slave_0) entered blocking state
[  849.844186][ T2396] bridge0: port 1(bridge_slave_0) entered forwarding state
[  849.864561][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  849.872128][   T24] bridge0: port 1(bridge_slave_0) entered disabled state
[  849.879169][   T24] bridge0: port 2(bridge_slave_1) entered disabled state
[  849.889963][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  849.898361][  T335] bridge0: port 1(bridge_slave_0) entered blocking state
[  849.905203][  T335] bridge0: port 1(bridge_slave_0) entered forwarding state
[  849.919282][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  849.927365][   T24] bridge0: port 2(bridge_slave_1) entered blocking state
[  849.934243][   T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[  849.941789][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  849.949598][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  849.971500][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  849.982472][ T2335] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  849.997084][T24953] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  850.019428][T24953] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  850.026821][ T2335] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  850.037131][T24953] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  850.054737][ T2396] device veth0_vlan entered promiscuous mode
[  850.071585][ T1078] hid (null): bogus close delimiter
[  850.073845][ T2396] device veth1_macvtap entered promiscuous mode
[  850.078362][ T1078] hid-generic 0003:0158:0100.0094: unknown main item tag 0x0
[  850.089989][ T1078] hid-generic 0003:0158:0100.0094: unknown main item tag 0x0
[  850.102244][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  850.110190][ T1078] hid-generic 0003:0158:0100.0094: bogus close delimiter
[  850.117068][ T1078] hid-generic 0003:0158:0100.0094: item 0 0 2 10 parsing failed
[  850.119806][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  850.126279][ T1078] hid-generic: probe of 0003:0158:0100.0094 failed with error -22
[  850.133169][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  850.150318][  T234] device bridge_slave_1 left promiscuous mode
[  850.157264][  T234] bridge0: port 2(bridge_slave_1) entered disabled state
[  850.164900][  T234] device bridge_slave_0 left promiscuous mode
[  850.170909][  T234] bridge0: port 1(bridge_slave_0) entered disabled state
[  850.178912][  T234] device veth1_macvtap left promiscuous mode
[  850.185033][  T234] device veth0_vlan left promiscuous mode
[  850.249279][ T2431] tmpfs: Bad value for 'fscontext'
[  850.283598][ T6870] usb 4-1: USB disconnect, device number 87
[  850.361048][ T2419] bridge0: port 1(bridge_slave_0) entered blocking state
[  850.367969][ T2419] bridge0: port 1(bridge_slave_0) entered disabled state
[  850.375573][ T2419] device bridge_slave_0 entered promiscuous mode
[  850.385952][ T2419] bridge0: port 2(bridge_slave_1) entered blocking state
[  850.392965][ T2419] bridge0: port 2(bridge_slave_1) entered disabled state
[  850.401827][ T2419] device bridge_slave_1 entered promiscuous mode
[  850.644575][ T2419] bridge0: port 2(bridge_slave_1) entered blocking state
[  850.651430][ T2419] bridge0: port 2(bridge_slave_1) entered forwarding state
[  850.658490][ T2419] bridge0: port 1(bridge_slave_0) entered blocking state
[  850.665323][ T2419] bridge0: port 1(bridge_slave_0) entered forwarding state
[  850.683853][T24953] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  850.691434][T24953] bridge0: port 1(bridge_slave_0) entered disabled state
[  850.698940][T24953] bridge0: port 2(bridge_slave_1) entered disabled state
[  850.717550][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  850.725645][   T19] bridge0: port 1(bridge_slave_0) entered blocking state
[  850.732513][   T19] bridge0: port 1(bridge_slave_0) entered forwarding state
[  850.740178][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  850.748319][   T19] bridge0: port 2(bridge_slave_1) entered blocking state
[  850.755298][   T19] bridge0: port 2(bridge_slave_1) entered forwarding state
[  850.794847][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  850.802697][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  850.814392][ T2419] device veth0_vlan entered promiscuous mode
[  850.820556][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  850.829166][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  850.837037][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  851.008773][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  851.019958][   T28] audit: type=1326 audit(1986821030.324:43473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2450 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f471387cea9 code=0x7ffc0000
[  851.044618][ T2419] device veth1_macvtap entered promiscuous mode
[  851.051593][   T28] audit: type=1326 audit(1986821030.334:43474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2450 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f471387cea9 code=0x7ffc0000
[  851.076751][   T28] audit: type=1326 audit(1986821030.344:43475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2450 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f471387cea9 code=0x7ffc0000
[  851.100617][   T28] audit: type=1326 audit(1986821030.344:43476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2450 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f471387cea9 code=0x7ffc0000
[  851.137110][   T28] audit: type=1326 audit(1986821030.344:43477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2450 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f471387cea9 code=0x7ffc0000
[  851.139507][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  851.162340][   T28] audit: type=1326 audit(1986821030.344:43478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2450 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f471387cea9 code=0x7ffc0000
[  851.194195][   T28] audit: type=1326 audit(1986821030.354:43479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2450 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f471387cea9 code=0x7ffc0000
[  851.227622][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  851.244030][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  851.245447][   T28] audit: type=1326 audit(1986821030.354:43480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2450 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f471387a627 code=0x7ffc0000
[  851.255344][ T2461] loop0: detected capacity change from 0 to 128
[  851.276488][   T28] audit: type=1326 audit(1986821030.354:43481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2450 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4713840309 code=0x7ffc0000
[  851.288496][ T2461] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  851.332151][   T28] audit: type=1326 audit(1986821030.354:43482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2450 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f471387cea9 code=0x7ffc0000
[  851.367366][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.375713][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.383197][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.390491][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.397820][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.405136][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.412403][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.419571][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.426808][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.434039][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.441182][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.448465][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.455746][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.462965][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.470249][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.477477][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.485279][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.492474][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.499673][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.506861][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.514105][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.521272][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.528594][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.536114][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.544250][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.551556][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.560340][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.567579][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.574772][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.581969][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.589255][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.596471][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.603660][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.610845][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.618200][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.625396][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.632581][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.639865][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.647086][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.654288][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.661477][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.668761][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.676012][   T19] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0
[  851.686414][   T19] hid-generic 0000:0000:0000.0095: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  851.712895][   T19] hid-generic 0000:0000:0000.0096: item fetching failed at offset 0/1
[  851.722387][   T19] hid-generic: probe of 0000:0000:0000.0096 failed with error -22
[  851.765742][ T2485] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  851.834834][ T2497] syz-executor.3[2497] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  851.834908][ T2497] syz-executor.3[2497] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  852.164037][ T2515] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  852.184566][  T234] device bridge_slave_1 left promiscuous mode
[  852.190516][  T234] bridge0: port 2(bridge_slave_1) entered disabled state
[  852.198063][  T234] device bridge_slave_0 left promiscuous mode
[  852.204227][  T234] bridge0: port 1(bridge_slave_0) entered disabled state
[  852.209821][ T2519] Invalid ELF section name index: 0 || e_shstrndx (0) >= e_shnum (0)
[  852.223620][  T234] device veth1_macvtap left promiscuous mode
[  852.233762][  T234] device veth0_vlan left promiscuous mode
[  852.592978][ T2552] Invalid ELF section name index: 0 || e_shstrndx (0) >= e_shnum (0)
[  852.622240][ T2556] loop2: detected capacity change from 0 to 128
[  852.629033][ T2556] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  852.760447][ T2579] Invalid ELF section name index: 0 || e_shstrndx (0) >= e_shnum (0)
[  852.998471][ T2611] Invalid ELF section name index: 0 || e_shstrndx (0) >= e_shnum (0)
[  853.036093][ T2613] loop3: detected capacity change from 0 to 256
[  853.046353][ T2613] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  853.064362][ T2613] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  853.083192][ T2623] loop3: detected capacity change from 0 to 1024
[  853.090052][ T2623] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  853.099666][ T2623] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  853.110093][ T2623] EXT4-fs error (device loop3): ext4_get_journal_inode:5720: inode #5: comm syz-executor.3: unexpected bad inode w/o EXT4_IGET_BAD
[  853.123706][ T2623] EXT4-fs (loop3): no journal found
[  853.128775][ T2623] EXT4-fs (loop3): can't get journal size
[  853.135157][ T2623] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  853.151160][ T2057] EXT4-fs (loop3): unmounting filesystem.
[  853.261695][ T2644] futex_wake_op: syz-executor.3 tries to shift op by -1; fix this program
[  853.459466][ T2665] loop3: detected capacity change from 0 to 128
[  853.466206][ T2665] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  853.680239][ T2687] netlink: 'syz-executor.3': attribute type 11 has an invalid length.
[  853.734729][ T2693] loop3: detected capacity change from 0 to 256
[  853.743649][ T2693] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  853.760215][ T2693] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  853.783868][ T2697] futex_wake_op: syz-executor.3 tries to shift op by -1; fix this program
[  853.840205][ T2703] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.3'.
[  853.902554][ T2711] netlink: 'syz-executor.3': attribute type 11 has an invalid length.
[  853.934535][ T2717] loop3: detected capacity change from 0 to 256
[  853.943206][ T2717] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  853.959715][ T2717] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  854.156041][ T2728] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'.
