last executing test programs:

30.437663572s ago: executing program 3 (id=411):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r2, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x34000}], 0x1)

30.340923411s ago: executing program 3 (id=413):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="18010000000000200000000000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0b00000007000000d7c900000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000f5ff000000000000000000000000000087ac90e3aeabab2a1d564ccbc19e9b3843d7d85aeafb40e78b0ba06c73f4c5bf49f1b4c1bc9c2e1b15aa"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000005000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r4, &(0x7f0000000600)="51ebd7a6098d8070dc68c56a093ea500d748104e0b4cc6c96ec7f8e35cf4f52d310cd62a63ace9d792b93178362c6514a0b7d636d6c539e7d2ce61f0527fe8bdc2f51053dc0e1734353c091c17c3a6817c", 0x51)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000040)='./bus\x00', 0x2008410, &(0x7f0000005f80)=ANY=[], 0x1, 0x5551, &(0x7f0000000a00)="$eJzs3EtvG1UUAOA7TpPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKKhJ48R9fJ80PjPX12fusUaRzkzkADy15tPff03CxXAmhDATQjifhHw/KbbcSgwvhBAuhRBK/9iSYvzvgbkQwtkQwsVR8pgzKd768srw8vIvb/323Q+nT5376tsfp1c1MG0vhhC6m3F/pxtj1orxTjFeG7bz2L0+LGJ8o3u3OM5i3Gmu5xl2auN5tTxea8X52eZ2fxQ3OrX6KLbaG/n4Zi+esD9sjfPkH7hT28qPG831PLb7WR5be3Fdu3vxb9tefxDzNIp8H+fpw2AwjnG8uduM9WzezWO9NyjGY96s0dwdxWERi9OFetZp5OtYP8o3/Wh7u93b3k2Hza1+O+uly5XqS5XqjXJ1K2s0B83r5Vq3ceN6utDqjKaVB81ad6WVZa1Os1LPuovpQqteL1er6cLN5nq71kur1cq1ytXy8mKxdyV9/fb7aaeRLoziq+3e9ly70083sq00fmIxXapce3kxvVxN311dS9feuXVrde29D29+cPuV1TdfKybdt6x0Yenq0lK5erW8VF18cI1zx13/6AQHrH9wlPo/KxZ9iPqTQ10NcEguMIBDu6//D/p/4OFdPOC8x73/D5Ps/0ctlf7/wf1v6ej9/5H634fs/ydW/wTufzxq9cOR6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5aP81+/Ua+Mx+PzxXjF4qh54rjJIRQCiH8+R9mwty+nDNFntn/mT/7rzV8n4Q8w+gcp4vtbAhhpdj+ePa4vwUAAAB4cn3zyaUvYrceX+anvSBOUrxpUzr/0YTyJSGE2fmfJ5StNHp5fkLJ8uv7VNidULb8BtYzE0oWb7mdmlS2A5kZh08v3BvMC0piKJ3ocgAAgBMxsy+cbBcCAADASfp82gtgOpIwfpQ5fhac/+f9vUebZ/a9BwAAADyGkmkvAAAAADh2ef/v9/8AAADgyRZ//w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiLnfu5TRyI4gD8bDCw/7RotfdtZW9QRkrIMcdAAWmCEkgLaYAayC0lRBBhj5AcgRSJcayg75M8ztjRb2aAyxtLBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC49V+v54/2/h0tzdvvL5FkNAAAAcMq2Ws/rP6ZN/0e6/itd+pP6RUSUEXGqdh/EqJU5SDnVmf+v3s3hKaJOOIwxTsf3iPifjtffXX8KAAAAcL02y9WsqdabZtr3hPhMzaZN+fMmU14REdX0JVNaeWj+Zgqrf9/DuMuUVm9gTTKFNVtuw9P3RrkGaRu0Tmklk0X9Jda9sptxAQCAPrUrgTNVCAAAAFfgtu8J0I/i2ByfM46bU3og+K3VAwAAAL6gou8JAAAAAJ2r63/v/wMAAIDr1rz/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/V8s1zNzt1ffDBnt79MvhUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAG/vzjgIhEAZhsHd9ZzL3P6w0aGhsUgXCx98YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7M9LCoRAEETBnPG/k77/YSVBzyBCBDQ8qqhFAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABf9Ltf/k9MjTPJ3Glj6XgkWbtqbF019h40jh6Mt38DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7NzPaxxVHADw787sbH9oMUbJISoVPOjFJtva2qMelODBP0EI6aZGt1bbHmwJSi56kpwLKnoUEZR46//QcwO91FsPOUTwrMzsTDpto11KnNkmnw+8ed/ZDO993+wS8s2bBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMrW2/FiUsZpfpgaxdVrt7ZXl/J+84E+d2P99mze8rjzqIm+fmvvk59sL9VPjs/UTr5sPhkAAAAOhrSq7yPiTraxkPfJVFH/Z9U1ec3/w7FRXNXzD9b9m9urh8svzVb1/++/3X1+Z6Kp0Tz5oMsrw8H8w6l0/6clTrxnHnlFt7jzxe9e0uINSd5be24rK+5n55ubN9/pFeGhJrIFAB7Hiaovg+rnobzvt5kYAAdGt1Z4V/V/OtVuTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABN2FqLp6q4ExGz3XtxbnN7dWm3/sb67dmqnbl+fb0+Zj5EFhHLK8NB1uBaJt3lq9c+XhwOB5eaD45HRHuzl8EHY1wT8d/XlB/PaG8V/x50JiONVoOkfH8mJZ+9DKrP3t6P3NI3JAAA9qH0WJT1eFbW9XeyjYX8tc50xN8/3l//v1qLY8z6/+6HZ27VZ6zX//2mljnxvv0u4sKnc5evXnt95cLi+cH5wSdvnOy/2T919vTps3P5vZqfW45kMN92ogAAADzBemWr1//J9MP7/0drcYxZ/3/2ff+L+lyp+n9X9zb92s4EAADgIOrtRM++/NefnV2u6PR68fnilSuX+qPjzvnJ0bHRdB/TobLV6/90uu2sAAAAgCZsrXXu2/8/V4tjzP3/p3964Zf6mGlEHIm4GBGDE0sXh+eaW85Ea+IPlYuJem2vFAAAgLYcKdto/79b7P9nxfP/yc4jD0lEvPbKKK7+19U49X/67lc/1+eqP/9/qrklTqRkZnQ/in4mojvTdkYAAADsZ4fLlhf7f2QbCx/9evT9nuf/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJr2TwAAAP//Ngk2Dg==")
socket$inet6(0xa, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000400)='./file0\x00', 0x21081e, &(0x7f0000000240)={[{@init_itable}, {@norecovery}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x4}}]}, 0x1, 0x51d, &(0x7f0000000a40)="$eJzs3cFvI1cZAPBvvOvEm02btPQACNrQFha0WifxtlHVAxQuCKFKiN4AaRsSbxTFjqPYKU2o1PTMFYlKnODIH8C5J+5cENy4lANSgQi0QeIwaMaT1JvaTbqbxFb8+0mjmTdvMt/3Ys1765e1XwBjay4i9iNiIiLejIiZ4nxSbPFad8uue3CQdCv30/SNfyZ5/YODd1ai52cyN4t7ViLih9+N+Gnyybjt3b2N5Uajvl2U5zvNrfn27t6d9ebyWn2tvlmrLS0uLbxy9+XaubX1ueZEcfTlD/+4/42fZ2lNF2d623Geuk0vH8fJXI+I719EsCG4VrRnYtiJ8EhKEfF0RDyfP/8zcS1/NQGAqyxNZyKd6S0DAFddKZ8DS0rVYi5gOkqlarU7h/dMTJUarXbn9v3WzuZqd65sNsql++uN+kIxVzgb5SQrL+bHH5drJ8p3I+KpiPjl5I28XF1pNVaH+Q8fABhjN0+M//+Z7I7/AMAVVxl2AgDApTP+A8D4Mf4DwPgx/gPA+OmO/zeGnQYAcIm8/weA8WP8B4Cx8oPXX8+29LD4/uvVt3Z3Nlpv3Vmttzfmmjsr1ZXW9lZ1rdVay7+zp3na/Rqt1tbiS7Hz9uw3t9qd+fbu3r1ma2ezcy//Xu979XJ+1f4ltAwAGOSp5z74S5KNyK/eyLfoWcuhPNTMgItWGnYCwNBcG3YCwNBY7QvG12d8j588+o8Co6rPEr0PqfT7gFCapunFpQRcsFtfMP8P46pn/t//AoYxY/4fxpf5fxhfaZqcdc3/OOuFAMBoM8cPDPj7/9PF/nfFHwd+snryivcvMisAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYbUfr/1aLtcCno1SqViOeiIjZKCf31xv1hYh4MiL+PFmezMqLQ84ZAHhcpb8nxfpft2ZenH6o6tmbx4cTEfGzX7/xq7eXO53tP0VMJP+aPDrfeb84X7v87AGA0x2N0/m+5438g4N3Vo62y8zno29HRKUb//BgIg6P41+P6/m+EuWImPp3UpS7kp65i8ex/15EfL5f+5OYzudAuiufnoyfxX7iUuOXHopfyuu6++x38blzyAXGzQdZ//Nav+evFHP5vv/zX8l7qMdX9H/ZrVYO8z7w4/hH/d+1Af3f3HHpxqfHeOkP3xt03UfvRXzxesRR7MOe/ucofjIg/otnbONfv/Ts84Pq0t9E3Ir+8XtjzXeaW/Pt3b07683ltfpafbNWW1pcWnjl7su1+XyOen7waPCPV28/GfFu37qs/VMD4ldOaf9Xz9j+3/7vzR9/ZUBdFv/rL/SLX4pnPiV+NiZ+7Yzxl6d+XxlUl8VfHdD+017/22eM/+Hf9j6xbDgAMDzt3b2N5Uajvj3kg+9MR4xAGp/x4EfFb3FU8smnA0Yon/NvYESMQBp9D751fjdM0/TdwddMDHhSfvFC99U/UZWmj5TGoB7jPGbdgFFw/NBHxH+HnQwAAAAAAAAAAAAAANDXZXw6athtBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Or6fwAAAP//TdrGQA==")
r5 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r5, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000200)=<r6=>0x0)
syz_open_dev$loop(0x0, 0x0, 0x22400)
io_submit(r6, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x0, 0x1, 0x0, r5, 0x0}])
fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000380)={[{@test_dummy_encryption}, {@i_version}, {@stripe={'stripe', 0x3d, 0x7}}, {@commit={'commit', 0x3d, 0x5}}, {@test_dummy_encryption}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@max_batch_time}, {@grpid}]}, 0xd, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

28.969350639s ago: executing program 3 (id=422):
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000240)='./file0\x00', 0x18000, &(0x7f0000002f40)=ANY=[@ANYRES8=0x0, @ANYRES16, @ANYRES16=0x0, @ANYRESDEC, @ANYRES32, @ANYRES32], 0x1, 0x2ee, &(0x7f00000006c0)="$eJzs3M9PE1sUwPHTH5S2BMri5b28l7xwoxvdTKC6VhoDibGJBKnxR2IywFSbji2ZaTA1RnTl1vhHuCAs2ZEo/wAbd7px446NiQtZGMd0OkNpGUBKaRG+n4TMYe49nXtnBnLuhGHzzuvHxbyt5fWKhONKQiIiWyLDEhZfyNuG3TgmO72QiwPfPv5/6+69G5lsdmJaqcnMzKW0Umpo5N2TZwmv21q/bAw/2Pya/rLx98a/mz9nHhVsVbBVqVxRupotf67os6ah5gt2UVNqyjR021CFkm1Y9fZyvT1vlhcWqkovzQ8mFyzDtpVeqqqiUVWVsqpYVRV5qBdKStM0NZgUHCS3PD2tZ9pMnuvwYHBMLCujR0Qksaslt9yTAQEAgJ5qrf/DojpZ/6+cW68M3F4d8ur/tVhQ/X/5U/2zmur/uIgE1v/+8QPrf/1w9f/uiuhsOVL9j5NhJLZrV6gR1hqtjJ70fn5dL++vjLoB9T8AAAAAAAAAAAAAAAAAAAAAAH+CLcdJOY6T8rf+V7+IxEXE/z4gNSIiV3swZHTQEa4/ToHGi3vRIRHz1WJuMVffeh3WRcQUQ0YlJT/c+8FTi/03j1TNsLw3l7z8pcVcxG3J5KXg5o9Jqk9a8x1n8np2YkzVNef3SXJnflpS8ldwfjowPyYXzu/I1yQlH+akLKbMu+No5D8fU+razWxLfsLtBwAAAADAaaCpbYHrd03bq72ev72+bn0+EGmsr0cD1+dR+S/a27kDAAAAAHBW2NWnRd00DWufICEH92k/iB7TJ/sz/N0s/28Zjm+m+wT+wZua4t7Ojp+W0CFOyx5BWNrJGqnNRh11Fv5jo736yNR4965g0zD+efP2e+cOcWU1fsBM2w8i+98AfV37BQQAAACgaxpFv79nvLcDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAADgDOrGv0nr9RwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk+JXAAAA//+qDgR1")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = dup(r4)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0xffffffffffffffff, 0xfffffff9, 0x10}, 0xc)
r7 = inotify_add_watch(r2, &(0x7f0000000340)='./file0\x00', 0x0)
inotify_rm_watch(r2, r7)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0xa, 0x0, 0x0)
sendmsg$TIPC_NL_MON_SET(r2, &(0x7f00000005c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f0000000480)={0x120, 0x0, 0x400, 0x70bd2c, 0x25dfdbfb, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}]}, @TIPC_NLA_SOCK={0x40, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0xf7c8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xcc3755d}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xf}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_PUBL={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x9}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x5}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x5da}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xe}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x40}]}, @TIPC_NLA_MEDIA={0x70, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x109}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7443}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xb6e}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xea}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xff}]}]}, @TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0xa6e}]}]}, 0x120}, 0x1, 0x0, 0x0, 0x20000801}, 0x14)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000380)={0x8000000, 0x18000})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock2(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0)

28.411688718s ago: executing program 3 (id=428):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r2, 0x0)
connect$unix(r1, &(0x7f0000000640)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f0000000a40), 0x26, 0x75e, &(0x7f0000001280)="$eJzs3M1rHPUbAPBnJtmkL/n9NoLgy0GEFloonSTNpT01XrwVCgWvNSSTEDLJhuymdmPB1rNQm4uCIOrZo1eh1D/AmxQUvAuiNR7Ey8psXkpjNt02TVbazwcm+3xnZ+Z5nuzwzQ5kJoAX1pvljyRiKCIuR0R1c30aEQPt6EjEzY3t1h/cmCqXJFqtK78l5W6x3qpuHyvZfD0e7V3i1Yi4V4k48+G/89abq/OTRZEvb45HGgtLI/Xm6tm5hcnZfDZfHBu/MHp+fPz86Phje3ily15PvnPh6J3v315b++Gbxu03+s8mMdHuOzZ76/IwT2Tjd1KJiR3rFw8iWQ8lvS4AAICulN/z+yKiv/0ttRp97QgAAAB4nrQGWwAAAMBzL4leVwAAAAAcrK3/A9i6t/eg7oPt5Ne3ImJ4t/z97XuII45EJSKOrSeP3JmQbOwG+3LzVkTcndh5/n1VnmE393ns0R3jR++RHtjn0XkW7pbzz8Ru80+6Pf/ELvNP/9azE/ap8/z3MH9fh/nvcpc5vv38tUrH/LciXu/fLX+ynT/pkP/dLvPfXvvoTjvYpYrWlxGndv37kzySa4/nQ0zMzBV7Pn7g3t+n7+/V/7FO+ZO9+1/qsv/31/+Y7zSXlPlPn9j7898tf3lOfLxZRxoRdzZfy/HajhwnFn78bq/+pyNaT/P5f9Fl/z9/PXi9y00BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgLY2IoUjSbDtO0yyLOB4RL8extKjVG2dmaiuL0+V7EcNRSWfminw0Iqob46Qcj7Xjh+NzO8bjEfHST0c3ks4VeTZVK6Z73TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbjkfEUCRpFhFpRPxZTdMsi+jvYt/BQ6gPAAAAeEaGe10AAAAAcOC6uP4fOIw6AAAAgINTXv/3PcV+yQHUAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy3Ll+6VC6t9Qc3psrx9LXmynzt2tnpvD6fLaxMZVO15aVstlabLfJsqrbwuOMVtdrS2IVYuT7SyOuNkXpz9epCbWWxcXVuYXI2v5pXDqUrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAntRQe0nSLCLSdpymWRbxv4gYjkoyM1fkoxHx/4i4X60MluOxXhcNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAM1dvrs5PFkW+LBAIDi34ICL+A2XsEfR6ZgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoBfqzdX5yaLIl+u9rgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDeSn9JIqJcTlVPDu18dyD5q9p+jYj3PrvyyfXJRmN5rFz/+/b6xqeb68/1on4AAAB4IVx8ko23rtO3ruMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC6VW+uzk8WRb68v+BiNFdbSYdtet0jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwdP4JAAD//2T7x0Y=")
chdir(&(0x7f0000000240)='./file0\x00')
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x147040, 0x0)
truncate(&(0x7f0000000100)='./file0\x00', 0xfffe)
ioctl$FS_IOC_ENABLE_VERITY(r3, 0x40806685, &(0x7f0000000a80)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})
dup(0xffffffffffffffff)
socket$inet(0x2, 0x2, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x9}, 0x1c)
listen(r4, 0x3)
setsockopt$inet6_int(r4, 0x29, 0xb, &(0x7f0000000100)=0x400, 0x4)
syz_emit_ethernet(0x4a, &(0x7f00000002c0)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, @local, {[], {{0x1, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x5, 0x10, 0x79}}}}}}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000740)={&(0x7f0000000200), 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$unix(r2, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0)
getpid()
getpeername$packet(0xffffffffffffffff, &(0x7f00000001c0), 0x0)

