last executing test programs:

16.608318736s ago: executing program 1 (id=2318):
io_setup(0x0, &(0x7f00000002c0))
io_pgetevents(0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={0x0, 0x989680}, &(0x7f0000000400)={0x0})
syz_mount_image$ext4(&(0x7f0000001080)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000080), 0x1, 0x42e, &(0x7f0000000900)="$eJzs3E9vFGUcB/DvbFuIgBYV/yFoFYQq2tqiqIkh4eaB6EEPXhtaKrEUpTURQgwkHryayAvQeJWXYNTEPxc9Ga5q9KAkxEAPHIypme1uu5Ru6ULLGvbzSWZ5nplZnmfmyW9m5+kvE6Bj9ZUfRbIpyc9JeueqV+/QN/fPzKVTh8qlyOzs638X1f0uXzp1qL5r/Xsby49K0l9JKh8WeXiJdqdOnHx7ZGJi7HitPjh99J3BqRMnnzlydGR8bHxscmjv0L59Lzz/4vDQqh3rKz/N/PFZ96uTn5+9PHll//CGsr+batsaj2O19KXv6nPZYNdqN9Zm9zWUi+42doSWdCUph6unGv+96crC4PXm+1/b2jlgTc2W1jfdfHoWuI0VaXcPgPao3+jL59/6cqt+e9B+Fw/MPQBers3tzMyPf3cqc4V3d3379VXP96upL8mbB1/bXi5Zo3kYAAAAgE721YEkTy81/1fJ/Q37leUHkjyY5KEkW5NqXs+2JNuTPJLk0Xo+UQsW73/t/E/lwg0dGCty8UDyckNu10zD+Nds7qrV7iwr6SkOH5kYezbJXUn607O+rC+XpXX0rZEfm21rnP8rl7L9+lxgrR8Xuhf9fXp0ZHrkZo6ZBRfPJFu7lxr/Yj4TqEjyWJLHV/IfflfNqBvfcu6f+VUvfXTv+Wa7X3/8WUuznya7l4z/hczFYvn8zMHq9WCwflW41g9n933RrH3j315l/G9Yfvw3F435ulOtt/HNlt9+abbtRq//64o3qh1cV1v3/sj09PGhZF1x8Nr1w633+XZVPx/181WOf/+Ope//99S+U57QHUl2Jnmilru8u3rvT55M8lSSPcu0eXr893+bbRP/7VWO/2hL8d964a8zH+9s1v7K4v+5amf6a2v8/ru+lQ5Qu/sJAAAAAAAAwOqoVN+BV1QG5suVysDA3Dv8tmRDZeLY1PSew8femxyde1fe5vRU6plevQ35oEPV8kJ9eFF9b5K7k3zSdUe1PnDo2MRouw8eOtzGJvFf+rOr3b0D1pz3tULnEv/QucQ/dC7xD51L/EPnEv/QucQ/dC7xD51rcfx/cP7g/itfbjvXpu4At5D7P3Skm3mvn4KCwu1aaPeVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/4b8AAAD//y2P0tw=")
signalfd(0xffffffffffffffff, &(0x7f0000000180), 0x8)
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000004c0)=ANY=[@ANYBLOB="12010000000000406a05f800b41500000001090224000100000000090420000103000000092100000001220500090581696ce2076a2728629295441a73bc7e39bacee09b8b054b6c794fa32e183d0e203c1afb2b2ccde929802358c576a5801fd18b21e912264eaf"], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = fsopen(&(0x7f00000003c0)='ext3\x00', 0x0)
prlimit64(0x0, 0x0, 0x0, 0x0)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xef9a9000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000009500"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
sendmsg$ETHTOOL_MSG_RINGS_GET(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x2c}}, 0x40800)
r4 = socket(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000340)='nfs\x00', 0x0, &(0x7f0000000300)='\x01')
write(r4, &(0x7f0000000240)="aefc00001a0025f00385bc04fef7681d020b49ff708800008003280008021000ac0a1410bc71176a36ede498534108e58342fa94a235a2a441f9", 0xfcae)
close_range(r0, 0xffffffffffffffff, 0x0)

13.63285358s ago: executing program 1 (id=2349):
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800"/13], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000000c00)=ANY=[@ANYBLOB="b7020000c3000000bf230000000000002703000000fefeff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400011000000404000001007d60b7030000000000006a0a00fe800000008500000030000000b7000000000000009500001000000000acaa8e53a53cb864c300094c07000000000000d94cf0987b00a749a8e53b5c9491cd1f2b94a64f1de23d03a8f0362ebfc44c77511e60070e25510070f7778d3e77ad85319f0113abbac795f8c24abca246150226eb93fe39233add8f68f87699162334343befce832cb8075c5f0ae30cde221371ff00000067e4b75da95370ae6fd2b99ac18f98403494d4a94e95fb8dcd813487b2bdb006c6465c15f04485a9f8c8e49d00000097184c8e9d34b1e382b25e9614634e8e09194f7b83138f5275d9ab463797a2f6dcb45d5f278cd4fb74559575da3560c01cdf1eaa3fc7a3fb4f1689dfd5b626174770e4dfd1c82a694efc62f9ef9c8c0ea1efa5b949ce22827f6fd1dfc69d03482d8ec264e3d96ad19a0c99a234b4b71b0bc22573f8594b91781cd8ff7f000000000000299ebf94588e60abe9a565c5bbdc0358226f8580dc1a83c6a44408de23475a74ef0deda8da4089269ccb4e728dee6320444576c87cc576291e5367a5f1a5d5a12f8313ffff0b7f73335279aa2b68c9f045831119881764c71bb65b5138c50e06024e80fd9656bc077e4e259695748989335ba9eeef288de73815f20fefd4acfb6813ffff00000b971aec1a3e618a08a94ecbd401c8109c87ee3f5c0501857538d2a766bfcf4128fbe726903aca577aa8943af747760718dee5a21396dce6f61c6f3c7e000000cb0868b48719e47296f2299df3ecfb5f3f0e42f6f1eb1dc64dcc8e397366d12033f6288edbda3b838100000000000000000000800000edd4e1266dc9d73223fe614f025a7f284de76b3b676a13c57a0ed24f6270c4cbbf93472eb8093d8296c68dfbb03ddedc3e029b08959b145a7b110068ba071e75d75716243052ad24b624fddc2f0f3a018c0085c2319c248d643cd09fa855b20a6d453f2e954ff0e55c010000008547c5a0ecefcc44cc9532f729167f215937357a4bb9746193c1ec000000000000dd43c108c2109d221b7b26b7c9c209000005b7918a6cd856b8fa806c85480443159c6bed51a0e021f05f7caa1b99cdb4d08d9031210ac00e67d8c40a18503cb7aabcc066dfbfd7f87abe1122f00e5454bec3563a19582e0000000000000000000000000084b27fc6a3f95bf02b4eb5f1599dd46edcad432cc216316fe07afe27649c89cf022a90d895a2d70fcde7a9c37ede0c47c27f44595ab4b1fb1ed5b1d91314b2d50f94a768fb605679485041a6376b8344a39af68aed2be39794dd86ae82f9660cf4f935255d71f9fab2e430ac42bba1f54141cf39d4d50c4ded504beacb0de210d7a3716dca7362c134b91cef3efc514fbcb4747e6814ac16449ac02a43d9d4151697b4b7890ec6b481c5f0ca8c52a6322f34a796fa5941d23409ecf73458223baaffb94a89ee2884df000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x36}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000001c0)={r0, 0x40000f0, 0xe40, 0xffffffff, &(0x7f0000000280)="7b5515ccc8bca12641e65d58fd1a12f639", 0x0, 0x8001}, 0x28)
open(&(0x7f0000000040)='./file0\x00', 0x0, 0xb2)

13.375859521s ago: executing program 1 (id=2353):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
r1 = fsopen(&(0x7f0000000280)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000040)='source', &(0x7f0000005fc0)='//\xf2/\x06\b\xba\xdf//\xdc/\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, 0xffffffffffffffff)
fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, <r3=>0x0})
r4 = syz_open_procfs(r3, &(0x7f0000000600)='fd/4\x00')
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f00000003c0)=ANY=[@ANYBLOB="18080000000000000000006a3082a40018110c00c701b72e42258399ad6aa471b61d67df5cce5afdd88312bf311074c2126b992321be70954c72d214f089fc8836b925e83a88cfeed3", @ANYBLOB, @ANYRES32=r5, @ANYRESHEX=r6], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
fsync(r4)

13.230624014s ago: executing program 1 (id=2356):
syz_mount_image$f2fs(&(0x7f00000004c0), &(0x7f0000000040)='./bus\x00', 0x2008410, &(0x7f0000000500)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c84268030000000000000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd9701404", @ANYRES16], 0x1, 0x553b, &(0x7f000000ac00)="$eJzs3EtvG1UUAOA7TtPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKI9WduKk/T5pfGbujM+cO7ISnRnLAXhiLaS//pyES+FsCGEuhHAhCfl6Uiy51RieCyFcDiGU/rIkxfifA6dDCOdCCJdGyWPOpNj1+dXhlZWf3vjlm+/OnDr/xdffz27WwKw9H0LobsX13W6MWSvGu8V4bdjOY/fGsIhxR/desZ3FuNvcyDPs1sbH1fJ4vRWPz7Z2+qO42anVR7HV3szHt3rxhP1ha5wnf8Pd2na+3Whu5LHdz/LY2o917e3Hv237/UHM0yjyfZinD4PBOMbx5l4zzmfrXh7rvUExHvNmjebeKA6LWJwu1LNOI69jY5Irfby92e7t7KXD5na/nfXSlUr1hUr1Zrm6nTWag+aNcq3buHkjXWx1RoeVB81ad7WVZa1Os1LPukvpYqteL1er6eKt5ka71kur1cr1yrXyylKxdjV99c67aaeRLo7iy+3ezul2p59uZttpfMdSuly5/uJSeqWavr22nq6/dfv22vo77996785La6+/Uhz0QFnp4vK15eVy9Vp5ubp0DOY/+r/7kPMfTDL/T4qiH2H+yWSXB/6bDxjAI3ug/w/6f+DwnfT+P0yz/x+1VPr//+9/S5P3/xP1v8e1/z/B84eJ6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5YP8x/+Vq+shC3zxfjF4uhZ4rtJIRQCiH8/g/mwukDOeeKPPP/cvz832r4Ngl5htE5zhTLuRDCarH89vRhXwUAAAB4fH310eXPYrceXxZmXRBHKd60KV34YEr5khDC/MKPU8pWGr08O6Vk+ef7VNibUrb8BtZTU0oWb7mdmla2hzI3Dh9fvD+YTyiJoXSk5QAAAEdi7kA42i4EAACAo/TprAtgNpIwfpQ5fhacf/P+/qPNswf2AQAAACdQMusCAAAAgEOX9/9+/w8AAAAeb/H3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4g537uU0ciOIA/GwwsP+0aLX3bWVvUEZKyDHHQAFpghJIC2mAGsgtJUQQYY+QHIEUiXGsoO+TPM7Y0W9mgMsbSwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJztZ4/3v97uDRnt79MntUAAAAAp2yr9bz+Y9r0f6Trv9KlP6lfREQZEadq90GMWpmDlFOd+f/q3RyeIuqEwxjjdHyPiP/peP3d9acAAAAA12uzXM2aar1ppn1PiM/UbNqUP28y5RURUU1fMqWVh+ZvprD69z2Mu0xp9QbWJFNYs+U2PH1vlGuQtkHrlFYyWdRfYt0ruxkXAADoU7sSOFOFAAAAcAVu+54A/SiOzfE547g5pQeC31o9AAAA4Asq+p4AAAAA0Lm6/vf+PwAAALhuzfv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NK2Ws83y9Xs3P3FB3N2+8vkWxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBv7844CIRAGYbB3fWcy9z+sNGhobFIFwsffGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzPSwqEQBBEwZzxv5O+/2ElQc8gQgQ0PKqoRQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzcP28cRRQA8Hd7t5c/gDAGuTCgIFFAQ+xLSEgJBcii4CMgWc45GC4EEhckskBuoEKu0yAoEUICmS7fIXUspQldChdGogbt3u5lkxhyiszuEv9+0uy8Pa9m3uydLD/P2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAafedeCkp4m52mBnH5Wu39jZWsn7ngT5zY+v2fNayuPOoib55++CTb7eXqycn5ionX9WfDAAAAIdDt6zvI+JOur2U9clMXv+n5TVZzf/9M+O4rOcfrPt39jaOFl+aL+v/3369+8JkopnxPNmgq2uj4eLDqfT+oyW23rOPvKKX3/n8dy/d/A1J3t98fjfN72fn25s33+3n4ZE6sgUAHsfJsi+C8uehrB80mRgAh0avUniX9X93ptmcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqwuxlPlXEnIuZ79+LMzt7Gyn79ja3b82U7e/36VnXMbIg0IlbXRsO0xrW03ZWr1z5ZHo2Gl+sPTkREc7MXwYdTXBPx79cUH89obhX/HHTakUajQVK8P23J5yCD8rN38CM39A0JAIAnVlq0rK6/k24vZa91ZiP++uH++v+1ShxT1v93Pzp7qzpXtf4f1LbC9ltYv/jZwpWr195Yu7h8YXhh+OmbpwZvDU6fO3Pm3EJ2rxYXViMZLjadJgAAAP9j/aJV6/9k9uH9/+OVOKas/z//bvBlda6u+n9f9zb9ms4EAADgMOpPoude+fOPzj5XdPr9+GJ5ff3yYHycnJ8aH2tN9zEdKVq1/u/ONp0VAAAAUIfdzc59+//nK3FMuf//9I8v/lwdsxsRxyIuRcTw5Mql0fn6ltNqdfyhcj5Rv+mVAgAA0JRjRavu/6f58//J5JGHJCJef3Ucl//rapr6v/ve1z9V56o+/3+6viW2UjI3vh95PxfRm2s6IwAAAJ5kR4uWFfu/p9tLH/9y/IO+5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6vZ3AAAA//+pzDYD")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x20242, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000140)={0x0, 0x0, 0x100000, 0x5})
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000003})
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)

6.20078675s ago: executing program 0 (id=2433):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1001}, 0xc)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@remote, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@loopback, 0x0, 0x32}, 0x2, @in=@local, 0x0, 0x4}}, 0xe8)
sendmmsg$inet6(r1, &(0x7f0000000a80)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}}, {{&(0x7f0000000040)={0xa, 0x4e21, 0x0, @dev}, 0x1c, 0x0, 0x0, 0x0, 0x0, 0xe00}}], 0x2, 0x0)

6.182902322s ago: executing program 0 (id=2434):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'\x00', 0x2})
ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0x3)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)

6.093538249s ago: executing program 0 (id=2437):
socket(0x40000000015, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x12, 0x5, &(0x7f0000000740)=ANY=[@ANYBLOB="180000000000001000", @ANYRES32, @ANYBLOB], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="30000000100001000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00'], 0x30}}, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, 0x0, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f0000000180)={'veth1_macvtap\x00', 0x44})