[  854.171319][   T19] usb 1-1: new high-speed USB device number 83 using dummy_hcd
[  854.178888][ T2730] loop1: detected capacity change from 0 to 256
[  854.192397][ T2396] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  854.199960][ T2396] FAT-fs (loop1): Filesystem has been set read-only
[  854.206576][ T2396] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  854.360642][ T2732] bridge0: port 1(bridge_slave_0) entered blocking state
[  854.367626][ T2732] bridge0: port 1(bridge_slave_0) entered disabled state
[  854.374872][ T2732] device bridge_slave_0 entered promiscuous mode
[  854.383641][ T2732] bridge0: port 2(bridge_slave_1) entered blocking state
[  854.390711][ T2732] bridge0: port 2(bridge_slave_1) entered disabled state
[  854.397842][ T2732] device bridge_slave_1 entered promiscuous mode
[  854.411298][   T19] usb 1-1: Using ep0 maxpacket: 32
[  854.453645][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  854.460923][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  854.484948][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  854.493406][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  854.501517][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  854.509561][   T24] bridge0: port 1(bridge_slave_0) entered blocking state
[  854.516395][   T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[  854.523561][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  854.531376][   T19] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  854.531884][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  854.542681][   T19] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  854.550561][   T24] bridge0: port 2(bridge_slave_1) entered blocking state
[  854.561494][   T19] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  854.568137][   T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[  854.568471][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  854.591833][   T19] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  854.592134][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  854.600337][   T19] usb 1-1: config 0 descriptor??
[  854.607635][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  854.621962][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  854.630914][ T2732] device veth0_vlan entered promiscuous mode
[  854.636819][ T2715] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  854.643540][ T2732] device veth1_macvtap entered promiscuous mode
[  854.650339][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  854.658392][   T19] hub 1-1:0.0: USB hub found
[  854.663224][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  854.670413][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  854.684681][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  854.692891][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  854.811789][T11651] device bridge_slave_1 left promiscuous mode
[  854.817756][T11651] bridge0: port 2(bridge_slave_1) entered disabled state
[  854.825066][T11651] device bridge_slave_0 left promiscuous mode
[  854.831076][T11651] bridge0: port 1(bridge_slave_0) entered disabled state
[  854.839535][T11651] device veth1_macvtap left promiscuous mode
[  854.845782][T11651] device veth0_vlan left promiscuous mode
[  854.929854][ T2749] kvm [2748]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc0010004 data 0x0
[  854.941389][   T19] hub 1-1:0.0: config failed, can't read hub descriptor (err -22)
[  855.017492][ T2752] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  855.031162][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.038394][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.045617][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.053028][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.060232][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.067600][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.074894][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.082133][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.089367][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.096615][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.103830][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.110977][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.118203][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.125415][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.132614][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.139786][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.147045][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.154235][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.161448][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.168701][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.175927][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.184288][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.191600][   T19] hid-generic 0003:046D:C314.0098: hidraw0: USB HID v8.00 Device [HID 046d:c314] on usb-dummy_hcd.0-1/input0
[  855.203478][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.210664][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.217984][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.225176][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.232929][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.240114][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.247336][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.254558][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.261740][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.268950][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.276175][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.283378][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.290547][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.297797][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.305050][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.312183][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.319374][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.327049][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.334342][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.341544][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.348786][  T335] hid-generic 0000:0000:0000.0097: unknown main item tag 0x0
[  855.356946][  T335] hid-generic 0000:0000:0000.0097: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  855.368267][   T24] hid-generic 0000:0000:0000.0099: item fetching failed at offset 0/1
[  855.376773][   T24] hid-generic: probe of 0000:0000:0000.0099 failed with error -22
[  855.588942][ T2769] device bridge_slave_1 left promiscuous mode
[  855.595945][ T2769] bridge0: port 2(bridge_slave_1) entered disabled state
[  855.603493][T24953] usb 1-1: USB disconnect, device number 83
[  855.618458][ T2773] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  855.642508][ T2776] loop1: detected capacity change from 0 to 1024
[  855.649533][ T2776] EXT4-fs (loop1): blocks per group (131072) and clusters per group (8192) inconsistent
[  855.711793][ T2781] loop1: detected capacity change from 0 to 512
[  855.718415][ T2781] EXT4-fs: Ignoring removed mblk_io_submit option
[  855.726716][ T2781] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:164: inode #12: comm syz-executor.1: inline data xattr refers to an external xattr inode
[  855.742066][ T2781] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz-executor.1: couldn't read orphan inode 12 (err -117)
[  855.754392][ T2781] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  855.770044][ T2732] EXT4-fs (loop1): unmounting filesystem.
[  855.854004][ T2785] loop1: detected capacity change from 0 to 40427
[  855.860780][ T2785] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  855.868510][ T2785] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  855.877405][ T2785] F2FS-fs (loop1): invalid crc value
[  855.883887][ T2785] F2FS-fs (loop1): Found nat_bits in checkpoint
[  855.907154][ T2785] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  855.914058][ T2785] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  856.060494][ T2790] syz-executor.1: attempt to access beyond end of device
[  856.060494][ T2790] loop1: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  856.075003][ T2790] syz-executor.1: attempt to access beyond end of device
[  856.075003][ T2790] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  856.090191][ T2785] syz-executor.1: attempt to access beyond end of device
[  856.090191][ T2785] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  856.135849][T11651] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  856.145038][T11651] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  856.418936][ T2810] loop4: detected capacity change from 0 to 1024
[  856.436161][ T2810] EXT4-fs (loop4): blocks per group (131072) and clusters per group (8192) inconsistent
[  856.456356][ T2806] loop1: detected capacity change from 0 to 40427
[  856.463333][ T2806] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  856.471021][ T2806] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  856.481506][ T2806] F2FS-fs (loop1): Found nat_bits in checkpoint
[  856.517757][ T2806] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  856.517824][   T19] hid-generic 0000:0000:0000.009A: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  856.546079][ T2806] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  856.552987][ T2806] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  856.758441][ T2820] overlayfs: failed to resolve './file0': -2
[  856.819206][ T2818] loop4: detected capacity change from 0 to 40427
[  856.835345][ T2818] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  856.850522][ T2818] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  856.894730][ T2818] F2FS-fs (loop4): Found nat_bits in checkpoint
[  856.967882][ T2818] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  856.978041][ T2818] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  857.110677][ T2833] device pim6reg1 entered promiscuous mode
[  857.129177][ T2835] loop2: detected capacity change from 0 to 2048
[  857.140724][   T28] kauditd_printk_skb: 8 callbacks suppressed
[  857.140739][   T28] audit: type=1326 audit(1986821036.444:43491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2836 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f471387cea9 code=0x0
[  857.462933][ T2835] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  857.468578][ T2844] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  857.481819][ T2419] EXT4-fs (loop2): unmounting filesystem.
[  857.951340][T24953] usb 3-1: new high-speed USB device number 72 using dummy_hcd
[  857.988784][T32709] f2fs_fill_dentries: 4 callbacks suppressed
[  857.988804][T32709] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  858.000112][T32709] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  858.009695][T32709] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  858.019894][T32709] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  858.027408][T32709] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  858.035392][ T2886] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  858.039474][T32709] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  858.042914][ T2886] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  858.052889][T32709] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  858.070234][ T2888] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.0'.
[  858.361697][T24953] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  858.467177][T24953] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  858.476928][T24953] usb 3-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  858.488847][T24953] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  858.500907][T24953] usb 3-1: config 0 descriptor??
[  858.548879][ T2906] loop3: detected capacity change from 0 to 40427
[  858.555849][ T2906] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  858.564208][ T2906] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  858.574352][ T2906] F2FS-fs (loop3): Found nat_bits in checkpoint
[  858.611461][ T2906] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  858.618421][ T2906] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  859.113711][T24953] lg-g15 0003:046D:C222.009B: unknown main item tag 0x0
[  859.122856][T24953] lg-g15 0003:046D:C222.009B: unknown main item tag 0x0
[  859.129637][T24953] lg-g15 0003:046D:C222.009B: unknown main item tag 0x0
[  859.138836][T24953] lg-g15 0003:046D:C222.009B: hidraw0: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.2-1/input0
[  859.275150][ T2926] loop1: detected capacity change from 0 to 40427
[  859.282295][ T2926] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  859.289921][ T2926] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  859.298746][ T2926] F2FS-fs (loop1): invalid crc value
[  859.305382][ T2926] F2FS-fs (loop1): Found nat_bits in checkpoint
[  859.316307][T24953] usb 3-1: USB disconnect, device number 72
[  859.354506][ T2926] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  859.361451][ T2926] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  859.505992][ T2931] syz-executor.1: attempt to access beyond end of device
[  859.505992][ T2931] loop1: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  859.520932][ T2926] syz-executor.1: attempt to access beyond end of device
[  859.520932][ T2926] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  859.545324][ T2926] syz-executor.1: attempt to access beyond end of device
[  859.545324][ T2926] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  859.577620][ T2933] loop0: detected capacity change from 0 to 40427
[  859.584617][ T2933] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  859.592249][ T2933] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  859.593345][   T43] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  859.603052][ T2933] F2FS-fs (loop0): invalid crc value
[  859.611280][   T43] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  859.642591][ T2057] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  859.642613][ T2057] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  859.649980][ T2057] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  859.659512][ T2933] F2FS-fs (loop0): Found nat_bits in checkpoint
[  859.717216][ T2933] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  859.724120][ T2933] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  860.269486][ T2961] device bridge_slave_1 left promiscuous mode
[  860.283510][ T2961] bridge0: port 2(bridge_slave_1) entered disabled state
[  860.311601][T12155] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  860.337506][T12155] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  860.431490][  T315] usb 3-1: new high-speed USB device number 73 using dummy_hcd
[  860.568072][   T28] audit: type=1400 audit(1986821039.864:43492): avc:  denied  { setcurrent } for  pid=2964 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  863.038833][ T2992] syz-executor.1[2992] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  863.038923][ T2992] syz-executor.1[2992] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  863.052521][ T2992] syz-executor.1[2992] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  863.071440][  T315] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  863.085077][ T2992] syz-executor.1[2992] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  863.135399][  T315] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  863.156569][  T315] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  863.165532][  T315] usb 3-1: config 0 descriptor??