28.003870707s ago: executing program 3 (id=432):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x800010, &(0x7f0000000140)={[{@norecovery}]}, 0xae, 0x469, &(0x7f0000000ac0)="$eJzs3E1sVEUcAPD/e/3i01bEDxC0ikbiR0vLhxy8aDTxoImJHjCealsIUqihNRFCFD3g0ZB4Nx5NvJt40otRD8bEq94NCTFcQE9rZve9sl12S8tuWXB/v+RtZ96bZua/86Y7O7PbAHrWaHrIIrZExB8RMVzLLi8wWvtx7cq56X+unJvOolJ58++sWu7qlXPTZdHy9zbXMpVKxFBKDjWp98I7EVNzc7Oni/z44sn3xxfOnH3u+MmpY7PHZk9NHj58YP/uwUOTB9uKLy9+priu7vxofteOV9+++Pr0kYvv/vxNau+W4np9HLckRdtgtPbsNno0PTzZVmV3lF/Tw9a6E1l/68Jjt6FBrF5fRKTuGqiO/+Hoi41L14bjlU+72jhgXVUqlUqz1+fC+QrwP5ZFt1sAdEf5Qp/e/5bHbZp63BEuv1h7A5TivlYctSv9S2sHAw3vbztpNCKOnP/3y3REJ9YhAABu4vs0/3m22fwvjwfqyt1T7KGMRMS9EbEtIu6LiO0RcX9EteyDEfHQGutv3CG5cf6TX7qlwFYpzf9eKPa2ls//ytlfjPQVua3V+Aeyo8fnZvcVz8neGBhK+YkV6vjh5d8/L9MbGq7Vz//Skeov54JFOy71NyzQzUwtTrUbd+nyJxE7+5vFn0W5jZNFxI6I2HmLdRx/+utdra7dPP4VrLDPtFqVryKeqvX/+VgW//WuylruT048f2jy4PiGmJvdN17eFTf65bcLb7Sqv634OyD1/6am9//SLvBItiFi4czZE9X92oW113Hhz8/qxvSy3eUUf/5txJrv/8HsrWp6sDj34dTi4umJiMHstRvPT17/3TJflk/x793TfPxvq2vxwxGRbuLdEfFIsYmb+u6xiHg8IvasEP9PLz3xXqtrrft/hVX5Dkrxz9ys/6O+/9ee6Dvx43drj7+U+v9ANbW3OLOav3+rbWA7zx0AAADcLfLqZ+CzfGwpnedjY7XP8G+PTfnc/MLiM0fnPzg1U/us/EgM5OVK13DdeuhEsTZc5icb8vuLdeMv+jZW82PT83Mz3Q4eetzmFuM/+auv260D1l0H9tGAu5TxD73L+IfeZfxD7zL+oXc1G/8fd6EdwO3n9R96l/EPvcv4h95l/ENPavnd+Lytr/x3OVH+74Q7pT1dSmxczyoi736APZHoX+/beKjppS7/YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiQ/wIAAP//YKPiyQ==")
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x3f1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file1\x00', 0x1000801, &(0x7f0000000840)=ANY=[], 0x2, 0x1ea, &(0x7f00000003c0)="$eJzsmb2LE0EYxp+Z3eydhyg2FjYWHniit9ndqFxzxQmWghBFLYNZQ3STSLJCEhAMNjaWFoKtjaWFhZWFf4GtFioIFqa0E0bmI5vJ5oP4gRF9f3Azz3y9M/Ne8ixkQRDEf8vHD1/fPzy3c+kUgP3YxJrp/+zoWhycnP/u8Z2Tj3bPP3n+9unr5oG7L/PxuFwjlt/fA/Bqz0EK5podJ1Zv6opZGpfBccLoK2DwtfwmFLoRg+GamXPT0q19RiSxf72VVG/UkziQRSiLSBYle395qOGAoQpgXZ1OCGaNd3r9W5Ukidt5URCjfaaGflQsyp863x7HLkbZE0L+D64+uD+QbZMbBOBZ/kJwhEaXwFA2egdr8H1/nBLr/kfccXxnmfuvVjxT4tD2n9pUfe4B/A13/4dF4bfEYfke+YXOeg4PRx5oz/m08rv/vFDGBWBq6M1Gklz4hcjejERlYuxP0tmPW/7kws38o5g2bhc7vf52vVGpxbW4GUWls8HpIDgTFZUR6XKB/60rf9qw4hfmzPWYh24lTdthF0jbYdaOdGk5bvlF64taw5X/cWwd0zGYeWZlD8oczPxxVUu15cyeeW/unQiCIAiCIAiCIAiCIAiCIGZzFAz6TZh6USXmEF1Uv1B+DwAA//9K9Gb+")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="26ce4a68ed01e1f71ac4b4d1d2e0", @ANYRES32, @ANYBLOB='\x00'/27], 0x48)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

26.625445224s ago: executing program 3 (id=436):
mkdir(0x0, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000040)='./file2\x00', 0x0, &(0x7f0000000000)=ANY=[], 0xfd, 0x11f3, &(0x7f0000001b80)="$eJzs3E+LW1UYB+C3cWrHqfNHrdV2oQfduLo0s3AlSJApyASU2gitINw6NxpyTUJuGIiI1ZVbP4e4dCeIX2A2fgZ3s3HZhXiFpLVNTdUuOpH6PJv7kvf8cu8hEDjhnBy/8c2n/W6VdfNJNE6disYoIt1KkaIRd7y0P79eu77farf3rqR0uXW1+XpKaevlHz/4/LtXfpqcff/7rR/OxNHOh8e/7v5ydP7owvHvVz/pValXpcFwkvJ0Yzic5DfKIh30qn6W0rtlkVdF6g2qYrzQ75bD0Wia8sHB5sZoXFRVygfT1C+maTJMk/E05R/nvUHKsixtbgQPdPqfh3S+vVXXdURdn44no67r+qnYiLPxdGzGVnwZEc/Es/FcnIvn43y8EC/Ghdmok3h8AAAAAAAAAAAAAAAAAAAA+P/4u/P/27Hj/D8AAAAAAAAAAAAAAAAAAACcgPeuXd9vtdt7V1Jajyi/PuwcdubXeb/VjV6UUcSl2I7fYnb6f25eX367vXcpzezEV+XN2/mbh50nFvPN2d8J3M6vzXp38s15Pi3mz8TGvfnd2I5zy++/uzS/Hq+9ek8+i+34+aMYRhkHs3vfzX/RTOmtd9r35S/OxgEAAMDjIEt/Wrp+z7IH9ef5h/h94L719VpcXFvt3Imopp/187IsxovF+l9eUfz7ovGI3rkR/5EJKh7/YtXfTJyEux/6qp8EAAAAAAAAAACAh/GIdxGuxZKdZW+uZqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//99CzUo=")
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x70, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000600)=0x1801, 0x4)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x1c, 0x8, &(0x7f0000002d80)=ANY=[@ANYRESHEX=r0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x20, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x2}]}}}, @IFLA_IFNAME={0x14, 0x3, 'xfrm0\x00'}]}, 0x50}}, 0x0)
sendto$inet(r1, &(0x7f0000000700)="09268a60fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88ff4f90b1a7511bf746bec66ba1fe92e8615fc3f7af9c3310b39cc2dc3616dcdfaebc65ca325fd99357ed9d11b266a7c88722db6e38df1089394f438cb9fbc08e62754c233cced4a4d4d05a3e5029a01298d3ee87d8a0803a2d26906f42f5b5aaf47d2752a8b23954f309cae13ef250cf76775ddfd153eef2b1a8458a3cb6dc764f19b41c8c61c7305a51a4bfa0c897c7c1f438a851222a5560c0e77b0b5934296bc6f28af87d651f7348a2ba2ca67f930cc655afe0220cbeb79a2a87bba6be2de3e756e674c405bcc51843b4cc75ff7ec38a34d1a2a61f0a1223e69484b5d922b5590758c33317df18c401ff910f9b3f0eaef8b9d928392097a025b0459", 0xfe6a, 0x40040, 0x0, 0xfffffffffffffe93)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
sendfile(r5, r5, 0x0, 0x7f03)
rename(0x0, &(0x7f0000001900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mreq(r6, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)

26.615372014s ago: executing program 32 (id=436):
mkdir(0x0, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000040)='./file2\x00', 0x0, &(0x7f0000000000)=ANY=[], 0xfd, 0x11f3, &(0x7f0000001b80)="$eJzs3E+LW1UYB+C3cWrHqfNHrdV2oQfduLo0s3AlSJApyASU2gitINw6NxpyTUJuGIiI1ZVbP4e4dCeIX2A2fgZ3s3HZhXiFpLVNTdUuOpH6PJv7kvf8cu8hEDjhnBy/8c2n/W6VdfNJNE6disYoIt1KkaIRd7y0P79eu77farf3rqR0uXW1+XpKaevlHz/4/LtXfpqcff/7rR/OxNHOh8e/7v5ydP7owvHvVz/pValXpcFwkvJ0Yzic5DfKIh30qn6W0rtlkVdF6g2qYrzQ75bD0Wia8sHB5sZoXFRVygfT1C+maTJMk/E05R/nvUHKsixtbgQPdPqfh3S+vVXXdURdn44no67r+qnYiLPxdGzGVnwZEc/Es/FcnIvn43y8EC/Ghdmok3h8AAAAAAAAAAAAAAAAAAAA+P/4u/P/27Hj/D8AAAAAAAAAAAAAAAAAAACcgPeuXd9vtdt7V1Jajyi/PuwcdubXeb/VjV6UUcSl2I7fYnb6f25eX367vXcpzezEV+XN2/mbh50nFvPN2d8J3M6vzXp38s15Pi3mz8TGvfnd2I5zy++/uzS/Hq+9ek8+i+34+aMYRhkHs3vfzX/RTOmtd9r35S/OxgEAAMDjIEt/Wrp+z7IH9ef5h/h94L719VpcXFvt3Imopp/187IsxovF+l9eUfz7ovGI3rkR/5EJKh7/YtXfTJyEux/6qp8EAAAAAAAAAACAh/GIdxGuxZKdZW+uZqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//99CzUo=")
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x70, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000600)=0x1801, 0x4)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x1c, 0x8, &(0x7f0000002d80)=ANY=[@ANYRESHEX=r0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x20, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x2}]}}}, @IFLA_IFNAME={0x14, 0x3, 'xfrm0\x00'}]}, 0x50}}, 0x0)
sendto$inet(r1, &(0x7f0000000700)="09268a60fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88ff4f90b1a7511bf746bec66ba1fe92e8615fc3f7af9c3310b39cc2dc3616dcdfaebc65ca325fd99357ed9d11b266a7c88722db6e38df1089394f438cb9fbc08e62754c233cced4a4d4d05a3e5029a01298d3ee87d8a0803a2d26906f42f5b5aaf47d2752a8b23954f309cae13ef250cf76775ddfd153eef2b1a8458a3cb6dc764f19b41c8c61c7305a51a4bfa0c897c7c1f438a851222a5560c0e77b0b5934296bc6f28af87d651f7348a2ba2ca67f930cc655afe0220cbeb79a2a87bba6be2de3e756e674c405bcc51843b4cc75ff7ec38a34d1a2a61f0a1223e69484b5d922b5590758c33317df18c401ff910f9b3f0eaef8b9d928392097a025b0459", 0xfe6a, 0x40040, 0x0, 0xfffffffffffffe93)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
sendfile(r5, r5, 0x0, 0x7f03)
rename(0x0, &(0x7f0000001900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mreq(r6, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)

2.653453725s ago: executing program 2 (id=613):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x1000401, &(0x7f0000000200)={[], [{@audit}, {@obj_type={'obj_type', 0x3d, '.^{!@\''}}]}, 0x84, 0x496, &(0x7f0000001540)="$eJzs3EtvG0UcAPD/rvPoO6GURx/QQEFEFJImLdADEgKB1AsSEhzgGNJQlaYtaoJEq4q2CJUj4hMARyQ+ASe4IOAE4gp3hFShXlo4IKO1dxOndo1rx3ZU/37SOjP7mpmdHe/sjjcBDKyJ7COJ2BYRv0XEWDW6doWJ6p+b1y/O/3394nwS5fLrf41W1rtx/eJ8sWqx3dY8MplGpB8nsbdBukvnL5yaW1xcOJfHp5dPvze9dP7C0ydPz51YOLFwZvbo0SOHZ557dvaZdSlnVq4bez48u2/3sbc+e3W+HG//+HWW32358tpyVI13nOZETES5XC6na+aOVD4f73jvG8v2iLiSh5OhPmeGlpUiIquu4Ur7H4tSrFbeWLzyUV8zB3RVdn0arZtbyv8OJdnyTTXrAneTRLuGAVVc8bP732LqVd9jI7j2Yva5UCn/zXyqLhmK7L49Ga/esZe6lP62iHjz8j+fZ1M0fA4BALC+vs36P0816v+lcX/NejvyMZTxiDgYETsj4t6I2BUR90VU1n0gIh68w/Qr409XVuP1/Z9fNrdduBZk/b/n87Gttf2/lVGb8VIe214p/3DyzsnFhUP5MZmM4dEsPtMkje9e/vXT2y2bqOn/ZVOWftEXzPPx59AtD+iOzy3PdVLmWteuROwZalT+ZGUkIImI3RGxp439Z8fs5JNf7cvCO7bWL///8jdzuY0crVX+MuKJav1fjlvKX0iqQyS3G5+c3hSLC4emi7Oi3k8/X32tNj5cE+6s/J3L6n9Lw/M/L3/RDIrx2qUWdzyyGrz6+yf5Puubcrvn/0jyxppkPphbXj43EzEyEvXzZ1e3LeLF+ln5Jw9EXM0Hgmvb/86If7/It9sbEdlJ/FBEPBwR+/O8PxIRj0bEgSaH4oeXHnu3+cHqb/0fb1b/EeNJ7Xh9G4HSqe+/KXa2UpX5l0tr9X+kEprM57Ty/ddqBtfjGAIAAMBGl1bGoJN0aiWcplNT1d/w74ot6eLZpeWDE/H+mePVserxGE6LJ11jNc9DZ/Jnw0V89pb44Yi4p/JLo82V+NT82cXt/S48DLitt2n/mT+69aMXYOO4o/e1ku7lA+g972vC4Gq5/Q93Nx9A77n+w+DS/mFwNWr/lyJu9iErQI/d0fX/he7lA+i9Zu3fIz+4u7n/h8Gl/cNAqn8lvvgfDe286b8a2Hmso80HKFDq0p5X/nNHlzIfad8PXfuBdCNkY38eGI2IVre6FL3KYR+/lAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANbRfwEAAP//yD7WsQ==")
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x80)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$selinux_load(r3, &(0x7f0000000340)={0xf97cff8c, 0x8}, 0x2000)
bpf$ITER_CREATE(0x21, &(0x7f0000000000)={r0}, 0x8)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)

1.568602783s ago: executing program 0 (id=620):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1.493479673s ago: executing program 0 (id=621):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x1000401, &(0x7f0000000200)={[], [{@audit}, {@obj_type={'obj_type', 0x3d, '.^{!@\''}}]}, 0x84, 0x496, &(0x7f0000001540)="$eJzs3EtvG0UcAPD/rvPoO6GURx/QQEFEFJImLdADEgKB1AsSEhzgGNJQlaYtaoJEq4q2CJUj4hMARyQ+ASe4IOAE4gp3hFShXlo4IKO1dxOndo1rx3ZU/37SOjP7mpmdHe/sjjcBDKyJ7COJ2BYRv0XEWDW6doWJ6p+b1y/O/3394nwS5fLrf41W1rtx/eJ8sWqx3dY8MplGpB8nsbdBukvnL5yaW1xcOJfHp5dPvze9dP7C0ydPz51YOLFwZvbo0SOHZ557dvaZdSlnVq4bez48u2/3sbc+e3W+HG//+HWW32358tpyVI13nOZETES5XC6na+aOVD4f73jvG8v2iLiSh5OhPmeGlpUiIquu4Ur7H4tSrFbeWLzyUV8zB3RVdn0arZtbyv8OJdnyTTXrAneTRLuGAVVc8bP732LqVd9jI7j2Yva5UCn/zXyqLhmK7L49Ga/esZe6lP62iHjz8j+fZ1M0fA4BALC+vs36P0816v+lcX/NejvyMZTxiDgYETsj4t6I2BUR90VU1n0gIh68w/Qr409XVuP1/Z9fNrdduBZk/b/n87Gttf2/lVGb8VIe214p/3DyzsnFhUP5MZmM4dEsPtMkje9e/vXT2y2bqOn/ZVOWftEXzPPx59AtD+iOzy3PdVLmWteuROwZalT+ZGUkIImI3RGxp439Z8fs5JNf7cvCO7bWL///8jdzuY0crVX+MuKJav1fjlvKX0iqQyS3G5+c3hSLC4emi7Oi3k8/X32tNj5cE+6s/J3L6n9Lw/M/L3/RDIrx2qUWdzyyGrz6+yf5Puubcrvn/0jyxppkPphbXj43EzEyEvXzZ1e3LeLF+ln5Jw9EXM0Hgmvb/86If7/It9sbEdlJ/FBEPBwR+/O8PxIRj0bEgSaH4oeXHnu3+cHqb/0fb1b/EeNJ7Xh9G4HSqe+/KXa2UpX5l0tr9X+kEprM57Ty/ddqBtfjGAIAAMBGl1bGoJN0aiWcplNT1d/w74ot6eLZpeWDE/H+mePVserxGE6LJ11jNc9DZ/Jnw0V89pb44Yi4p/JLo82V+NT82cXt/S48DLitt2n/mT+69aMXYOO4o/e1ku7lA+g972vC4Gq5/Q93Nx9A77n+w+DS/mFwNWr/lyJu9iErQI/d0fX/he7lA+i9Zu3fIz+4u7n/h8Gl/cNAqn8lvvgfDe286b8a2Hmso80HKFDq0p5X/nNHlzIfad8PXfuBdCNkY38eGI2IVre6FL3KYR+/lAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANbRfwEAAP//yD7WsQ==")
openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x0, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$selinux_load(r2, &(0x7f0000000340)={0xf97cff8c, 0x8}, 0x2000)

1.471034282s ago: executing program 2 (id=623):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='net/udplite6\x00')
close_range(r1, 0xffffffffffffffff, 0x0)

1.373558832s ago: executing program 2 (id=624):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="1400000010"], 0x9c}}, 0x0)

1.165342012s ago: executing program 2 (id=626):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r6, 0x5412, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x12, 0x5, &(0x7f0000000040)=@framed={{0x56, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x20}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

1.056051892s ago: executing program 0 (id=627):
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000340)='./bus\x00', 0x0, 0x1000, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000004c0)={[{@journal_dev={'journal_dev', 0x3d, 0x3}}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@bsdgroups}, {@grpid}, {@dioread_nolock}]}, 0x3, 0x464, &(0x7f0000002880)="$eJzs3MtvVNUfAPDvnUd50/4IP5WHWqNGRG1pQWThRqOJC01MdIHL2haCDNTQmlhCtBqDS0Piyo1xaeJf4Eo3Rl2ZuHGhe0NCDBvQ1ZjbubfMDDNDGWY6wnw+yS3n3AfnfOeeM3PuOZ0GMLTG0x9JxPaI+D0iRmvZxhPGa/9cv3ph9u+rF2aTqFbf+CsppYevXb0wm5+aX7ctz5QiCp8ksa9FuYvL50/PVCrz57L85NKZdycXl88/c+rMzMn5k/Nnp48dO3J46rmj08/2JM40rmt7P1jYv+eVty69Nnv80ts/fZPk8TfF0SPjnQ4+Xq32uLjB2lGXrrUM7gbFWjeN8mr/H41i3Lh5o/HyxwOtHNBX1Wq1el/7wytV4B6WxKBrAAxG/kGfPv/m2wYNPf4TrrxQewBK476ebbUjpShk55Sbnm97aTwijq/882W6RX/mIQAAGnyXjn+ebjX+K0T9vNDObA1lLCL+FxG7IuJoROyOiP9HrJ57f0Q8cJvlNy+S3Dz+KVzuKrB1Ssd/z2drW43jv3z0F2PFLLdjNf5ycuJUZf5Q9pociPKmND/VoYzvX/r1s3bH6sd/6ZaWn48Fs3pcLm1qvGZuZmnmTmKud+WjiL2lVvEnaysBSUTsiYi9XZZx6uDX+9sdu3X8HfRgnan6VcQTtfu/Ek3x55LO65OTm6Myf2gybxU3+/mXi6+3K/+O4u+B9P5vbdn+1+IfS+rXaxdv53//4sn058U/Pm37TNNt+x9J3mzY9/7M0tK5qYiR5NVapev3TzedN33j/DT+A4+27v+74sYrsS8i0kb8YEQ8FBEPZ3V/5Ledt3wVfnzxsXe6j7+/0vjn1n//q6MReUNYHokssbandaJ4+odvGwodax3/zrb3/8hq6kC2Zz3vfx3rVequNQMAAMDdqhAR2yMpTKylC4WJidrv8O+OrYXKwuLSUycW3js7V/uOwFiUC/lM12jdfOhU9lif56eb8oezeePPi1tW8xOzC5W5QQcPQ25bm/6f+rM46NoBfef7WjC81t//V/paD2Dj+fyH4XVz/998y2tG+lQXYGO1+PzfMoh6ABuv1fj/w/VcuL33dQE2VlP/t+wHQ8T8Hwyvbvq/9wy4N5Q6/clmE/1wr1rcEp2/vC9xtyXyv1zTjyLKaWs5GBHL56Mw8Egl+pgY9DsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAb/wbAAD//59L4YQ=")

641.171091ms ago: executing program 5 (id=631):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r2, 0x0, r4, 0x0, 0x7, 0x0)
writev(r3, &(0x7f0000000100)=[{&(0x7f00000002c0)='h', 0x1}], 0x1)

517.595841ms ago: executing program 4 (id=633):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='sched_switch\x00', r2}, 0x18)
readv(r0, &(0x7f0000000000)=[{&(0x7f0000001300)=""/241, 0xf1}], 0x1)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