6.027524094s ago: executing program 0 (id=2438):
r0 = socket$inet(0x2, 0x3, 0x6)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f00000000c0)=0x8009, 0x4)
r1 = userfaultfd(0x80001)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x60000000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r3=>0xffffffffffffffff, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000640), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
r5 = eventfd(0x0)
ioctl$VHOST_SET_LOG_BASE(r4, 0x4008af04, &(0x7f0000000700)=&(0x7f00000006c0))
syz_emit_ethernet(0x46, &(0x7f0000000340)=ANY=[@ANYBLOB="3c82bf073aaebbbbbbbbbbbb86dd6001010000101100fe8000000000000000000000000000bbfe8000000000000000000000000000aa00000000001090780200000000"], 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0x4008af12, &(0x7f0000000200)={0x1, 0x5})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000000940)={0x1, 0x0, [{0x0, 0xc3, &(0x7f0000000540)=""/195}]})
ioctl$VHOST_SET_LOG_FD(r4, 0x4004af07, &(0x7f0000000240)=r5)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000040)={0x1, r5})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/233, &(0x7f00000000c0)=""/87, &(0x7f0000000740)=""/82})
ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f0000000000)=0x20000)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xf, &(0x7f0000000480)=ANY=[@ANYRES8=r3, @ANYRES32=r2, @ANYRESDEC=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0xc})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000539000/0x4000)=nil, 0x4000}, 0x2})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x0)

5.981861799s ago: executing program 0 (id=2439):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100", @ANYRES16], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r2, 0x8946, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000580)={0x0, 0x1, 0x0, &(0x7f0000000100)=""/47, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f0000000500)=""/69, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000016c0))
bpf$MAP_CREATE(0x0, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r3 = gettid()
process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
mremap(&(0x7f0000224000/0x3000)=nil, 0x3000, 0x2000, 0x0, &(0x7f000068b000/0x2000)=nil)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000040000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r5}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x8)
eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000180))
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000040)=0x1)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f00000001c0)={0x1})
syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0xa, {[@local=@item_4={0x3, 0x2, 0x0, "f85edaca"}, @main=@item_4={0x3, 0x0, 0xb}]}}, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r6 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$HIDIOCGCOLLECTIONINDEX(r6, 0xc018480d, &(0x7f0000000000))

5.242934239s ago: executing program 4 (id=2446):
r0 = syz_open_dev$evdev(&(0x7f0000000140), 0x0, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000180))
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000001080)={0x0, 0x0, 0x0, {0x0, 0x1}, {0x74, 0x2}})
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x822b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1068)

5.223526331s ago: executing program 2 (id=2448):
socket(0x40000000015, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x12, 0x5, &(0x7f0000000740)=ANY=[@ANYBLOB="180000000000001000", @ANYRES32, @ANYBLOB], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="30000000100001000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00'], 0x30}}, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, 0x0, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f0000000180)={'veth1_macvtap\x00', 0x44})

5.175154315s ago: executing program 4 (id=2449):
r0 = socket$inet(0x2, 0x3, 0x6)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f00000000c0)=0x8009, 0x4)
r1 = userfaultfd(0x80001)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x60000000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r3=>0xffffffffffffffff, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000640), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
r5 = eventfd(0x0)
ioctl$VHOST_SET_LOG_BASE(r4, 0x4008af04, &(0x7f0000000700)=&(0x7f00000006c0))
syz_emit_ethernet(0x46, &(0x7f0000000340)=ANY=[@ANYBLOB="3c82bf073aaebbbbbbbbbbbb86dd6001010000101100fe8000000000000000000000000000bbfe8000000000000000000000000000aa00000000001090780200000000"], 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0x4008af12, &(0x7f0000000200)={0x1, 0x5})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000000940)={0x1, 0x0, [{0x0, 0xc3, &(0x7f0000000540)=""/195}]})
ioctl$VHOST_SET_LOG_FD(r4, 0x4004af07, &(0x7f0000000240)=r5)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000040)={0x1, r5})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/233, &(0x7f00000000c0)=""/87, &(0x7f0000000740)=""/82})
ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f0000000000)=0x20000)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xf, &(0x7f0000000480)=ANY=[@ANYRES8=r3, @ANYRES32=r2, @ANYRESDEC=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0xc})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000539000/0x4000)=nil, 0x4000}, 0x2})

5.138909408s ago: executing program 4 (id=2451):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000000000000850000007b00000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000300)={r1}, 0xc)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

5.121424839s ago: executing program 4 (id=2452):
open(0x0, 0x0, 0x0)
syz_usb_connect$printer(0x0, 0x0, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x5, 0x0})
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10, r0, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r1, 0x400448de, &(0x7f00000000c0)={0x0, 0x0, "a4cd91"})

4.596828243s ago: executing program 4 (id=2453):
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000000140)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "3a280a05a59fc768d5b4db0f1a9c98277afe8d9338364ba7a2b3d18b221b24ecb4e1df6dad2e34905f0101d1be5fc322de3b576b708510054635e0d93924b8b4", "6a588528551db5d9ac7718bb76b2137f2dc09faca249808f541ba51d8e68d45a5e2457be5c13d221b580e1d93e09c8cd04f287d17f5b791ef68c406003f20814", "79da99b7cefddf6d76277bd44f7b742daf84f5d07d391a3c169dc6e96507d14a"}})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0xb, 0x8, &(0x7f0000000680)=ANY=[], &(0x7f0000000640)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./file0\x00', 0x0, &(0x7f0000002480)=ANY=[@ANYBLOB="00e789da34e04a1ffb124b2c2fb684c70b90bbb45efd97899a16f2df4fa2e8f06ac2c5352509e3c51d882eb3ec0dd3b1c96e980163890d2d0d1b8d3d62f6d77b0209e166e2ca4c35483d49316daf522556a16cab12d75a852bc680da7ea837480feb2060a1e20a59b7745235030000004ed0351cb5b416ba1c57217be5a338392f831617ee8c35bb61f0a9eeed3b1226b18c4b455ab222d7ae1b5258d5643d70000000000000000000ae468a387d9e63008000000000000063a454d1ab8760076a893752105f030c49caf2fdfe6bc9743a68593b576e2f2f6ab69e1b974ac90855ac250f8f73e16bc593730b88d7a3346b945e276875915040ce4901262cd8ce8191ee84e3ce5526a0a43b707cc711a3311f840cad641a013c6dd783aa895227b3d50a86e15a57e26666aaa296b7ddc4c8f421cf9d76d344bf6522f5d1138659d3de84ce13b085a2ed9d66c93767378423521cc4ea440e0ac3b953e1ca1675a716a97a5c3106aba648f119eeab4747b9b53000475e0a34514ccf397ea6f170e018122a98f135beac48d2ed195e20fdd226c7f5a20000ad1fcfbee59924e161280a8b78fe34b2fa3efa7c1d4268bf090000ecb4ece3234c232659fee3ff9e6d21e008a570bb490a65b84ea8b6d6507355cb1112fae6e3456bf8da53e1df20458e59456822dbb8dbd7ce0f928d5fbd6414fe8ab5277f3fd5ce6be044993f93e697a69484cc0e65ec742443c84e21a440998c8d69c12c2db7aee2872c6e0671d639e8f6bece219dcd0f69b9867dfc3187c882c035809c81832d7416f90c734be30c2faf0c22bfc8d95dfc7b9bac96b838c98ae5a75b9dc9e967ef5edf311bbebd7ca803cea8f5b9ec5b3edd6c44d633b71bde97a3c10a468432ff3d4e63ce3ecfa640d44b70b68744d26e72389e6c61767725d2c692443bc949c28b1a374e541bd352ca2f3bf64d883862dc24d8e27d86b6e38bc269f110c3d563f8e4ec9a98016b6b58157deeefa8fa022514bdc75f794094700cb8fa2b61310cbf9058bce5f2399055929e0fc732e0d5db926fe1b09a2993ff038d8099c229bda0801f8b81719d73b4abac97f704a0942051bae38b00b69d7fa69d738f99f73b19082ec0c99442d97ddbf68a4822aa2a2673478f81f14f67beee619b9d9882f7eabfb5000000000000000000003ff8795b5ec2de11479e781396117c84449647684239c9b9475b389a6a76d36c31f39539d928d2c58f188b4bf713d0915df4cc7de48a930935dbb01c9422d604467d209fd1421c7fc503cabde4bb193ff3654377c6e4fb72dcfc835f760bae7447068c2e43433e3d77c6805b559a04f3ebb741a9bbf57274b1da7800000000000000000000000000000000000000001c4f225672f3465b2638e921d80d58dca4ee4592d8cc0c06b2e390b7b1c713a46bc8ece9be25f055a59032576bc00a844c32b46040a607eaeb886ec0cb8e90c5a4075caa8a358ab81e78ad794a20f772b73466a43cd696401521793e54b1c4aa58d506b661f393e7233337473f36c2dbb15ae673afe82ebe45cc6f776162e43b74d9b9ca6f68d6bc8261600b27431e0f6f4f1e0947f69d2d812ebc9d2a8869b14a84dbdcdc5055b97a241e2f707740bb966b6c58408aceb9f6a943f614d2a6093c60c0dfb511b02f191ef6fa6e5a1a86687a44ec6098439a2ef55a4ba07e2b0f62ae86e1458f63f6b8b2d2b9990495f17b6d1052b19472a97d41204a8be48e380be2e6885c7de0807f2c154ad4f25b16027bc4aeb85dc798e7eef25631bfd79c8e0aff725dcd4b91c61bf8d72f74e4dbae"], 0x1, 0x11f4, &(0x7f0000001280)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g")
open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x10103e, 0x0)
ftruncate(r0, 0x20cf01)
getsockopt(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = open(&(0x7f0000000100)='./file0\x00', 0x468c2, 0x24)
r2 = open$dir(&(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r3 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0)
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10040, &(0x7f0000000200)={[{@journal_dev}, {@nouid32}]}, 0xfe, 0x254, &(0x7f0000000840)="$eJzs3U9oHFUcB/Df7B/jJotEvQjiHxARDYR4E7zEi0JAQhARVIiIeJJEiAnesp68eNCzLTn1EkpvTXssvYReWgo9pW0O6aXQhh4aemgPW2Znt2yTDW2zyU7JfD4wO/P2vZnfDMz37V5mN4DCGo2IyYgoR8RYRFQjIuke8H62jLabK7X12Yhm85t7SWtc1s509huJiEZEfBZR6fQtrf2w9WDjq4/+Wax+eGrt+9qgrq/b9tbm1zsnp/8+O/Xp0pVrd6aTmIx6u6/7Og5T0uO9ShLxxlEUe0kklbzPgOcx8+eZ62nu34yID1r5r0apHdl/F165WI1PTuy37393r749yHMFDl+zWU0/AxtNoHBKEVGPpDQeEdl2qTQ+nn2Hv1EeLv02v/DH2K/zi3O/5D1TAYelHrH55fmhcyO78n+7nOUfOL7S/H87s3oz3d4p5302wEC8k63S/I/9tPxxyD8UjvxDcck/FJf8wzFwwOzKPxSX/ENxyT8cY9XORqNnt/xDcck/FJf8Q3F15x8AKJbmUN5PIAN5yXv+AQAAAAAAAAAAAAAAAAAA9lqprc92lkHVvPR/xPYXEVHpVb/c+j/iiFdbr8P3k3TYE0m2W19+fK/PA/TpdM5PX792K9/6l989muP+9XSztt+45bmIRjp4olLZe/8l7fvv4F5/Rn/15z4LvKBkV/vz7wZbf7dHq/nWn9qIuJDOPxO95p9SvNVa955/6t0/sXxAvz/s8wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMzOMAAAD//7MNbSk=")
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
link(&(0x7f0000001240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
write$P9_RREADLINK(r3, &(0x7f0000000300), 0x16)
dup3(r3, r1, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xef84)

4.334727784s ago: executing program 4 (id=2454):
io_setup(0x0, &(0x7f00000002c0))
io_pgetevents(0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={0x0, 0x989680}, &(0x7f0000000400)={0x0})
syz_mount_image$ext4(&(0x7f0000001080)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000080), 0x1, 0x42e, &(0x7f0000000900)="$eJzs3E9vFGUcB/DvbFuIgBYV/yFoFYQq2tqiqIkh4eaB6EEPXhtaKrEUpTURQgwkHryayAvQeJWXYNTEPxc9Ga5q9KAkxEAPHIypme1uu5Ru6ULLGvbzSWZ5nplZnmfmyW9m5+kvE6Bj9ZUfRbIpyc9JeueqV+/QN/fPzKVTh8qlyOzs638X1f0uXzp1qL5r/Xsby49K0l9JKh8WeXiJdqdOnHx7ZGJi7HitPjh99J3BqRMnnzlydGR8bHxscmjv0L59Lzz/4vDQqh3rKz/N/PFZ96uTn5+9PHll//CGsr+batsaj2O19KXv6nPZYNdqN9Zm9zWUi+42doSWdCUph6unGv+96crC4PXm+1/b2jlgTc2W1jfdfHoWuI0VaXcPgPao3+jL59/6cqt+e9B+Fw/MPQBers3tzMyPf3cqc4V3d3379VXP96upL8mbB1/bXi5Zo3kYAAAAgE721YEkTy81/1fJ/Q37leUHkjyY5KEkW5NqXs+2JNuTPJLk0Xo+UQsW73/t/E/lwg0dGCty8UDyckNu10zD+Nds7qrV7iwr6SkOH5kYezbJXUn607O+rC+XpXX0rZEfm21rnP8rl7L9+lxgrR8Xuhf9fXp0ZHrkZo6ZBRfPJFu7lxr/Yj4TqEjyWJLHV/IfflfNqBvfcu6f+VUvfXTv+Wa7X3/8WUuznya7l4z/hczFYvn8zMHq9WCwflW41g9n933RrH3j315l/G9Yfvw3F435ulOtt/HNlt9+abbtRq//64o3qh1cV1v3/sj09PGhZF1x8Nr1w633+XZVPx/181WOf/+Ope//99S+U57QHUl2Jnmilru8u3rvT55M8lSSPcu0eXr893+bbRP/7VWO/2hL8d964a8zH+9s1v7K4v+5amf6a2v8/ru+lQ5Qu/sJAAAAAAAAwOqoVN+BV1QG5suVysDA3Dv8tmRDZeLY1PSew8femxyde1fe5vRU6plevQ35oEPV8kJ9eFF9b5K7k3zSdUe1PnDo2MRouw8eOtzGJvFf+rOr3b0D1pz3tULnEv/QucQ/dC7xD51L/EPnEv/QucQ/dC7xD51rcfx/cP7g/itfbjvXpu4At5D7P3Skm3mvn4KCwu1aaPeVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/4b8AAAD//y2P0tw=")
signalfd(0xffffffffffffffff, &(0x7f0000000180), 0x8)
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000004c0)=ANY=[@ANYBLOB="12010000000000406a05f800b41500000001090224000100000000090420000103000000092100000001220500090581696ce2076a2728629295441a73bc7e39bacee09b8b054b6c794fa32e183d0e203c1afb2b2ccde929802358c576a5801fd18b21e912264eaf"], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = fsopen(&(0x7f00000003c0)='ext3\x00', 0x0)
prlimit64(0x0, 0x0, 0x0, 0x0)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xef9a9000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000009500"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
sendmsg$ETHTOOL_MSG_RINGS_GET(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x2c}}, 0x40800)
r4 = socket(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000340)='nfs\x00', 0x0, &(0x7f0000000300)='\x01')
write(r4, &(0x7f0000000240)="aefc00001a0025f00385bc04fef7681d020b49ff708800008003280008021000ac0a1410bc71176a36ede498534108e58342fa94a235a2a441f9", 0xfcae)
close_range(r0, 0xffffffffffffffff, 0x0)