[  863.191350][  T315] usb 3-1: can't set config #0, error -71
[  863.209639][  T315] usb 3-1: USB disconnect, device number 73
[  863.523798][ T3011] device bridge_slave_1 left promiscuous mode
[  863.539781][ T3011] bridge0: port 2(bridge_slave_1) entered disabled state
[  863.876085][ T3028] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  864.162254][   T19] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[  864.431284][   T24] usb 1-1: new high-speed USB device number 84 using dummy_hcd
[  864.552034][   T19] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  864.563702][   T19] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  864.572840][   T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  864.586097][   T19] usb 2-1: config 0 descriptor??
[  864.681442][   T24] usb 1-1: Using ep0 maxpacket: 16
[  864.767732][ T5228] Bluetooth: hci0: sending frame failed (-49)
[  864.774097][ T4387] Bluetooth: hci0: Opcode 0x1003 failed: -49
[  864.841369][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  864.852213][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  864.875181][   T24] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  864.884469][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  864.892866][   T24] usb 1-1: config 0 descriptor??
[  864.932237][ T3083] device pim6reg1 entered promiscuous mode
[  864.954701][   T28] audit: type=1326 audit(1986821044.254:43493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3099 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f16e0e7cea9 code=0x0
[  865.051740][   T19] keytouch 0003:0926:3333.009C: fixing up Keytouch IEC report descriptor
[  865.060792][   T19] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.009C/input/input136
[  865.079583][ T3108] loop4: detected capacity change from 0 to 256
[  865.143212][   T19] keytouch 0003:0926:3333.009C: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0
[  865.221281][  T335] usb 4-1: new high-speed USB device number 88 using dummy_hcd
[  865.363176][ T3034] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  865.371754][ T3034] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  865.381511][   T24] hid (null): bogus close delimiter
[  865.388432][   T24] hid-generic 0003:0158:0100.009D: unknown main item tag 0x0
[  865.396027][   T24] hid-generic 0003:0158:0100.009D: unknown main item tag 0x0
[  865.403317][   T24] hid-generic 0003:0158:0100.009D: bogus close delimiter
[  865.410071][   T24] hid-generic 0003:0158:0100.009D: item 0 0 2 10 parsing failed
[  865.418364][   T24] hid-generic: probe of 0003:0158:0100.009D failed with error -22
[  865.461278][  T335] usb 4-1: Using ep0 maxpacket: 16
[  865.482637][T12155] kworker/u4:8: attempt to access beyond end of device
[  865.482637][T12155] loop4: rw=1, sector=256, nr_sectors = 288 limit=256
[  865.496310][T12155] kworker/u4:8: attempt to access beyond end of device
[  865.496310][T12155] loop4: rw=1, sector=608, nr_sectors = 416 limit=256
[  865.510660][T12155] kworker/u4:8: attempt to access beyond end of device
[  865.510660][T12155] loop4: rw=1, sector=1056, nr_sectors = 3304 limit=256
[  865.525616][T12155] kworker/u4:8: attempt to access beyond end of device
[  865.525616][T12155] loop4: rw=1, sector=4360, nr_sectors = 3312 limit=256
[  865.540796][T12155] kworker/u4:8: attempt to access beyond end of device
[  865.540796][T12155] loop4: rw=1, sector=7672, nr_sectors = 2760 limit=256
[  865.555732][T12155] kworker/u4:8: attempt to access beyond end of device
[  865.555732][T12155] loop4: rw=1, sector=10432, nr_sectors = 2592 limit=256
[  865.570201][T12155] kworker/u4:8: attempt to access beyond end of device
[  865.570201][T12155] loop4: rw=1, sector=13024, nr_sectors = 2048 limit=256
[  865.585830][T12155] kworker/u4:8: attempt to access beyond end of device
[  865.585830][T12155] loop4: rw=1, sector=15072, nr_sectors = 2048 limit=256
[  865.599923][   T19] usb 1-1: USB disconnect, device number 84
[  865.601582][T12155] kworker/u4:8: attempt to access beyond end of device
[  865.601582][T12155] loop4: rw=1, sector=17120, nr_sectors = 3048 limit=256
[  865.605879][  T335] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  865.621041][T12155] kworker/u4:8: attempt to access beyond end of device
[  865.621041][T12155] loop4: rw=1, sector=20168, nr_sectors = 2048 limit=256
[  865.631538][  T335] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  865.656420][  T335] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  865.669166][  T335] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  865.678142][  T335] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  865.701568][  T335] usb 4-1: config 0 descriptor??
[  865.788681][ T3129] loop4: detected capacity change from 0 to 512
[  865.796293][ T3129] EXT4-fs: Ignoring removed mblk_io_submit option
[  865.802945][ T3129] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  865.814559][ T1078] usb 2-1: USB disconnect, device number 58
[  865.814748][ T3129] EXT4-fs (loop4): Test dummy encryption mode enabled
[  865.829106][ T3129] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a064e01c, mo2=0002]
[  865.837443][ T3129] System zones: 1-12
[  865.842077][ T3129] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz-executor.4: casefold flag without casefold feature
[  865.855329][ T3129] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #12: comm syz-executor.4: missing EA_INODE flag
[  865.867330][ T3129] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz-executor.4: error while reading EA inode 12 err=-117
[  865.879969][ T3129] EXT4-fs (loop4): 1 orphan inode deleted
[  865.885532][ T3129] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  865.908169][T32709] EXT4-fs (loop4): unmounting filesystem.
[  865.936499][ T3131] loop2: detected capacity change from 0 to 40427
[  865.944161][ T3131] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  865.952568][ T3131] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  865.962687][ T3131] F2FS-fs (loop2): Found nat_bits in checkpoint
[  865.999860][ T3131] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  866.006809][ T3131] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  866.145878][ T3145] loop0: detected capacity change from 0 to 512
[  866.426220][  T335] microsoft 0003:045E:07DA.009E: unknown main item tag 0x0
[  866.433855][  T335] microsoft 0003:045E:07DA.009E: No inputs registered, leaving
[  866.441700][  T335] microsoft 0003:045E:07DA.009E: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  866.452972][  T335] microsoft 0003:045E:07DA.009E: no inputs found
[  866.459185][  T335] microsoft 0003:045E:07DA.009E: could not initialize ff, continuing anyway
[  866.575003][ T3094] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  866.584252][ T3094] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  866.601498][T24953] usb 4-1: USB disconnect, device number 88
[  866.857294][ T3138] loop4: detected capacity change from 0 to 131072
[  866.864501][ T3138] F2FS-fs (loop4): Wrong segment_count / block_count (65567 > 16384)
[  866.872542][ T3138] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  866.882838][ T3138] F2FS-fs (loop4): Found nat_bits in checkpoint
[  866.919611][ T3138] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  866.926568][ T3138] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  867.129892][ T3180] loop0: detected capacity change from 0 to 40427
[  867.140697][ T3180] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  867.148801][ T3180] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  867.162083][ T3180] F2FS-fs (loop0): invalid crc value
[  867.174925][ T3180] F2FS-fs (loop0): Found nat_bits in checkpoint
[  867.300974][ T3180] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  867.327757][ T3180] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  867.335913][ T2419] f2fs_fill_dentries: 4 callbacks suppressed
[  867.335929][ T2419] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  867.341770][ T2419] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  867.349313][ T2419] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  867.356909][ T2419] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  867.364378][ T2419] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  867.372606][ T2419] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  867.384027][ T3191] device pim6reg1 entered promiscuous mode
[  867.411263][ T2419] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  867.483594][ T3195] loop1: detected capacity change from 0 to 256
[  867.711878][T24953] usb 4-1: new high-speed USB device number 89 using dummy_hcd
[  867.835834][    T8] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  867.851933][    T8] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  867.938037][ T3209] loop2: detected capacity change from 0 to 1024
[  867.954462][ T3209] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  867.971320][T24953] usb 4-1: Using ep0 maxpacket: 16
[  867.984281][ T3209] EXT4-fs error (device loop2): ext4_protect_reserved_inode:182: inode #4: comm syz-executor.2: blocks 32-33 from inode overlap system zone
[  868.019677][ T3209] EXT4-fs (loop2): failed to initialize system zone (-117)
[  868.038489][ T3209] EXT4-fs (loop2): mount failed
[  868.141406][T24953] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  868.171332][T24953] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  868.182094][T24953] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  868.194811][T24953] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  868.216804][T24953] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  868.228504][T24953] usb 4-1: config 0 descriptor??
[  868.501377][  T315] usb 3-1: new high-speed USB device number 74 using dummy_hcd
[  868.510766][ T3221] loop0: detected capacity change from 0 to 40427
[  868.519073][ T3221] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  868.527018][ T3221] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  868.537344][ T3221] F2FS-fs (loop0): Found nat_bits in checkpoint
[  868.577429][ T3221] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  868.584404][ T3221] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  868.741583][  T315] usb 3-1: Using ep0 maxpacket: 16
[  868.861720][T24953] usbhid 4-1:0.0: can't add hid device: -71
[  869.022072][T24953] usbhid: probe of 4-1:0.0 failed with error -71
[  869.029200][T24953] usb 4-1: USB disconnect, device number 89
[  869.181374][  T315] usb 3-1: New USB device found, idVendor=23a7, idProduct=fedc, bcdDevice=e0.0b
[  869.190494][  T315] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  869.198402][  T315] usb 3-1: Product: syz
[  869.202440][  T315] usb 3-1: Manufacturer: syz
[  869.206861][  T315] usb 3-1: SerialNumber: syz
[  869.212724][  T315] usb 3-1: config 0 descriptor??