517.377651ms ago: executing program 5 (id=634):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in6=@dev={0xfe, 0x80, '\x00', 0x10}, 0x0, 0xff, 0x0, 0xfffd, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x89}, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1}, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x33}, 0x2, @in6=@empty, 0xfffffffc, 0x0, 0x0, 0xb7, 0xffffffff}}, 0xe8)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)

482.97908ms ago: executing program 4 (id=636):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000002c7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
socketpair(0x1d, 0x2, 0x2, &(0x7f0000000300)={0x0, 0x0})

475.19991ms ago: executing program 0 (id=637):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r2}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newqdisc={0x48, 0x24, 0x400, 0x0, 0x2, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0x8}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xaa, 0x0, 0x7, 0x7, 0x1, 0x1, 0xfffffffe}}, {0x4}}]}]}, 0x48}}, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x89f1, &(0x7f0000000900)={'ip6tnl0\x00', @random="0600002000"})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f00000002c0)={0x10000005})
getsockname$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000003c0)=0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)

448.106811ms ago: executing program 4 (id=638):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$selinux_load(r0, &(0x7f0000000340)={0xf97cff8c, 0x8}, 0x2000)

388.63038ms ago: executing program 5 (id=639):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f0000000100)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@response={0x2, 0x0, 0x0, "82d18160f7d8dda36479a6b179161b4bbff2d0508977b3928ebd2dee05607d17", "0194bd7b1b0303c5ba7f602606a285b3", {"30da2d58da817f8a5f77a23de36a2164", "3b33cfa231a427159c7b9f0eceb155f0"}}}}}}}, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000001140)={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x1, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)
recvmmsg(r0, &(0x7f0000000940)=[{{0x0, 0x0, &(0x7f0000001f40)=[{&(0x7f0000000840)=""/215, 0xd7}], 0x1}, 0x8}], 0x1, 0x10041, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
ioctl$SNDRV_TIMER_IOCTL_GINFO(0xffffffffffffffff, 0xc0f85403, &(0x7f00000000c0)={{0x2, 0x2, 0x9, 0x0, 0x2}, 0x7, 0x7, 'id1\x00', 'timer0\x00', 0x0, 0xfffffffffffffffd, 0x524c, 0x2, 0x7})
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0xffffffff, 0x0, {0x0, 0x0, 0x74, r5, {0x0, 0x7}, {0x0, 0x4}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

321.3119ms ago: executing program 4 (id=640):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/fscaps', 0x141a82, 0x0)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x1200, 0x0, 0x3)
r2 = dup(r0)
r3 = open(&(0x7f0000000100)='./bus\x00', 0x40542, 0x0)
sendfile(r2, r3, 0x0, 0x8004fffffffe)

261.54769ms ago: executing program 4 (id=641):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc56994704", 0x6c}], 0x1, 0x0, 0x6b}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="34000000180001000000000027000000020000000000fe05000000000600150006000000100016800c00"], 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x0)

251.0719ms ago: executing program 4 (id=642):
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0xc)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)

250.36667ms ago: executing program 5 (id=643):
pipe(&(0x7f00000045c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
vmsplice(r0, 0x0, 0x0, 0x8)

137.48032ms ago: executing program 2 (id=645):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0a000000010000000900000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000380)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021bc0000000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000900003808c0000800800034000000002"], 0x140}}, 0x0)

137.12212ms ago: executing program 0 (id=646):
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

136.82119ms ago: executing program 5 (id=647):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000002000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x2}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/bus/input/devices\x00', 0x0, 0x0)
preadv(r2, &(0x7f0000000000)=[{&(0x7f0000000080)=""/4094, 0xffe}], 0x1, 0x33, 0x1)

136.61348ms ago: executing program 1 (id=648):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a030000000000000000f0070000000900010073797a300000000080000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d3c00128014000180090001006c617374000000000400028010000180090001006c61737400000000140001800c000100636f756e746572000400028008000340000001"], 0xc8}}, 0x20050800)

124.41954ms ago: executing program 5 (id=649):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = gettid()
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
sendmsg$unix(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000640)='Q', 0x1}], 0x1, &(0x7f0000001040)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r2, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="1c000000000000000100000402000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r0, @ANYBLOB="0000000018"], 0xa0}, 0x4004881)
recvmsg$unix(r0, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x2000)

123.05699ms ago: executing program 2 (id=650):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00'}, 0x18)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1c1c41, 0x6)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000001840)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB, @ANYRESDEC])
sync()
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0xd5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
r5 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r5, &(0x7f00000002c0)=[{&(0x7f0000000280)='2', 0x1}, {&(0x7f0000000080)='-6', 0x3f}], 0x2)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r7, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='oom_score_adj_update\x00', r8}, 0x10)
r9 = syz_open_procfs(0x0, &(0x7f0000000040)='oom_score_adj\x00')
writev(r9, &(0x7f00000002c0)=[{&(0x7f0000000280)='0', 0x1}], 0x1)
ftruncate(r7, 0xc17a)
ioctl$sock_FIOGETOWN(r6, 0x8903, &(0x7f0000000040)=<r10=>0x0)
write$P9_RGETLOCK(r7, &(0x7f00000001c0)={0x1f, 0x37, 0x2, {0x0, 0x6, 0x80000001, r10, 0x1, '\x00'}}, 0x1f)
ioctl$sock_inet6_tcp_SIOCINQ(r7, 0x541b, &(0x7f0000000200))
getsockopt$sock_int(r6, 0x1, 0x4b, 0x0, &(0x7f0000000140))
sync()
sync()

99.37116ms ago: executing program 1 (id=651):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000480), 0xc, 0x141341)
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

48.792339ms ago: executing program 0 (id=652):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0500000004000000010000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0xa921}, 0x18)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da07000000000001090224"], 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r3 = fcntl$dupfd(r2, 0x0, r2)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xc08, 0x3, 0x1e8, 0xb8, 0x5002004a, 0xb, 0xb8, 0xea02, 0x150, 0x3c8, 0x3c8, 0x150, 0x3c8, 0x3, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'erspan0\x00', 'ip6tnl0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x1, 'pptp\x00', {0x1000000010000}}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x248)

48.156409ms ago: executing program 1 (id=653):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0}, 0x10)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000002f80)={'filter\x00', 0x7, 0x4, 0x3f0, 0x110, 0x0, 0x220, 0x110, 0x308, 0x308, 0x4, 0x0, {[{{@arp={@multicast2, @empty, 0xff, 0xff, 0xa, 0x2, {@mac=@broadcast, {[0xff, 0x0, 0x0, 0xff, 0xff, 0xff]}}, {@empty, {[0xff, 0xff, 0xff, 0x0, 0xff, 0xff]}}, 0x1, 0x9, 0x5, 0x1, 0xf4, 0x7, 'gre0\x00', 'veth0_to_bridge\x00', {0xff}, {0xff}, 0x0, 0xa1}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x41}, 0x8}}}, {{@arp={@broadcast, @rand_addr=0x64010101, 0xffffffff, 0xffffffff, 0x7, 0x4, {@mac=@random="7c4d2097e5ab", {[0xff, 0x0, 0x0, 0xff]}}, {@mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0xe}, {[0x0, 0x0, 0xff, 0xff, 0x0, 0xff]}}, 0x7, 0x7, 0x3, 0x4, 0x9, 0x10, 'macsec0\x00', 'geneve1\x00', {0xff}, {}, 0x0, 0x102}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@broadcast, @mac=@local, @broadcast, @remote, 0x1, 0x1}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffd}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)

1.058789ms ago: executing program 1 (id=654):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)

741.51µs ago: executing program 1 (id=655):
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0x8000000000000000}, 0x18)
r1 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f88)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x8, 0x2, 0x80400, 0x2004, 0x800})

0s ago: executing program 1 (id=656):
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xe}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x6, 0x9, 0x3, 0x80000001}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0x0, 0xf}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x6, 0x9, 0x3, 0x80000001}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x0)

kernel console output (not intermixed with test programs):