3.847307254s ago: executing program 2 (id=2450):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
rt_sigprocmask(0x0, &(0x7f0000000480)={[0xfffffffffffffffd]}, 0x0, 0x8)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0xc906, &(0x7f0000001680)={[{@errors_continue}, {@acl}, {@journal_path={'journal_path', 0x3d, './file0/file0'}}, {@bsdgroups}, {@nobarrier}, {@nodiscard}, {@nobarrier}]}, 0x1e, 0x4e1, &(0x7f0000000a40)="$eJzs3UFvG1kdAPD/OHGbtClJBYdSiVLRoqSC2klD24hDAQnBqRJQ7iUkThTFiaPYaZuoglR8ACSEAIkTJy5IfAAk1I+AkCrBfbW72tVqt9097GG3Xnlsd9PUbhLVsaP495Om897M2P//c+Nnv5knTwB962JEXIuI59VqtVYfbWzPNJZIImK7ftyzpw/naksS1eqdD5N0V61eO2xix3Oerj8khiLiFz+N+HXyatzy5tbybLFYWG/U85WVtXx5c+vq0srsYmGxsDo9PXVj5ubM9ZnJjrRzJCJu/fjdP/3+7z+59e/v3n/r7vsTv0ka22NHOzqt3vRs+lo0DUbE+mEE64GBRnuyvU4EAIB9aX7P/1ZEXInRGEi/zQEAAADHSfUHI/FZElFtYajl1pedbLdjaO/HAgAAAN2RSefAJplcYx7ASGQyuVx9Du/X4lSmWCpXvrNQ2lidr8+VHYtsZmGpWJhszBUei2xSq0+l5S/r13bVpyPibET8cXR4OJaKhdxcqTjf65MfAAAA0CdO7xr/fzJaH/8DAAAAx8xYrxMAAAAADp3xPwAAABx/xv8AAABwrP3s9u3aUm3e/3r+3ubGcune1flCeTm3sjGXmyutr+UWS6XF9Df7VvZ6vmKptPa9WN14kK8UypV8eXPr7kppY7Vyd+mlW2ADAAAAXXT2m4//n0TE9veH06XmRK+TArpi8CAHv3N4eQDdN9DrBICeOdDnP3CsZHudANBzyR77207e+U/ncwEAAA7H+NdbX/9P9jw3sJ3pUorAIXH+D/qX6//Qv1z/h/6VjYEwkIf+dvjX/6vVAyUEAAB03Ei6JJlcRHoeYCQymVwu4kx6W4BssrBULExGxFci4n+j2ZO1+lT6yGTPMQMAAAAAAAAAAAAAAAAAAAAAAAAAUFetJlEFAAAAjrWIzHtJ4/5f46OXR3afHziRfDqariPi/l/v/PnBbKWyPlXb/tGL7ZW/NLZf68UZDAAAAGC35ji9OY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE569vThXHPpZtwPfhQRY63iD8ZQuh6KwYg49XGSrpuSiBjoQPztRxFxrlX8pJZWjDWyaBV/uIfxMxFxugPxoZ89rvU/P2z1/svExXTd+v13I+2h3lzb/i9pHjGU9nOt+p8z+4xx/sk/823jP4o4P9i6/2n2v0mb+Jf2Gf9Xv9zaarev+reI8ZafP8lLsfKVlbV8eXPr6tLK7GJhsbA6PT11Y+bmzPWZyfzCUrHQ+HdHl3zxRekP3/jX89e1/1Sb+GN7tP/yPtv/+ZMHT79aL2ZbxZ+41Prv71yb+JnGZ9+3G+Xa/vFmebte3unCP/574XXtn6+3f/Cg//8T+2z/lZ//7u19HgoAdEF5c2t5tlgsrPd14Y1ejdrXoiPRisMsDMeRSKPDhd8ejTSOZKG3/RIAANB5r46BAQAAAAAAAAAAAAAAAAAAgG7r5q/rNW33pqkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK/1RQAAAP//2jzOsg==")
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000000c0)=0x1, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0x61)

3.53110882s ago: executing program 2 (id=2457):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff4c, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0xc, &(0x7f00000004c0)=ANY=[@ANYRESOCT=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000480)='sched_kthread_work_queue_work\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_BLANKSCREEN(r5, 0x5609, &(0x7f0000000000))
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000240)={0x0, <r6=>0x0})
openat$ppp(0xffffffffffffff9c, &(0x7f0000000340), 0x218880, 0x0)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x20001400)
r7 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
pread64(r8, &(0x7f00000001c0)=""/241, 0xf1, 0x2)
r9 = ioctl$LOOP_CTL_GET_FREE(r7, 0x4c82)
timer_create(0x2, &(0x7f00000001c0)={0x0, 0xc, 0x4, @tid=r6}, &(0x7f00000002c0))
ioctl$LOOP_CTL_REMOVE(r7, 0x4c81, r9)
ioctl$LOOP_CTL_GET_FREE(r7, 0x4c82)
socket$inet(0x2, 0x1, 0x0)
pipe(&(0x7f0000000080))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)

3.002124343s ago: executing program 3 (id=2460):
r0 = socket$inet(0x2, 0x3, 0x6)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f00000000c0)=0x8009, 0x4)
r1 = userfaultfd(0x80001)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x60000000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r3=>0xffffffffffffffff, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000640), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
r5 = eventfd(0x0)
ioctl$VHOST_SET_LOG_BASE(r4, 0x4008af04, &(0x7f0000000700)=&(0x7f00000006c0))
syz_emit_ethernet(0x46, &(0x7f0000000340)=ANY=[@ANYBLOB="3c82bf073aaebbbbbbbbbbbb86dd6001010000101100fe8000000000000000000000000000bbfe8000000000000000000000000000aa00000000001090780200000000"], 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0x4008af12, &(0x7f0000000200)={0x1, 0x5})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000000940)={0x1, 0x0, [{0x0, 0xc3, &(0x7f0000000540)=""/195}]})
ioctl$VHOST_SET_LOG_FD(r4, 0x4004af07, &(0x7f0000000240)=r5)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000040)={0x1, r5})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/233, &(0x7f00000000c0)=""/87, &(0x7f0000000740)=""/82})
ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f0000000000)=0x20000)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xf, &(0x7f0000000480)=ANY=[@ANYRES8=r3, @ANYRES32=r2, @ANYRESDEC=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0xc})

2.919110321s ago: executing program 0 (id=2461):
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_UPDATE_OWE_INFO(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
r2 = syz_open_dev$usbmon(&(0x7f0000000600), 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
poll(&(0x7f0000000540)=[{r2}], 0x1, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180800000000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
ioctl$VHOST_SET_VRING_BASE(r1, 0x4008af12, 0x0)
r5 = syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x0, 0x0, 0xffffffffffff8001, 0x1, [{{0x9, 0x2, 0x3b, 0x1, 0x1, 0x0, 0x60, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1a, 0x2, 0x6, 0x0, 0x0, {{0x5}, {0x5}, {0xd}}, {[], {{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ecm(r5, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r5, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r5, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000300), &(0x7f0000000340)=0xc)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000200)=ANY=[@ANYRESHEX=r0, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095", @ANYRESDEC], 0x0}, 0x90)
socket(0xa, 0x801, 0x0)

2.80014267s ago: executing program 3 (id=2462):
open(0x0, 0x0, 0x0)
syz_usb_connect$printer(0x0, 0x0, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x5, 0x0})
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10, r0, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r1, 0x400448de, &(0x7f00000000c0)={0x0, 0x0, "a4cd91"})

2.596598467s ago: executing program 2 (id=2463):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000640)=@newqdisc={0x64, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x38, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0xd93210e2f8be8fc}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {}, 0x0, 0x8}}]}}]}, 0x64}}, 0x0)

2.586918117s ago: executing program 2 (id=2464):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff4c, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000480)='sched_kthread_work_queue_work\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_BLANKSCREEN(r3, 0x5609, &(0x7f0000000000))
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000240)={0x0, <r4=>0x0})
openat$ppp(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x20001400)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000001c0)=""/241, 0xf1, 0x2)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
timer_create(0x2, &(0x7f00000001c0)={0x0, 0xc, 0x4, @tid=r4}, &(0x7f00000002c0))
ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82)

2.027898943s ago: executing program 3 (id=2465):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x18, 0x6, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_RULE_EXPRESSIONS={0x4}]}], {0x14}}, 0x40}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r2, @ANYBLOB="01e5c300000000fb04003b1c210008000300", @ANYRES32=r1, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$nl_netfilter(0x10, 0x3, 0xc)
capset(&(0x7f0000000040), &(0x7f0000000080))
unshare(0x400)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
splice(0xffffffffffffffff, 0x0, r4, 0x0, 0x100000004, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0xf400)
r5 = socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0xf)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001100)=@newlink={0x34, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}}, 0x0)

1.863216037s ago: executing program 3 (id=2466):
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
socket$packet(0x11, 0x0, 0x300)
readv(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1c}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x4}, {0x3, 0x0, 0x3, 0xa, 0x2}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x0, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x4, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
rt_tgsigqueueinfo(0x0, 0x0, 0x0, &(0x7f0000000140))

1.852303878s ago: executing program 1 (id=2458):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1001}, 0xc)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@remote, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xee01}}, {{@in6=@loopback, 0x0, 0x32}, 0x2, @in=@local, 0x0, 0x4}}, 0xe8)
sendmmsg$inet6(r1, &(0x7f0000000a80)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}}, {{&(0x7f0000000040)={0xa, 0x4e21, 0x0, @dev}, 0x1c, 0x0, 0x0, 0x0, 0x0, 0xe00}}], 0x2, 0x0)

1.784837123s ago: executing program 1 (id=2467):
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000580)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYRES16=0x0, @ANYRES32, @ANYBLOB="54438609962818b171429bc16e1fc3fabad8da0aab06d29d1f1c8db5d398aee73986e4f2dfefb1fbb45b597a6cadb0208190bc01d9bcb508c680bfcf6394c9ec0a99e26bcd8e0b78a6b86f8edbbc8e536def7e177f4e1b52b4c16085066ec38a2b64bd54bbcc8d5f830f35d4bb2f28ad550f8fd257", @ANYRES64=0x0, @ANYRES64, @ANYRESHEX, @ANYRES8], 0xfd, 0x222, &(0x7f00000016c0)="$eJzs2k2LW2UUB/Bz25HWKdNEfKMF8UE3urk0Wblw0UFaEAOKNoIK0lvnRkMyyZAbBiLSzs6tH8G1uHQnSL/AbPwEXbibzSy7EK+0KZ0X4mIQJ9j5/TY5cPKH5+FcLmdx9979YXPQq/JeMY1zWRYr12MnHmbRjHNxPuZ24u277zx47ZPPPv9gvdO58XFKN9dvtdoppcuv//bFdz+/cX966dNfLv96IXabX+7tt//YfWX3yt5ft77pV6lfpdF4mop0ZzyeFneGZdroV4M8pY+GZVGVqT+qysmRfm843tqapWK0sba6NSmrKhWjWRqUszQdp+lkloqvi/4o5Xme1laDf6P708O6jv36udtR1/XzP8al+7H2IBqRvZCyF69nL9/OXt3JruzXdWPZR+U/Yf5nm/mfbeZ/th1a6i5GbH6/3d3uzn/n/fVe9GMYZVyLRvwZjx6TJ+b1zfc7N66lx5qRNu89yd/b7p4/mm9FI5qL8615Ph3NX4jVw/l2NOKlxfn2wvzFeOvNQ/k8GvH7VzGOYWzEo+xB/m4rpfc+7BzLX338PwCAZ02enlq4v+X5P/Xn+RPsh8f2q5W4urLcuxNRzb4dFMNhOVEoFIqnxbLfTJyGg6Ev+yQAAAAAAAAAAACcxGl8TrjsOwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/w9/BwAA///8j/If")
chdir(&(0x7f0000004340)='./file0\x00')
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x1c917e, 0x0)
mknod(&(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0)
write$binfmt_script(r0, &(0x7f0000000280), 0x208e24b)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)

1.622978347s ago: executing program 2 (id=2468):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000580)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
unshare(0x8020600)
syz_usb_connect(0x6, 0x36, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000dc0)={0x0, 0x6, &(0x7f0000000d40)=ANY=[@ANYBLOB="050000000000d9d771113a0000000000851000000200000085000000000000009505000000000000000000ffff00000065f00de6"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000800)={'wlan1\x00', <r3=>0x0})
r4 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r4, &(0x7f0000000140)="892f6610088166ffc3ed697a0000", 0xe, 0x0, &(0x7f0000000300)={0x11, 0x0, r3}, 0x14)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r5)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000100)={'wlan0\x00'})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_MPP(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="010300000000000000001100000008000300", @ANYBLOB], 0x1c}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000)
getpid()

983.318669ms ago: executing program 3 (id=2469):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff4c, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0xc, &(0x7f00000004c0)=ANY=[@ANYRESOCT=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000480)='sched_kthread_work_queue_work\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_BLANKSCREEN(r5, 0x5609, &(0x7f0000000000))
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000240)={0x0, <r6=>0x0})
openat$ppp(0xffffffffffffff9c, &(0x7f0000000340), 0x218880, 0x0)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x20001400)
r7 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
pread64(r8, &(0x7f00000001c0)=""/241, 0xf1, 0x2)
r9 = ioctl$LOOP_CTL_GET_FREE(r7, 0x4c82)
timer_create(0x2, &(0x7f00000001c0)={0x0, 0xc, 0x4, @tid=r6}, &(0x7f00000002c0))
ioctl$LOOP_CTL_REMOVE(r7, 0x4c81, r9)
ioctl$LOOP_CTL_GET_FREE(r7, 0x4c82)
socket$inet(0x2, 0x1, 0x0)
pipe(&(0x7f0000000080))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)

0s ago: executing program 3 (id=2470):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0xa, 0x4, 0x4, 0x4, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008230000b7040000000000008500000001000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000060ff850000000400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000680)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

kernel console output (not intermixed with test programs):