[  869.662816][ T1798] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  869.663936][ T1798] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  869.676049][ T1798] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  869.697218][ T3283] netlink: 'syz-executor.3': attribute type 27 has an invalid length.
[  869.731605][ T3283] bridge0: port 2(bridge_slave_1) entered disabled state
[  869.738641][ T3283] bridge0: port 1(bridge_slave_0) entered disabled state
[  869.843088][ T3294] loop0: detected capacity change from 0 to 256
[  869.893497][  T315] usb 3-1: MIDIStreaming interface descriptor not found
[  870.105905][ T4670] usb 3-1: USB disconnect, device number 74
[  870.508326][ T3314] loop1: detected capacity change from 0 to 128
[  870.595050][ T3314] bio_check_eod: 9 callbacks suppressed
[  870.595094][ T3314] syz-executor.1: attempt to access beyond end of device
[  870.595094][ T3314] loop1: rw=0, sector=121, nr_sectors = 120 limit=128
[  870.633540][  T234] kworker/u4:3: attempt to access beyond end of device
[  870.633540][  T234] loop1: rw=1, sector=241, nr_sectors = 800 limit=128
[  870.813301][ T3326] input: syz1 as /devices/virtual/input/input137
[  870.944475][ T3320] loop3: detected capacity change from 0 to 256
[  870.953684][ T3320] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe9e488b, utbl_chksum : 0xe619d30d)
[  870.980696][ T3320] exFAT-fs (loop3): error, invalid access to FAT bad cluster (entry 0x00000005)
[  870.990060][ T3320] exFAT-fs (loop3): Filesystem has been set read-only
[  870.996858][ T3320] exFAT-fs (loop3): failed to initialize root inode
[  871.189322][ T3350] loop1: detected capacity change from 0 to 512
[  871.197385][ T3350] EXT4-fs: Ignoring removed orlov option
[  871.203201][ T3350] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  871.219072][ T3350] EXT4-fs (loop1): 1 truncate cleaned up
[  871.224796][ T3350] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  871.236414][   T28] audit: type=1326 audit(1986821050.534:43494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3349 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72a0a7cea9 code=0x7ffc0000
[  871.260605][   T28] audit: type=1326 audit(1986821050.534:43495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3349 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f72a0a7cea9 code=0x7ffc0000
[  871.284749][   T28] audit: type=1326 audit(1986821050.534:43496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3349 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72a0a7cea9 code=0x7ffc0000
[  871.308895][   T28] audit: type=1326 audit(1986821050.554:43497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3349 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f72a0a7cea9 code=0x7ffc0000
[  871.333634][   T28] audit: type=1326 audit(1986821050.634:43498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3349 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72a0a7cea9 code=0x7ffc0000
[  871.362711][   T28] audit: type=1326 audit(1986821050.634:43499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3349 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f72a0a7a627 code=0x7ffc0000
[  871.386963][   T28] audit: type=1326 audit(1986821050.634:43500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3349 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f72a0a40309 code=0x7ffc0000
[  871.412639][   T28] audit: type=1326 audit(1986821050.634:43501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3349 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f72a0a7a627 code=0x7ffc0000
[  871.436864][   T28] audit: type=1326 audit(1986821050.634:43502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3349 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f72a0a40309 code=0x7ffc0000
[  871.461940][   T28] audit: type=1326 audit(1986821050.634:43503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3349 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f72a0a7a627 code=0x7ffc0000
[  871.508429][ T2732] EXT4-fs (loop1): unmounting filesystem.
[  871.527407][ T3363] input: syz1 as /devices/virtual/input/input138
[  871.646333][ T3372] netlink: 'syz-executor.1': attribute type 27 has an invalid length.
[  871.654734][ T3386] loop2: detected capacity change from 0 to 512
[  871.661640][ T3386] EXT4-fs: Ignoring removed orlov option
[  871.667575][ T3386] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  871.691972][ T3372] bridge0: port 1(bridge_slave_0) entered disabled state
[  871.724926][ T3386] EXT4-fs (loop2): 1 truncate cleaned up
[  871.730397][ T3386] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  871.776219][ T3394] input: syz1 as /devices/virtual/input/input139
[  871.796326][ T2419] EXT4-fs (loop2): unmounting filesystem.
[  871.852453][ T3411] loop2: detected capacity change from 0 to 1024
[  871.859381][ T3411] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  871.877128][ T3414] loop0: detected capacity change from 0 to 512
[  871.887179][ T3411] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  871.903762][ T2419] EXT4-fs (loop2): unmounting filesystem.
[  871.904583][ T3414] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  871.918192][ T3414] ext4 filesystem being mounted at /root/syzkaller-testdir2495443909/syzkaller.8Ckjn2/124/bus supports timestamps until 2038 (0x7fffffff)
[  872.091415][  T315] usb 2-1: new high-speed USB device number 59 using dummy_hcd
[  872.219773][ T1798] EXT4-fs (loop0): unmounting filesystem.
[  872.224144][ T3427] loop2: detected capacity change from 0 to 512
[  872.231881][ T3427] EXT4-fs: Ignoring removed orlov option
[  872.237644][ T3427] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  872.249371][ T3427] EXT4-fs (loop2): 1 truncate cleaned up
[  872.255044][ T3427] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  872.275083][ T2419] EXT4-fs (loop2): unmounting filesystem.
[  872.318351][ T3440] loop0: detected capacity change from 0 to 1024
[  872.325415][ T3440] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  872.339224][ T3440] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  872.355540][ T1798] EXT4-fs (loop0): unmounting filesystem.
[  872.391302][  T315] usb 2-1: Using ep0 maxpacket: 16
[  872.458963][ T3446] bridge0: port 1(bridge_slave_0) entered blocking state
[  872.465901][ T3446] bridge0: port 1(bridge_slave_0) entered disabled state
[  872.473149][ T3446] device bridge_slave_0 entered promiscuous mode
[  872.480034][ T3446] bridge0: port 2(bridge_slave_1) entered blocking state
[  872.486968][ T3446] bridge0: port 2(bridge_slave_1) entered disabled state
[  872.494275][ T3446] device bridge_slave_1 entered promiscuous mode
[  872.521546][  T315] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  872.532436][  T315] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  872.542079][  T315] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  872.555111][  T315] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  872.564098][  T315] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  872.572633][  T315] usb 2-1: config 0 descriptor??
[  872.597306][ T3446] bridge0: port 2(bridge_slave_1) entered blocking state
[  872.604185][ T3446] bridge0: port 2(bridge_slave_1) entered forwarding state
[  872.611284][ T3446] bridge0: port 1(bridge_slave_0) entered blocking state
[  872.618047][ T3446] bridge0: port 1(bridge_slave_0) entered forwarding state
[  872.645951][T19054] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  872.653950][T19054] bridge0: port 1(bridge_slave_0) entered disabled state
[  872.661105][T19054] bridge0: port 2(bridge_slave_1) entered disabled state
[  872.680216][T19054] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  872.688419][T19054] bridge0: port 1(bridge_slave_0) entered blocking state
[  872.695275][T19054] bridge0: port 1(bridge_slave_0) entered forwarding state
[  872.702498][T19054] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  872.710497][T19054] bridge0: port 2(bridge_slave_1) entered blocking state
[  872.717358][T19054] bridge0: port 2(bridge_slave_1) entered forwarding state
[  872.730554][T19054] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  872.741125][T19054] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  872.755888][ T3466] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'.
[  872.783475][ T4670] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  872.795040][ T4670] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  872.795441][ T3470] loop3: detected capacity change from 0 to 2048
[  872.818735][ T3446] device veth0_vlan entered promiscuous mode
[  872.825179][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  872.826301][ T3462] loop0: detected capacity change from 0 to 256
[  872.833827][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  872.849908][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  872.857247][ T3470]  loop3: p2 p3 < > p4 < p5 >
[  872.857926][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  872.861996][ T3470] loop3: partition table partially beyond EOD, truncated
[  872.871141][ T3462] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xbe9e488b, utbl_chksum : 0xe619d30d)
[  872.878573][ T3446] device veth1_macvtap entered promiscuous mode
[  872.888308][ T3462] exFAT-fs (loop0): error, invalid access to FAT bad cluster (entry 0x00000005)
[  872.893791][ T3470] loop3: p2 start 33028 is beyond EOD, truncated
[  872.903704][ T3462] exFAT-fs (loop0): Filesystem has been set read-only
[  872.909704][ T3470] loop3: p3 start 4284160 is beyond EOD, truncated
[  872.916771][ T3462] exFAT-fs (loop0): failed to initialize root inode
[  872.923243][ T3470] loop3: p5 start 33028 is beyond EOD, truncated
[  872.935629][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  872.935922][ T3470] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  872.943766][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  872.960358][ T3470] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  872.960448][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  872.969372][ T3470] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  872.985831][    T8] device bridge_slave_0 left promiscuous mode
[  872.998589][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  873.007299][    T8] device veth1_macvtap left promiscuous mode
[  873.122869][ T2057] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  873.133803][ T2057] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  873.142818][ T2057] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  873.151783][  T315] usbhid 2-1:0.0: can't add hid device: -71
[  873.163897][  T315] usbhid: probe of 2-1:0.0 failed with error -71
[  873.172122][  T315] usb 2-1: USB disconnect, device number 59
[  873.182872][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  873.191679][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  873.203028][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  873.212426][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  873.230854][ T3479] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  873.246122][ T3479] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  873.260539][ T3485] loop0: detected capacity change from 0 to 1024
[  873.268156][ T3485] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  873.282665][ T3485] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  873.298107][ T1798] EXT4-fs (loop0): unmounting filesystem.