mpute Engine, BIOS Google 09/13/2024
[   46.027038][  T748] Call Trace:
[   46.030172][  T748]  dump_stack_lvl+0x1e2/0x24b
[   46.034687][  T748]  ? bfq_pos_tree_add_move+0x43b/0x43b
[   46.039975][  T748]  dump_stack+0x15/0x17
[   46.043968][  T748]  should_fail+0x3c6/0x510
[   46.048220][  T748]  should_fail_usercopy+0x1a/0x20
[   46.053079][  T748]  _copy_to_user+0x20/0x90
[   46.057335][  T748]  simple_read_from_buffer+0xc7/0x150
[   46.062542][  T748]  proc_fail_nth_read+0x1a3/0x210
[   46.067402][  T748]  ? proc_fault_inject_write+0x390/0x390
[   46.072869][  T748]  ? security_file_permission+0x86/0xb0
[   46.078250][  T748]  ? rw_verify_area+0x1c3/0x360
[   46.082950][  T748]  ? proc_fault_inject_write+0x390/0x390
[   46.088403][  T748]  vfs_read+0x200/0xba0
[   46.092399][  T748]  ? kernel_read+0x70/0x70
[   46.096652][  T748]  ? __kasan_check_write+0x14/0x20
[   46.101593][  T748]  ? mutex_lock+0xa5/0x110
[   46.105847][  T748]  ? mutex_trylock+0xa0/0xa0
[   46.110279][  T748]  ? __fdget_pos+0x2e7/0x3a0
[   46.114701][  T748]  ? ksys_read+0x77/0x2c0
[   46.118867][  T748]  ksys_read+0x199/0x2c0
[   46.122949][  T748]  ? __ia32_sys_recv+0xb0/0xb0
[   46.127563][  T748]  ? vfs_write+0xe70/0xe70
[   46.131803][  T748]  ? debug_smp_processor_id+0x17/0x20
[   46.137009][  T748]  __x64_sys_read+0x7b/0x90
[   46.141351][  T748]  do_syscall_64+0x34/0x70
[   46.145600][  T748]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   46.151330][  T748] RIP: 0033:0x7f4f1780973c
[   46.155582][  T748] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   46.175021][  T748] RSP: 002b:00007f4f15e5b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   46.183273][  T748] RAX: ffffffffffffffda RBX: 00007f4f179fb080 RCX: 00007f4f1780973c
[   46.191083][  T748] RDX: 000000000000000f RSI: 00007f4f15e5b0a0 RDI: 0000000000000009
[   46.198895][  T748] RBP: 00007f4f15e5b090 R08: 0000000000000000 R09: 0000000000000000
[   46.206813][  T748] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[   46.214622][  T748] R13: 0000000000000000 R14: 00007f4f179fb080 R15: 00007ffce680db28
[   46.401241][  T747] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[   46.552276][  T747] journal_init_common: Cannot get buffer for journal superblock
[   46.566360][  T747] EXT4-fs (loop4): Could not load journal inode
[   46.657837][  T766] netlink: 8 bytes leftover after parsing attributes in process `syz.0.117'.
[   46.673284][  T760] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   46.684592][  T760] EXT4-fs error (device loop3): ext4_orphan_get:1395: inode #15: comm syz.3.115: iget: bad extended attribute block 512
[   46.698082][  T760] EXT4-fs error (device loop3): ext4_orphan_get:1400: comm syz.3.115: couldn't read orphan inode 15 (err -117)
[   46.709971][  T760] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   47.582435][  T781] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities
[   47.623556][  T785] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   47.650100][  T785] EXT4-fs error (device loop1): ext4_orphan_get:1395: inode #15: comm syz.1.122: iget: bad extended attribute block 512
[   47.699678][  T785] EXT4-fs error (device loop1): ext4_orphan_get:1400: comm syz.1.122: couldn't read orphan inode 15 (err -117)
[   47.712430][  T785] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   47.777398][   T24] audit: type=1400 audit(1737407310.460:405): avc:  denied  { ioctl } for  pid=792 comm="syz.0.123" path="socket:[16226]" dev="sockfs" ino=16226 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   48.337946][   T24] audit: type=1400 audit(1737407311.020:406): avc:  denied  { write } for  pid=793 comm="syz.3.124" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   48.554084][   T24] audit: type=1400 audit(1737407311.240:407): avc:  denied  { name_bind } for  pid=803 comm="syz.2.127" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[   48.602014][   T24] audit: type=1326 audit(1737407311.290:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=808 comm="syz.1.126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10320d3d29 code=0x7ffc0000
[   48.630066][   T24] audit: type=1326 audit(1737407311.310:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=808 comm="syz.1.126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10320d3d29 code=0x7ffc0000
[   48.654434][   T24] audit: type=1326 audit(1737407311.310:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=808 comm="syz.1.126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f10320d3d29 code=0x7ffc0000
[   48.678378][   T24] audit: type=1326 audit(1737407311.310:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=808 comm="syz.1.126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10320d3d29 code=0x7ffc0000
[   48.729946][   T24] audit: type=1326 audit(1737407311.310:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=808 comm="syz.1.126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10320d3d29 code=0x7ffc0000
[   48.767072][   T24] audit: type=1326 audit(1737407311.310:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=808 comm="syz.1.126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f10320d3d29 code=0x7ffc0000
[   48.824971][  T806] EXT4-fs (loop3): external journal device major/minor numbers have changed
[   48.837806][  T806] EXT4-fs (loop3): failed to open journal device unknown-block(0,3) -6
[   48.931728][  T811] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   49.093191][  T823] Illegal XDP return value 1838163308, expect packet loss!
[   49.203189][  T828] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   49.756079][  T832] kvm [831]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0xfe00000000
[   49.769200][  T832] kvm [831]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x27e00000080
[   49.783626][  T832] kvm [831]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0x187 data 0x3ef00000000
[   50.080927][  T841] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   50.099877][  T841] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (20662!=20869)
[   50.110948][  T841] EXT4-fs error (device loop0): __ext4_get_inode_loc:4437: comm syz.0.135: Invalid inode table block 0 in block_group 0
[   50.142061][  T841] EXT4-fs (loop0): no journal found
[   50.147139][  T841] EXT4-fs (loop0): can't get journal size
[   50.168970][  T841] EXT4-fs error (device loop0): __ext4_get_inode_loc:4437: comm syz.0.135: Invalid inode table block 0 in block_group 0
[   50.183433][  T841] EXT4-fs (loop0): get root inode failed
[   50.188967][  T841] EXT4-fs (loop0): mount failed
[   50.206358][  T847] EXT4-fs error (device loop4): ext4_orphan_get:1395: inode #15: comm syz.4.136: casefold flag without casefold feature
[   50.219475][  T847] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #12: comm syz.4.136: missing EA_INODE flag
[   50.231593][  T847] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.136: error while reading EA inode 12 err=-117
[   50.244326][  T847] EXT4-fs (loop4): 1 orphan inode deleted
[   50.249914][  T847] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   50.421609][  T855] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   50.446368][  T855] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[   50.525916][  T855] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2210: inode #15: comm syz.0.138: corrupted in-inode xattr
[   50.544434][  T855] EXT4-fs error (device loop0): ext4_orphan_get:1400: comm syz.0.138: couldn't read orphan inode 15 (err -117)
[   50.558387][  T855] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,max_batch_time=0x0000000000000001,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,max_dir_size_kb=0x0000000000000002,,errors=continue
[   50.962867][  T872] EXT4-fs (loop2): Test dummy encryption mode enabled
[   50.995451][  T872] EXT4-fs (loop2): Ignoring removed orlov option
[   51.035383][  T872] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000006,commit=0x0000000000000005,orlov,barrier=0x0000000000000003,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue
[   51.389753][   T24] kauditd_printk_skb: 21 callbacks suppressed
[   51.389811][   T24] audit: type=1400 audit(1737407314.060:435): avc:  denied  { wake_alarm } for  pid=883 comm="syz.4.142" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   51.592343][   T24] audit: type=1400 audit(1737407314.070:436): avc:  denied  { bind } for  pid=883 comm="syz.4.142" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   51.756204][  T890] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpjquota=,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue
[   51.770391][  T890] ext4 filesystem being mounted at /24/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   51.790230][   T24] audit: type=1326 audit(1737407314.470:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=889 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdf34b1d29 code=0x7ffc0000
[   51.813413][   T24] audit: type=1326 audit(1737407314.470:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=889 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdf34b1d29 code=0x7ffc0000
[   51.843305][   T24] audit: type=1326 audit(1737407314.480:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=889 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7fcdf34b1d29 code=0x7ffc0000
[   51.883151][   T24] audit: type=1326 audit(1737407314.480:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=889 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdf34b1d29 code=0x7ffc0000
[   51.907374][   T77] audit: audit_backlog=65 > audit_backlog_limit=64
[   51.916604][  T888] F2FS-fs (loop3): Unrecognized mount option "fault_i­njection=00000000000000001260" or missing value
[   51.929840][   T24] audit: type=1326 audit(1737407314.480:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=889 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdf34b1d29 code=0x7ffc0000
[   51.953711][   T77] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[   51.962876][   T77] audit: backlog limit exceeded
[   52.174746][  T906] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   52.186290][  T906] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (20662!=20869)
[   52.196110][  T906] EXT4-fs error (device loop2): __ext4_get_inode_loc:4437: comm syz.2.148: Invalid inode table block 0 in block_group 0
[   52.215935][  T906] EXT4-fs (loop2): no journal found
[   52.225153][  T906] EXT4-fs (loop2): can't get journal size
[   52.240221][  T906] EXT4-fs error (device loop2): __ext4_get_inode_loc:4437: comm syz.2.148: Invalid inode table block 0 in block_group 0
[   52.278868][  T906] EXT4-fs (loop2): get root inode failed
[   52.289473][  T906] EXT4-fs (loop2): mount failed
[   52.422582][  T914] EXT4-fs (loop3): Test dummy encryption mode enabled
[   52.437507][  T914] EXT4-fs (loop3): Ignoring removed orlov option
[   52.461522][  T914] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000006,commit=0x0000000000000005,orlov,barrier=0x0000000000000003,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue
[   52.497402][  T917] EXT4-fs error (device loop2): ext4_orphan_get:1395: inode #15: comm syz.2.152: casefold flag without casefold feature
[   52.510938][  T917] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz.2.152: missing EA_INODE flag
[   52.522622][  T917] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.152: error while reading EA inode 12 err=-117
[   52.534870][  T917] EXT4-fs (loop2): 1 orphan inode deleted
[   52.540429][  T917] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   52.565693][  T912] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   53.151040][  T936] EXT4-fs (loop1): orphan cleanup on readonly fs
[   53.211835][  T936] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.153: bg 0: block 248: padding at end of block bitmap is not set
[   53.337970][  T936] EXT4-fs error (device loop1): ext4_acquire_dquot:6219: comm syz.1.153: Failed to acquire dquot type 1
[   53.353373][  T936] EXT4-fs (loop1): 1 truncate cleaned up
[   53.359352][  T936] EXT4-fs (loop1): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[   54.295386][  T965] FAULT_INJECTION: forcing a failure.
[   54.295386][  T965] name failslab, interval 1, probability 0, space 0, times 0
[   54.315059][  T965] CPU: 0 PID: 965 Comm: syz.1.162 Not tainted 5.10.233-syzkaller-00881-gfbe98d68b6b3 #0
[   54.324600][  T965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   54.334578][  T965] Call Trace:
[   54.337708][  T965]  dump_stack_lvl+0x1e2/0x24b
[   54.342229][  T965]  ? bfq_pos_tree_add_move+0x43b/0x43b
[   54.347534][  T965]  ? arch_stack_walk+0xf3/0x140
[   54.352208][  T965]  dump_stack+0x15/0x17
[   54.356187][  T965]  should_fail+0x3c6/0x510
[   54.360446][  T965]  ? kvmalloc_node+0x82/0x130
[   54.364961][  T965]  __should_failslab+0xa4/0xe0
[   54.369565][  T965]  should_failslab+0x9/0x20
[   54.373907][  T965]  __kmalloc+0x60/0x330
[   54.377889][  T965]  ? kvmalloc_node+0x82/0x130
[   54.382411][  T965]  kvmalloc_node+0x82/0x130
[   54.386756][  T965]  xt_alloc_entry_offsets+0x43/0x50
[   54.391779][  T965]  translate_table+0x170/0x2250
[   54.396464][  T965]  ? do_syscall_64+0x34/0x70
[   54.400900][  T965]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   54.406798][  T965]  ? ipt_register_table+0x4a0/0x4a0
[   54.411834][  T965]  ? __kasan_check_write+0x14/0x20
[   54.416790][  T965]  ? copy_from_sockptr_offset+0x76/0xb0
[   54.422163][  T965]  do_ipt_set_ctl+0xdc0/0x1200
[   54.426850][  T965]  ? proc_pident_instantiate+0x7a/0x2e0
[   54.432230][  T965]  ? proc_pident_lookup+0x1c4/0x260
[   54.437261][  T965]  ? proc_tid_base_lookup+0x2b/0x30
[   54.442292][  T965]  ? cleanup_entry+0x4b0/0x4b0
[   54.446902][  T965]  ? _raw_spin_lock_bh+0xa4/0x1b0
[   54.451752][  T965]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[   54.456790][  T965]  ? __kasan_check_write+0x14/0x20
[   54.461731][  T965]  ? mutex_lock+0xa5/0x110
[   54.465984][  T965]  ? mutex_trylock+0xa0/0xa0
[   54.470408][  T965]  ? _raw_spin_lock_bh+0xa4/0x1b0
[   54.475275][  T965]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[   54.480312][  T965]  nf_setsockopt+0x274/0x2a0
[   54.484735][  T965]  ip_setsockopt+0x2b0a/0x4760
[   54.489341][  T965]  ? ipv4_pktinfo_prepare+0x520/0x520
[   54.494544][  T965]  ? __kernel_text_address+0x9b/0x110
[   54.499751][  T965]  ? unwind_get_return_address+0x4d/0x90
[   54.505215][  T965]  ? arch_stack_walk+0xf3/0x140
[   54.509922][  T965]  ? stack_trace_save+0x113/0x1c0
[   54.514763][  T965]  ? terminate_walk+0x407/0x4f0
[   54.519448][  T965]  ? stack_trace_snprint+0xf0/0xf0
[   54.524397][  T965]  ? kmem_cache_free+0xa9/0x1e0
[   54.529080][  T965]  ? kmem_cache_free+0xa9/0x1e0
[   54.533764][  T965]  ? kasan_set_track+0x5d/0x70
[   54.538359][  T965]  ? kasan_set_track+0x4b/0x70
[   54.542961][  T965]  ? kasan_set_free_info+0x23/0x40
[   54.547907][  T965]  ? ____kasan_slab_free+0x121/0x160
[   54.553028][  T965]  ? __kasan_slab_free+0x11/0x20
[   54.557803][  T965]  ? slab_free_freelist_hook+0xc0/0x190
[   54.563182][  T965]  ? kmem_cache_free+0xa9/0x1e0
[   54.567869][  T965]  ? putname+0xe7/0x140
[   54.571861][  T965]  ? do_sys_openat2+0x1fc/0x710
[   54.576550][  T965]  ? __x64_sys_openat+0x243/0x290
[   54.581407][  T965]  ? do_syscall_64+0x34/0x70
[   54.585837][  T965]  ? _kstrtoull+0x3a0/0x4a0
[   54.590177][  T965]  ? kstrtouint_from_user+0x20a/0x2a0
[   54.595383][  T965]  ? avc_has_perm+0x14d/0x400
[   54.599915][  T965]  ? memcpy+0x56/0x70
[   54.603736][  T965]  ? avc_has_perm+0x275/0x400
[   54.608229][  T965]  ? memset+0x35/0x40
[   54.612047][  T965]  ? avc_has_perm_noaudit+0x240/0x240
[   54.617255][  T965]  tcp_setsockopt+0x22d/0x3660
[   54.621853][  T965]  ? security_file_permission+0x86/0xb0
[   54.627234][  T965]  ? tcp_sock_set_keepcnt+0xa0/0xa0
[   54.632287][  T965]  ? selinux_socket_setsockopt+0x260/0x360
[   54.637917][  T965]  ? selinux_socket_getsockopt+0x340/0x340
[   54.643567][  T965]  ? kmem_cache_free+0xa9/0x1e0
[   54.648249][  T965]  sock_common_setsockopt+0xa2/0xc0
[   54.653276][  T965]  ? sock_common_recvmsg+0x240/0x240
[   54.658399][  T965]  __sys_setsockopt+0x502/0x870
[   54.663085][  T965]  ? __ia32_sys_recv+0xb0/0xb0
[   54.667688][  T965]  __x64_sys_setsockopt+0xbf/0xd0
[   54.672546][  T965]  do_syscall_64+0x34/0x70
[   54.676799][  T965]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   54.682523][  T965] RIP: 0033:0x7f10320d3d29
[   54.686780][  T965] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.706217][  T965] RSP: 002b:00007f1030745038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   54.714463][  T965] RAX: ffffffffffffffda RBX: 00007f10322c3fa0 RCX: 00007f10320d3d29
[   54.722273][  T965] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003
[   54.730085][  T965] RBP: 00007f1030745090 R08: 00000000000004f0 R09: 0000000000000000
[   54.737903][  T965] R10: 0000000020000140 R11: 0000000000000246 R12: 0000000000000001
[   54.745709][  T965] R13: 0000000000000000 R14: 00007f10322c3fa0 R15: 00007ffee0566248
[   54.831127][  T971] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[   54.843531][  T971] journal_init_common: Cannot get buffer for journal superblock
[   54.851660][  T971] EXT4-fs (loop4): Could not load journal inode
[   54.852530][  T980] fuse: Bad value for 'rootmode'
[   55.217439][  T988] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   55.238057][  T988] EXT4-fs error (device loop1): ext4_orphan_get:1395: inode #15: comm syz.1.171: iget: bad extended attribute block 512
[   55.250800][  T988] EXT4-fs error (device loop1): ext4_orphan_get:1400: comm syz.1.171: couldn't read orphan inode 15 (err -117)
[   55.263097][  T988] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   55.792529][ T1006] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=1006 comm=syz.3.175
[   56.254120][ T1012] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[   56.610571][ T1019] EXT4-fs error (device loop3): ext4_orphan_get:1395: inode #15: comm syz.3.179: casefold flag without casefold feature
[   56.651997][ T1019] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #12: comm syz.3.179: missing EA_INODE flag
[   56.663936][ T1019] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.179: error while reading EA inode 12 err=-117
[   56.676464][ T1019] EXT4-fs (loop3): 1 orphan inode deleted
[   56.682229][ T1019] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   56.824854][ T1024] FAULT_INJECTION: forcing a failure.
[   56.824854][ T1024] name failslab, interval 1, probability 0, space 0, times 0
[   56.837332][ T1024] CPU: 1 PID: 1024 Comm: syz.1.177 Not tainted 5.10.233-syzkaller-00881-gfbe98d68b6b3 #0
[   56.847133][ T1024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   56.857015][ T1024] Call Trace:
[   56.860148][ T1024]  dump_stack_lvl+0x1e2/0x24b
[   56.864664][ T1024]  ? bfq_pos_tree_add_move+0x43b/0x43b
[   56.869953][ T1024]  dump_stack+0x15/0x17
[   56.873946][ T1024]  should_fail+0x3c6/0x510
[   56.878199][ T1024]  ? mempool_alloc_slab+0x1d/0x30
[   56.883066][ T1024]  __should_failslab+0xa4/0xe0
[   56.887663][ T1024]  should_failslab+0x9/0x20
[   56.891995][ T1024]  kmem_cache_alloc+0x3d/0x2e0
[   56.896596][ T1024]  ? __balance_callback+0x75/0xe0
[   56.901456][ T1024]  ? mempool_free+0x310/0x310
[   56.905967][ T1024]  mempool_alloc_slab+0x1d/0x30
[   56.910664][ T1024]  mempool_alloc+0x11f/0x530
[   56.915083][ T1024]  ? release_firmware_map_entry+0x18d/0x18d
[   56.920811][ T1024]  ? __mod_memcg_lruvec_state+0x131/0x310
[   56.926362][ T1024]  ? mempool_resize+0x840/0x840
[   56.931179][ T1024]  ? __kasan_check_read+0x11/0x20
[   56.936017][ T1024]  ? preempt_schedule_irq+0xe7/0x140
[   56.941141][ T1024]  ? preempt_schedule_notrace+0x140/0x140
[   56.946691][ T1024]  ? __test_set_page_writeback+0x8cd/0xa70
[   56.952335][ T1024]  bio_alloc_bioset+0x1e0/0x650
[   56.957018][ T1024]  ? sysvec_reschedule_ipi+0x83/0x160
[   56.962243][ T1024]  ? asm_sysvec_reschedule_ipi+0x12/0x20
[   56.967711][ T1024]  ? bio_chain_endio+0x250/0x250
[   56.972472][ T1024]  ? ext4_bio_write_page+0xebe/0x1920
[   56.977677][ T1024]  ext4_bio_write_page+0x1068/0x1920
[   56.982807][ T1024]  mpage_submit_page+0x1bf/0x260
[   56.987581][ T1024]  mpage_process_page_bufs+0x698/0x800
[   56.992868][ T1024]  mpage_prepare_extent_to_map+0x9f6/0xd70
[   56.998502][ T1024]  ? put_page+0xd0/0xd0
[   57.002500][ T1024]  ? kmem_cache_alloc+0x168/0x2e0
[   57.007354][ T1024]  ? __kasan_check_write+0x14/0x20
[   57.012301][ T1024]  ext4_writepages+0xc7f/0x3c00
[   57.017000][ T1024]  ? tracing_record_taskinfo_sched_switch+0x84/0x390
[   57.023502][ T1024]  ? ext4_readpage+0x230/0x230
[   57.028099][ T1024]  ? __kasan_check_read+0x11/0x20
[   57.032976][ T1024]  ? preempt_schedule_irq+0xe7/0x140
[   57.038082][ T1024]  ? preempt_schedule_notrace+0x140/0x140
[   57.043635][ T1024]  ? sysvec_reschedule_ipi+0x83/0x160
[   57.049104][ T1024]  ? ext4_readpage+0x230/0x230
[   57.053710][ T1024]  do_writepages+0x12e/0x270
[   57.058126][ T1024]  ? __writepage+0x130/0x130
[   57.062555][ T1024]  ? __kasan_check_write+0x14/0x20
[   57.067499][ T1024]  ? _raw_spin_lock+0xa4/0x1b0
[   57.072114][ T1024]  ? _raw_spin_unlock+0x4d/0x70
[   57.076805][ T1024]  __filemap_fdatawrite_range+0x33c/0x3f0
[   57.082356][ T1024]  ? filemap_check_errors+0x150/0x150
[   57.087557][ T1024]  ? asm_sysvec_reschedule_ipi+0x12/0x20
[   57.093027][ T1024]  file_write_and_wait_range+0x89/0x120
[   57.098412][ T1024]  ext4_sync_file+0x1a2/0xa30
[   57.102918][ T1024]  vfs_fsync_range+0x17b/0x190
[   57.107515][ T1024]  __se_sys_msync+0x38c/0x480
[   57.112030][ T1024]  __x64_sys_msync+0x7b/0x90
[   57.116469][ T1024]  do_syscall_64+0x34/0x70
[   57.120705][ T1024]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   57.126432][ T1024] RIP: 0033:0x7f10320d3d29
[   57.130686][ T1024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   57.150123][ T1024] RSP: 002b:00007f1030703038 EFLAGS: 00000246 ORIG_RAX: 000000000000001a
[   57.158371][ T1024] RAX: ffffffffffffffda RBX: 00007f10322c4160 RCX: 00007f10320d3d29
[   57.166189][ T1024] RDX: 0000000000000006 RSI: 087abbe8d1cc6ad9 RDI: 0000000020952000
[   57.173991][ T1024] RBP: 00007f1030703090 R08: 0000000000000000 R09: 0000000000000000
[   57.181803][ T1024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   57.189625][ T1024] R13: 0000000000000000 R14: 00007f10322c4160 R15: 00007ffee0566248
[   57.197468][    C1] sched: RT throttling activated
[   57.589800][ T1028] F2FS-fs (loop4): Unrecognized mount option "fault_i­njection=00000000000000001260" or missing value
[   58.111178][ T1046] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   58.121991][ T1046] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (20662!=20869)
[   58.132974][ T1046] EXT4-fs error (device loop2): __ext4_get_inode_loc:4437: comm syz.2.187: Invalid inode table block 0 in block_group 0
[   58.146009][ T1046] EXT4-fs (loop2): no journal found
[   58.151345][ T1046] EXT4-fs (loop2): can't get journal size
[   58.157142][ T1046] EXT4-fs error (device loop2): __ext4_get_inode_loc:4437: comm syz.2.187: Invalid inode table block 0 in block_group 0
[   58.243804][ T1046] EXT4-fs (loop2): get root inode failed
[   58.263996][ T1046] EXT4-fs (loop2): mount failed
[   58.425377][ T1061] incfs: Can't find or create .index dir in ./file0
[   58.431930][ T1061] incfs: mount failed -22
[   58.466672][   T24] kauditd_printk_skb: 157 callbacks suppressed
[   58.466685][   T24] audit: type=1400 audit(1737407321.150:597): avc:  denied  { create } for  pid=1066 comm="syz.2.192" dev="anon_inodefs" ino=18516 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   58.599807][   T24] audit: type=1400 audit(1737407321.190:598): avc:  denied  { ioctl } for  pid=1066 comm="syz.2.192" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=18516 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   59.152914][ T1082] EXT4-fs error (device loop4): ext4_orphan_get:1395: inode #15: comm syz.4.196: casefold flag without casefold feature
[   59.165587][ T1082] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #12: comm syz.4.196: missing EA_INODE flag
[   59.182129][ T1082] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.196: error while reading EA inode 12 err=-117
[   59.217268][ T1082] EXT4-fs (loop4): 1 orphan inode deleted