=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  189.087677][ T5823] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  189.094617][ T5823] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  189.122336][ T5823] syz.1.1976[5823] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  189.122386][ T5823] syz.1.1976[5823] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  189.137142][  T354] device bridge_slave_1 left promiscuous mode
[  189.158360][  T354] bridge0: port 2(bridge_slave_1) entered disabled state
[  189.166888][  T354] device bridge_slave_0 left promiscuous mode
[  189.172944][  T354] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.181080][  T354] device veth1_macvtap left promiscuous mode
[  189.187502][ T1629] logitech 0003:046D:CA04.0036: collection stack underflow
[  189.191486][  T354] device veth0_vlan left promiscuous mode
[  189.195622][ T1629] logitech 0003:046D:CA04.0036: item 0 1 0 12 parsing failed
[  189.213775][ T5838] loop4: detected capacity change from 0 to 1024
[  189.220828][ T1629] logitech 0003:046D:CA04.0036: parse failed
[  189.226939][ T1629] logitech: probe of 0003:046D:CA04.0036 failed with error -22
[  189.268100][ T5838] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  189.276129][ T5823] syz.1.1976[5823] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  189.276200][ T5823] syz.1.1976[5823] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  189.307234][ T5838] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a003c018, mo2=0002]
[  189.313822][ T5832] loop3: detected capacity change from 0 to 40427
[  189.322882][ T5838] System zones: 0-1, 3-12
[  189.337843][ T5838] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodiscard,bsddf,auto_da_alloc=0x0000000000000000,nomblk_io_submit,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,acl,debug,,errors=continue. Quota mode: none.
[  189.365509][   T30] audit: type=1400 audit(1720038393.445:999): avc:  denied  { setattr } for  pid=5837 comm="syz.4.1979" name="file1" dev="loop4" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  189.392593][ T5832] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  189.401635][ T1629] usb 3-1: USB disconnect, device number 34
[  189.410956][ T5838] EXT4-fs error (device loop4): ext4_expand_extra_isize_ea:2739: inode #14: comm syz.4.1979: corrupted in-inode xattr
[  189.426867][   T30] audit: type=1400 audit(1720038393.495:1000): avc:  denied  { read } for  pid=5837 comm="syz.4.1979" name="file1" dev="loop4" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  189.428231][ T5832] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  189.458058][ T5838] EXT4-fs (loop4): re-mounted. Opts: (null). Quota mode: none.
[  189.459922][ T5832] F2FS-fs (loop3): group quota file already specified
[  189.539079][ T5838] device syz_tun entered promiscuous mode
[  189.544667][ T5838] device vlan2 entered promiscuous mode
[  189.551815][ T5838] device syz_tun left promiscuous mode
[  189.552830][ T5847] x_tables: duplicate underflow at hook 3
[  189.557179][   T30] audit: type=1400 audit(1720038393.635:1001): avc:  denied  { map } for  pid=5846 comm="syz.1.1980" path="socket:[44550]" dev="sockfs" ino=44550 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  190.167620][ T5863] loop4: detected capacity change from 0 to 1024
[  190.198981][ T5865] netlink: 19 bytes leftover after parsing attributes in process `syz.2.1988'.
[  190.227630][ T5863] EXT4-fs (loop4): Ignoring removed orlov option
[  190.234336][ T5863] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  190.242650][ T5863] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a80ec018, mo2=0002]
[  190.250831][ T5863] System zones: 0-1, 3-36
[  190.255973][ T5863] EXT4-fs (loop4): mounted filesystem without journal. Opts: debug,orlov,nomblk_io_submit,block_validity,quota,init_itable=0x0000000000000000,usrquota,usrquota,,errors=continue. Quota mode: writeback.
[  190.496441][ T1629] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  190.654040][ T5881] loop1: detected capacity change from 0 to 40427
[  190.695403][ T5883] loop3: detected capacity change from 0 to 40427
[  190.696986][ T5881] F2FS-fs (loop1): Invalid log blocks per segment (4278190089)
[  190.709465][ T5881] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  190.716424][ T4947] rtl8150 5-1:0.0: couldn't reset the device
[  190.719179][ T5881] F2FS-fs (loop1): invalid crc value
[  190.723302][ T4947] rtl8150: probe of 5-1:0.0 failed with error -5
[  190.729003][ T5883] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  190.735773][ T4947] usb 5-1: USB disconnect, device number 37
[  190.742439][ T5883] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  190.751189][ T5881] F2FS-fs (loop1): Found nat_bits in checkpoint
[  190.758406][ T5883] F2FS-fs (loop3): Found nat_bits in checkpoint
[  190.762154][ T1629] usb 3-1: Using ep0 maxpacket: 16
[  190.798445][ T5883] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  190.800112][ T5881] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  190.805372][ T5883] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  190.812397][ T5881] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  190.842190][ T5883] syz.3.1994[5883] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  190.842262][ T5883] syz.3.1994[5883] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  190.843894][ T5881] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  190.888921][ T5881] device pim6reg1 entered promiscuous mode
[  190.926428][ T1629] usb 3-1: unable to get BOS descriptor or descriptor too short
[  190.949950][ T5743] attempt to access beyond end of device
[  190.949950][ T5743] loop1: rw=524288, want=45072, limit=40427
[  190.961621][ T5743] attempt to access beyond end of device
[  190.961621][ T5743] loop1: rw=0, want=45072, limit=40427
[  190.974389][ T5743] attempt to access beyond end of device
[  190.974389][ T5743] loop1: rw=2049, want=45104, limit=40427
[  190.992487][ T1629] usb 3-1: unable to read config index 0 descriptor/start: -71
[  191.056744][ T1629] usb 3-1: can't read configurations, error -71
[  191.409589][ T5910] loop3: detected capacity change from 0 to 512
[  191.458495][ T5916] loop4: detected capacity change from 0 to 2048
[  191.465590][ T5911] bridge0: port 1(bridge_slave_0) entered blocking state
[  191.472773][ T5911] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.474104][ T5916]  loop4: p1 p2 p3
[  191.480107][ T5911] device bridge_slave_0 entered promiscuous mode
[  191.483704][ T5910] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  191.490261][ T5911] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.504167][ T5911] bridge0: port 2(bridge_slave_1) entered disabled state
[  191.506657][ T5910] EXT4-fs (loop3): orphan cleanup on readonly fs
[  191.511720][ T5911] device bridge_slave_1 entered promiscuous mode
[  191.518003][ T5910] EXT4-fs warning (device loop3): ext4_enable_quotas:6410: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  191.538368][ T5910] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  191.545880][ T5910] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1999: bg 0: block 40: padding at end of block bitmap is not set
[  191.560215][ T5910] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6176: Corrupt filesystem
[  191.574241][ T5910] EXT4-fs (loop3): 1 truncate cleaned up
[  191.579965][ T5910] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  191.611987][ T5916] loop4: detected capacity change from 0 to 2048
[  191.648489][ T5911] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.655514][ T5911] bridge0: port 2(bridge_slave_1) entered forwarding state
[  191.662837][ T5911] bridge0: port 1(bridge_slave_0) entered blocking state
[  191.669686][ T5911] bridge0: port 1(bridge_slave_0) entered forwarding state
[  191.680782][ T5916]  loop4: p1 p2 p3
[  191.695815][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  191.703334][ T4947] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.711198][ T4947] bridge0: port 2(bridge_slave_1) entered disabled state
[  191.722906][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  191.726376][ T1629] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  191.731175][  T310] bridge0: port 1(bridge_slave_0) entered blocking state
[  191.745094][  T310] bridge0: port 1(bridge_slave_0) entered forwarding state
[  191.769877][ T5916] loop4: detected capacity change from 0 to 2048
[  191.791835][ T5923] syz.3.1999[5923] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  191.792169][ T5923] syz.3.1999[5923] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  191.971409][ T5916]  loop4: p1 p2 p3
[  191.993480][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  192.001798][    T6] bridge0: port 2(bridge_slave_1) entered blocking state
[  192.008840][    T6] bridge0: port 2(bridge_slave_1) entered forwarding state
[  192.016465][ T1629] usb 3-1: Using ep0 maxpacket: 8
[  192.031988][   T45] device bridge_slave_1 left promiscuous mode
[  192.038434][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  192.050340][   T45] device bridge_slave_0 left promiscuous mode
[  192.056609][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  192.064589][   T45] device veth1_macvtap left promiscuous mode
[  192.070871][   T45] device veth0_vlan left promiscuous mode
[  192.090736][ T5916] loop4: detected capacity change from 0 to 2048
[  192.145312][ T5916]  loop4: p1 p2 p3
[  192.159782][ T5925] loop0: detected capacity change from 0 to 40427
[  192.176468][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  192.184515][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  192.192294][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  192.195752][ T5925] F2FS-fs (loop0): Found nat_bits in checkpoint
[  192.200419][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  192.220733][ T5916] loop4: detected capacity change from 0 to 2048
[  192.227990][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  192.235194][ T5925] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  192.243727][ T1629] usb 3-1: config 1 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  192.244511][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  192.258146][ T1629] usb 3-1: config 1 interface 0 has no altsetting 0
[  192.277642][ T5916]  loop4: p1 p2 p3
[  192.299709][ T5911] device veth0_vlan entered promiscuous mode
[  192.313016][ T5911] device veth1_macvtap entered promiscuous mode
[  192.337405][ T1629] usb 3-1: language id specifier not provided by device, defaulting to English
[  192.353006][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  192.361090][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  192.369287][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  192.377970][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  192.386251][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  192.393938][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  192.540735][ T1629] usb 3-1: New USB device found, idVendor=046d, idProduct=4101, bcdDevice= 0.40
[  192.540816][ T1629] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.540885][ T1629] usb 3-1: Product: 䥯繦យꗧ罭ꈧ镂阑殺褤㛠塿㮓Ҳ䅎厹㯷飅곒員㛑怨뢊趆謊�놵✨ഒ꧇뉯ਜ਼ﬞ��頥怮啉
[  192.540938][ T1629] usb 3-1: Manufacturer: Ñ„
[  192.541024][ T1629] usb 3-1: SerialNumber: à°Š
[  192.621176][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  192.621408][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  192.621616][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  192.621920][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  192.622121][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  192.650636][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  192.650652][   T30] audit: type=1326 audit(1720038396.735:1006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5947 comm="syz.4.2010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf612b2bd9 code=0x7ffc0000
[  192.650859][   T30] audit: type=1326 audit(1720038396.735:1007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5947 comm="syz.4.2010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7fcf612b2bd9 code=0x7ffc0000
[  192.650980][   T30] audit: type=1326 audit(1720038396.735:1008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5947 comm="syz.4.2010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf612b2bd9 code=0x7ffc0000
[  192.920921][   T30] audit: type=1326 audit(1720038397.005:1009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5939 comm="syz.3.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f9a0abbd9 code=0x7ffc0000
[  192.920957][   T30] audit: type=1326 audit(1720038397.005:1010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5939 comm="syz.3.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f9a0abbd9 code=0x7ffc0000
[  192.920980][   T30] audit: type=1326 audit(1720038397.005:1011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5939 comm="syz.3.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f9a0abbd9 code=0x7ffc0000
[  192.921002][   T30] audit: type=1326 audit(1720038397.005:1012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5939 comm="syz.3.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f9a0abbd9 code=0x7ffc0000
[  192.922623][ T5782] F2FS-fs (loop0): Inconsistent error blkaddr:5633, sit bitmap:0
[  192.992279][   T30] audit: type=1326 audit(1720038397.035:1013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5939 comm="syz.3.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9f9a0abbd9 code=0x7ffc0000
[  192.992319][   T30] audit: type=1326 audit(1720038397.035:1014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5939 comm="syz.3.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f9a0abbd9 code=0x7ffc0000
[  193.024311][ T5958] fuse: Bad value for 'fd'
[  193.048299][ T5782] CPU: 1 PID: 5782 Comm: syz-executor Tainted: G        W         5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[  193.085724][ T5782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  193.085739][ T5782] Call Trace:
[  193.085744][ T5782]  <TASK>
[  193.085751][ T5782]  dump_stack_lvl+0x151/0x1b7
[  193.085772][ T5782]  ? io_uring_drop_tctx_refs+0x190/0x190
[  193.085785][ T5782]  ? arch_stack_walk+0xf3/0x140
[  193.085802][ T5782]  dump_stack+0x15/0x17
[  193.085814][ T5782]  f2fs_is_valid_blkaddr+0xc87/0x12d0
[  193.085828][ T5782]  f2fs_map_blocks+0x1631/0x3ac0
[  193.085841][ T5782]  ? __stack_depot_save+0x34/0x470
[  193.085858][ T5782]  ? f2fs_do_map_lock+0x70/0x70
[  193.085872][ T5782]  ? debug_smp_processor_id+0x17/0x20
[  193.085886][ T5782]  ? try_charge_memcg+0x213/0x1550
[  193.085902][ T5782]  f2fs_mpage_readpages+0xc94/0x2160
[  193.085918][ T5782]  ? xas_start+0x32c/0x3f0
[  193.085933][ T5782]  ? dquot_release_reservation_block+0xa0/0xa0
[  193.085947][ T5782]  ? workingset_activation+0x3f0/0x3f0
[  193.085968][ T5782]  f2fs_readahead+0xfd/0x250
[  193.085980][ T5782]  ? blk_start_plug+0x5a/0x170
[  193.085993][ T5782]  read_pages+0x15e/0xb00
[  193.086006][ T5782]  ? lru_cache_add+0x279/0x540
[  193.086019][ T5782]  ? page_cache_ra_unbounded+0x920/0x920
[  193.086031][ T5782]  ? add_to_page_cache_lru+0x225/0x2c0
[  193.086045][ T5782]  ? add_to_page_cache_locked+0x40/0x40
[  193.086059][ T5782]  ? __stack_depot_save+0x34/0x470
[  193.086071][ T5782]  page_cache_ra_unbounded+0x6cb/0x920
[  193.086087][ T5782]  ? read_cache_pages_invalidate_pages+0x1c0/0x1c0
[  193.086101][ T5782]  ? _raw_spin_unlock+0x4d/0x70
[  193.086113][ T5782]  ? wp_page_reuse+0xff/0x120
[  193.086126][ T5782]  ondemand_readahead+0x9c8/0xfa0
[  193.086140][ T5782]  ? handle_pte_fault+0x7c0/0x24d0
[  193.086154][ T5782]  ? page_cache_sync_ra+0x4d0/0x4d0
[  193.086166][ T5782]  ? fault_around_bytes_set+0xc0/0xc0
[  193.086180][ T5782]  page_cache_sync_ra+0x2e9/0x4d0
[  193.086193][ T5782]  ? force_page_cache_ra+0x420/0x420
[  193.086210][ T5782]  ? do_handle_mm_fault+0x17e1/0x23a0
[  193.086224][ T5782]  f2fs_readdir+0x52d/0xba0
[  193.086238][ T5782]  ? f2fs_fill_dentries+0xd50/0xd50
[  193.086251][ T5782]  ? avc_policy_seqno+0x1b/0x70
[  193.086265][ T5782]  ? __kasan_check_read+0x11/0x20
[  193.086278][ T5782]  ? fsnotify_perm+0x470/0x5d0
[  193.086293][ T5782]  ? security_file_permission+0x86/0xb0
[  193.086308][ T5782]  iterate_dir+0x265/0x610
[  193.086321][ T5782]  ? f2fs_fill_dentries+0xd50/0xd50
[  193.086334][ T5782]  __se_sys_getdents64+0x1c1/0x460
[  193.086348][ T5782]  ? __x64_sys_getdents64+0x90/0x90
[  193.086360][ T5782]  ? filldir+0x680/0x680
[  193.086373][ T5782]  __x64_sys_getdents64+0x7b/0x90