[  873.475250][ T3502] bridge0: port 1(bridge_slave_0) entered blocking state
[  873.482253][ T3502] bridge0: port 1(bridge_slave_0) entered disabled state
[  873.489398][ T3502] device bridge_slave_0 entered promiscuous mode
[  873.497379][ T3502] bridge0: port 2(bridge_slave_1) entered blocking state
[  873.504285][ T3502] bridge0: port 2(bridge_slave_1) entered disabled state
[  873.511622][ T3502] device bridge_slave_1 entered promiscuous mode
[  873.560337][ T3502] bridge0: port 2(bridge_slave_1) entered blocking state
[  873.567205][ T3502] bridge0: port 2(bridge_slave_1) entered forwarding state
[  873.574424][ T3502] bridge0: port 1(bridge_slave_0) entered blocking state
[  873.581280][ T3502] bridge0: port 1(bridge_slave_0) entered forwarding state
[  873.608531][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  873.616533][ T1078] bridge0: port 1(bridge_slave_0) entered disabled state
[  873.623735][ T1078] bridge0: port 2(bridge_slave_1) entered disabled state
[  873.644985][ T4670] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  873.653235][ T4670] bridge0: port 1(bridge_slave_0) entered blocking state
[  873.660076][ T4670] bridge0: port 1(bridge_slave_0) entered forwarding state
[  873.667401][ T4670] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  873.675488][ T4670] bridge0: port 2(bridge_slave_1) entered blocking state
[  873.682350][ T4670] bridge0: port 2(bridge_slave_1) entered forwarding state
[  873.689879][ T4670] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  873.698249][ T4670] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  873.715490][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  873.726161][ T3502] device veth0_vlan entered promiscuous mode
[  873.733573][ T4670] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  873.747780][ T4670] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  873.755113][ T4670] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  873.766448][ T3502] device veth1_macvtap entered promiscuous mode
[  873.775789][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  873.790978][ T4670] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  873.799860][ T4670] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  873.808633][ T4670] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  873.817284][ T4670] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  873.992800][    T8] device bridge_slave_1 left promiscuous mode
[  873.998752][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  874.033942][    T8] device bridge_slave_0 left promiscuous mode
[  874.040026][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  874.050720][    T8] device veth1_macvtap left promiscuous mode
[  874.057193][    T8] device veth0_vlan left promiscuous mode
[  874.192574][ T3521] loop2: detected capacity change from 0 to 1024
[  874.199545][ T3521] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  874.212512][ T3521] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  874.226600][ T2419] EXT4-fs (loop2): unmounting filesystem.
[  874.249680][ T3518] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  874.259567][ T3519] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  874.302486][ T3535] loop0: detected capacity change from 0 to 2048
[  874.314459][ T3535]  loop0: p2 p3 < > p4 < p5 >
[  874.318976][ T3535] loop0: partition table partially beyond EOD, truncated
[  874.325978][ T3535] loop0: p2 start 33028 is beyond EOD, truncated
[  874.332327][ T3535] loop0: p3 start 4284160 is beyond EOD, truncated
[  874.338961][ T3538] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[  874.348472][ T3535] loop0: p5 start 33028 is beyond EOD, truncated
[  874.348877][ T3538] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  874.366032][ T3535] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  874.375704][ T3535] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  874.388404][ T3535] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  874.413653][ T3532] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  874.462162][ T3502] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  874.538328][ T3562] device syzkaller0 entered promiscuous mode
[  874.998401][ T3572] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  875.493267][ T3602] syz-executor.1[3602] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  875.493313][ T3602] syz-executor.1[3602] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  875.531292][   T24] usb 4-1: new high-speed USB device number 90 using dummy_hcd
[  875.567340][ T3608] device syzkaller0 entered promiscuous mode
[  875.627127][ T3614] loop0: detected capacity change from 0 to 256
[  875.733734][ T3618] EXT4-fs (sda1): re-mounted. Quota mode: none.
[  875.791345][   T24] usb 4-1: Using ep0 maxpacket: 16
[  875.838729][ T3629] loop1: detected capacity change from 0 to 512
[  875.845797][ T3629] EXT4-fs (loop1): Test dummy encryption mode enabled
[  875.854331][ T3629] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #17: comm syz-executor.1: iget: bogus i_mode (0)
[  875.866222][ T3629] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz-executor.1: couldn't read orphan inode 17 (err -117)
[  875.878563][ T3629] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  875.899926][ T2732] EXT4-fs (loop1): unmounting filesystem.
[  875.962464][ T3640] device syzkaller0 entered promiscuous mode
[  876.053125][ T3642] overlayfs: failed to resolve './file0': -2
[  876.151621][   T24] usb 4-1: New USB device found, idVendor=23a7, idProduct=fedc, bcdDevice=e0.0b
[  876.219450][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  876.238597][   T24] usb 4-1: Product: syz
[  876.242753][   T24] usb 4-1: Manufacturer: syz
[  876.249563][   T24] usb 4-1: SerialNumber: syz
[  876.255406][   T24] usb 4-1: config 0 descriptor??
[  876.260230][ T3647] EXT4-fs (sda1): re-mounted. Quota mode: none.
[  876.277039][ T3651] loop2: detected capacity change from 0 to 256
[  876.413940][ T3660] netlink: 'syz-executor.4': attribute type 9 has an invalid length.
[  876.469358][ T3667] kernel profiling enabled (shift: 9)
[  876.731422][   T24] usb 4-1: MIDIStreaming interface descriptor not found
[  876.783745][ T3706] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  876.951735][  T335] usb 4-1: USB disconnect, device number 90
[  877.071326][ T4670] usb 1-1: new high-speed USB device number 85 using dummy_hcd
[  877.101324][   T24] usb 3-1: new high-speed USB device number 75 using dummy_hcd
[  877.268614][ T3713] loop1: detected capacity change from 0 to 40427
[  877.275554][ T3713] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  877.283107][ T3713] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  877.293138][ T3713] F2FS-fs (loop1): Found nat_bits in checkpoint
[  877.311571][ T4670] usb 1-1: Using ep0 maxpacket: 8
[  877.318576][ T3713] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  877.325769][ T3713] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  877.381317][   T24] usb 3-1: Using ep0 maxpacket: 8
[  877.431878][ T4670] usb 1-1: unable to get BOS descriptor set
[  877.521660][   T24] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  877.774423][ T3736] loop3: detected capacity change from 0 to 256
[  877.802340][ T4670] usb 1-1: config 0 has no interfaces?
[  877.846231][ T3740] loop3: detected capacity change from 0 to 256
[  877.914556][ T3742] overlayfs: failed to resolve './file0': -2
[  878.143424][   T24] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  878.152597][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  878.160418][   T24] usb 3-1: Product: syz
[  878.164580][   T24] usb 3-1: Manufacturer: syz
[  878.168897][   T24] usb 3-1: SerialNumber: syz
[  878.231376][ T4670] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  878.240290][ T4670] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  878.248168][ T4670] usb 1-1: Product: syz
[  878.252175][ T4670] usb 1-1: Manufacturer: syz
[  878.256703][ T4670] usb 1-1: SerialNumber: syz
[  878.261622][ T4670] usb 1-1: config 0 descriptor??
[  878.331311][ T6870] usb 4-1: new high-speed USB device number 91 using dummy_hcd
[  878.414399][   T24] usb 3-1: USB disconnect, device number 75
[  878.503827][ T4670] usb 1-1: USB disconnect, device number 85
[  878.658579][ T2732] f2fs_fill_dentries: 4 callbacks suppressed
[  878.658597][ T2732] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  878.664477][ T2732] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  878.672113][ T2732] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  878.679535][ T2732] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  878.687026][ T2732] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  878.694500][ T2732] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  878.701948][ T2732] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  878.721327][ T6870] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  878.739762][ T6870] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  878.749272][ T6870] usb 4-1: New USB device found, idVendor=1345, idProduct=3008, bcdDevice= 0.00
[  878.758169][ T6870] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  878.766922][ T6870] usb 4-1: config 0 descriptor??
[  878.804279][ T3751] syz-executor.1[3751] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  878.804327][ T3751] syz-executor.1[3751] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  878.974030][ T3761] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  879.121277][ T4670] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[  879.243670][ T6870] sony 0003:1345:3008.009F: hiddev96,hidraw0: USB HID v80.00 Device [HID 1345:3008] on usb-dummy_hcd.3-1/input0
[  879.257036][ T6870] sony 0003:1345:3008.009F: failed to claim input
[  879.321314][   T19] usb 1-1: new high-speed USB device number 86 using dummy_hcd
[  879.361341][ T4670] usb 2-1: Using ep0 maxpacket: 32
[  879.446214][  T335] usb 4-1: USB disconnect, device number 91
[  879.481377][ T4670] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  879.502403][ T4670] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  879.561309][   T19] usb 1-1: Using ep0 maxpacket: 16
[  879.663244][ T3783] tipc: Failed to remove unknown binding: 66,1,1/0:745070712/745070714
[  879.673959][ T3783] tipc: Failed to remove unknown binding: 66,1,1/0:745070712/745070714
[  879.821410][   T19] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  879.832222][ T4670] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  879.841058][ T4670] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  879.848971][   T19] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  879.858580][ T4670] usb 2-1: Product: syz
[  879.862562][   T19] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  879.875182][ T4670] usb 2-1: Manufacturer: syz
[  879.879514][ T4670] usb 2-1: SerialNumber: syz
[  879.884338][   T19] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  879.893527][   T19] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  879.902969][   T19] usb 1-1: config 0 descriptor??