[   59.239304][ T1082] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   59.413609][ T1080] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   59.433791][ T1080] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   59.485363][ T1080] F2FS-fs (loop2): invalid crc value
[   59.492023][ T1080] F2FS-fs (loop2): Found nat_bits in checkpoint
[   59.568010][ T1080] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   59.577533][ T1080] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   59.655296][ T1103] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0xe1a8932d, utbl_chksum : 0xe619d30d)
[   59.941476][ T1106] erofs: (device loop0): mounted with root inode @ nid 36.
[   60.043030][   T24] audit: type=1400 audit(1737407322.730:599): avc:  denied  { create } for  pid=1079 comm="syz.2.195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   60.101873][   T24] audit: type=1400 audit(1737407322.760:600): avc:  denied  { write } for  pid=1079 comm="syz.2.195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   60.121697][   T24] audit: type=1400 audit(1737407322.760:601): avc:  denied  { nlmsg_write } for  pid=1079 comm="syz.2.195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   60.157545][   T24] audit: type=1400 audit(1737407322.840:602): avc:  denied  { create } for  pid=1109 comm="syz.4.202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   60.348084][   T24] audit: type=1326 audit(1737407323.030:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1113 comm="syz.2.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdf34b1d29 code=0x7ffc0000
[   60.403113][   T24] audit: type=1326 audit(1737407323.060:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1113 comm="syz.2.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=120 compat=0 ip=0x7fcdf34b1d29 code=0x7ffc0000
[   60.428541][   T24] audit: type=1326 audit(1737407323.060:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1113 comm="syz.2.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdf34b1d29 code=0x7ffc0000
[   60.557364][ T1116] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   60.568139][ T1116] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (20662!=20869)
[   60.577702][ T1116] EXT4-fs error (device loop2): __ext4_get_inode_loc:4437: comm syz.2.205: Invalid inode table block 0 in block_group 0
[   60.590268][ T1116] EXT4-fs (loop2): no journal found
[   60.591258][ T1110] F2FS-fs (loop4): Invalid SB checksum offset: 0
[   60.595487][ T1116] EXT4-fs (loop2): can't get journal size
[   60.601751][ T1110] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[   60.607405][ T1116] EXT4-fs error (device loop2): __ext4_get_inode_loc:4437: comm syz.2.205: Invalid inode table block 0 in block_group 0
[   60.617908][ T1110] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[   60.627595][ T1116] EXT4-fs (loop2): get root inode failed
[   60.643788][ T1112] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[   60.643806][ T1116] EXT4-fs (loop2): mount failed
[   60.657577][ T1112] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   60.668332][ T1112] F2FS-fs (loop1): Found nat_bits in checkpoint
[   60.674346][ T1110] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[   60.681493][ T1110] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   60.705363][ T1112] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   60.712405][ T1112] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   60.712601][ T1122] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[   64.323210][ T1140] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[   64.772155][ T1156] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   64.973685][ T1156] ext4 filesystem being mounted at /35/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   65.022687][   T24] audit: type=1326 audit(1737407327.700:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1164 comm="syz.3.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f1780ad29 code=0x7ffc0000
[   65.072823][   T24] audit: type=1326 audit(1737407327.700:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1164 comm="syz.3.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f1780ad29 code=0x7ffc0000
[   65.104192][   T24] audit: type=1326 audit(1737407327.700:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1164 comm="syz.3.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=120 compat=0 ip=0x7f4f1780ad29 code=0x7ffc0000
[   65.146636][   T24] audit: type=1326 audit(1737407327.700:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1164 comm="syz.3.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f1780ad29 code=0x7ffc0000
[   65.209840][   T24] audit: type=1326 audit(1737407327.700:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1164 comm="syz.3.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f1780ad29 code=0x7ffc0000
[   65.349967][ T1176] device erspan0 entered promiscuous mode
[   65.357695][   T24] audit: type=1400 audit(1737407328.020:611): avc:  denied  { ioctl } for  pid=1167 comm="syz.3.216" path="socket:[17852]" dev="sockfs" ino=17852 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   65.384475][ T1176] device erspan0 left promiscuous mode
[   65.581186][ T1180] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   65.592040][ T1180] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (20662!=20869)
[   65.601664][ T1180] EXT4-fs error (device loop4): __ext4_get_inode_loc:4437: comm syz.4.219: Invalid inode table block 0 in block_group 0
[   65.614234][ T1180] EXT4-fs (loop4): no journal found
[   65.625527][ T1180] EXT4-fs (loop4): can't get journal size
[   65.652934][   T24] audit: type=1400 audit(1737407328.340:612): avc:  denied  { write } for  pid=1177 comm="syz.0.220" name="hwrng" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[   65.653188][ T1183] binfmt_misc: register: failed to install interpreter file ./file2
[   65.675852][ T1180] EXT4-fs error (device loop4): __ext4_get_inode_loc:4437: comm syz.4.219: Invalid inode table block 0 in block_group 0
[   65.696672][ T1180] EXT4-fs (loop4): get root inode failed
[   65.702334][ T1180] EXT4-fs (loop4): mount failed
[   65.873315][ T1188] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   65.884576][ T1188] EXT4-fs error (device loop4): ext4_orphan_get:1395: inode #15: comm syz.4.222: iget: bad extended attribute block 512
[   65.897582][ T1188] EXT4-fs error (device loop4): ext4_orphan_get:1400: comm syz.4.222: couldn't read orphan inode 15 (err -117)
[   65.910740][ T1188] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   65.919702][ T1185] F2FS-fs (loop1): Invalid SB checksum offset: 0
[   65.930509][ T1185] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[   65.975448][ T1197] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=1197 comm=syz.2.224
[   66.022036][ T1185] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[   66.077892][   T24] audit: type=1326 audit(1737407328.760:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1196 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdf34b1d29 code=0x7ffc0000
[   66.079927][ T1201] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=1201 comm=syz.3.225
[   66.118881][   T24] audit: type=1326 audit(1737407328.760:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1196 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdf34b1d29 code=0x7ffc0000
[   66.790816][   T24] audit: type=1326 audit(1737407328.790:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1196 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcdf34b1d29 code=0x7ffc0000
[   66.869422][ T1185] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[   66.876568][ T1185] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   66.983228][ T1210] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[   67.000317][ T1214] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[   67.033760][ T1214] journal_init_common: Cannot get buffer for journal superblock
[   67.041945][ T1214] EXT4-fs (loop4): Could not load journal inode
[   68.305770][ T1241] fuse: Bad value for 'fd'
[   68.455872][ T1248] EXT4-fs (loop2): Test dummy encryption mode enabled
[   68.456040][ T1248] EXT4-fs (loop2): Test dummy encryption mode enabled
[   68.461776][ T1248] EXT4-fs error (device loop2): ext4_find_inline_data_nolock:163: inode #12: comm syz.2.237: inline data xattr refers to an external xattr inode
[   68.461901][ T1248] EXT4-fs (loop2): Remounting filesystem read-only
[   68.461935][ T1248] EXT4-fs error (device loop2): ext4_orphan_get:1400: comm syz.2.237: couldn't read orphan inode 12 (err -117)
[   68.462088][ T1248] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,init_itable=0x0000000000000000,nolazytime,sysvgroups,prjquota,norecovery,barrier=0x000000000000000b,errors=remount-ro,auto_da_alloc,test_dummy_encryption,
[   68.646325][ T1254] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   69.704813][ T1273] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[   69.716047][ T1273] journal_init_common: Cannot get buffer for journal superblock
[   69.723838][ T1273] EXT4-fs (loop0): Could not load journal inode
[   70.404985][ T1288] FAT-fs (loop2): Directory bread(block 64) failed
[   70.411518][ T1288] FAT-fs (loop2): Directory bread(block 65) failed
[   70.418146][ T1288] FAT-fs (loop2): Directory bread(block 66) failed
[   70.424531][ T1288] FAT-fs (loop2): Directory bread(block 67) failed
[   70.430882][ T1288] FAT-fs (loop2): Directory bread(block 68) failed
[   70.437155][ T1288] FAT-fs (loop2): Directory bread(block 69) failed
[   70.443542][ T1288] FAT-fs (loop2): Directory bread(block 70) failed
[   70.449820][ T1288] FAT-fs (loop2): Directory bread(block 71) failed
[   70.456206][ T1288] FAT-fs (loop2): Directory bread(block 72) failed
[   70.462579][ T1288] FAT-fs (loop2): Directory bread(block 73) failed
[   70.558732][ T1280] F2FS-fs (loop3): Invalid SB checksum offset: 0
[   70.565869][ T1280] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[   70.574245][   T24] kauditd_printk_skb: 185 callbacks suppressed
[   70.574257][   T24] audit: type=1326 audit(1737407333.260:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1293 comm="syz.1.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10320d3d29 code=0x7ffc0000
[   70.603455][   T24] audit: type=1326 audit(1737407333.260:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1293 comm="syz.1.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f10320d3d29 code=0x7ffc0000
[   70.627265][   T24] audit: type=1326 audit(1737407333.310:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1293 comm="syz.1.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10320d3d29 code=0x7ffc0000
[   70.739997][ T1294] fuse: Bad value for 'fd'
[   70.744411][   T24] audit: type=1326 audit(1737407333.310:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1293 comm="syz.1.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10320d3d29 code=0x7ffc0000
[   70.858177][   T24] audit: type=1326 audit(1737407333.420:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1293 comm="syz.1.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f10320d3d29 code=0x7ffc0000
[   70.900455][   T24] audit: type=1326 audit(1737407333.420:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1293 comm="syz.1.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10320d3d29 code=0x7ffc0000
[   70.983887][   T24] audit: type=1326 audit(1737407333.420:807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1293 comm="syz.1.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f10320d3d29 code=0x7ffc0000
[   71.016793][   T24] audit: type=1326 audit(1737407333.420:808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1293 comm="syz.1.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10320d3d29 code=0x7ffc0000
[   71.057021][ T1280] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[   71.070357][ T1298] incfs: Can't find or create .index dir in ./file0
[   71.076856][ T1298] incfs: mount failed -22
[   71.137393][   T24] audit: type=1326 audit(1737407333.420:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1293 comm="syz.1.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f10320d2690 code=0x7ffc0000
[   71.180055][ T1313] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=1313 comm=syz.1.252
[   71.211719][ T1307] EXT4-fs error (device loop0): ext4_orphan_get:1395: inode #15: comm syz.0.251: casefold flag without casefold feature
[   71.224386][   T24] audit: type=1326 audit(1737407333.420:810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1293 comm="syz.1.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f10320d2690 code=0x7ffc0000
[   71.231197][ T1280] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[   71.254581][ T1280] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   71.263870][ T1307] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #12: comm syz.0.251: missing EA_INODE flag
[   71.297450][ T1307] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.251: error while reading EA inode 12 err=-117
[   71.309658][ T1307] EXT4-fs (loop0): 1 orphan inode deleted
[   71.315263][ T1307] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   71.392398][ T1314] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   73.064128][ T1324] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[   73.078057][ T1332] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[   73.096537][ T1324] journal_init_common: Cannot get buffer for journal superblock
[   73.104520][ T1324] EXT4-fs (loop1): Could not load journal inode
[   73.110811][ T1332] journal_init_common: Cannot get buffer for journal superblock
[   73.118896][ T1332] EXT4-fs (loop0): Could not load journal inode
[   73.332815][ T1324] fuse: Bad value for 'fd'
[   73.722866][ T1366] incfs: Can't find or create .index dir in ./file0
[   73.729474][ T1366] incfs: mount failed -22
[   73.782996][ T1359] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   73.807661][ T1353] F2FS-fs (loop3): Found nat_bits in checkpoint
[   73.981605][ T1353] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   74.357136][ T1377] netlink: 24 bytes leftover after parsing attributes in process `syz.2.266'.
[   74.455802][  T290] attempt to access beyond end of device
[   74.455802][  T290] loop3: rw=2049, want=45104, limit=40427
[   74.513642][ T1377] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[   74.663124][ T1380] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   74.711777][ T1387] EXT4-fs (loop0): Test dummy encryption mode enabled
[   74.720589][ T1387] EXT4-fs (loop0): Test dummy encryption mode enabled
[   74.789880][ T1387] EXT4-fs error (device loop0): ext4_find_inline_data_nolock:163: inode #12: comm syz.0.270: inline data xattr refers to an external xattr inode
[   74.828138][ T1396] netem: change failed
[   74.834339][ T1387] EXT4-fs (loop0): Remounting filesystem read-only
[   74.848923][ T1387] EXT4-fs error (device loop0): ext4_orphan_get:1400: comm syz.0.270: couldn't read orphan inode 12 (err -117)
[   74.862266][ T1396] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=1396 comm=syz.3.268
[   74.875337][ T1387] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,init_itable=0x0000000000000000,nolazytime,sysvgroups,prjquota,norecovery,barrier=0x000000000000000b,errors=remount-ro,journal_dev=0x0000000000000001,test_dummy_encryption,
[   75.144396][ T1408] device wg2 entered promiscuous mode
[   75.320519][  T573] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   75.679531][ T1422] incfs: Can't find or create .index dir in ./file0
[   75.686077][ T1422] incfs: mount failed -22
[   76.014295][  T573] usb 1-1: device descriptor read/64, error -71
[   76.091156][ T1429] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   76.107788][ T1429] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (20662!=20869)
[   76.117373][ T1429] EXT4-fs error (device loop3): __ext4_get_inode_loc:4437: comm syz.3.282: Invalid inode table block 0 in block_group 0
[   76.129958][ T1429] EXT4-fs (loop3): no journal found
[   76.135230][ T1429] EXT4-fs (loop3): can't get journal size
[   76.141313][ T1429] EXT4-fs error (device loop3): __ext4_get_inode_loc:4437: comm syz.3.282: Invalid inode table block 0 in block_group 0
[   76.153859][ T1429] EXT4-fs (loop3): get root inode failed
[   76.159375][ T1429] EXT4-fs (loop3): mount failed
[   76.294557][ T1435] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[   76.305930][ T1435] journal_init_common: Cannot get buffer for journal superblock
[   76.314046][ T1435] EXT4-fs (loop1): Could not load journal inode
[   76.400453][  T573] usb 1-1: device descriptor read/64, error -71
[   76.583584][ T1439] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[   76.594317][ T1439] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   76.594341][ T1443] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   76.621167][ T1443] EXT4-fs error (device loop4): ext4_orphan_get:1395: inode #15: comm syz.4.286: iget: bad extended attribute block 512
[   76.634825][ T1443] EXT4-fs error (device loop4): ext4_orphan_get:1400: comm syz.4.286: couldn't read orphan inode 15 (err -117)
[   76.639561][ T1439] F2FS-fs (loop3): Found nat_bits in checkpoint
[   76.648408][ T1443] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   76.669035][   T24] kauditd_printk_skb: 79 callbacks suppressed
[   76.669049][   T24] audit: type=1400 audit(1737407339.350:890): avc:  denied  { mount } for  pid=1442 comm="syz.4.286" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   76.680488][  T573] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   76.704409][ T1451] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   76.755442][ T1439] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[   76.766570][ T1451] EXT4-fs error (device loop2): ext4_orphan_get:1395: inode #15: comm syz.2.288: iget: bad extended attribute block 512
[   76.788985][ T1439] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   76.797059][ T1451] EXT4-fs error (device loop2): ext4_orphan_get:1400: comm syz.2.288: couldn't read orphan inode 15 (err -117)
[   76.820612][ T1451] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   77.295752][ T1439] attempt to access beyond end of device
[   77.295752][ T1439] loop3: rw=10241, want=45104, limit=40427
[   77.314528][   T24] audit: type=1400 audit(1737407340.000:891): avc:  denied  { unmount } for  pid=290 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   77.473906][  T573] usb 1-1: device descriptor read/64, error -71
[   77.700911][  T549] attempt to access beyond end of device
[   77.700911][  T549] loop3: rw=1, want=45104, limit=40427
[   78.041279][ T1456] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[   78.048878][ T1456] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   78.245627][ T1456] F2FS-fs (loop1): Found nat_bits in checkpoint
[   78.379002][ T1477] FAT-fs (loop0): Directory bread(block 64) failed
[   78.385389][ T1477] FAT-fs (loop0): Directory bread(block 65) failed
[   78.391848][ T1477] FAT-fs (loop0): Directory bread(block 66) failed
[   78.398373][ T1477] FAT-fs (loop0): Directory bread(block 67) failed
[   78.398422][ T1456] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   78.404824][ T1477] FAT-fs (loop0): Directory bread(block 68) failed
[   78.411829][ T1456] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   78.417889][ T1477] FAT-fs (loop0): Directory bread(block 69) failed
[   78.431574][ T1477] FAT-fs (loop0): Directory bread(block 70) failed
[   78.437857][ T1477] FAT-fs (loop0): Directory bread(block 71) failed
[   78.444295][ T1477] FAT-fs (loop0): Directory bread(block 72) failed
[   78.450637][ T1477] FAT-fs (loop0): Directory bread(block 73) failed
[   78.597905][   T24] audit: type=1326 audit(1737407341.280:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1492 comm="syz.4.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[   78.620948][   T24] audit: type=1326 audit(1737407341.290:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1492 comm="syz.4.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[   79.259308][   T24] audit: type=1326 audit(1737407341.290:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1492 comm="syz.4.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[   79.287415][ T1456] attempt to access beyond end of device
[   79.287415][ T1456] loop1: rw=10241, want=45104, limit=40427
[   79.299955][ T1499] netem: change failed
[   79.308113][   T24] audit: type=1326 audit(1737407341.290:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1492 comm="syz.4.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[   79.331557][   T24] audit: type=1326 audit(1737407341.290:896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1492 comm="syz.4.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[   79.358227][   T24] audit: type=1326 audit(1737407341.290:897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1492 comm="syz.4.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[   79.384574][   T24] audit: type=1326 audit(1737407341.290:898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1492 comm="syz.4.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[   79.421675][   T24] audit: type=1326 audit(1737407341.290:899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1492 comm="syz.4.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[   79.563511][    T9] attempt to access beyond end of device
[   79.563511][    T9] loop1: rw=1, want=45104, limit=40427
[   79.840541][  T643] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   80.180455][  T643] usb 3-1: Using ep0 maxpacket: 16
[   80.186261][ T1528] EXT4-fs (loop4): bad geometry: block count 65537 exceeds size of device (512 blocks)
[   80.321439][  T643] usb 3-1: config 0 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[   80.368795][  T643] usb 3-1: config 0 interface 0 has no altsetting 0
[   80.377266][  T643] usb 3-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00
[   80.387166][  T643] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.455279][ T1534] netlink: 96 bytes leftover after parsing attributes in process `syz.4.310'.
[   80.465888][ T1534] ------------[ cut here ]------------
[   80.466944][  T643] usb 3-1: config 0 descriptor??
[   80.471198][ T1534] Too BIG xdp->frame_sz = 16384
[   80.471408][ T1534] WARNING: CPU: 0 PID: 1534 at net/core/filter.c:3917 bpf_xdp_adjust_tail+0x1ae/0x1c0
[   80.489999][ T1534] Modules linked in:
[   80.493769][ T1534] CPU: 0 PID: 1534 Comm: syz.4.310 Not tainted 5.10.233-syzkaller-00881-gfbe98d68b6b3 #0
[   80.503380][ T1534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   80.513298][ T1534] RIP: 0010:bpf_xdp_adjust_tail+0x1ae/0x1c0
[   80.519012][ T1534] Code: 89 d6 e8 b5 e6 d9 fd 4c 89 f2 e9 ca fe ff ff e8 f8 47 9c fd c6 05 1c 7c 12 03 01 48 c7 c7 00 26 8f 85 44 89 f6 e8 32 bd 6f fd <0f> 0b 48 c7 c0 ea ff ff ff e9 67 ff ff ff 0f 1f 40 00 55 48 89 e5
[   80.538468][ T1534] RSP: 0018:ffffc90000e77718 EFLAGS: 00010246
[   80.544361][ T1534] RAX: 19d71814c5a2b500 RBX: ffffc90000e778c0 RCX: 0000000000080000
[   80.552173][ T1534] RDX: ffffc9000255f000 RSI: 000000000000024d RDI: 000000000000024e
[   80.560309][ T1534] RBP: ffffc90000e77758 R08: ffffffff81523288 R09: 0000000000000003
[   80.568157][ T1534] R10: fffff520001cee84 R11: dffffc0000000001 R12: ffffc90000e778c8
[   80.575969][ T1534] R13: ffff888117e0114b R14: 0000000000004000 R15: 1ffff920001cef19
[   80.583774][ T1534] FS:  00007fc85a75b6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   80.592546][ T1534] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   80.598934][ T1534] CR2: 0000000020001000 CR3: 0000000116fe4000 CR4: 00000000003526b0
[   80.606775][ T1534] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   80.614590][ T1534] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   80.622387][ T1534] Call Trace:
[   80.625499][ T1534]  ? show_regs+0x58/0x60
[   80.629571][ T1534]  ? __warn+0x160/0x2f0
[   80.633608][ T1534]  ? bpf_xdp_adjust_tail+0x1ae/0x1c0
[   80.638687][ T1534]  ? report_bug+0x3d9/0x5b0
[   80.643058][ T1534]  ? bpf_xdp_adjust_tail+0x1ae/0x1c0
[   80.648146][ T1534]  ? handle_bug+0x41/0x70
[   80.652336][ T1534]  ? exc_invalid_op+0x1b/0x50
[   80.656822][ T1534]  ? asm_exc_invalid_op+0x12/0x20
[   80.661711][ T1534]  ? wake_up_klogd+0xb8/0xf0
[   80.666115][ T1534]  ? bpf_xdp_adjust_tail+0x1ae/0x1c0