[  193.086386][ T5782]  do_syscall_64+0x3d/0xb0
[  193.086398][ T5782]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  193.086411][ T5782] RIP: 0033:0x7fa4c71b6c73
[  193.086426][ T5782] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 d2 44 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  193.086437][ T5782] RSP: 002b:00007ffe95cdc7b8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  193.086453][ T5782] RAX: ffffffffffffffda RBX: 0000555556e8e4e0 RCX: 00007fa4c71b6c73
[  193.086464][ T5782] RDX: 0000000000008000 RSI: 0000555556e8e4e0 RDI: 0000000000000005
[  193.086473][ T5782] RBP: 0000555556e8e4b4 R08: 0000000000000000 R09: 0000000000000000
[  193.086482][ T5782] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  193.086490][ T5782] R13: 0000000000000010 R14: 0000555556e8e4b0 R15: 000000000000001c
[  193.086501][ T5782]  </TASK>
[  193.087347][ T5782] F2FS-fs (loop0): Inconsistent error blkaddr:5633, sit bitmap:0
[  193.097149][   T30] audit: type=1326 audit(1720038397.185:1015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5939 comm="syz.3.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9f9a0abbd9 code=0x7ffc0000
[  193.100938][ T5782] CPU: 1 PID: 5782 Comm: syz-executor Tainted: G        W         5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[  193.452272][ T5782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  193.462146][ T5782] Call Trace:
[  193.465276][ T5782]  <TASK>
[  193.468046][ T5782]  dump_stack_lvl+0x151/0x1b7
[  193.472559][ T5782]  ? io_uring_drop_tctx_refs+0x190/0x190
[  193.478027][ T5782]  dump_stack+0x15/0x17
[  193.482047][ T5782]  f2fs_is_valid_blkaddr+0xc87/0x12d0
[  193.487239][ T5782]  f2fs_get_read_data_page+0x4be/0x7e0
[  193.492519][ T5782]  ? f2fs_get_block+0x1b0/0x1b0
[  193.497299][ T5782]  ? force_page_cache_ra+0x420/0x420
[  193.502430][ T5782]  f2fs_find_data_page+0x19c/0x420
[  193.507473][ T5782]  f2fs_readdir+0x53a/0xba0
[  193.511803][ T5782]  ? f2fs_fill_dentries+0xd50/0xd50
[  193.516836][ T5782]  ? avc_policy_seqno+0x1b/0x70
[  193.521522][ T5782]  ? __kasan_check_read+0x11/0x20
[  193.526386][ T5782]  ? fsnotify_perm+0x470/0x5d0
[  193.530986][ T5782]  ? security_file_permission+0x86/0xb0
[  193.536804][ T5782]  iterate_dir+0x265/0x610
[  193.541053][ T5782]  ? f2fs_fill_dentries+0xd50/0xd50
[  193.546086][ T5782]  __se_sys_getdents64+0x1c1/0x460
[  193.551034][ T5782]  ? __x64_sys_getdents64+0x90/0x90
[  193.556067][ T5782]  ? filldir+0x680/0x680
[  193.560148][ T5782]  __x64_sys_getdents64+0x7b/0x90
[  193.565006][ T5782]  do_syscall_64+0x3d/0xb0
[  193.569432][ T5782]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  193.575167][ T5782] RIP: 0033:0x7fa4c71b6c73
[  193.579503][ T5782] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 d2 44 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  193.599062][ T5782] RSP: 002b:00007ffe95cdc7b8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  193.607273][ T5782] RAX: ffffffffffffffda RBX: 0000555556e8e4e0 RCX: 00007fa4c71b6c73
[  193.615282][ T5782] RDX: 0000000000008000 RSI: 0000555556e8e4e0 RDI: 0000000000000005
[  193.623072][ T5782] RBP: 0000555556e8e4b4 R08: 0000000000000000 R09: 0000000000000000
[  193.630990][ T5782] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  193.638807][ T5782] R13: 0000000000000010 R14: 0000555556e8e4b0 R15: 000000000000001c
[  193.646697][ T5782]  </TASK>
[  193.673438][  T354] attempt to access beyond end of device
[  193.673438][  T354] loop0: rw=2049, want=40992, limit=40427
[  193.866547][ T1629] usbhid 3-1:1.0: can't add hid device: -71
[  193.872961][ T1629] usbhid: probe of 3-1:1.0 failed with error -71
[  193.898904][ T1629] usb 3-1: USB disconnect, device number 36
[  194.111224][ T5969] loop3: detected capacity change from 0 to 40427
[  194.120370][ T5972] bridge0: port 1(bridge_slave_0) entered blocking state
[  194.127659][    T6] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  194.128043][ T5972] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.144098][ T5972] device bridge_slave_0 entered promiscuous mode
[  194.145182][ T5969] F2FS-fs (loop3): Unrecognized mount option "" or missing value
[  194.152003][ T5972] bridge0: port 2(bridge_slave_1) entered blocking state
[  194.165238][ T5972] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.172638][ T5972] device bridge_slave_1 entered promiscuous mode
[  194.205474][ T5979] loop2: detected capacity change from 0 to 512
[  194.229045][ T5979] EXT4-fs (loop2): Unrecognized mount option "mblk_io_submit"debug_want_extra_isize=0x0000000000000009" or missing value
[  194.257264][ T5972] bridge0: port 2(bridge_slave_1) entered blocking state
[  194.264142][ T5972] bridge0: port 2(bridge_slave_1) entered forwarding state
[  194.271274][ T5972] bridge0: port 1(bridge_slave_0) entered blocking state
[  194.278123][ T5972] bridge0: port 1(bridge_slave_0) entered forwarding state
[  194.308126][ T5985] loop2: detected capacity change from 0 to 1024
[  194.313068][ T2188] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  194.322103][ T2188] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.329491][ T2188] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.348227][ T5985] EXT4-fs (loop2): Test dummy encryption mode enabled
[  194.354949][ T5985] EXT4-fs (loop2): Ignoring removed orlov option
[  194.362192][ T2188] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  194.370060][    T6] usb 2-1: Using ep0 maxpacket: 32
[  194.375400][ T2188] bridge0: port 1(bridge_slave_0) entered blocking state
[  194.382261][ T2188] bridge0: port 1(bridge_slave_0) entered forwarding state
[  194.385016][ T5985] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  194.389670][ T2188] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  194.425646][ T2188] bridge0: port 2(bridge_slave_1) entered blocking state
[  194.432579][ T2188] bridge0: port 2(bridge_slave_1) entered forwarding state
[  194.450197][ T2188] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  194.458866][ T2188] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  194.497190][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  194.538791][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  194.547034][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  194.554370][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  194.563036][ T5972] device veth0_vlan entered promiscuous mode
[  194.575303][ T5989] loop3: detected capacity change from 0 to 40427
[  194.581795][ T5972] device veth1_macvtap entered promiscuous mode
[  194.588847][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  194.600790][ T3103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  194.614504][   T45] device bridge_slave_1 left promiscuous mode
[  194.621316][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.629681][ T5989] F2FS-fs (loop3): Found nat_bits in checkpoint
[  194.636960][   T45] device bridge_slave_0 left promiscuous mode
[  194.645998][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.654550][   T45] device veth1_macvtap left promiscuous mode
[  194.660505][   T45] device veth0_vlan left promiscuous mode
[  194.665985][ T5989] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  194.716568][    T6] usb 2-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  194.730188][    T6] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  194.752566][    T6] usb 2-1: Product: syz
[  194.757313][    T6] usb 2-1: Manufacturer: syz
[  194.761715][    T6] usb 2-1: SerialNumber: syz
[  194.766737][    T6] usb 2-1: config 0 descriptor??
[  194.777975][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  194.802449][ T6004] loop0: detected capacity change from 0 to 512
[  194.806456][ T1629] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  194.825146][ T6004] EXT4-fs (loop0): Ignoring removed nobh option
[  194.831767][ T6004] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  194.849805][ T6004] EXT4-fs (loop0): 1 truncate cleaned up
[  194.856147][ T6004] EXT4-fs (loop0): mounted filesystem without journal. Opts: i_version,nobh,data_err=ignore,nolazytime,nogrpid,acl,,errors=continue. Quota mode: none.
[  195.076400][ T2188] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  195.205584][ T5818] F2FS-fs (loop3): Inconsistent error blkaddr:5633, sit bitmap:0
[  195.213411][ T5818] CPU: 1 PID: 5818 Comm: syz-executor Tainted: G        W         5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[  195.224681][ T5818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  195.234577][ T5818] Call Trace:
[  195.237697][ T5818]  <TASK>
[  195.240481][ T5818]  dump_stack_lvl+0x151/0x1b7
[  195.245510][ T5818]  ? io_uring_drop_tctx_refs+0x190/0x190
[  195.251065][ T5818]  ? arch_stack_walk+0xf3/0x140
[  195.255750][ T5818]  dump_stack+0x15/0x17
[  195.259749][ T5818]  f2fs_is_valid_blkaddr+0xc87/0x12d0
[  195.264957][ T5818]  f2fs_map_blocks+0x1631/0x3ac0
[  195.269731][ T5818]  ? __stack_depot_save+0x34/0x470
[  195.274675][ T5818]  ? f2fs_do_map_lock+0x70/0x70
[  195.279359][ T5818]  ? debug_smp_processor_id+0x17/0x20
[  195.284568][ T5818]  ? try_charge_memcg+0x213/0x1550
[  195.289513][ T5818]  f2fs_mpage_readpages+0xc94/0x2160
[  195.294634][ T5818]  ? xas_start+0x32c/0x3f0
[  195.298889][ T5818]  ? dquot_release_reservation_block+0xa0/0xa0
[  195.304885][ T5818]  ? workingset_activation+0x3f0/0x3f0
[  195.310622][ T5818]  f2fs_readahead+0xfd/0x250
[  195.315031][ T5818]  ? blk_start_plug+0x5a/0x170
[  195.319979][ T5818]  read_pages+0x15e/0xb00
[  195.324144][ T5818]  ? lru_cache_add+0x279/0x540
[  195.328747][ T5818]  ? page_cache_ra_unbounded+0x920/0x920
[  195.335090][ T5818]  ? add_to_page_cache_lru+0x225/0x2c0
[  195.340463][ T5818]  ? add_to_page_cache_locked+0x40/0x40
[  195.345843][ T5818]  ? __stack_depot_save+0x34/0x470
[  195.350808][ T5818]  page_cache_ra_unbounded+0x6cb/0x920
[  195.356089][ T5818]  ? read_cache_pages_invalidate_pages+0x1c0/0x1c0
[  195.362517][ T5818]  ? _raw_spin_unlock+0x4d/0x70
[  195.367279][ T5818]  ? wp_page_reuse+0xff/0x120
[  195.372143][ T5818]  ondemand_readahead+0x9c8/0xfa0
[  195.377000][ T5818]  ? handle_pte_fault+0x7c0/0x24d0
[  195.381948][ T5818]  ? page_cache_sync_ra+0x4d0/0x4d0
[  195.387068][ T5818]  ? fault_around_bytes_set+0xc0/0xc0
[  195.392302][ T5818]  page_cache_sync_ra+0x2e9/0x4d0
[  195.397137][ T5818]  ? force_page_cache_ra+0x420/0x420
[  195.402256][ T5818]  ? do_handle_mm_fault+0x17e1/0x23a0
[  195.407561][ T5818]  f2fs_readdir+0x52d/0xba0
[  195.411900][ T5818]  ? f2fs_fill_dentries+0xd50/0xd50
[  195.417021][ T5818]  ? avc_policy_seqno+0x1b/0x70
[  195.421706][ T5818]  ? __kasan_check_read+0x11/0x20
[  195.426669][ T5818]  ? fsnotify_perm+0x470/0x5d0
[  195.431254][ T5818]  ? security_file_permission+0x86/0xb0
[  195.436634][ T5818]  iterate_dir+0x265/0x610
[  195.440891][ T5818]  ? f2fs_fill_dentries+0xd50/0xd50
[  195.445924][ T5818]  __se_sys_getdents64+0x1c1/0x460
[  195.450873][ T5818]  ? __x64_sys_getdents64+0x90/0x90
[  195.455905][ T5818]  ? filldir+0x680/0x680
[  195.459994][ T5818]  __x64_sys_getdents64+0x7b/0x90
[  195.464844][ T5818]  do_syscall_64+0x3d/0xb0
[  195.469103][ T5818]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  195.474824][ T5818] RIP: 0033:0x7f9f9a0ddc73
[  195.479084][ T5818] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 d2 44 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  195.498519][ T5818] RSP: 002b:00007ffc8bc463a8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  195.506764][ T5818] RAX: ffffffffffffffda RBX: 00005555571424e0 RCX: 00007f9f9a0ddc73
[  195.514573][ T5818] RDX: 0000000000008000 RSI: 00005555571424e0 RDI: 0000000000000005
[  195.522484][ T5818] RBP: 00005555571424b4 R08: 0000000000000000 R09: 0000000000000000
[  195.530377][ T5818] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  195.538189][ T5818] R13: 0000000000000010 R14: 00005555571424b0 R15: 000000000000001d
[  195.546005][ T5818]  </TASK>
[  195.550443][ T5818] F2FS-fs (loop3): Inconsistent error blkaddr:5633, sit bitmap:0
[  195.551487][ T5966] loop1: detected capacity change from 0 to 256
[  195.564278][ T5818] CPU: 0 PID: 5818 Comm: syz-executor Tainted: G        W         5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[  195.575550][ T5818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  195.585441][ T5818] Call Trace:
[  195.588563][ T5818]  <TASK>
[  195.591342][ T5818]  dump_stack_lvl+0x151/0x1b7
[  195.595853][ T5818]  ? io_uring_drop_tctx_refs+0x190/0x190
[  195.601325][ T5818]  dump_stack+0x15/0x17
[  195.605315][ T5818]  f2fs_is_valid_blkaddr+0xc87/0x12d0
[  195.610534][ T5818]  f2fs_get_read_data_page+0x4be/0x7e0
[  195.615819][ T5818]  ? f2fs_get_block+0x1b0/0x1b0
[  195.620509][ T5818]  ? force_page_cache_ra+0x420/0x420
[  195.625625][ T5818]  f2fs_find_data_page+0x19c/0x420
[  195.630572][ T5818]  f2fs_readdir+0x53a/0xba0
[  195.634919][ T5818]  ? f2fs_fill_dentries+0xd50/0xd50
[  195.639944][ T5818]  ? avc_policy_seqno+0x1b/0x70
[  195.644644][ T5818]  ? __kasan_check_read+0x11/0x20
[  195.649598][ T5818]  ? fsnotify_perm+0x470/0x5d0
[  195.654195][ T5818]  ? security_file_permission+0x86/0xb0
[  195.659923][ T5818]  iterate_dir+0x265/0x610
[  195.664176][ T5818]  ? f2fs_fill_dentries+0xd50/0xd50
[  195.669214][ T5818]  __se_sys_getdents64+0x1c1/0x460
[  195.674257][ T5818]  ? __x64_sys_getdents64+0x90/0x90
[  195.679544][ T5818]  ? filldir+0x680/0x680
[  195.683626][ T5818]  __x64_sys_getdents64+0x7b/0x90
[  195.688484][ T5818]  do_syscall_64+0x3d/0xb0
[  195.692737][ T5818]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  195.698467][ T5818] RIP: 0033:0x7f9f9a0ddc73
[  195.702719][ T5818] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 d2 44 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  195.722160][ T5818] RSP: 002b:00007ffc8bc463a8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  195.730406][ T5818] RAX: ffffffffffffffda RBX: 00005555571424e0 RCX: 00007f9f9a0ddc73
[  195.738216][ T5818] RDX: 0000000000008000 RSI: 00005555571424e0 RDI: 0000000000000005
[  195.746115][ T5818] RBP: 00005555571424b4 R08: 0000000000000000 R09: 0000000000000000
[  195.754045][ T5818] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  195.761829][ T5818] R13: 0000000000000010 R14: 00005555571424b0 R15: 000000000000001d
[  195.769640][ T5818]  </TASK>
[  195.776437][ T1629] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  195.787267][ T1629] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  195.796808][ T1629] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  195.799597][   T45] attempt to access beyond end of device
[  195.799597][   T45] loop3: rw=2049, want=40992, limit=40427
[  195.805680][ T1629] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.819570][ T5966] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1a97a7bd, utbl_chksum : 0xe619d30d)
[  195.825541][ T1629] usb 5-1: config 0 descriptor??
[  195.956419][ T2188] usb 3-1: config index 0 descriptor too short (expected 4114, got 18)
[  196.014173][ T6016] bridge0: port 1(bridge_slave_0) entered blocking state
[  196.021109][ T6016] bridge0: port 1(bridge_slave_0) entered disabled state
[  196.028199][ T6016] device bridge_slave_0 entered promiscuous mode
[  196.034975][ T6016] bridge0: port 2(bridge_slave_1) entered blocking state
[  196.041845][ T6016] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.049278][ T6016] device bridge_slave_1 entered promiscuous mode
[  196.110394][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  196.118046][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  196.127564][ T3103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  196.135721][ T3103] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  196.143795][ T3103] bridge0: port 1(bridge_slave_0) entered blocking state
[  196.150765][ T3103] bridge0: port 1(bridge_slave_0) entered forwarding state
[  196.156542][ T2188] usb 3-1: New USB device found, idVendor=066b, idProduct=20f9, bcdDevice=ff.94
[  196.158196][ T3103] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  196.171348][ T2188] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.181946][ T2188] usb 3-1: Product: syz
[  196.185948][ T2188] usb 3-1: Manufacturer: syz
[  196.190486][ T2188] usb 3-1: SerialNumber: syz
[  196.196033][ T2188] usb 3-1: config 0 descriptor??
[  196.201345][ T3103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  196.209662][ T3103] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  196.217734][ T3103] bridge0: port 2(bridge_slave_1) entered blocking state