[  880.151689][ T4670] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 60 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  880.301301][T19054] usb 4-1: new high-speed USB device number 92 using dummy_hcd
[  880.352479][   T24] usb 2-1: USB disconnect, device number 60
[  880.358650][   T24] usblp0: removed
[  880.441323][   T19] usbhid 1-1:0.0: can't add hid device: -71
[  880.447153][   T19] usbhid: probe of 1-1:0.0 failed with error -71
[  880.453704][   T19] usb 1-1: USB disconnect, device number 86
[  880.561288][T19054] usb 4-1: Using ep0 maxpacket: 8
[  880.691346][T19054] usb 4-1: unable to get BOS descriptor set
[  880.801329][T19054] usb 4-1: config 0 has no interfaces?
[  880.958362][ T3804] loop0: detected capacity change from 0 to 40427
[  880.965285][ T3804] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  880.972969][ T3804] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  880.981330][T19054] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  880.981903][ T3804] F2FS-fs (loop0): invalid crc value
[  880.990306][T19054] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  880.996731][ T3804] F2FS-fs (loop0): Found nat_bits in checkpoint
[  881.003643][T19054] usb 4-1: Product: syz
[  881.013772][T19054] usb 4-1: Manufacturer: syz
[  881.018118][T19054] usb 4-1: SerialNumber: syz
[  881.023161][T19054] usb 4-1: config 0 descriptor??
[  881.035082][ T3804] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  881.042061][ T3804] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  881.277908][T19054] usb 4-1: USB disconnect, device number 92
[  881.716122][ T3815] loop2: detected capacity change from 0 to 40427
[  881.723320][ T3815] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  881.730876][ T3815] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  881.747769][    T8] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  881.757776][    T8] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  881.779169][ T3815] F2FS-fs (loop2): Found nat_bits in checkpoint
[  881.822261][ T3815] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  881.834656][ T3815] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  881.841708][ T3815] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  882.045257][ T3832] loop3: detected capacity change from 0 to 1024
[  882.052614][ T3832] EXT4-fs: Invalid uid value -1
[  882.070088][ T3849] overlayfs: failed to resolve './file0': -2
[  882.174698][ T3851] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'.
[  882.249299][   T19] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[  882.491272][   T19] usb 2-1: Using ep0 maxpacket: 32
[  882.611391][   T19] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  882.621007][   T19] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  882.755626][ T3875] loop2: detected capacity change from 0 to 256
[  882.781481][   T19] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  882.790341][   T19] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  882.798286][   T19] usb 2-1: Product: syz
[  882.802285][   T19] usb 2-1: Manufacturer: syz
[  882.806770][   T19] usb 2-1: SerialNumber: syz
[  883.072420][   T19] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 61 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  883.274305][   T19] usb 2-1: USB disconnect, device number 61
[  883.281419][   T19] usblp0: removed
[  883.419476][ T3937] loop4: detected capacity change from 0 to 512
[  883.426180][ T3937] EXT4-fs: Ignoring removed bh option
[  883.592689][ T3937] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  883.654925][ T3937] EXT4-fs (loop4): 1 truncate cleaned up
[  883.662421][ T3937] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  883.711615][ T3937] loop4: detected capacity change from 512 to 64
[  883.775240][ T3941] EXT4-fs error (device loop4): mb_free_blocks:1813: group 0, inode 19: block 149:freeing already freed block (bit 148); block bitmap corrupt.
[  883.789639][ T3941] EXT4-fs (loop4): pa ffff8881217c7a80: logic 0, phys. 129, len 64
[  883.797332][ T3941] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4871: group 0, free 56, pa_free 55
[  883.811282][ T3446] EXT4-fs (loop4): unmounting filesystem.
[  883.853131][ T3945] fscrypt_msg: 2 callbacks suppressed
[  883.853148][ T3945] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  883.867900][ T3945] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  883.877144][ T3945] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  883.898683][ T3446] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  883.907643][ T3446] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  883.916932][ T3446] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  884.780953][ T3985] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  884.790113][ T3985] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  884.800170][ T3985] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  884.821315][ T2419] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  884.846740][   T28] kauditd_printk_skb: 149 callbacks suppressed
[  884.846756][   T28] audit: type=1326 audit(1986821064.144:43653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3992 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e0e7cea9 code=0x7ffc0000
[  884.876750][   T28] audit: type=1326 audit(1986821064.144:43654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3992 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e0e7cea9 code=0x7ffc0000
[  884.906157][   T28] audit: type=1326 audit(1986821064.144:43655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3992 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f16e0e7cea9 code=0x7ffc0000
[  884.930203][   T28] audit: type=1326 audit(1986821064.144:43656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3992 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e0e7cea9 code=0x7ffc0000
[  884.954105][   T28] audit: type=1326 audit(1986821064.144:43657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3992 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e0e7cea9 code=0x7ffc0000
[  884.978034][   T28] audit: type=1326 audit(1986821064.144:43658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3992 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f16e0e7cea9 code=0x7ffc0000
[  885.002209][   T28] audit: type=1326 audit(1986821064.204:43659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3992 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e0e7cea9 code=0x7ffc0000
[  885.026160][   T28] audit: type=1326 audit(1986821064.204:43660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3992 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f16e0e7a627 code=0x7ffc0000
[  885.050114][   T28] audit: type=1326 audit(1986821064.204:43661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3992 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f16e0e40309 code=0x7ffc0000
[  885.073930][   T28] audit: type=1326 audit(1986821064.204:43662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3992 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e0e7cea9 code=0x7ffc0000
[  885.127686][ T3998] device syzkaller0 entered promiscuous mode
[  885.141326][   T19] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[  885.214432][ T4008] geneve1: tun_chr_ioctl cmd 1074025681
[  885.326956][ T4020] loop0: detected capacity change from 0 to 256
[  885.333485][ T4020] exfat: Deprecated parameter 'utf8'
[  885.341587][ T4020] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xa4dad179, utbl_chksum : 0xe619d30d)
[  885.376417][ T4020] device syzkaller0 entered promiscuous mode
[  885.391287][   T19] usb 2-1: Using ep0 maxpacket: 32
[  885.511380][   T19] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  885.530994][   T19] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  885.701369][   T19] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  885.720520][   T19] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  885.730619][   T19] usb 2-1: Product: syz
[  885.734300][ T4026] loop0: detected capacity change from 0 to 1024
[  885.734651][   T19] usb 2-1: Manufacturer: syz
[  885.755847][ T4026] EXT4-fs: Invalid uid value -1
[  885.765480][   T19] usb 2-1: SerialNumber: syz
[  886.032017][   T19] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 62 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  886.062076][ T4036] bridge0: port 1(bridge_slave_0) entered blocking state
[  886.068986][ T4036] bridge0: port 1(bridge_slave_0) entered disabled state
[  886.076368][ T4036] device bridge_slave_0 entered promiscuous mode
[  886.083434][ T4036] bridge0: port 2(bridge_slave_1) entered blocking state
[  886.090414][ T4036] bridge0: port 2(bridge_slave_1) entered disabled state
[  886.097983][ T4036] device bridge_slave_1 entered promiscuous mode
[  886.167396][ T4036] bridge0: port 2(bridge_slave_1) entered blocking state
[  886.174285][ T4036] bridge0: port 2(bridge_slave_1) entered forwarding state
[  886.181395][ T4036] bridge0: port 1(bridge_slave_0) entered blocking state
[  886.188135][ T4036] bridge0: port 1(bridge_slave_0) entered forwarding state
[  886.196125][   T19] bridge0: port 1(bridge_slave_0) entered disabled state
[  886.203739][   T19] bridge0: port 2(bridge_slave_1) entered disabled state
[  886.225770][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  886.239364][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  886.247387][   T19] usb 2-1: USB disconnect, device number 62
[  886.248823][T19054] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  886.254040][   T19] usblp0: removed
[  886.261617][T19054] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  886.272865][T19054] bridge0: port 1(bridge_slave_0) entered blocking state
[  886.279804][T19054] bridge0: port 1(bridge_slave_0) entered forwarding state
[  886.291579][ T6870] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  886.299958][ T6870] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  886.308079][ T6870] bridge0: port 2(bridge_slave_1) entered blocking state
[  886.314935][ T6870] bridge0: port 2(bridge_slave_1) entered forwarding state
[  886.328782][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  886.337062][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  886.345430][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  886.353373][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  886.361187][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  886.369473][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  886.381461][ T6870] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  886.389201][ T6870] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  886.397138][ T6870] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  886.404633][ T6870] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  886.412914][ T4036] device veth0_vlan entered promiscuous mode
[  886.427661][ T4036] device veth1_macvtap entered promiscuous mode
[  886.431026][ T4053] loop2: detected capacity change from 0 to 512
[  886.434344][T19054] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  886.448376][T19054] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  886.457492][ T4053] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  886.466834][ T4053] ext4 filesystem being mounted at /root/syzkaller-testdir2383734075/syzkaller.4qznxc/176/bus supports timestamps until 2038 (0x7fffffff)
[  886.481075][T19054] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  886.523230][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  886.531615][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  886.541382][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  886.549598][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  886.654121][    T8] device bridge_slave_1 left promiscuous mode
[  886.660780][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  886.671469][    T8] device bridge_slave_0 left promiscuous mode
[  886.677726][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  886.941216][ T4068] bridge0: port 1(bridge_slave_0) entered blocking state
[  886.948157][ T4068] bridge0: port 1(bridge_slave_0) entered disabled state
[  886.955824][ T4068] device bridge_slave_0 entered promiscuous mode
[  886.961297][   T24] usb 3-1: new high-speed USB device number 76 using dummy_hcd
[  886.962989][ T4068] bridge0: port 2(bridge_slave_1) entered blocking state
[  886.976509][ T4068] bridge0: port 2(bridge_slave_1) entered disabled state
[  886.983834][ T4068] device bridge_slave_1 entered promiscuous mode
[  887.164611][ T4068] bridge0: port 2(bridge_slave_1) entered blocking state
[  887.171488][ T4068] bridge0: port 2(bridge_slave_1) entered forwarding state
[  887.178570][ T4068] bridge0: port 1(bridge_slave_0) entered blocking state
[  887.185374][ T4068] bridge0: port 1(bridge_slave_0) entered forwarding state
[  887.201461][T19054] bridge0: port 1(bridge_slave_0) entered disabled state
[  887.209178][T19054] bridge0: port 2(bridge_slave_1) entered disabled state
[  887.237166][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  887.245764][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  887.262465][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  887.270623][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  887.278915][   T19] bridge0: port 1(bridge_slave_0) entered blocking state
[  887.285779][   T19] bridge0: port 1(bridge_slave_0) entered forwarding state
[  887.294760][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  887.303070][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  887.311506][   T19] bridge0: port 2(bridge_slave_1) entered blocking state
[  887.318343][   T19] bridge0: port 2(bridge_slave_1) entered forwarding state
[  887.325692][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  887.333657][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  887.355124][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  887.364180][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  887.372294][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  887.381330][   T24] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  887.387773][ T1078] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  887.407753][   T24] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  887.426697][ T4068] device veth0_vlan entered promiscuous mode
[  887.434424][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  887.443529][   T24] usb 3-1: config 0 descriptor??