[   80.671265][ T1534]  ? bpf_xdp_adjust_tail+0x1ae/0x1c0
[   80.676348][ T1534]  ? 0xffffffffa002e9e0
[   80.680335][ T1534]  bpf_prog_5f065984e7f319a0+0x15/0x620
[   80.685763][ T1534]  bpf_dispatcher_xdp_func+0x20/0x30
[   80.690868][ T1534]  do_xdp_generic+0x807/0x1560
[   80.695452][ T1534]  ? skb_header_pointer+0x98/0x130
[   80.700419][ T1534]  ? generic_xdp_tx+0x490/0x490
[   80.705080][ T1534]  ? get_futex_key+0x8b7/0xe70
[   80.709681][ T1534]  tun_get_user+0x262d/0x38f0
[   80.714224][ T1534]  ? tun_do_read+0x1f60/0x1f60
[   80.718799][ T1534]  ? avc_policy_seqno+0x1b/0x70
[   80.723513][ T1534]  ? selinux_file_permission+0x2bb/0x560
[   80.729037][ T1534]  ? fsnotify_perm+0x67/0x4e0
[   80.733593][ T1534]  tun_chr_write_iter+0x1a8/0x250
[   80.738416][ T1534]  vfs_write+0xb4c/0xe70
[   80.742521][ T1534]  ? futex_exit_release+0x1e0/0x1e0
[   80.747536][ T1534]  ? kernel_write+0x3d0/0x3d0
[   80.752062][ T1534]  ? __sys_sendto+0x5b6/0x700
[   80.756581][ T1534]  ? __fdget_pos+0x209/0x3a0
[   80.760996][ T1534]  ? ksys_write+0x77/0x2c0
[   80.765223][ T1534]  ksys_write+0x199/0x2c0
[   80.769392][ T1534]  ? __ia32_sys_read+0x90/0x90
[   80.774015][ T1534]  ? fpu__clear_all+0x20/0x20
[   80.778516][ T1534]  ? __kasan_check_read+0x11/0x20
[   80.783387][ T1534]  __x64_sys_write+0x7b/0x90
[   80.787794][ T1534]  do_syscall_64+0x34/0x70
[   80.792063][ T1534]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   80.797769][ T1534] RIP: 0033:0x7fc85c0e87df
[   80.802041][ T1534] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   80.821502][ T1534] RSP: 002b:00007fc85a75b000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   80.829711][ T1534] RAX: ffffffffffffffda RBX: 00007fc85c2d9fa0 RCX: 00007fc85c0e87df
[   80.837566][ T1534] RDX: 000000000000102b RSI: 0000000020000900 RDI: 00000000000000c8
[   80.845349][ T1534] RBP: 00007fc85c165b08 R08: 0000000000000000 R09: 0000000000000000
[   80.853169][ T1534] R10: 000000000000102b R11: 0000000000000293 R12: 0000000000000000
[   80.860974][ T1534] R13: 0000000000000000 R14: 00007fc85c2d9fa0 R15: 00007fff24070378
[   80.868770][ T1534] ---[ end trace a671e09efd7cdb3f ]---
[   80.933362][  T643] usbhid 3-1:0.0: can't add hid device: -71
[   80.976049][  T643] usbhid: probe of 3-1:0.0 failed with error -71
[   80.983700][  T643] usb 3-1: USB disconnect, device number 3
[   81.019615][ T1542] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   81.032595][ T1542] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (20662!=20869)
[   81.047834][ T1542] EXT4-fs error (device loop1): __ext4_get_inode_loc:4437: comm syz.1.313: Invalid inode table block 0 in block_group 0
[   81.060719][ T1542] EXT4-fs (loop1): no journal found
[   81.065726][ T1542] EXT4-fs (loop1): can't get journal size
[   81.071860][ T1542] EXT4-fs error (device loop1): __ext4_get_inode_loc:4437: comm syz.1.313: Invalid inode table block 0 in block_group 0
[   81.084443][ T1542] EXT4-fs (loop1): get root inode failed
[   81.091647][ T1547] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[   81.092209][ T1542] EXT4-fs (loop1): mount failed
[   81.102250][ T1547] journal_init_common: Cannot get buffer for journal superblock
[   81.113269][ T1547] EXT4-fs (loop3): Could not load journal inode
[   81.172558][ T1547] fuse: Bad value for 'fd'
[   81.513346][ T1565] EXT4-fs (loop0): Ignoring removed nobh option
[   81.519468][ T1565] EXT4-fs (loop0): Ignoring removed bh option
[   81.525481][ T1565] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   81.546199][ T1565] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[   81.639034][ T1565] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3342: comm syz.0.320: Allocating blocks 497-513 which overlap fs metadata
[   81.654210][ T1565] EXT4-fs (loop0): pa ffff88811bc125e8: logic 128, phys. 385, len 8
[   81.662088][ T1565] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:4359: group 0, free 0, pa_free 1
[   81.849483][ T1559] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[   81.878498][   T24] kauditd_printk_skb: 84 callbacks suppressed
[   81.878513][   T24] audit: type=1326 audit(1737407344.560:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1572 comm="syz.4.321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[   81.910848][ T1559] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   81.969663][ T1559] F2FS-fs (loop1): invalid crc value
[   82.081111][ T1559] F2FS-fs (loop1): Found nat_bits in checkpoint
[   82.097410][   T24] audit: type=1326 audit(1737407344.590:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1572 comm="syz.4.321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[   82.387531][   T24] audit: type=1326 audit(1737407344.590:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1572 comm="syz.4.321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[   82.422524][   T24] audit: type=1326 audit(1737407344.590:987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1572 comm="syz.4.321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[   82.446013][ T1559] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   82.453533][ T1559] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   82.465311][ T1583] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   82.475847][   T24] audit: type=1326 audit(1737407344.590:988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1572 comm="syz.4.321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[   82.499296][   T24] audit: type=1326 audit(1737407344.590:989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1572 comm="syz.4.321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[   82.522587][   T24] audit: type=1326 audit(1737407344.590:990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1572 comm="syz.4.321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[   82.545641][   T24] audit: type=1326 audit(1737407344.600:991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1572 comm="syz.4.321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[   82.577490][   T24] audit: type=1326 audit(1737407344.600:992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1572 comm="syz.4.321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[   82.686616][   T24] audit: type=1400 audit(1737407345.370:993): avc:  denied  { create } for  pid=1589 comm="syz.0.326" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   82.739058][ T1577] F2FS-fs (loop3): Found nat_bits in checkpoint
[   82.910876][ T1577] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   82.961398][  T290] attempt to access beyond end of device
[   82.961398][  T290] loop3: rw=2049, want=45104, limit=40427
[   82.992563][ T1602] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[   83.012003][ T1602] journal_init_common: Cannot get buffer for journal superblock
[   83.019579][ T1602] EXT4-fs (loop4): Could not load journal inode
[   83.104462][ T1602] fuse: Bad value for 'fd'
[   83.227343][ T1621] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   83.250438][  T573] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   83.316521][ T1621] EXT4-fs (loop2): 1 truncate cleaned up
[   83.322782][ T1621] EXT4-fs (loop2): mounted filesystem without journal. Opts: nodiscard,resgid=0x000000000000ee00,init_itable,noload,minixdf,usrjquota=,,errors=continue
[   83.467392][ T1620] F2FS-fs (loop4): Invalid SB checksum offset: 0
[   83.475848][ T1620] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[   83.492418][ T1620] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[   83.503321][  T573] usb 1-1: Using ep0 maxpacket: 16
[   83.701459][ T1620] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[   83.708342][ T1620] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   83.734264][ T1636] EXT4-fs (loop1): Ignoring removed nobh option
[   83.740422][ T1636] EXT4-fs (loop1): Ignoring removed bh option
[   83.746346][ T1636] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   83.852905][ T1636] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[   83.916525][ T1636] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3342: comm syz.1.336: Allocating blocks 497-513 which overlap fs metadata
[   83.931280][ T1636] EXT4-fs (loop1): pa ffff88812f544540: logic 128, phys. 385, len 8
[   83.939093][ T1636] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:4359: group 0, free 0, pa_free 1
[   84.080509][  T573] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 11
[   84.095993][  T573] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[   84.115674][  T573] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[   84.146423][  T573] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[   84.270475][  T573] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[   84.290234][  T573] usb 1-1: config 1 interface 0 has no altsetting 0
[   84.307044][  T573] usb 1-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[   85.387195][  T573] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   85.542434][  T573] ums-sddr09 1-1:1.0: USB Mass Storage device detected
[   85.861618][  T573] scsi host1: usb-storage 1-1:1.0
[   85.890998][ T1654] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   85.912744][ T1661] EXT4-fs error (device loop3): ext4_orphan_get:1395: inode #15: comm syz.3.343: casefold flag without casefold feature
[   85.925796][ T1661] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #12: comm syz.3.343: missing EA_INODE flag
[   85.939413][ T1664] EXT4-fs (loop4): Test dummy encryption mode enabled
[   85.947479][ T1664] EXT4-fs (loop4): Ignoring removed orlov option
[   85.970863][ T1661] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.343: error while reading EA inode 12 err=-117
[   85.986207][ T1661] EXT4-fs (loop3): 1 orphan inode deleted
[   85.992272][ T1661] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   86.021082][ T1664] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000006,commit=0x0000000000000005,orlov,barrier=0x0000000000000003,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue
[   86.061967][ T1608] netlink: 'syz.0.329': attribute type 4 has an invalid length.
[   86.110525][ T1608] netlink: 17 bytes leftover after parsing attributes in process `syz.0.329'.
[   86.141007][ T1608] netlink: 'syz.0.329': attribute type 4 has an invalid length.
[   86.151673][ T1608] netlink: 17 bytes leftover after parsing attributes in process `syz.0.329'.
[   86.204632][  T677] usb 1-1: USB disconnect, device number 4
[   86.324414][ T1674] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[   86.335237][ T1674] journal_init_common: Cannot get buffer for journal superblock
[   86.342967][ T1674] EXT4-fs (loop4): Could not load journal inode
[   86.358249][ T1674] fuse: Bad value for 'fd'
[   86.363412][ T1678] EXT4-fs error (device loop2): ext4_orphan_get:1395: inode #15: comm syz.2.346: casefold flag without casefold feature
[   86.378195][ T1678] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz.2.346: missing EA_INODE flag
[   86.389676][ T1678] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.346: error while reading EA inode 12 err=-117
[   86.402415][ T1678] EXT4-fs (loop2): 1 orphan inode deleted
[   86.408278][ T1678] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   86.469022][ T1682] fuse: Unknown parameter 'use00000000000000000000'
[   86.499501][ T1687] netem: change failed
[   86.552022][ T1689] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpjquota=,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue
[   86.566214][ T1689] ext4 filesystem being mounted at /65/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.684836][ T1698] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[   86.697955][ T1698] journal_init_common: Cannot get buffer for journal superblock
[   86.705634][ T1698] EXT4-fs (loop1): Could not load journal inode
[   87.308474][   T24] kauditd_printk_skb: 100 callbacks suppressed
[   87.308488][   T24] audit: type=1326 audit(1737407349.990:1094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1721 comm="syz.2.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdf34b1d29 code=0x7ffc0000
[   87.369757][   T24] audit: type=1326 audit(1737407349.990:1095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1721 comm="syz.2.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcdf34b1d29 code=0x7ffc0000
[   87.404795][   T24] audit: type=1326 audit(1737407350.020:1096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1721 comm="syz.2.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdf34b1d29 code=0x7ffc0000
[   87.429048][   T24] audit: type=1326 audit(1737407350.020:1097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1721 comm="syz.2.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdf34b1d29 code=0x7ffc0000
[   87.456469][   T24] audit: type=1326 audit(1737407350.030:1098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1721 comm="syz.2.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcdf34b0690 code=0x7ffc0000
[   87.481053][   T24] audit: type=1326 audit(1737407350.030:1099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1721 comm="syz.2.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fcdf34b3557 code=0x7ffc0000
[   87.504585][   T24] audit: type=1326 audit(1737407350.030:1100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1721 comm="syz.2.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcdf34b1d29 code=0x7ffc0000
[   87.528555][   T24] audit: type=1326 audit(1737407350.030:1101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1721 comm="syz.2.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fcdf34b3557 code=0x7ffc0000
[   87.552300][   T24] audit: type=1326 audit(1737407350.030:1102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1721 comm="syz.2.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fcdf34b098a code=0x7ffc0000
[   87.576052][   T24] audit: type=1326 audit(1737407350.030:1103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1721 comm="syz.2.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdf34b1d29 code=0x7ffc0000
[   87.632396][ T1725] EXT4-fs (loop2): orphan cleanup on readonly fs
[   87.639128][ T1725] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.360: bg 0: block 248: padding at end of block bitmap is not set
[   87.654111][ T1725] EXT4-fs error (device loop2): ext4_acquire_dquot:6219: comm syz.2.360: Failed to acquire dquot type 1
[   87.669639][ T1725] EXT4-fs (loop2): 1 truncate cleaned up
[   87.675687][ T1725] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[   87.695558][ T1725] netlink: 196 bytes leftover after parsing attributes in process `syz.2.360'.
[   87.704365][ T1725] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check.
[   87.802647][ T1732] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   87.918656][ T1739] EXT4-fs error (device loop0): ext4_orphan_get:1395: inode #15: comm syz.0.365: casefold flag without casefold feature
[   87.931714][ T1739] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #12: comm syz.0.365: missing EA_INODE flag
[   87.943634][ T1739] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.365: error while reading EA inode 12 err=-117
[   87.956151][ T1739] EXT4-fs (loop0): 1 orphan inode deleted
[   87.961840][ T1739] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   88.063812][ T1731] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[   88.081740][ T1731] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   88.148624][ T1731] F2FS-fs (loop1): Found nat_bits in checkpoint
[   88.183971][ T1731] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   88.190968][ T1731] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   88.333172][ T1760] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   88.349208][ T1760] EXT4-fs error (device loop2): ext4_orphan_get:1395: inode #15: comm syz.2.369: iget: bad extended attribute block 512
[   88.364937][ T1760] EXT4-fs error (device loop2): ext4_orphan_get:1400: comm syz.2.369: couldn't read orphan inode 15 (err -117)
[   88.377267][ T1760] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   88.392870][ T1763] attempt to access beyond end of device
[   88.392870][ T1763] loop1: rw=10241, want=45104, limit=40427
[   88.986703][   T25] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   89.063455][ T1768] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   89.083473][ T1768] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (20662!=20869)
[   89.103260][ T1768] EXT4-fs error (device loop4): __ext4_get_inode_loc:4437: comm syz.4.370: Invalid inode table block 0 in block_group 0
[   89.117155][ T1768] EXT4-fs (loop4): no journal found
[   89.123085][ T1768] EXT4-fs (loop4): can't get journal size
[   89.129027][ T1768] EXT4-fs error (device loop4): __ext4_get_inode_loc:4437: comm syz.4.370: Invalid inode table block 0 in block_group 0
[   89.142169][ T1768] EXT4-fs (loop4): get root inode failed
[   89.147665][ T1768] EXT4-fs (loop4): mount failed
[   89.358870][  T549] attempt to access beyond end of device
[   89.358870][  T549] loop1: rw=1, want=45104, limit=40427
[   89.390521][   T25] usb 4-1: Using ep0 maxpacket: 8
[   89.550682][   T25] usb 4-1: unable to get BOS descriptor or descriptor too short
[   89.690671][   T25] usb 4-1: config 0 has an invalid interface number: 88 but max is 0
[   89.748006][   T25] usb 4-1: config 0 has no interface number 0
[   89.754234][   T25] usb 4-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 7
[   89.975621][   T25] usb 4-1: config 0 interface 88 altsetting 8 endpoint 0x86 has invalid wMaxPacketSize 0
[   89.985433][   T25] usb 4-1: config 0 interface 88 has no altsetting 0
[   90.077821][ T1774] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[   90.120990][ T1774] journal_init_common: Cannot get buffer for journal superblock
[   90.129078][ T1774] EXT4-fs (loop2): Could not load journal inode
[   90.310767][   T25] usb 4-1: string descriptor 0 read error: -22
[   90.321475][   T25] usb 4-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31
[   90.379669][   T25] usb 4-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3
[   90.391171][   T25] usb 4-1: config 0 descriptor??
[   90.431613][   T25] input: USB Acecad Flair Tablet 0460:0004 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.88/input/input4
[   90.553567][  T364] udevd[364]: Error opening device "/dev/input/event3": Input/output error
[   90.570817][  T364] udevd[364]: Unable to EVIOCGABS device "/dev/input/event3"
[   90.584342][  T364] udevd[364]: Unable to EVIOCGABS device "/dev/input/event3"
[   90.621129][ T1798] EXT4-fs (loop2): Test dummy encryption mode enabled
[   90.628071][ T1798] EXT4-fs (loop2): Ignoring removed orlov option
[   90.642868][  T320] usb 4-1: USB disconnect, device number 2
[   90.678725][ T1798] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000006,commit=0x0000000000000005,orlov,barrier=0x0000000000000003,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue
[   90.893221][ T1809] EXT4-fs error (device loop2): ext4_orphan_get:1395: inode #15: comm syz.2.381: casefold flag without casefold feature
[   90.920980][ T1809] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz.2.381: missing EA_INODE flag
[   90.942539][ T1809] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.381: error while reading EA inode 12 err=-117
[   90.956852][ T1809] EXT4-fs (loop2): 1 orphan inode deleted
[   90.962472][ T1809] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   91.313250][ T1818] EXT4-fs (loop4): Ignoring removed nobh option
[   91.319408][ T1818] EXT4-fs (loop4): Ignoring removed bh option
[   91.325381][ T1818] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   91.438736][ T1818] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[   91.501718][ T1818] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3342: comm syz.4.383: Allocating blocks 497-513 which overlap fs metadata
[   91.516908][ T1818] EXT4-fs (loop4): pa ffff88812f5447e0: logic 128, phys. 385, len 8
[   91.525039][ T1818] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4359: group 0, free 0, pa_free 1
[   92.157767][ T1840] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[   92.171696][ T1840] journal_init_common: Cannot get buffer for journal superblock
[   92.179965][ T1840] EXT4-fs (loop2): Could not load journal inode
[   92.521002][ T1865] EXT4-fs (loop2): Test dummy encryption mode enabled
[   92.527792][ T1865] EXT4-fs (loop2): Test dummy encryption mode enabled
[   92.554434][ T1865] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption=v1,test_dummy_encryption=v1,,errors=continue
[   92.567696][ T1865] ext4 filesystem being mounted at /81/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   92.590346][ T1865] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[   92.598642][   T24] kauditd_printk_skb: 117 callbacks suppressed
[   92.598654][   T24] audit: type=1400 audit(1737407355.280:1219): avc:  denied  { write } for  pid=1863 comm="syz.2.398" path="/81/mnt/file0" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   92.778478][   T24] audit: type=1326 audit(1737407355.430:1220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1871 comm="syz.1.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10320d3d29 code=0x7ffc0000
[   92.840303][   T24] audit: type=1326 audit(1737407355.430:1221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1871 comm="syz.1.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10320d3d29 code=0x7ffc0000
[   93.214842][   T24] audit: type=1326 audit(1737407355.430:1222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1871 comm="syz.1.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7f10320d3d29 code=0x7ffc0000
[   93.238197][   T24] audit: type=1326 audit(1737407355.430:1223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1871 comm="syz.1.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10320d3d29 code=0x7ffc0000
[   93.276913][   T24] audit: type=1326 audit(1737407355.430:1224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1871 comm="syz.1.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10320d3d29 code=0x7ffc0000
[   95.071108][ T1891] EXT4-fs (loop3): Ignoring removed nobh option
[   95.077238][ T1891] EXT4-fs (loop3): Ignoring removed bh option
[   95.083186][ T1891] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   95.263696][ T1884] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   95.301259][ T1891] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[   95.380917][ T1891] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3342: comm syz.3.406: Allocating blocks 497-513 which overlap fs metadata
[   95.395532][ T1891] EXT4-fs (loop3): pa ffff88812f7e43f0: logic 128, phys. 385, len 8
[   95.403422][ T1891] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:4359: group 0, free 0, pa_free 1
[   95.436170][ T1884] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   95.920467][   T24] audit: type=1326 audit(1737407358.600:1225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1899 comm="syz.0.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68e8d8d29 code=0x7ffc0000
[   95.974512][   T24] audit: type=1326 audit(1737407358.600:1226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1899 comm="syz.0.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68e8d8d29 code=0x7ffc0000
[   96.024200][   T24] audit: type=1326 audit(1737407358.600:1227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1899 comm="syz.0.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb68e8d8d29 code=0x7ffc0000
[   96.047449][   T24] audit: type=1326 audit(1737407358.630:1228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1899 comm="syz.0.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68e8d8d29 code=0x7ffc0000
[   96.054816][ T1882] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   96.080467][ T1882] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   96.094028][ T1884] F2FS-fs (loop4): Found nat_bits in checkpoint
[   96.151466][ T1882] F2FS-fs (loop2): Found nat_bits in checkpoint
[   96.197421][ T1884] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   96.210452][ T1884] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   96.235331][ T1882] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   96.257946][ T1882] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   96.490899][ T1927] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[   96.499737][ T1927] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   96.543538][ T1927] F2FS-fs (loop3): Found nat_bits in checkpoint