[  196.224661][ T3103] bridge0: port 2(bridge_slave_1) entered forwarding state
[  196.237221][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  196.245255][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  196.255371][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  196.263515][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  196.280317][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  196.288750][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  196.300766][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  196.308705][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  196.316733][ T1629] hid (null): bogus close delimiter
[  196.325421][ T3103] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  196.332709][ T3103] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  196.342558][ T6016] device veth0_vlan entered promiscuous mode
[  196.352855][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  196.361895][ T6016] device veth1_macvtap entered promiscuous mode
[  196.369577][   T45] device bridge_slave_1 left promiscuous mode
[  196.375529][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.383050][   T45] device bridge_slave_0 left promiscuous mode
[  196.389234][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  196.397205][   T45] device veth1_macvtap left promiscuous mode
[  196.403100][   T45] device veth0_vlan left promiscuous mode
[  196.484379][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  196.492470][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  196.500687][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  196.508760][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  196.530280][ T6021] loop3: detected capacity change from 0 to 512
[  196.536467][ T1629] usb 5-1: language id specifier not provided by device, defaulting to English
[  196.587977][ T6021] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  196.596150][ T6021] EXT4-fs (loop3): orphan cleanup on readonly fs
[  196.602726][ T6021] EXT4-fs warning (device loop3): ext4_enable_quotas:6410: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  196.617204][ T6021] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  196.624339][ T6021] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.2041: bg 0: block 40: padding at end of block bitmap is not set
[  196.638889][ T6021] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6176: Corrupt filesystem
[  196.648121][ T6021] EXT4-fs (loop3): 1 truncate cleaned up
[  196.653706][ T6021] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  196.812615][ T6026] syz.3.2041[6026] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  196.812942][ T6026] syz.3.2041[6026] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  197.015817][ T6032] loop1: detected capacity change from 0 to 1024
[  197.016439][ T1629] uclogic 0003:256C:006D.0037: interface is invalid, ignoring
[  197.047157][ T6032] EXT4-fs (loop1): Ignoring removed orlov option
[  197.053343][ T6032] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  197.061598][ T6032] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a80ec018, mo2=0002]
[  197.069813][ T6032] System zones: 0-1, 3-36
[  197.075039][ T6032] EXT4-fs (loop1): mounted filesystem without journal. Opts: debug,orlov,nomblk_io_submit,block_validity,quota,init_itable=0x0000000000000000,usrquota,usrquota,,errors=continue. Quota mode: writeback.
[  197.163199][ T6036] loop1: detected capacity change from 0 to 1024
[  197.209121][ T6036] EXT4-fs (loop1): Ignoring removed orlov option
[  197.215354][ T6036] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  197.222563][ T2188] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  197.223756][ T6036] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a80ec018, mo2=0002]
[  197.232375][ T2188] asix 3-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[  197.240407][ T6036] System zones: 0-1, 3-36
[  197.250469][ T2188] asix: probe of 3-1:0.0 failed with error -71
[  197.255407][ T6036] EXT4-fs (loop1): mounted filesystem without journal. Opts: debug,orlov,nomblk_io_submit,block_validity,quota,init_itable=0x0000000000000000,usrquota,usrquota,,errors=continue. Quota mode: writeback.
[  197.261833][ T2188] usb 3-1: USB disconnect, device number 37
[  197.338779][ T6041] loop1: detected capacity change from 0 to 16
[  197.367487][ T6041] erofs: (device loop1): mounted with root inode @ nid 36.
[  197.421878][ T6044] loop1: detected capacity change from 0 to 2048
[  197.432460][ T6045] loop3: detected capacity change from 0 to 512
[  197.456824][ T6044]  loop1: p1 < > p3
[  197.460894][ T6044] loop1: p3 size 134217728 extends beyond EOD, truncated
[  197.468797][ T6045] EXT4-fs (loop3): Ignoring removed nobh option
[  197.474884][ T6045] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  197.486065][ T6045] EXT4-fs (loop3): 1 truncate cleaned up
[  197.491643][ T6045] EXT4-fs (loop3): mounted filesystem without journal. Opts: i_version,nobh,data_err=ignore,nolazytime,nogrpid,acl,,errors=continue. Quota mode: none.
[  197.532238][ T1629] usb 5-1: USB disconnect, device number 38
[  197.547097][ T6053] loop3: detected capacity change from 0 to 256
[  197.585949][ T6053] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF
[  197.660522][ T6016] FAT-fs (loop3): error, corrupted directory (invalid entries)
[  197.669126][ T6016] FAT-fs (loop3): error, corrupted directory (invalid entries)
[  198.031519][ T6071] bridge0: port 1(bridge_slave_0) entered blocking state
[  198.038627][ T6071] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.046049][ T6071] device bridge_slave_0 entered promiscuous mode
[  198.053141][ T6071] bridge0: port 2(bridge_slave_1) entered blocking state
[  198.060240][ T6071] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.074133][ T6071] device bridge_slave_1 entered promiscuous mode
[  198.142104][   T30] kauditd_printk_skb: 21 callbacks suppressed
[  198.142120][   T30] audit: type=1400 audit(1720038402.225:1037): avc:  denied  { setopt } for  pid=6077 comm="syz.0.2051" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  198.200865][   T30] audit: type=1400 audit(1720038402.245:1038): avc:  denied  { listen } for  pid=6077 comm="syz.0.2051" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  198.231854][   T30] audit: type=1400 audit(1720038402.245:1039): avc:  denied  { write } for  pid=6077 comm="syz.0.2051" path="socket:[46342]" dev="sockfs" ino=46342 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  198.294354][ T2188] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  198.302411][ T2188] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  198.328617][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  198.338571][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  198.354268][  T310] bridge0: port 1(bridge_slave_0) entered blocking state
[  198.361140][  T310] bridge0: port 1(bridge_slave_0) entered forwarding state
[  198.377201][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  198.385528][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  198.393955][  T310] bridge0: port 2(bridge_slave_1) entered blocking state
[  198.400839][  T310] bridge0: port 2(bridge_slave_1) entered forwarding state
[  198.417910][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  198.425646][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  198.433683][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  198.451448][ T2188] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  198.464368][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  198.476770][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  198.484340][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  198.987983][ T6084] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  198.996705][ T6071] device veth0_vlan entered promiscuous mode
[  199.011447][ T3103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  199.020611][ T6091] loop0: detected capacity change from 0 to 2048
[  199.023856][ T6071] device veth1_macvtap entered promiscuous mode
[  199.037119][   T45] device bridge_slave_1 left promiscuous mode
[  199.043318][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.051355][   T45] device bridge_slave_0 left promiscuous mode
[  199.057660][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.065775][   T45] device veth1_macvtap left promiscuous mode
[  199.071841][   T45] device veth0_vlan left promiscuous mode
[  199.086581][    T6] rtl8150 2-1:0.0: couldn't reset the device
[  199.092641][    T6] rtl8150: probe of 2-1:0.0 failed with error -5
[  199.100172][ T6091] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  199.110231][   T30] audit: type=1400 audit(1720038403.195:1040): avc:  denied  { ioctl } for  pid=6094 comm="syz.2.2055" path="socket:[46400]" dev="sockfs" ino=46400 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  199.111732][    T6] usb 2-1: USB disconnect, device number 31
[  199.160764][   T30] audit: type=1400 audit(1720038403.245:1041): avc:  denied  { read } for  pid=6094 comm="syz.2.2055" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  199.270527][ T6120] loop1: detected capacity change from 0 to 1024
[  199.297753][ T6120] EXT4-fs (loop1): Ignoring removed orlov option
[  199.303978][ T6120] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  199.315594][  T343] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  199.323972][  T343] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  199.327977][ T6120] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  199.400971][ T6120] 9pnet: p9_errstr2errno: server reported unknown error 77777777777777
[  199.419169][ T6130] loop4: detected capacity change from 0 to 512
[  199.497067][ T6130] EXT4-fs (loop4): Ignoring removed bh option
[  199.509937][ T6135] loop1: detected capacity change from 0 to 1024
[  199.516287][ T6130] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  199.534140][ T6130] EXT4-fs (loop4): Test dummy encryption mode enabled
[  199.547127][ T6135] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  199.562925][ T6130] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[  199.576671][ T6135] EXT4-fs (loop1): invalid journal inode
[  199.587469][ T6130] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #13: comm syz.4.2068: attempt to clear invalid blocks 2 len 1
[  199.603426][ T6135] EXT4-fs (loop1): can't get journal size
[  199.616900][ T6130] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  199.638369][ T6135] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,resgid=0x0000000000000000,norecovery,commit=0x0000000000000005,nombcache,,errors=continue. Quota mode: writeback.
[  199.664077][ T6130] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.2068: invalid indirect mapped block 1819239214 (level 0)
[  199.701900][ T6130] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.2068: invalid indirect mapped block 1819239214 (level 1)
[  199.730869][ T6130] EXT4-fs (loop4): 1 truncate cleaned up
[  199.741805][ T6130] EXT4-fs (loop4): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000100000,bh,mblk_io_submit,test_dummy_encryption,jqfmt=vfsv0,usrjquota=..,errors=continue. Quota mode: writeback.
[  200.047141][   T30] audit: type=1400 audit(1720038404.135:1042): avc:  denied  { mounton } for  pid=6150 comm="syz.1.2074" path="/syzcgroup/unified/syz1" dev="cgroup2" ino=112 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  200.864116][ T6159] loop2: detected capacity change from 0 to 512
[  200.937766][ T6159] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  201.183009][ T6159] ext4 filesystem being mounted at /18/file0 supports timestamps until 2038 (0x7fffffff)
[  201.229395][ T6159] EXT4-fs error (device loop2): ext4_do_update_inode:5191: inode #2: comm syz.2.2075: corrupted inode contents
[  201.244892][ T6159] EXT4-fs error (device loop2): ext4_dirty_inode:6024: inode #2: comm syz.2.2075: mark_inode_dirty error
[  201.268186][ T6175] loop0: detected capacity change from 0 to 128
[  201.276889][ T6159] EXT4-fs error (device loop2): ext4_do_update_inode:5191: inode #2: comm syz.2.2075: corrupted inode contents
[  201.295030][ T6159] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #2: comm syz.2.2075: mark_inode_dirty error
[  201.323249][ T6159] EXT4-fs error (device loop2): ext4_read_inode_bitmap:140: comm syz.2.2075: Invalid inode bitmap blk 440918681 in block_group 0
[  201.347669][   T30] audit: type=1326 audit(1720038405.435:1043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6176 comm="syz.3.2082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26998c9bd9 code=0x7ffc0000
[  201.348579][ T5783] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 22: comm syz-executor: path /18/file0: bad entry in directory: inode out of bounds - offset=0, inode=18, rec_len=2048, size=2048 fake=0
[  201.390613][   T30] audit: type=1326 audit(1720038405.465:1044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6176 comm="syz.3.2082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f26998c9bd9 code=0x7ffc0000
[  201.391157][ T5783] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 3: comm syz-executor: path /18/file0: bad entry in directory: inode out of bounds - offset=0, inode=2, rec_len=12, size=2048 fake=1
[  201.416458][   T30] audit: type=1326 audit(1720038405.465:1045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6176 comm="syz.3.2082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26998c9bd9 code=0x7ffc0000
[  201.434993][ T5783] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 4: comm syz-executor: path /18/file0: bad entry in directory: inode out of bounds - offset=0, inode=11, rec_len=12, size=2048 fake=1
[  201.478556][ T5783] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 12: comm syz-executor: path /18/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  201.494691][ T6187] loop3: detected capacity change from 0 to 2048
[  201.499977][ T5783] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 13: comm syz-executor: path /18/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  201.547799][ T6187] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  201.559011][ T6187] ext4 filesystem being mounted at /6/bus supports timestamps until 2038 (0x7fffffff)
[  201.766971][ T6201] loop4: detected capacity change from 0 to 512
[  201.857405][ T6201] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  201.876425][ T6201] ext4 filesystem being mounted at /30/file0 supports timestamps until 2038 (0x7fffffff)
[  201.897589][ T6201] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #2: comm syz.4.2093: corrupted inode contents
[  201.954769][ T6195] loop3: detected capacity change from 0 to 40427
[  201.956590][ T6201] EXT4-fs error (device loop4): ext4_dirty_inode:6024: inode #2: comm syz.4.2093: mark_inode_dirty error
[  201.985383][ T6201] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #2: comm syz.4.2093: corrupted inode contents
[  202.001097][ T6201] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #2: comm syz.4.2093: mark_inode_dirty error
[  202.075313][ T6195] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  202.084042][ T6195] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  202.090035][ T6201] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.2093: Invalid inode bitmap blk 440918681 in block_group 0
[  202.112376][ T5534] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 22: comm syz-executor: path /30/file0: bad entry in directory: inode out of bounds - offset=0, inode=18, rec_len=2048, size=2048 fake=0
[  202.132377][ T5534] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 3: comm syz-executor: path /30/file0: bad entry in directory: inode out of bounds - offset=0, inode=2, rec_len=12, size=2048 fake=1
[  202.152516][ T5534] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 4: comm syz-executor: path /30/file0: bad entry in directory: inode out of bounds - offset=0, inode=11, rec_len=12, size=2048 fake=1
[  202.172918][ T6195] F2FS-fs (loop3): Found nat_bits in checkpoint
[  202.179186][ T5534] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 12: comm syz-executor: path /30/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  202.206304][ T5534] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 13: comm syz-executor: path /30/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  202.228487][ T6195] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  202.235387][ T6195] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  202.949263][ T6221] loop1: detected capacity change from 0 to 2048