[  887.452130][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  887.459924][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  887.471723][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  887.478905][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  887.486157][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  887.494419][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  887.501736][   T24] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  887.503976][ T4068] device veth1_macvtap entered promiscuous mode
[  887.519792][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  887.527346][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  887.535410][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  887.545450][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  887.554248][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  887.723682][ T4060] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  887.732550][ T4060] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  887.772797][    T8] device bridge_slave_1 left promiscuous mode
[  887.779868][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  887.787743][    T8] device bridge_slave_0 left promiscuous mode
[  887.793968][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  887.803939][    T8] device veth1_macvtap left promiscuous mode
[  887.815997][    T8] device veth0_vlan left promiscuous mode
[  887.826856][ T4096] loop1: detected capacity change from 0 to 40427
[  887.851606][ T4096] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  887.859391][ T4096] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  887.880113][ T4096] F2FS-fs (loop1): Found nat_bits in checkpoint
[  887.921864][ T4096] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  887.928784][ T4096] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  888.297858][ T4120] geneve1: tun_chr_ioctl cmd 1074025681
[  888.423152][ T4670] kernel write not supported for file bpf-prog (pid: 4670 comm: kworker/0:6)
[  888.561331][ T1078] usb 4-1: new high-speed USB device number 93 using dummy_hcd
[  888.592785][ T4135] netlink: 'syz-executor.4': attribute type 27 has an invalid length.
[  888.611411][ T4135] bridge0: port 2(bridge_slave_1) entered disabled state
[  888.619079][ T4135] bridge0: port 1(bridge_slave_0) entered disabled state
[  888.921392][ T1078] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  888.932444][ T1078] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  888.943436][ T1078] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  888.956140][ T1078] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  888.964934][ T1078] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  888.973156][ T1078] usb 4-1: config 0 descriptor??
[  888.991391][ T4122] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  889.048139][ T2732] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  889.048161][ T2732] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  889.055661][ T2732] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  889.063084][ T2732] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  889.070455][ T2732] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  889.077978][ T2732] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  889.085625][ T2732] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  889.225223][ T4149] geneve1: tun_chr_ioctl cmd 1074025681
[  889.454327][ T1078] plantronics 0003:047F:FFFF.00A0: unknown main item tag 0xd
[  889.456843][ T2419] EXT4-fs (loop2): unmounting filesystem.
[  889.462782][ T1078] plantronics 0003:047F:FFFF.00A0: No inputs registered, leaving
[  889.475354][ T1078] plantronics 0003:047F:FFFF.00A0: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  889.488442][ T1078] usb 3-1: USB disconnect, device number 76
[  889.616199][ T4161] loop2: detected capacity change from 0 to 256
[  889.633055][ T4161] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  889.650909][ T4163] netlink: 312 bytes leftover after parsing attributes in process `syz-executor.0'.
[  889.682361][ T4165] netlink: 'syz-executor.0': attribute type 27 has an invalid length.
[  889.757613][ T1078] usb 4-1: USB disconnect, device number 93
[  889.840143][ T4165] bridge0: port 2(bridge_slave_1) entered disabled state
[  889.847174][ T4165] bridge0: port 1(bridge_slave_0) entered disabled state
[  890.454068][ T4198] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  890.769816][ T4217] syz-executor.2[4217] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  890.770118][ T4217] syz-executor.2[4217] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  890.991277][ T4167] usb 4-1: new high-speed USB device number 94 using dummy_hcd
[  891.229716][ T4230] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  891.338718][ T4237] syz-executor.0[4237] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  891.338765][ T4237] syz-executor.0[4237] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  891.391516][ T4167] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  891.414006][ T4167] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  891.425291][ T4167] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  891.438051][ T4167] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  891.447006][ T4167] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  891.470673][ T4167] usb 4-1: config 0 descriptor??
[  891.491353][ T4215] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  891.740109][ T4262] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  892.259945][ T4275] syz-executor.4[4275] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  892.261105][ T4275] syz-executor.4[4275] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  892.283214][ T4271] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.2'.
[  892.427549][ T4167] plantronics 0003:047F:FFFF.00A1: unknown main item tag 0xd
[  892.489408][ T4167] plantronics 0003:047F:FFFF.00A1: No inputs registered, leaving
[  892.527453][ T4167] plantronics 0003:047F:FFFF.00A1: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  892.558983][ T4287] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  892.684788][ T4303] loop2: detected capacity change from 0 to 512
[  892.692071][ T4303] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  892.692106][ T4167] usb 4-1: USB disconnect, device number 94
[  892.707787][ T4303] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002]
[  892.715660][ T4303] System zones: 1-12
[  892.719941][ T4303] EXT4-fs (loop2): orphan cleanup on readonly fs
[  892.726204][ T4303] EXT4-fs error (device loop2): ext4_read_inode_bitmap:168: comm syz-executor.2: Inode bitmap for bg 0 marked uninitialized
[  892.727761][ T4306] loop0: detected capacity change from 0 to 512
[  892.739332][ T4303] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  892.754354][ T4306] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  892.762584][ T4303] EXT4-fs (loop2): ext4_remount: Checksum for group 0 failed (3832!=33349)
[  892.763239][ T4306] EXT4-fs (loop0): orphan cleanup on readonly fs
[  892.777640][ T4306] EXT4-fs warning (device loop0): ext4_enable_quotas:6987: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  892.792668][ T2419] EXT4-fs (loop2): unmounting filesystem.
[  892.811636][ T4306] EXT4-fs (loop0): Cannot turn on quotas: error -22
[  892.818848][ T4306] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #13: comm syz-executor.0: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  892.842464][ T4306] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz-executor.0: couldn't read orphan inode 13 (err -117)
[  892.855388][ T4306] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  892.879033][ T4306] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  892.896170][ T4306] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  892.927407][ T4306] EXT4-fs warning (device loop0): ext4_enable_quotas:6987: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  892.958274][ T4317] loop4: detected capacity change from 0 to 40427
[  892.971752][ T4325] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  892.981375][ T4325] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  892.984168][ T4317] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  892.991787][ T4325] EXT4-fs warning (device loop0): ext4_enable_quotas:6987: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  893.005019][ T4317] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  893.020884][ T4317] F2FS-fs (loop4): invalid crc value
[  893.027319][ T4317] F2FS-fs (loop4): Found nat_bits in checkpoint
[  893.053200][ T3502] EXT4-fs (loop0): unmounting filesystem.
[  893.073926][ T4317] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  893.080878][ T4317] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  893.088805][ T4338] loop0: detected capacity change from 0 to 512
[  893.095765][ T4338] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  893.106017][ T4338] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002]
[  893.113838][ T4338] System zones: 1-12
[  893.118002][ T4338] EXT4-fs (loop0): orphan cleanup on readonly fs
[  893.124298][ T4338] EXT4-fs error (device loop0): ext4_read_inode_bitmap:168: comm syz-executor.0: Inode bitmap for bg 0 marked uninitialized
[  893.137517][ T4338] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  893.147945][ T4338] EXT4-fs (loop0): ext4_remount: Checksum for group 0 failed (3832!=33349)
[  893.161434][ T3502] EXT4-fs (loop0): unmounting filesystem.