[   96.616885][ T1934] attempt to access beyond end of device
[   96.616885][ T1934] loop4: rw=10241, want=45104, limit=40427
[   96.670361][ T1927] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[   96.679338][ T1927] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   96.838416][ T1479] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   96.922567][ T1933] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504)
[   96.929418][ T1933] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   96.958055][ T1933] F2FS-fs (loop0): invalid crc value
[   96.970671][ T1933] F2FS-fs (loop0): Found nat_bits in checkpoint
[   97.013150][ T1933] F2FS-fs (loop0): Start checkpoint disabled!
[   97.019906][ T1933] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   97.026897][ T1933] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[   97.130425][ T1479] usb 2-1: Using ep0 maxpacket: 16
[   97.210734][  T549] attempt to access beyond end of device
[   97.210734][  T549] loop0: rw=2049, want=40992, limit=40427
[   97.270544][ T1479] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 11
[   97.299711][ T1479] usb 2-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[   97.329538][ T1479] usb 2-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[   97.359397][ T1479] usb 2-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[   97.389309][ T1479] usb 2-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[   97.409503][ T1479] usb 2-1: config 1 interface 0 has no altsetting 0
[   97.490442][ T1479] usb 2-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[   97.499399][ T1479] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.560886][ T1479] ums-sddr09 2-1:1.0: USB Mass Storage device detected
[   97.816391][ T1479] scsi host1: usb-storage 2-1:1.0
[   97.838020][   T24] kauditd_printk_skb: 48 callbacks suppressed
[   97.838051][   T24] audit: type=1326 audit(1737407360.520:1277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1961 comm="syz.0.421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68e8d8d29 code=0x7ffc0000
[   97.903737][   T24] audit: type=1326 audit(1737407360.560:1278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1961 comm="syz.0.421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7fb68e8d8d29 code=0x7ffc0000
[   97.927136][   T24] audit: type=1326 audit(1737407360.560:1279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1961 comm="syz.0.421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68e8d8d29 code=0x7ffc0000
[   97.984934][ T1932] netlink: 'syz.1.416': attribute type 4 has an invalid length.
[   98.000982][ T1932] netlink: 17 bytes leftover after parsing attributes in process `syz.1.416'.
[   98.031430][ T1932] netlink: 'syz.1.416': attribute type 4 has an invalid length.
[   98.043331][ T1932] netlink: 17 bytes leftover after parsing attributes in process `syz.1.416'.
[   98.065687][  T320] usb 2-1: USB disconnect, device number 3
[   98.083952][  T549] attempt to access beyond end of device
[   98.083952][  T549] loop4: rw=1, want=45104, limit=40427
[   98.445402][ T1983] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   98.454509][ T1983] ext4 filesystem being mounted at /90/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.531801][ T1983] fs-verity: sha512 using implementation "sha512-avx2"
[   98.565841][ T1993] EXT4-fs (loop0): Test dummy encryption mode enabled
[   98.577330][ T1993] EXT4-fs (loop0): Ignoring removed orlov option
[   98.583230][  T290] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /90/file0: bad entry in directory: rec_len is smaller than minimal - offset=108, inode=646161, rec_len=0, size=4096 fake=0
[   98.610479][   T24] audit: type=1326 audit(1737407361.290:1280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1996 comm="syz.1.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10320d3d29 code=0x7ffc0000
[   98.801271][ T1993] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000006,commit=0x0000000000000005,orlov,barrier=0x0000000000000003,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue
[   98.931605][ T1999] EXT4-fs error (device loop4): ext4_expand_extra_isize_ea:2756: inode #11: comm syz.4.430: corrupted xattr block 95
[   98.944739][ T1999] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2806: Unable to expand inode 11. Delete some EAs or run e2fsck.
[   98.958080][ T1999] EXT4-fs error (device loop4): ext4_validate_block_bitmap:429: comm syz.4.430: bg 0: block 7: invalid block bitmap
[   98.971577][ T1999] EXT4-fs error (device loop4) in ext4_mb_clear_bb:5645: Corrupt filesystem
[   98.981094][ T1999] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2921: inode #11: comm syz.4.430: corrupted xattr block 95
[   98.993815][ T1999] EXT4-fs warning (device loop4): ext4_evict_inode:303: xattr delete (err -117)
[   99.002841][ T1999] EXT4-fs (loop4): 1 orphan inode deleted
[   99.008445][ T1999] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   99.668758][   T24] audit: type=1400 audit(1737407361.330:1281): avc:  denied  { unlink } for  pid=290 comm="syz-executor" name="file0" dev="loop3" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   99.704432][   T24] audit: type=1400 audit(1737407361.330:1282): avc:  denied  { unlink } for  pid=290 comm="syz-executor" name="file1" dev="loop3" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[   99.727020][   T24] audit: type=1326 audit(1737407361.450:1283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1996 comm="syz.1.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f10320d3d29 code=0x7ffc0000
[   99.758294][   T24] audit: type=1326 audit(1737407361.450:1284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1996 comm="syz.1.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10320d3d29 code=0x7ffc0000
[   99.781465][   T24] audit: type=1326 audit(1737407361.460:1285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1996 comm="syz.1.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10320d3d29 code=0x7ffc0000
[   99.804564][   T24] audit: type=1326 audit(1737407361.460:1286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1996 comm="syz.1.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f10320d3d29 code=0x7ffc0000
[  100.071349][ T2022] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities
[  100.147756][ T2023] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.154837][ T2023] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.162431][ T2023] device bridge_slave_0 entered promiscuous mode
[  100.170311][ T2023] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.178176][ T2023] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.224501][ T2023] device bridge_slave_1 entered promiscuous mode
[  100.318537][ T2023] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.325431][ T2023] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.332621][ T2023] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.339375][ T2023] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.582207][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  100.597688][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.607125][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.619264][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  100.627489][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.634361][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.643128][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  100.651121][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.657948][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.671590][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  100.680761][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  100.692325][ T2039] EXT4-fs error (device loop2): ext4_orphan_get:1395: inode #15: comm syz.2.444: casefold flag without casefold feature
[  100.709908][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  100.710865][ T2039] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz.2.444: missing EA_INODE flag
[  100.729513][ T2039] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.444: error while reading EA inode 12 err=-117
[  100.746133][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  100.754220][ T2039] EXT4-fs (loop2): 1 orphan inode deleted
[  100.757470][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  100.759759][ T2039] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[  100.775985][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  100.785954][ T2023] device veth0_vlan entered promiscuous mode
[  100.799147][ T2023] device veth1_macvtap entered promiscuous mode
[  100.842202][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  100.850916][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  100.868769][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  100.922117][  T643] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  100.945114][ T2050] syz.4.445[2050] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  100.945173][ T2050] syz.4.445[2050] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  101.180690][  T643] usb 1-1: Using ep0 maxpacket: 16
[  101.197981][ T2047] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  101.205931][ T2047] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  101.217140][ T2047] F2FS-fs (loop5): Found nat_bits in checkpoint
[  101.250359][ T2047] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  101.257664][ T2047] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  101.299752][ T2063] F2FS-fs (loop1): Found nat_bits in checkpoint
[  101.352485][ T2063] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  101.413842][  T287] attempt to access beyond end of device
[  101.413842][  T287] loop1: rw=2049, want=45104, limit=40427
[  101.425101][  T643] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 11
[  101.487185][  T643] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[  101.496947][  T643] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[  101.506550][  T643] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[  101.516384][  T643] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[  101.531079][  T643] usb 1-1: config 1 interface 0 has no altsetting 0
[  101.542280][  T643] usb 1-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[  101.563171][ T2078] attempt to access beyond end of device
[  101.563171][ T2078] loop5: rw=10241, want=45104, limit=40427
[  101.583641][  T643] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  101.644309][  T643] ums-sddr09 1-1:1.0: USB Mass Storage device detected
[  101.731343][  T318] device bridge_slave_1 left promiscuous mode
[  101.737309][  T318] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.751209][  T318] device bridge_slave_0 left promiscuous mode
[  101.757177][  T318] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.781317][  T318] device veth1_macvtap left promiscuous mode
[  101.805934][  T318] device veth0_vlan left promiscuous mode
[  101.826357][ T2090] incfs: Can't find or create .index dir in ./file0
[  101.832856][ T2090] incfs: mount failed -22
[  101.870507][  T643] scsi host1: usb-storage 1-1:1.0
[  102.071823][ T2034] netlink: 'syz.0.443': attribute type 4 has an invalid length.
[  102.079653][ T2034] netlink: 17 bytes leftover after parsing attributes in process `syz.0.443'.
[  102.089043][ T2034] netlink: 'syz.0.443': attribute type 4 has an invalid length.
[  102.096804][ T2034] netlink: 17 bytes leftover after parsing attributes in process `syz.0.443'.
[  102.118713][  T573] usb 1-1: USB disconnect, device number 5
[  102.299989][ T2089] F2FS-fs (loop4): Invalid SB checksum offset: 0
[  102.353464][ T2089] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  102.528104][ T2089] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  102.558028][ T2089] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  102.565009][ T2089] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  102.634815][ T2110] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities
[  102.747444][  T318] attempt to access beyond end of device
[  102.747444][  T318] loop5: rw=1, want=45104, limit=40427
[  103.303073][ T2115] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpjquota=,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue
[  103.343505][ T2115] ext4 filesystem being mounted at /102/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  103.631967][ T2125] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  103.644056][ T2125] EXT4-fs error (device loop5): ext4_orphan_get:1395: inode #15: comm syz.5.458: iget: bad extended attribute block 512
[  103.656573][ T2125] EXT4-fs error (device loop5): ext4_orphan_get:1400: comm syz.5.458: couldn't read orphan inode 15 (err -117)
[  103.668393][ T2125] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  103.783734][   T24] kauditd_printk_skb: 131 callbacks suppressed
[  103.783749][   T24] audit: type=1326 audit(1737407366.470:1418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2134 comm="syz.4.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[  103.813426][   T24] audit: type=1326 audit(1737407366.500:1419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2134 comm="syz.4.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[  103.845396][   T24] audit: type=1326 audit(1737407366.520:1420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2134 comm="syz.4.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[  103.871585][   T24] audit: type=1326 audit(1737407366.520:1421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2134 comm="syz.4.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[  103.896404][   T24] audit: type=1326 audit(1737407366.520:1422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2134 comm="syz.4.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[  104.049834][   T24] audit: type=1326 audit(1737407366.520:1423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2134 comm="syz.4.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[  104.085728][   T24] audit: type=1326 audit(1737407366.530:1424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2134 comm="syz.4.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[  104.109286][   T24] audit: type=1326 audit(1737407366.530:1425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2134 comm="syz.4.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[  104.132738][   T24] audit: type=1326 audit(1737407366.530:1426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2134 comm="syz.4.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[  104.156169][   T24] audit: type=1326 audit(1737407366.530:1427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2134 comm="syz.4.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[  104.599452][ T2146] EXT4-fs (loop0): Ignoring removed nobh option
[  104.605621][ T2146] EXT4-fs (loop0): Ignoring removed bh option
[  104.611549][ T2146] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  104.691066][ T2146] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue
[  104.782895][ T2146] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3342: comm syz.0.462: Allocating blocks 497-513 which overlap fs metadata
[  104.797636][ T2146] EXT4-fs (loop0): pa ffff88812f7e4b28: logic 128, phys. 385, len 8
[  104.805537][ T2146] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:4359: group 0, free 0, pa_free 1
[  106.422316][ T2167] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  106.504757][ T2171] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  106.515047][ T2171] journal_init_common: Cannot get buffer for journal superblock
[  106.522797][ T2171] EXT4-fs (loop4): Could not load journal inode
[  106.540553][  T327] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  107.070424][  T327] usb 2-1: Using ep0 maxpacket: 16
[  107.200495][  T327] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 11
[  107.209461][  T327] usb 2-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[  107.219093][  T327] usb 2-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[  107.251741][  T327] usb 2-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[  107.311566][  T327] usb 2-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[  107.321370][  T327] usb 2-1: config 1 interface 0 has no altsetting 0
[  107.329112][  T327] usb 2-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[  107.337995][  T327] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.380903][  T327] ums-sddr09 2-1:1.0: USB Mass Storage device detected
[  107.441046][ T2192] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  107.442659][ T2194] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  107.451741][ T2192] journal_init_common: Cannot get buffer for journal superblock
[  107.467931][ T2192] EXT4-fs (loop0): Could not load journal inode
[  107.477913][ T2194] EXT4-fs error (device loop2): ext4_orphan_get:1395: inode #15: comm syz.2.474: iget: bad extended attribute block 512
[  107.492770][ T2194] EXT4-fs error (device loop2): ext4_orphan_get:1400: comm syz.2.474: couldn't read orphan inode 15 (err -117)
[  107.511095][ T2194] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[  107.611988][  T327] scsi host1: usb-storage 2-1:1.0
[  107.818062][ T2161] netlink: 'syz.1.466': attribute type 4 has an invalid length.
[  107.825834][ T2161] netlink: 17 bytes leftover after parsing attributes in process `syz.1.466'.
[  107.876312][ T2161] netlink: 'syz.1.466': attribute type 4 has an invalid length.
[  107.884379][ T2161] netlink: 17 bytes leftover after parsing attributes in process `syz.1.466'.
[  107.907385][ T2203] F2FS-fs (loop4): Invalid SB checksum offset: 0
[  107.932681][ T1479] usb 2-1: USB disconnect, device number 4
[  107.941594][ T2203] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  107.956962][ T2203] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  107.996707][ T2203] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  108.003649][ T2203] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  109.294182][ T2238] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  109.309689][ T2238] journal_init_common: Cannot get buffer for journal superblock
[  109.317717][ T2238] EXT4-fs (loop2): Could not load journal inode
[  109.413703][ T2242] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[  109.420803][ T2242] EXT4-fs (loop0): Ignoring removed orlov option
[  109.440622][ T2242] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  109.460517][ T2242] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a800e11c, mo2=0002]
[  109.468297][ T2242] System zones: 1-12
[  109.480846][ T2242] EXT4-fs (loop0): orphan cleanup on readonly fs
[  109.487010][ T2242] EXT4-fs error (device loop0): ext4_read_inode_bitmap:168: comm syz.0.483: Inode bitmap for bg 0 marked uninitialized
[  109.502211][ T2242] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobarrier,inode_readahead_blks=0x0000000000000000,mblk_io_submit,noload,orlov,,errors=continue
[  110.252215][ T2266] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=2266 comm=syz.0.492
[  110.284110][ T2260] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  110.302485][   T24] kauditd_printk_skb: 43 callbacks suppressed
[  110.302498][   T24] audit: type=1326 audit(1737407372.990:1471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2265 comm="syz.0.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68e8d8d29 code=0x7ffc0000
[  110.334977][ T2260] EXT4-fs error (device loop2): ext4_orphan_get:1395: inode #15: comm syz.2.491: iget: bad extended attribute block 512
[  110.355036][ T2260] EXT4-fs error (device loop2): ext4_orphan_get:1400: comm syz.2.491: couldn't read orphan inode 15 (err -117)
[  110.376980][ T2260] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[  110.478898][   T24] audit: type=1326 audit(1737407372.990:1472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2265 comm="syz.0.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68e8d8d29 code=0x7ffc0000
[  110.502097][   T24] audit: type=1326 audit(1737407373.020:1473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2265 comm="syz.0.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb68e8d8d29 code=0x7ffc0000
[  110.525387][   T24] audit: type=1326 audit(1737407373.020:1474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2265 comm="syz.0.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68e8d8d29 code=0x7ffc0000
[  110.893256][   T24] audit: type=1326 audit(1737407373.020:1475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2265 comm="syz.0.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68e8d8d29 code=0x7ffc0000
[  110.897633][ T2270] netlink: 8 bytes leftover after parsing attributes in process `syz.1.494'.
[  110.925297][   T24] audit: type=1326 audit(1737407373.020:1476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2265 comm="syz.0.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb68e8d8d29 code=0x7ffc0000
[  110.948458][   T24] audit: type=1326 audit(1737407373.020:1477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2265 comm="syz.0.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68e8d8d29 code=0x7ffc0000
[  111.003922][   T24] audit: type=1326 audit(1737407373.020:1478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2265 comm="syz.0.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68e8d8d29 code=0x7ffc0000
[  111.020579][ T2277] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=2277 comm=syz.1.494
[  111.052745][   T24] audit: type=1326 audit(1737407373.020:1479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2265 comm="syz.0.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb68e8d8d29 code=0x7ffc0000
[  111.120468][   T24] audit: type=1326 audit(1737407373.020:1480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2265 comm="syz.0.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68e8d8d29 code=0x7ffc0000
[  111.320926][ T2287] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  111.328522][ T2287] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  111.337828][ T2287] F2FS-fs (loop5): invalid crc value
[  111.391256][ T2287] F2FS-fs (loop5): Found nat_bits in checkpoint
[  111.434480][ T2287] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  111.441391][ T2287] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  111.472870][ T2280] F2FS-fs (loop0): Invalid log blocks per segment (4278190089)
[  111.503866][ T2280] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  111.605111][ T2280] F2FS-fs (loop0): invalid crc value
[  111.785528][ T2280] F2FS-fs (loop0): Found nat_bits in checkpoint
[  111.971360][ T2280] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  111.988630][ T2280] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  112.270292][ T2309] EXT4-fs error (device loop2): ext4_orphan_get:1395: inode #15: comm syz.2.502: casefold flag without casefold feature
[  112.282860][ T2309] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz.2.502: missing EA_INODE flag
[  112.294497][ T2309] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.502: error while reading EA inode 12 err=-117
[  112.320634][ T2309] EXT4-fs (loop2): 1 orphan inode deleted
[  112.326188][ T2309] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[  112.342687][ T2309] overlayfs: failed to resolve './file0': -2
[  112.671064][ T2316] F2FS-fs (loop4): Invalid SB checksum offset: 0
[  112.677375][ T2316] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  112.997490][ T2316] F2FS-fs (loop4): SIT is corrupted data# 5 7 vs 11
[  113.004000][ T2316] F2FS-fs (loop4): Failed to initialize F2FS segment manager (-117)
[  113.725750][ T2338] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2756: inode #11: comm syz.2.509: corrupted xattr block 95
[  113.738713][ T2338] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz.2.509: bg 0: block 7: invalid block bitmap
[  113.751460][ T2338] EXT4-fs error (device loop2) in ext4_mb_clear_bb:5645: Corrupt filesystem
[  113.760561][ T2338] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2921: inode #11: comm syz.2.509: corrupted xattr block 95
[  113.772875][ T2338] EXT4-fs warning (device loop2): ext4_evict_inode:303: xattr delete (err -117)
[  113.781910][ T2338] EXT4-fs (loop2): 1 orphan inode deleted