[  203.050159][ T6221] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  203.160391][   T30] audit: type=1400 audit(1720038407.245:1046): avc:  denied  { mount } for  pid=6226 comm="syz.1.2101" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  203.209232][   T30] audit: type=1400 audit(1720038407.275:1047): avc:  denied  { unmount } for  pid=5911 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  203.396415][   T30] audit: type=1400 audit(1720038407.475:1048): avc:  denied  { setopt } for  pid=6230 comm="syz.1.2103" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  203.440784][   T30] audit: type=1400 audit(1720038407.475:1049): avc:  denied  { write } for  pid=6230 comm="syz.1.2103" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  203.827014][ T6237] bridge0: port 1(bridge_slave_0) entered blocking state
[  203.833879][ T6237] bridge0: port 1(bridge_slave_0) entered disabled state
[  203.854176][ T6237] device bridge_slave_0 entered promiscuous mode
[  203.870676][ T6237] bridge0: port 2(bridge_slave_1) entered blocking state
[  203.884733][ T6237] bridge0: port 2(bridge_slave_1) entered disabled state
[  203.899329][ T6237] device bridge_slave_1 entered promiscuous mode
[  204.022992][ T6237] bridge0: port 2(bridge_slave_1) entered blocking state
[  204.029880][ T6237] bridge0: port 2(bridge_slave_1) entered forwarding state
[  204.037001][ T6237] bridge0: port 1(bridge_slave_0) entered blocking state
[  204.043829][ T6237] bridge0: port 1(bridge_slave_0) entered forwarding state
[  204.094133][ T2188] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  204.111584][ T2188] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.128499][ T2188] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.157371][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  204.165393][    T6] bridge0: port 1(bridge_slave_0) entered blocking state
[  204.172250][    T6] bridge0: port 1(bridge_slave_0) entered forwarding state
[  204.179766][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  204.188020][    T6] bridge0: port 2(bridge_slave_1) entered blocking state
[  204.194877][    T6] bridge0: port 2(bridge_slave_1) entered forwarding state
[  204.202214][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  204.212202][ T6245] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2106'.
[  204.237103][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  204.252358][ T6237] device veth0_vlan entered promiscuous mode
[  204.265111][ T2188] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  204.279331][ T2188] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  204.289053][ T2188] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  204.297139][ T2188] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  204.306160][ T5606] device bridge_slave_1 left promiscuous mode
[  204.314281][ T5606] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.323045][ T5606] device bridge_slave_0 left promiscuous mode
[  204.330276][ T5606] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.344021][ T5606] device veth1_macvtap left promiscuous mode
[  204.350019][ T5606] device veth0_vlan left promiscuous mode
[  204.445123][   T30] audit: type=1400 audit(1720038408.525:1050): avc:  denied  { read } for  pid=6251 comm="syz.0.2110" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  204.597439][ T6237] device veth1_macvtap entered promiscuous mode
[  204.628848][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  204.662319][ T1629] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  204.671111][ T1629] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  204.679879][ T1629] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  204.689437][ T1629] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  204.750014][ T6249] bridge0: port 1(bridge_slave_0) entered blocking state
[  204.757220][ T6249] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.768688][ T6249] device bridge_slave_0 entered promiscuous mode
[  204.772364][ T6265] loop2: detected capacity change from 0 to 512
[  204.776646][ T6249] bridge0: port 2(bridge_slave_1) entered blocking state
[  204.789043][ T6249] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.796969][ T6249] device bridge_slave_1 entered promiscuous mode
[  204.847795][ T6265] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  204.910872][ T6265] EXT4-fs (loop2): 1 orphan inode deleted
[  204.928790][ T6265] EXT4-fs (loop2): 1 truncate cleaned up
[  204.946205][ T6265] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nodelalloc,debug_want_extra_isize=0x000000000000002e,inode_readahead_blks=0x0000000000010000,block_validity,quota,. Quota mode: writeback.
[  205.031389][ T6249] bridge0: port 2(bridge_slave_1) entered blocking state
[  205.038288][ T6249] bridge0: port 2(bridge_slave_1) entered forwarding state
[  205.045411][ T6249] bridge0: port 1(bridge_slave_0) entered blocking state
[  205.052379][ T6249] bridge0: port 1(bridge_slave_0) entered forwarding state
[  205.123538][ T6272] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2116'.
[  205.167603][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  205.185564][    T6] bridge0: port 1(bridge_slave_0) entered disabled state
[  205.195466][    T6] bridge0: port 2(bridge_slave_1) entered disabled state
[  205.221156][ T6277] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2117'.
[  205.247651][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  205.256488][   T20] bridge0: port 1(bridge_slave_0) entered blocking state
[  205.263334][   T20] bridge0: port 1(bridge_slave_0) entered forwarding state
[  205.817642][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  205.902873][   T20] bridge0: port 2(bridge_slave_1) entered blocking state
[  205.909746][   T20] bridge0: port 2(bridge_slave_1) entered forwarding state
[  205.968103][ T6282] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  206.034952][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  206.052779][ T6285] loop2: detected capacity change from 0 to 512
[  206.060238][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  206.075511][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  206.089820][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  206.114950][ T6249] device veth0_vlan entered promiscuous mode
[  206.135121][ T6285] EXT4-fs (loop2): error: journal path ./file0 is not a block device
[  206.143142][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  206.153257][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  206.162187][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  206.170219][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  206.178558][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  206.186059][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  206.194308][ T6291] loop1: detected capacity change from 0 to 512
[  206.211290][ T3103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  206.219771][ T3103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  206.229476][ T6249] device veth1_macvtap entered promiscuous mode
[  206.243585][ T3103] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  206.253472][ T3103] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  206.262150][ T3103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  206.274532][ T6291] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #15: comm syz.1.2122: casefold flag without casefold feature
[  206.290704][ T6300] loop2: detected capacity change from 0 to 512
[  206.297206][ T3103] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  206.305511][ T3103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  206.313747][ T6291] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #2: comm syz.1.2122: missing EA_INODE flag
[  206.328781][ T6296] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  206.338798][ T6300] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  206.356620][ T6291] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.2122: error while reading EA inode 2 err=-117
[  206.374764][ T6291] EXT4-fs (loop1): 1 orphan inode deleted
[  206.395210][ T6300] EXT4-fs (loop2): 1 orphan inode deleted
[  206.405219][ T6300] EXT4-fs (loop2): 1 truncate cleaned up
[  206.411615][ T6291] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  206.429176][ T6300] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nodelalloc,debug_want_extra_isize=0x000000000000002e,inode_readahead_blks=0x0000000000010000,block_validity,quota,. Quota mode: writeback.
[  206.454761][ T6291] fscrypt (loop1, inode 15): Direct key flag not allowed with different contents and filenames modes
[  206.538585][ T6309] kvm: pic: non byte write
[  206.567363][ T5606] device bridge_slave_1 left promiscuous mode
[  206.573349][ T5606] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.590971][ T5606] device bridge_slave_0 left promiscuous mode
[  206.602405][ T5606] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.621959][ T5606] device veth1_macvtap left promiscuous mode
[  206.628125][ T5606] device veth0_vlan left promiscuous mode
[  206.724332][   T30] audit: type=1326 audit(1720038410.805:1051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6314 comm="syz.1.2131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde915e0bd9 code=0x7ffc0000
[  206.771578][ T6322] loop2: detected capacity change from 0 to 512
[  206.797805][   T30] audit: type=1326 audit(1720038410.805:1052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6314 comm="syz.1.2131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde915e0bd9 code=0x7ffc0000
[  206.845225][ T6322] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  206.856272][ T6322] ext4 filesystem being mounted at /6/bus supports timestamps until 2038 (0x7fffffff)
[  206.986431][   T30] audit: type=1326 audit(1720038410.805:1053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6314 comm="syz.1.2131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fde915e0bd9 code=0x7ffc0000
[  207.010223][   T30] audit: type=1326 audit(1720038410.805:1054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6314 comm="syz.1.2131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde915e0bd9 code=0x7ffc0000
[  207.758948][   T30] audit: type=1326 audit(1720038410.805:1055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6314 comm="syz.1.2131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde915e0bd9 code=0x7ffc0000
[  207.882596][ T6341] loop0: detected capacity change from 0 to 512
[  207.951549][ T6341] EXT4-fs error (device loop0): ext4_orphan_get:1397: inode #15: comm syz.0.2139: casefold flag without casefold feature
[  207.954302][ T6346] loop2: detected capacity change from 0 to 512
[  207.988866][ T6341] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #2: comm syz.0.2139: missing EA_INODE flag
[  207.989529][ T6347] loop4: detected capacity change from 0 to 512
[  208.007719][ T6341] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.2139: error while reading EA inode 2 err=-117
[  208.020764][ T6341] EXT4-fs (loop0): 1 orphan inode deleted
[  208.026396][ T6341] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  208.042915][ T6346] EXT4-fs (loop2): orphan cleanup on readonly fs
[  208.051762][ T6347] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  208.065921][ T6341] fscrypt (loop0, inode 15): Direct key flag not allowed with different contents and filenames modes
[  208.082101][ T6346] EXT4-fs warning (device loop2): ext4_enable_quotas:6410: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  208.099700][ T6347] EXT4-fs (loop4): 1 orphan inode deleted
[  208.105528][ T6347] EXT4-fs (loop4): 1 truncate cleaned up
[  208.158330][ T6347] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,nodelalloc,debug_want_extra_isize=0x000000000000002e,inode_readahead_blks=0x0000000000010000,block_validity,quota,. Quota mode: writeback.
[  208.176473][ T6346] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  208.186333][ T6346] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.2134: couldn't read orphan inode 26 (err -116)
[  208.220455][ T6346] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  208.486431][ T6355] loop2: detected capacity change from 0 to 512
[  208.549925][ T6355] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  208.560988][ T6355] ext4 filesystem being mounted at /9/bus supports timestamps until 2038 (0x7fffffff)
[  208.764558][ T6363] 9pnet_virtio: no channels available for device syz
[  208.816494][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  208.816508][   T30] audit: type=1400 audit(1720038412.905:1058): avc:  denied  { create } for  pid=6365 comm="syz.1.2147" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  209.015410][ T6195] F2FS-fs (loop3): f2fs_pin_file_control: Enable GC = ino a after 801 GC trials
[  209.025646][ T6195] attempt to access beyond end of device
[  209.025646][ T6195] loop3: rw=524288, want=57352, limit=40427
[  209.030648][ T6378] loop1: detected capacity change from 0 to 512
[  209.037435][ T6195] attempt to access beyond end of device
[  209.037435][ T6195] loop3: rw=524288, want=57360, limit=40427
[  209.054346][ T6195] attempt to access beyond end of device
[  209.054346][ T6195] loop3: rw=524288, want=57368, limit=40427
[  209.065741][ T6195] attempt to access beyond end of device
[  209.065741][ T6195] loop3: rw=524288, want=57376, limit=40427
[  209.068378][ T6378] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #15: comm syz.1.2151: casefold flag without casefold feature
[  209.077448][ T6195] attempt to access beyond end of device
[  209.077448][ T6195] loop3: rw=524288, want=57384, limit=40427
[  209.090013][ T6378] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #2: comm syz.1.2151: missing EA_INODE flag
[  209.101108][ T6195] attempt to access beyond end of device
[  209.101108][ T6195] loop3: rw=524288, want=57392, limit=40427
[  209.112630][ T6378] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.2151: error while reading EA inode 2 err=-117
[  209.124270][ T6195] attempt to access beyond end of device
[  209.124270][ T6195] loop3: rw=524288, want=57400, limit=40427
[  209.137085][ T6378] EXT4-fs (loop1): 1 orphan inode deleted
[  209.148138][ T6195] attempt to access beyond end of device
[  209.148138][ T6195] loop3: rw=524288, want=57408, limit=40427
[  209.153411][ T6378] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  209.164999][ T6195] attempt to access beyond end of device
[  209.164999][ T6195] loop3: rw=524288, want=57416, limit=40427
[  209.187229][ T6195] attempt to access beyond end of device
[  209.187229][ T6195] loop3: rw=524288, want=57424, limit=40427
[  209.187473][ T6378] fscrypt (loop1, inode 15): Direct key flag not allowed with different contents and filenames modes
[  209.209538][ T1479] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  209.380689][   T30] audit: type=1400 audit(1720038413.465:1059): avc:  denied  { shutdown } for  pid=6380 comm="syz.1.2152" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  209.522863][   T30] audit: type=1400 audit(1720038413.605:1060): avc:  denied  { create } for  pid=6384 comm="syz.2.2153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[  209.616407][ T1479] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  209.627151][ T1479] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  209.638066][ T1479] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  209.647726][ T1479] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  209.736722][ T1479] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  209.745588][ T1479] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  209.753701][ T1479] usb 5-1: Manufacturer: syz
[  209.766544][ T1479] usb 5-1: config 0 descriptor??
[  210.279827][ T1479] appleir 0003:05AC:8243.0038: unknown main item tag 0x0
[  210.290615][ T1479] appleir 0003:05AC:8243.0038: No inputs registered, leaving
[  210.301124][ T1479] appleir 0003:05AC:8243.0038: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0
[  211.142564][ T4948] usb 5-1: USB disconnect, device number 39
[  211.188413][ T6398] loop2: detected capacity change from 0 to 512
[  211.209159][ T6398] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #17: comm syz.2.2156: iget: bogus i_mode (0)
[  211.220420][ T6398] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.2156: couldn't read orphan inode 17 (err -117)
[  211.232247][ T6398] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpjquota=,max_dir_size_kb=0x0000000000000005,,errors=continue. Quota mode: none.