[  893.185774][ T3446] syz-executor.4: attempt to access beyond end of device
[  893.185774][ T3446] loop4: rw=2051, sector=49152, nr_sectors = 4096 limit=40427
[  893.200039][ T3446] syz-executor.4: attempt to access beyond end of device
[  893.200039][ T3446] loop4: rw=2051, sector=57344, nr_sectors = 20480 limit=40427
[  893.214312][ T3446] syz-executor.4: attempt to access beyond end of device
[  893.214312][ T3446] loop4: rw=2051, sector=81920, nr_sectors = 4096 limit=40427
[  893.229296][ T3446] F2FS-fs (loop4): Issue discard(6144, 6144, 512) failed, ret: -5
[  893.229336][ T3446] F2FS-fs (loop4): Issue discard(7168, 7168, 2560) failed, ret: -5
[  893.237366][ T3446] F2FS-fs (loop4): Issue discard(10240, 10240, 512) failed, ret: -5
[  893.246442][ T4345] device pim6reg1 entered promiscuous mode
[  893.322960][ T4350] loop4: detected capacity change from 0 to 512
[  893.330063][ T4350] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  893.343107][ T4350] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  893.351944][ T4350] ext4 filesystem being mounted at /root/syzkaller-testdir2798276106/syzkaller.KIYQII/47/file1 supports timestamps until 2038 (0x7fffffff)
[  893.410804][ T4357] loop1: detected capacity change from 0 to 512
[  893.422979][ T4357] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  893.427257][ T4361] device ip6_vti0 entered promiscuous mode
[  893.431807][ T4357] ext4 filesystem being mounted at /root/syzkaller-testdir813468556/syzkaller.8Tdg5Z/120/control supports timestamps until 2038 (0x7fffffff)
[  893.437459][ T4361] device vlan2 entered promiscuous mode
[  893.457467][ T4361] device ip6_vti0 left promiscuous mode
[  893.460028][ T4357] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 3: comm syz-executor.1: path /root/syzkaller-testdir813468556/syzkaller.8Tdg5Z/120/control: bad entry in directory: directory entry overrun - offset=0, inode=2, rec_len=2060, size=2048 fake=1
[  893.515268][ T4357] EXT4-fs error (device loop1): ext4_map_blocks:607: inode #2: block 18: comm syz-executor.1: lblock 23 mapped to illegal pblock 18 (length 1)
[  893.705997][ T2732] EXT4-fs (loop1): unmounting filesystem.
[  893.715420][ T4368] incfs: Can't find or create .index dir in ./file0
[  893.721971][ T4368] incfs: mount failed -14
[  893.729662][ T4368] overlayfs: statfs failed on './file0'
[  893.746090][ T4372] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  893.757714][ T4372] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  893.765958][ T4372] CPU: 1 PID: 4372 Comm: syz-executor.1 Tainted: G        W          6.1.78-syzkaller-00008-g4c45e2f34089 #0
[  893.777327][ T4372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  893.787220][ T4372] RIP: 0010:dev_map_generic_redirect+0x90/0x7d0
[  893.793301][ T4372] Code: f1 f1 00 f2 f2 f2 4b 89 04 26 43 c7 44 26 0f f3 f3 f3 f3 43 c6 44 26 13 f3 e8 ac 07 de ff 48 89 d8 48 c1 e8 03 48 89 44 24 48 <42> 80 3c 20 00 74 08 48 89 df e8 f1 04 25 00 48 89 5c 24 18 4c 8b
[  893.812744][ T4372] RSP: 0018:ffffc900019876c0 EFLAGS: 00010246
[  893.818641][ T4372] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000040000
[  893.826451][ T4372] RDX: ffffc90001ff9000 RSI: 000000000000041a RDI: 000000000000041b
[  893.834260][ T4372] RBP: ffffc90001987818 R08: 0000000000000005 R09: ffffffff8411e7b3
[  893.842073][ T4372] R10: 0000000000000004 R11: ffff88812f151440 R12: dffffc0000000000
[  893.849889][ T4372] R13: ffff888132070a00 R14: 1ffff92000330ee4 R15: 0000000000000000
[  893.857861][ T4372] FS:  00007f72a17196c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  893.866550][ T4372] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  893.873063][ T4372] CR2: 0000000020010000 CR3: 000000011dabd000 CR4: 00000000003506a0
[  893.880884][ T4372] Call Trace:
[  893.884000][ T4372]  <TASK>
[  893.886778][ T4372]  ? __die_body+0x62/0xb0
[  893.890953][ T4372]  ? die_addr+0x9f/0xd0
[  893.894936][ T4372]  ? exc_general_protection+0x317/0x4c0
[  893.900321][ T4372]  ? asm_exc_general_protection+0x27/0x30
[  893.905917][ T4372]  ? xdp_do_generic_redirect+0x303/0xad0
[  893.911340][ T4372]  ? dev_map_generic_redirect+0x90/0x7d0
[  893.916808][ T4372]  ? __free_pages_core+0x180/0x180
[  893.921754][ T4372]  ? __this_cpu_preempt_check+0x13/0x20
[  893.927133][ T4372]  ? bq_enqueue+0x3e0/0x3e0
[  893.931478][ T4372]  ? bpf_prog_run_generic_xdp+0x9aa/0x1110
[  893.937234][ T4372]  xdp_do_generic_redirect+0x411/0xad0
[  893.942514][ T4372]  do_xdp_generic+0x53e/0x800
[  893.947027][ T4372]  ? generic_xdp_tx+0x560/0x560
[  893.951712][ T4372]  ? tun_get_user+0x2340/0x3a90
[  893.956399][ T4372]  tun_get_user+0x238a/0x3a90
[  893.960913][ T4372]  ? cpu_curr_snapshot+0x90/0x90
[  893.965686][ T4372]  ? tun_do_read+0x1ee0/0x1ee0
[  893.970284][ T4372]  ? ref_tracker_alloc+0x31d/0x450
[  893.975230][ T4372]  ? ref_tracker_dir_print+0x160/0x160
[  893.980527][ T4372]  ? avc_policy_seqno+0x1b/0x70
[  893.985218][ T4372]  ? tun_get+0xe9/0x120
[  893.989209][ T4372]  tun_chr_write_iter+0x129/0x210
[  893.994066][ T4372]  vfs_write+0x902/0xeb0
[  893.998234][ T4372]  ? __x64_sys_prctl+0xd0/0xd0
[  894.002836][ T4372]  ? file_end_write+0x1c0/0x1c0
[  894.007519][ T4372]  ? __fget_files+0x2cb/0x330
[  894.012040][ T4372]  ? __fdget_pos+0x204/0x390
[  894.016464][ T4372]  ? ksys_write+0x77/0x2c0
[  894.020802][ T4372]  ksys_write+0x199/0x2c0
[  894.024968][ T4372]  ? __x64_sys_futex+0x100/0x100
[  894.029739][ T4372]  ? __ia32_sys_read+0x90/0x90
[  894.034337][ T4372]  ? fpregs_restore_userregs+0x130/0x290
[  894.039808][ T4372]  __x64_sys_write+0x7b/0x90
[  894.044233][ T4372]  do_syscall_64+0x3d/0xb0
[  894.048483][ T4372]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  894.054647][ T4372] RIP: 0033:0x7f72a0a7bbef
[  894.058900][ T4372] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 b9 80 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 0c 81 02 00 48
[  894.078429][ T4372] RSP: 002b:00007f72a1719090 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  894.086688][ T4372] RAX: ffffffffffffffda RBX: 00007f72a0bb3f80 RCX: 00007f72a0a7bbef
[  894.094490][ T4372] RDX: 000000000000fdef RSI: 0000000020000780 RDI: 00000000000000c8
[  894.102299][ T4372] RBP: 00007f72a0aebff4 R08: 0000000000000000 R09: 0000000000000000
[  894.110107][ T4372] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[  894.117925][ T4372] R13: 000000000000000b R14: 00007f72a0bb3f80 R15: 00007ffeda8a0ee8
[  894.125835][ T4372]  </TASK>
[  894.128682][ T4372] Modules linked in:
[  894.132518][ T4372] ---[ end trace 0000000000000000 ]---
[  894.137717][ T4372] RIP: 0010:dev_map_generic_redirect+0x90/0x7d0
[  894.143816][ T4372] Code: f1 f1 00 f2 f2 f2 4b 89 04 26 43 c7 44 26 0f f3 f3 f3 f3 43 c6 44 26 13 f3 e8 ac 07 de ff 48 89 d8 48 c1 e8 03 48 89 44 24 48 <42> 80 3c 20 00 74 08 48 89 df e8 f1 04 25 00 48 89 5c 24 18 4c 8b
[  894.163336][ T4372] RSP: 0018:ffffc900019876c0 EFLAGS: 00010246
[  894.169223][ T4372] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000040000
[  894.177068][ T4372] RDX: ffffc90001ff9000 RSI: 000000000000041a RDI: 000000000000041b
[  894.184879][ T4372] RBP: ffffc90001987818 R08: 0000000000000005 R09: ffffffff8411e7b3
[  894.192794][ T4372] R10: 0000000000000004 R11: ffff88812f151440 R12: dffffc0000000000
[  894.200724][ T4372] R13: ffff888132070a00 R14: 1ffff92000330ee4 R15: 0000000000000000
[  894.208550][ T4372] FS:  00007f72a17196c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  894.217426][ T4372] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  894.224007][ T4372] CR2: 0000000020010000 CR3: 000000011dabd000 CR4: 00000000003526a0
[  894.231821][ T4372] Kernel panic - not syncing: Fatal exception in interrupt
[  894.239107][ T4372] Kernel Offset: disabled
[  894.243229][ T4372] Rebooting in 86400 seconds..