[  113.787503][ T2338] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[  114.421833][ T2345] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  114.443204][ T2345] EXT4-fs error (device loop0): ext4_orphan_get:1395: inode #15: comm syz.0.510: iget: bad extended attribute block 512
[  114.477513][ T2345] EXT4-fs error (device loop0): ext4_orphan_get:1400: comm syz.0.510: couldn't read orphan inode 15 (err -117)
[  114.497821][ T2348] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  114.507267][ T2345] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  114.515750][ T2348] journal_init_common: Cannot get buffer for journal superblock
[  114.531125][ T2348] EXT4-fs (loop5): Could not load journal inode
[  115.551265][ T2358] FAT-fs (loop4): codepage cp86 not found
[  116.257225][ T2376] incfs: Can't find or create .index dir in ./file0
[  116.458207][ T2376] incfs: mount failed -22
[  116.530608][ T2368] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  116.538563][ T2368] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  116.565424][ T2368] F2FS-fs (loop0): invalid crc value
[  116.624157][   T24] kauditd_printk_skb: 165 callbacks suppressed
[  116.624171][   T24] audit: type=1326 audit(1737407379.310:1646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2387 comm="syz.4.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[  116.665029][   T24] audit: type=1326 audit(1737407379.310:1647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2387 comm="syz.4.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[  116.688648][   T24] audit: type=1326 audit(1737407379.310:1648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2387 comm="syz.4.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[  116.713012][ T2368] F2FS-fs (loop0): Found nat_bits in checkpoint
[  116.719127][   T24] audit: type=1326 audit(1737407379.310:1649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2387 comm="syz.4.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[  116.771766][   T24] audit: type=1326 audit(1737407379.340:1650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2387 comm="syz.4.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[  116.813680][   T24] audit: type=1326 audit(1737407379.340:1651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2387 comm="syz.4.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[  116.837464][   T24] audit: type=1326 audit(1737407379.340:1652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2387 comm="syz.4.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[  116.861986][ T2368] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  116.869338][ T2368] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  116.905445][   T24] audit: type=1326 audit(1737407379.340:1653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2387 comm="syz.4.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[  116.929849][   T24] audit: type=1326 audit(1737407379.340:1654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2387 comm="syz.4.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[  117.267529][   T24] audit: type=1326 audit(1737407379.340:1655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2387 comm="syz.4.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85c0e9d29 code=0x7ffc0000
[  117.355698][ T2381] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  117.384054][ T2381] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  117.398883][ T2397] syz.0.514[2397] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  117.398942][ T2397] syz.0.514[2397] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  117.609634][ T2381] F2FS-fs (loop2): Found nat_bits in checkpoint
[  117.752906][ T2381] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  117.763495][ T2381] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  117.793149][ T2410] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpjquota=,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue
[  117.860489][ T2410] ext4 filesystem being mounted at /97/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.848870][ T2423] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  118.856492][ T2423] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  118.866702][ T2418] F2FS-fs (loop5): Invalid log blocks per segment (4278190089)
[  118.867641][ T2423] F2FS-fs (loop1): invalid crc value
[  118.874230][ T2418] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  118.887501][ T2423] F2FS-fs (loop1): Found nat_bits in checkpoint
[  118.888452][ T2418] F2FS-fs (loop5): invalid crc value
[  118.900066][ T2418] F2FS-fs (loop5): Found nat_bits in checkpoint
[  118.931580][ T2423] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  118.938466][ T2423] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  118.939799][ T2418] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  118.952743][ T2418] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  118.965902][ T2417] F2FS-fs (loop0): Invalid SB checksum offset: 0
[  118.975808][ T2417] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  118.981309][ T2432] EXT4-fs error (device loop2): ext4_orphan_get:1395: inode #15: comm syz.2.527: casefold flag without casefold feature
[  119.004356][ T2432] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz.2.527: missing EA_INODE flag
[  119.018243][ T2432] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.527: error while reading EA inode 12 err=-117
[  119.025083][  T318] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  119.043405][  T318] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  119.052189][ T2417] F2FS-fs (loop0): SIT is corrupted data# 5 7 vs 11
[  119.058507][ T2417] F2FS-fs (loop0): Failed to initialize F2FS segment manager (-117)
[  119.068439][ T2432] EXT4-fs (loop2): 1 orphan inode deleted
[  119.075778][ T2432] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[  119.352291][ T2453] EXT4-fs (loop1): Ignoring removed nobh option
[  119.369622][ T2450] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  119.376887][ T2453] EXT4-fs (loop1): mounted filesystem without journal. Opts: nobh,inode_readahead_blks=0x0000000000008000,,errors=continue
[  119.382675][ T2450] ext4 filesystem being mounted at /17/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  119.410280][ T2453] ext4 filesystem being mounted at /99/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  119.521296][ T2464] exfat: Deprecated parameter 'utf8'
[  119.526584][ T2464] exfat: Deprecated parameter 'utf8'
[  119.543732][ T2464] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x23a77120, utbl_chksum : 0xe619d30d)
[  119.763693][ T2494] Zero length message leads to an empty skb
[  119.770769][ T2482] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  119.923557][ T2509] tipc: Started in network mode
[  119.938262][ T2509] tipc: Own node identity 326b00000000000005, cluster identity 4711
[  120.055484][ T2516] netlink: 36 bytes leftover after parsing attributes in process `syz.0.550'.
[  121.353734][ T2546] EXT4-fs (loop4): mounted filesystem without journal. Opts: nouid32,grpquota,abort,,errors=continue
[  121.370828][ T2546] ext4 filesystem being mounted at /107/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  121.734623][   T24] kauditd_printk_skb: 42 callbacks suppressed
[  121.734636][   T24] audit: type=1400 audit(1737407384.410:1698): avc:  denied  { unlink } for  pid=2023 comm="syz-executor" name="file0" dev="tmpfs" ino=133 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  121.788090][ T2579] syz.5.576[2579] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  121.788167][ T2579] syz.5.576[2579] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  121.806665][ T2579] SELinux: failed to load policy
[  121.866407][   T24] audit: type=1400 audit(1737407384.490:1699): avc:  denied  { load_policy } for  pid=2578 comm="syz.5.576" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  121.932702][ T2591] device ip6gretap0 entered promiscuous mode
[  121.942122][   T24] audit: type=1326 audit(1737407384.590:1700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2586 comm="syz.5.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61b5054d29 code=0x7ffc0000
[  121.987222][ T2594] device wg2 entered promiscuous mode
[  122.017274][   T24] audit: type=1326 audit(1737407384.600:1701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2586 comm="syz.5.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f61b5054d29 code=0x7ffc0000
[  122.093072][   T24] audit: type=1326 audit(1737407384.600:1702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2586 comm="syz.5.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61b5054d29 code=0x7ffc0000
[  122.150917][   T24] audit: type=1326 audit(1737407384.600:1703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2586 comm="syz.5.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f61b5054d29 code=0x7ffc0000
[  122.178808][   T24] audit: type=1326 audit(1737407384.600:1704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2586 comm="syz.5.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61b5054d29 code=0x7ffc0000
[  122.179714][ T2605] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=95 sclass=netlink_route_socket pid=2605 comm=syz.5.588
[  122.202071][   T24] audit: type=1326 audit(1737407384.600:1705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2586 comm="syz.5.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f61b5054d29 code=0x7ffc0000
[  122.202110][   T24] audit: type=1326 audit(1737407384.600:1706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2586 comm="syz.5.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61b5054d29 code=0x7ffc0000
[  122.260765][   T24] audit: type=1326 audit(1737407384.600:1707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2586 comm="syz.5.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f61b5054d29 code=0x7ffc0000
[  122.285024][ T2599] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[  122.327647][ T2599] ext4 filesystem being mounted at /114/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  122.397200][ T2611] device veth1_macvtap left promiscuous mode
[  122.403918][ T2611] device macsec0 entered promiscuous mode
[  122.816358][ T2632] syz.1.596[2632] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  122.816417][ T2632] syz.1.596[2632] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  123.594287][ T2656] syz.5.606[2656] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  123.614852][ T2656] syz.5.606[2656] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  123.704836][ T2656] hub 2-0:1.0: USB hub found
[  123.746701][ T2656] hub 2-0:1.0: 1 port detected
[  124.035830][ T2673] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  124.051731][ T2673] ext4 filesystem being mounted at /32/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  124.154786][ T2682] device erspan0 entered promiscuous mode
[  124.165005][ T2682] device erspan0 left promiscuous mode
[  124.198237][ T2674] EXT4-fs (loop2): Unrecognized mount option "audit" or missing value
[  124.670897][ T2673] EXT4-fs error (device loop5): ext4_xattr_block_get:546: inode #15: comm syz.5.612: corrupted xattr block 32
[  124.736285][ T2673] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=15
[  124.760457][ T2673] EXT4-fs error (device loop5): ext4_xattr_block_get:546: inode #15: comm syz.5.612: corrupted xattr block 32
[  124.822986][ T2673] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=15
[  124.823959][ T2683] EXT4-fs error (device loop5): ext4_xattr_block_get:546: inode #15: comm syz.5.612: corrupted xattr block 32
[  124.840596][ T2673] EXT4-fs error (device loop5): ext4_xattr_block_get:546: inode #15: comm syz.5.612: corrupted xattr block 32
[  124.880705][ T2673] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=15
[  124.900756][ T2683] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=15
[  124.909557][ T2683] EXT4-fs error (device loop5): ext4_xattr_block_get:546: inode #15: comm syz.5.612: corrupted xattr block 32
[  124.921282][ T2683] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=15
[  124.966703][ T2687] EXT4-fs error (device loop5): ext4_xattr_block_get:546: inode #15: comm syz.5.612: corrupted xattr block 32
[  124.984726][ T2674] SELinux:  policydb version 0 does not match my version range 15-33
[  125.010520][ T2674] SELinux: failed to load policy
[  125.026918][ T2687] EXT4-fs error (device loop5): ext4_xattr_block_get:546: inode #15: comm syz.5.612: corrupted xattr block 32
[  125.054487][ T2687] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=15
[  125.063788][ T2687] EXT4-fs error (device loop5): ext4_get_inode_usage:848: inode #15: comm syz.5.612: corrupted xattr block 32
[  125.156258][ T2701] EXT4-fs (loop0): Unrecognized mount option "audit" or missing value
[  125.271273][ T2716] bridge0: port 3(syz_tun) entered blocking state
[  125.277544][ T2716] bridge0: port 3(syz_tun) entered disabled state
[  125.286423][ T2716] device syz_tun entered promiscuous mode
[  125.292518][ T2716] bridge0: port 3(syz_tun) entered blocking state
[  125.298743][ T2716] bridge0: port 3(syz_tun) entered forwarding state
[  125.476103][ T2701] SELinux:  policydb version 0 does not match my version range 15-33
[  125.495244][ T2701] SELinux: failed to load policy
[  125.623677][ T2729] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  125.636360][ T2729] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  125.956483][ T2729] EXT4-fs (loop0): 1 truncate cleaned up
[  125.967276][ T2729] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_dev=0x0000000000000003,lazytime,journal_path=./bus,bsdgroups,grpid,dioread_nolock,,errors=continue
[  126.185313][ T2749] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  126.200455][ T2749] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[  126.210204][ T2749] EXT4-fs (loop1): invalid journal inode
[  126.213811][ T2757] SELinux:  policydb version 0 does not match my version range 15-33
[  126.215841][ T2749] EXT4-fs (loop1): can't get journal size
[  126.229430][ T2757] SELinux: failed to load policy
[  126.239511][ T2749] EXT4-fs error (device loop1): ext4_protect_reserved_inode:179: comm syz.1.635: blocks 2-2 from inode 3 overlap system zone
[  126.256431][ T2760] netlink: 4 bytes leftover after parsing attributes in process `syz.5.639'.
[  126.265230][ T2749] EXT4-fs (loop1): failed to initialize system zone (-117)
[  126.272970][ T2749] EXT4-fs (loop1): mount failed
[  126.488168][ T2783] 9pnet: Insufficient options for proto=fd
[  126.521899][ T2786] hub 2-0:1.0: USB hub found
[  126.526399][ T2786] hub 2-0:1.0: 1 port detected
[  126.602603][ T2797] ==================================================================
[  126.610493][ T2797] BUG: KASAN: slab-out-of-bounds in tc_setup_flow_action+0xbb8/0x3630
[  126.618459][ T2797] Read of size 8 at addr ffff8881194993c0 by task syz.1.656/2797
[  126.626005][ T2797] 
[  126.628183][ T2797] CPU: 1 PID: 2797 Comm: syz.1.656 Tainted: G        W         5.10.233-syzkaller-00881-gfbe98d68b6b3 #0
[  126.639202][ T2797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  126.649099][ T2797] Call Trace:
[  126.652232][ T2797]  dump_stack_lvl+0x1e2/0x24b
[  126.656870][ T2797]  ? bfq_pos_tree_add_move+0x43b/0x43b
[  126.662134][ T2797]  ? panic+0x812/0x812
[  126.666043][ T2797]  ? __irq_exit_rcu+0x40/0x150
[  126.670647][ T2797]  print_address_description+0x81/0x3b0
[  126.676023][ T2797]  ? sysvec_apic_timer_interrupt+0xcb/0xe0
[  126.681666][ T2797]  kasan_report+0x179/0x1c0
[  126.686005][ T2797]  ? tc_setup_flow_action+0xbb8/0x3630
[  126.691301][ T2797]  ? tc_setup_flow_action+0xbb8/0x3630
[  126.696591][ T2797]  __asan_report_load8_noabort+0x14/0x20
[  126.702065][ T2797]  tc_setup_flow_action+0xbb8/0x3630
[  126.707185][ T2797]  ? __kmalloc+0x1aa/0x330
[  126.711434][ T2797]  ? flow_rule_alloc+0x30/0x2b0
[  126.716130][ T2797]  mall_replace_hw_filter+0x394/0xc10
[  126.721346][ T2797]  ? mall_set_parms+0x440/0x440
[  126.726013][ T2797]  ? tcf_exts_destroy+0xb0/0xb0
[  126.730708][ T2797]  ? pcpu_memcg_post_alloc_hook+0x1c8/0x360
[  126.736535][ T2797]  ? pcpu_alloc+0xfa0/0x1420
[  126.740952][ T2797]  ? mall_set_parms+0x4b/0x440
[  126.745555][ T2797]  ? mall_set_parms+0x1a2/0x440
[  126.750246][ T2797]  mall_change+0x573/0x7a0
[  126.754484][ T2797]  ? __kasan_check_write+0x14/0x20
[  126.759432][ T2797]  ? mall_get+0xb0/0xb0
[  126.763451][ T2797]  ? tcf_chain_tp_insert_unique+0xa90/0xbb0
[  126.769239][ T2797]  tc_new_tfilter+0x168e/0x1dc0
[  126.773933][ T2797]  ? mall_get+0xb0/0xb0
[  126.777920][ T2797]  ? tcf_gate_entry_destructor+0x20/0x20
[  126.783393][ T2797]  ? security_capable+0x87/0xb0
[  126.788075][ T2797]  ? ns_capable+0x89/0xe0
[  126.792241][ T2797]  ? netlink_net_capable+0x125/0x160
[  126.797361][ T2797]  ? tcf_gate_entry_destructor+0x20/0x20
[  126.802827][ T2797]  rtnetlink_rcv_msg+0x77a/0xc50
[  126.807605][ T2797]  ? is_bpf_text_address+0x172/0x190
[  126.812757][ T2797]  ? rtnetlink_bind+0x80/0x80
[  126.817236][ T2797]  ? arch_stack_walk+0xf3/0x140
[  126.821938][ T2797]  ? stack_trace_save+0x113/0x1c0
[  126.826779][ T2797]  ? stack_trace_snprint+0xf0/0xf0
[  126.831730][ T2797]  ? avc_has_perm+0x14d/0x400
[  126.836245][ T2797]  ? memcpy+0x56/0x70
[  126.840060][ T2797]  ? avc_has_perm+0x275/0x400
[  126.844570][ T2797]  ? __kasan_slab_alloc+0xb1/0xe0
[  126.849432][ T2797]  ? slab_post_alloc_hook+0x61/0x2f0
[  126.850475][   T15] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  126.854569][ T2797]  ? kmem_cache_alloc+0x168/0x2e0
[  126.854584][ T2797]  ? avc_has_perm_noaudit+0x240/0x240
[  126.854607][ T2797]  ? iov_iter_advance+0x258/0xb20
[  126.876781][ T2797]  netlink_rcv_skb+0x1cf/0x410
[  126.881378][ T2797]  ? rtnetlink_bind+0x80/0x80
[  126.885915][ T2797]  ? netlink_ack+0xb30/0xb30
[  126.890314][ T2797]  ? __netlink_lookup+0x37b/0x3a0
[  126.895173][ T2797]  rtnetlink_rcv+0x1c/0x20
[  126.899423][ T2797]  netlink_unicast+0x8df/0xac0
[  126.904024][ T2797]  ? netlink_detachskb+0x90/0x90
[  126.908890][ T2797]  ? security_netlink_send+0x7b/0xa0
[  126.914117][ T2797]  netlink_sendmsg+0xa46/0xd00
[  126.918740][ T2797]  ? netlink_getsockopt+0x5c0/0x5c0
[  126.923762][ T2797]  ? security_socket_sendmsg+0x82/0xb0
[  126.929049][ T2797]  ? netlink_getsockopt+0x5c0/0x5c0
[  126.934081][ T2797]  ____sys_sendmsg+0x59e/0x8f0
[  126.938684][ T2797]  ? __sys_sendmsg_sock+0x40/0x40
[  126.943544][ T2797]  ? import_iovec+0xe5/0x120
[  126.947969][ T2797]  ___sys_sendmsg+0x252/0x2e0
[  126.952484][ T2797]  ? __sys_sendmsg+0x280/0x280
[  126.957094][ T2797]  ? __fdget+0x1bc/0x240
[  126.961161][ T2797]  __se_sys_sendmsg+0x1b1/0x280
[  126.965857][ T2797]  ? __x64_sys_sendmsg+0x90/0x90
[  126.970620][ T2797]  ? fpu__clear_all+0x20/0x20
[  126.975133][ T2797]  ? __kasan_check_read+0x11/0x20
[  126.979991][ T2797]  __x64_sys_sendmsg+0x7b/0x90
[  126.984603][ T2797]  do_syscall_64+0x34/0x70
[  126.988850][ T2797]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  126.994570][ T2797] RIP: 0033:0x7f10320d3d29
[  126.998834][ T2797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.018267][ T2797] RSP: 002b:00007f1030745038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  127.026511][ T2797] RAX: ffffffffffffffda RBX: 00007f10322c3fa0 RCX: 00007f10320d3d29
[  127.034320][ T2797] RDX: 0000000000000000 RSI: 0000000020000580 RDI: 0000000000000005
[  127.042133][ T2797] RBP: 00007f103214fb08 R08: 0000000000000000 R09: 0000000000000000
[  127.049943][ T2797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  127.057755][ T2797] R13: 0000000000000000 R14: 00007f10322c3fa0 R15: 00007ffee0566248
[  127.065576][ T2797] 
[  127.067742][ T2797] Allocated by task 2797:
[  127.071909][ T2797]  ____kasan_kmalloc+0xdb/0x110
[  127.076596][ T2797]  __kasan_kmalloc+0x9/0x10
[  127.080940][ T2797]  __kmalloc+0x1aa/0x330
[  127.085013][ T2797]  tcf_idr_create+0x5f/0x770
[  127.089437][ T2797]  tcf_idr_create_from_flags+0x5f/0x70
[  127.094738][ T2797]  tcf_gact_init+0x373/0x6e0
[  127.099160][ T2797]  tcf_action_init_1+0x584/0x830
[  127.103941][ T2797]  tcf_action_init+0x2b5/0x800
[  127.108538][ T2797]  tcf_exts_validate+0x232/0x540
[  127.113307][ T2797]  mall_set_parms+0x4b/0x440
[  127.117736][ T2797]  mall_change+0x49e/0x7a0
[  127.120496][   T15] usb 1-1: Using ep0 maxpacket: 16
[  127.121991][ T2797]  tc_new_tfilter+0x168e/0x1dc0
[  127.122003][ T2797]  rtnetlink_rcv_msg+0x77a/0xc50
[  127.122021][ T2797]  netlink_rcv_skb+0x1cf/0x410
[  127.140998][ T2797]  rtnetlink_rcv+0x1c/0x20
[  127.145244][ T2797]  netlink_unicast+0x8df/0xac0
[  127.149845][ T2797]  netlink_sendmsg+0xa46/0xd00
[  127.154445][ T2797]  ____sys_sendmsg+0x59e/0x8f0
[  127.159045][ T2797]  ___sys_sendmsg+0x252/0x2e0
[  127.163571][ T2797]  __se_sys_sendmsg+0x1b1/0x280
[  127.168248][ T2797]  __x64_sys_sendmsg+0x7b/0x90
[  127.172846][ T2797]  do_syscall_64+0x34/0x70
[  127.177113][ T2797]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  127.182948][ T2797] 
[  127.185088][ T2797] The buggy address belongs to the object at ffff888119499300
[  127.185088][ T2797]  which belongs to the cache kmalloc-192 of size 192
[  127.198991][ T2797] The buggy address is located 0 bytes to the right of
[  127.198991][ T2797]  192-byte region [ffff888119499300, ffff8881194993c0)
[  127.212518][ T2797] The buggy address belongs to the page:
[  127.218024][ T2797] page:ffffea0004652640 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888119499000 pfn:0x119499
[  127.229362][ T2797] flags: 0x4000000000000200(slab)
[  127.234226][ T2797] raw: 4000000000000200 ffffea00042b2e80 0000000400000004 ffff888100043380
[  127.236990][   T24] kauditd_printk_skb: 159 callbacks suppressed
[  127.237003][   T24] audit: type=1400 audit(1737407389.920:1867): avc:  denied  { write } for  pid=2801 comm="syz.4.658" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  127.242640][ T2797] raw: ffff888119499000 000000008010000b 00000001ffffffff 0000000000000000
[  127.242646][ T2797] page dumped because: kasan: bad access detected
[  127.242675][ T2797] page_owner tracks the page as allocated
[  127.242714][ T2797] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 133, ts 5769715641, free_ts 0
[  127.242738][ T2797]  prep_new_page+0x166/0x180
[  127.256548][   T24] audit: type=1400 audit(1737407389.920:1868): avc:  denied  { read } for  pid=2801 comm="syz.4.658" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  127.268679][ T2797]  get_page_from_freelist+0x2d8c/0x2f30
[  127.268696][ T2797]  __alloc_pages_nodemask+0x435/0xaf0
[  127.268707][ T2797]  new_slab+0x80/0x400
[  127.268718][ T2797]  ___slab_alloc+0x302/0x4b0
[  127.268736][ T2797]  __slab_alloc+0x63/0xa0
[  127.351221][ T2797]  kmem_cache_alloc_trace+0x1bd/0x2e0
[  127.356416][ T2797]  kernfs_fop_open+0x324/0xab0
[  127.361014][ T2797]  do_dentry_open+0x7c1/0x10d0
[  127.365613][ T2797]  vfs_open+0x73/0x80
[  127.369449][ T2797]  path_openat+0x2660/0x3000
[  127.373864][ T2797]  do_filp_open+0x21c/0x460
[  127.378208][ T2797]  do_sys_openat2+0x13f/0x710
[  127.382812][ T2797]  __x64_sys_openat+0x243/0x290
[  127.387489][ T2797]  do_syscall_64+0x34/0x70
[  127.391746][ T2797]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  127.397463][ T2797] page_owner free stack trace missing
[  127.402670][ T2797] 
[  127.404838][ T2797] Memory state around the buggy address:
[  127.410399][ T2797]  ffff888119499280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  127.418299][ T2797]  ffff888119499300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  127.426197][ T2797] >ffff888119499380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[  127.434094][ T2797]                                            ^
[  127.440084][ T2797]  ffff888119499400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  127.447978][ T2797]  ffff888119499480: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  127.455871][ T2797] ==================================================================
[  127.463774][ T2797] Disabling lock debugging due to kernel taint
[  127.476036][   T15] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  127.487959][   T15] usb 1-1: config 0 has no interfaces?
[  127.493594][   T15] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  127.502591][   T15] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.524899][   T15] usb 1-1: config 0 descriptor??
[  127.783038][   T20] usb 1-1: USB disconnect, device number 6