[  211.527703][ T6414] loop0: detected capacity change from 0 to 1024
[  211.548036][ T6414] EXT4-fs (loop0): couldn't mount RDWR because of unsupported optional features (20000)
[  211.823525][ T6422] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.842982][ T6422] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.850561][ T6422] device bridge_slave_0 entered promiscuous mode
[  211.858065][ T6422] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.865144][ T6422] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.872539][ T6422] device bridge_slave_1 entered promiscuous mode
[  211.984009][ T6422] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.990893][ T6422] bridge0: port 2(bridge_slave_1) entered forwarding state
[  211.998112][ T6422] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.004968][ T6422] bridge0: port 1(bridge_slave_0) entered forwarding state
[  212.032416][    T6] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.043289][    T6] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.053217][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  212.060908][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  212.077377][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  212.085832][   T20] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.092710][   T20] bridge0: port 1(bridge_slave_0) entered forwarding state
[  212.106233][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  212.120486][   T20] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.127555][   T20] bridge0: port 2(bridge_slave_1) entered forwarding state
[  212.161704][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  212.175844][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  212.218122][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  212.237592][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  212.249701][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  212.265358][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  212.283226][ T6422] device veth0_vlan entered promiscuous mode
[  212.297178][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  212.307614][ T6422] device veth1_macvtap entered promiscuous mode
[  212.319383][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  212.340767][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  212.421790][ T6445] netlink: 'syz.2.2171': attribute type 4 has an invalid length.
[  212.442946][ T6445] netlink: 'syz.2.2171': attribute type 4 has an invalid length.
[  212.658173][ T6447] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2164'.
[  213.027479][   T20] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  213.051305][ T6453] loop4: detected capacity change from 0 to 40427
[  213.110447][ T6453] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  213.126949][ T6453] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  213.183727][ T6453] F2FS-fs (loop4): Found nat_bits in checkpoint
[  213.240185][ T6453] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  213.247289][ T6453] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  213.276364][   T20] usb 2-1: Using ep0 maxpacket: 8
[  213.396583][   T20] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  213.407231][   T20] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  213.434448][   T20] usb 2-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  213.537526][   T20] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  213.548632][   T20] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  213.573782][   T20] usb 2-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  213.679350][   T20] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  213.693159][   T20] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  213.721462][   T20] usb 2-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  213.894587][ T6483] loop0: detected capacity change from 0 to 256
[  213.956651][   T30] audit: type=1400 audit(1720038418.045:1061): avc:  denied  { mounton } for  pid=6482 comm="syz.0.2183" path="/38/file0" dev="tmpfs" ino=215 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[  213.956673][ T6483] exfat: Unknown parameter 'Œ'
[  214.006418][   T20] usb 2-1: string descriptor 0 read error: -22
[  214.013635][   T20] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  214.026494][ T6195] handle_bad_sector: 151135 callbacks suppressed
[  214.026515][ T6195] attempt to access beyond end of device
[  214.026515][ T6195] loop3: rw=524288, want=58192, limit=40427
[  214.031194][   T20] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.032820][ T6195] attempt to access beyond end of device
[  214.032820][ T6195] loop3: rw=524288, want=58200, limit=40427
[  214.063249][ T6195] attempt to access beyond end of device
[  214.063249][ T6195] loop3: rw=524288, want=58208, limit=40427
[  214.074569][ T6195] attempt to access beyond end of device
[  214.074569][ T6195] loop3: rw=524288, want=58216, limit=40427
[  214.086640][ T6195] attempt to access beyond end of device
[  214.086640][ T6195] loop3: rw=524288, want=58224, limit=40427
[  214.098932][ T6195] attempt to access beyond end of device
[  214.098932][ T6195] loop3: rw=524288, want=58232, limit=40427
[  214.110305][ T6195] attempt to access beyond end of device
[  214.110305][ T6195] loop3: rw=524288, want=58240, limit=40427
[  214.121735][ T6195] attempt to access beyond end of device
[  214.121735][ T6195] loop3: rw=524288, want=58248, limit=40427
[  214.133038][ T6195] attempt to access beyond end of device
[  214.133038][ T6195] loop3: rw=524288, want=58256, limit=40427
[  214.144519][ T6195] attempt to access beyond end of device
[  214.144519][ T6195] loop3: rw=524288, want=58264, limit=40427
[  214.529115][   T20] usb 2-1: USB disconnect, device number 32
[  215.066358][  T343] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  215.306345][  T343] usb 4-1: Using ep0 maxpacket: 8
[  215.336346][ T1479] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  215.426391][  T343] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  215.447122][  T343] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  215.466352][  T343] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  215.486283][  T343] usb 4-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  215.509109][  T343] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  215.529253][  T343] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  215.576352][ T1479] usb 2-1: Using ep0 maxpacket: 16
[  215.696429][ T1479] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  215.739749][ T6499] loop2: detected capacity change from 0 to 512
[  215.793113][ T6499] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  215.804220][ T6499] ext4 filesystem being mounted at /20/bus supports timestamps until 2038 (0x7fffffff)
[  215.886438][ T1479] usb 2-1: New USB device found, idVendor=0d46, idProduct=2011, bcdDevice=82.8f
[  215.895557][ T1479] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  215.917479][ T1479] usb 2-1: Product: syz
[  215.923672][ T1479] usb 2-1: Manufacturer: syz
[  215.928111][ T1479] usb 2-1: SerialNumber: syz
[  216.026950][ T1479] usb 2-1: config 0 descriptor??
[  216.311372][  T310] usb 2-1: USB disconnect, device number 33
[  216.513177][ T6507] UDC core: couldn't find an available UDC or it's busy: -16
[  216.530557][ T6507] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  216.853679][ T6515] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2193'.
[  216.954318][ T1479] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  217.216434][ T1479] usb 3-1: Using ep0 maxpacket: 16
[  217.364452][ T6453] F2FS-fs (loop4): f2fs_pin_file_control: Enable GC = ino a after 801 GC trials
[  217.476370][ T6527] netlink: 'syz.1.2196': attribute type 4 has an invalid length.
[  217.517438][ T6527] netlink: 'syz.1.2196': attribute type 4 has an invalid length.
[  217.626794][ T1479] usb 3-1: New USB device found, idVendor=0557, idProduct=4000, bcdDevice=53.e0
[  217.657186][ T1479] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.715575][ T1479] usb 3-1: Product: syz
[  217.723823][ T1479] usb 3-1: Manufacturer: syz
[  217.769238][ T1479] usb 3-1: SerialNumber: syz
[  217.780514][ T1479] usb 3-1: config 0 descriptor??
[  217.798879][  T343] usb 4-1: USB disconnect, device number 30
[  218.227729][  T343] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  218.417258][ T6540] EXT4-fs warning (device sda1): ext4_resize_fs:1980: can't read last block, resize aborted
[  218.606414][  T343] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  218.622501][  T343] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  218.661856][  T343] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  218.681608][  T343] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  218.787661][  T343] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  218.806651][  T343] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  218.827880][  T343] usb 4-1: Manufacturer: syz
[  218.842958][  T343] usb 4-1: config 0 descriptor??
[  219.040808][ T6453] handle_bad_sector: 137457 callbacks suppressed
[  219.040832][ T6453] attempt to access beyond end of device
[  219.040832][ T6453] loop4: rw=0, want=58488, limit=40427
[  219.046424][ T6195] attempt to access beyond end of device
[  219.046424][ T6195] loop3: rw=524288, want=58696, limit=40427
[  219.050920][ T6453] attempt to access beyond end of device
[  219.050920][ T6453] loop4: rw=0, want=58496, limit=40427
[  219.068084][ T6195] attempt to access beyond end of device
[  219.068084][ T6195] loop3: rw=524288, want=58704, limit=40427
[  219.086411][ T6453] attempt to access beyond end of device
[  219.086411][ T6453] loop4: rw=0, want=58504, limit=40427
[  219.115319][  T310] usb 3-1: USB disconnect, device number 38
[  219.122467][ T6195] attempt to access beyond end of device
[  219.122467][ T6195] loop3: rw=524288, want=58712, limit=40427
[  219.136683][ T6453] attempt to access beyond end of device
[  219.136683][ T6453] loop4: rw=0, want=58512, limit=40427
[  219.144133][ T6195] attempt to access beyond end of device
[  219.144133][ T6195] loop3: rw=524288, want=58720, limit=40427
[  219.151365][ T6453] attempt to access beyond end of device
[  219.151365][ T6453] loop4: rw=0, want=58520, limit=40427
[  219.170094][ T6195] attempt to access beyond end of device
[  219.170094][ T6195] loop3: rw=524288, want=58728, limit=40427
[  219.206767][ T6574] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2213'.
[  219.236664][ T6576] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2214'.
[  219.239829][ T6563] loop1: detected capacity change from 0 to 40427
[  219.289305][ T6563] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  219.306540][ T6563] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  219.345003][ T6563] F2FS-fs (loop1): Found nat_bits in checkpoint
[  219.377216][  T343] appleir 0003:05AC:8243.0039: unknown main item tag 0x0
[  219.384889][  T343] appleir 0003:05AC:8243.0039: No inputs registered, leaving
[  219.417266][  T343] appleir 0003:05AC:8243.0039: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[  219.439431][ T6563] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  219.446287][ T6563] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  220.224131][   T30] audit: type=1326 audit(1720038424.305:1062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6612 comm="syz.2.2224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c767bebd9 code=0x7ffc0000
[  220.265728][   T30] audit: type=1326 audit(1720038424.335:1063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6612 comm="syz.2.2224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c767bebd9 code=0x7ffc0000
[  220.322846][   T30] audit: type=1326 audit(1720038424.335:1064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6612 comm="syz.2.2224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=270 compat=0 ip=0x7f8c767bebd9 code=0x7ffc0000
[  220.461631][   T30] audit: type=1326 audit(1720038424.395:1065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6612 comm="syz.2.2224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c767bebd9 code=0x7ffc0000
[  220.866466][  T343] usb 4-1: reset high-speed USB device number 31 using dummy_hcd
[  221.525795][ T6638] device pim6reg1 entered promiscuous mode
[  221.556365][ T3103] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  221.615804][ T6639] netlink: 'syz.0.2232': attribute type 4 has an invalid length.
[  221.669051][ T6639] netlink: 'syz.0.2232': attribute type 4 has an invalid length.
[  221.792558][ T1479] usb 4-1: USB disconnect, device number 31
[  221.946439][ T3103] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26
[  222.197858][ T3103] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  222.376709][ T3103] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  222.476826][ T3103] usb 3-1: SerialNumber: syz
[  223.010409][ T6660] loop0: detected capacity change from 0 to 1024
[  223.196825][ T6660] EXT4-fs (loop0): invalid inodes per group: 204800
[  223.196825][ T6660] 
[  223.313877][ T6661] bridge0: port 1(bridge_slave_0) entered blocking state
[  223.320817][ T6661] bridge0: port 1(bridge_slave_0) entered disabled state
[  223.328188][ T6661] device bridge_slave_0 entered promiscuous mode
[  223.336834][ T6661] bridge0: port 2(bridge_slave_1) entered blocking state
[  223.367399][ T6661] bridge0: port 2(bridge_slave_1) entered disabled state
[  223.384948][ T6661] device bridge_slave_1 entered promiscuous mode
[  223.624383][ T6661] bridge0: port 2(bridge_slave_1) entered blocking state
[  223.631303][ T6661] bridge0: port 2(bridge_slave_1) entered forwarding state
[  223.638419][ T6661] bridge0: port 1(bridge_slave_0) entered blocking state
[  223.645437][ T6661] bridge0: port 1(bridge_slave_0) entered forwarding state
[  223.709225][ T3103] cdc_ether 3-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.2-1, CDC Ethernet Device, 42:42:42:42:42:42
[  223.738927][ T6682] tmpfs: Unsupported parameter 'mpol'
[  223.746003][ T3103] bridge0: port 1(bridge_slave_0) entered disabled state
[  223.762326][ T3103] bridge0: port 2(bridge_slave_1) entered disabled state
[  223.778307][ T3103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  223.796714][ T3103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  223.828928][ T3103] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  223.839811][ T3103] bridge0: port 1(bridge_slave_0) entered blocking state
[  223.846686][ T3103] bridge0: port 1(bridge_slave_0) entered forwarding state
[  223.858074][ T3103] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  223.873854][ T3103] bridge0: port 2(bridge_slave_1) entered blocking state
[  223.880810][ T3103] bridge0: port 2(bridge_slave_1) entered forwarding state
[  223.896210][ T3103] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  223.911812][ T3103] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  224.047016][ T6453] handle_bad_sector: 123386 callbacks suppressed
[  224.047167][ T6453] attempt to access beyond end of device
[  224.047167][ T6453] loop4: rw=524288, want=57488, limit=40427
[  224.066263][ T6195] attempt to access beyond end of device
[  224.066263][ T6195] loop3: rw=0, want=57376, limit=40427
[  224.183634][ T6195] attempt to access beyond end of device
[  224.183634][ T6195] loop3: rw=0, want=57384, limit=40427
[  224.312706][ T6453] attempt to access beyond end of device
[  224.312706][ T6453] loop4: rw=524288, want=57496, limit=40427
[  224.342896][ T6453] attempt to access beyond end of device
[  224.342896][ T6453] loop4: rw=524288, want=57504, limit=40427
[  224.590285][ T6453] attempt to access beyond end of device
[  224.590285][ T6453] loop4: rw=524288, want=57512, limit=40427
[  224.785123][ T6195] attempt to access beyond end of device
[  224.785123][ T6195] loop3: rw=0, want=57392, limit=40427
[  224.798481][ T6195] attempt to access beyond end of device
[  224.798481][ T6195] loop3: rw=0, want=57400, limit=40427
[  224.804150][ T6453] attempt to access beyond end of device
[  224.804150][ T6453] loop4: rw=524288, want=57520, limit=40427
[  224.818188][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  224.823314][ T6453] attempt to access beyond end of device
[  224.823314][ T6453] loop4: rw=524288, want=57528, limit=40427
[  224.831795][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  224.874657][ T6661] device veth0_vlan entered promiscuous mode
[  224.906700][ T6691] loop1: detected capacity change from 0 to 1024
[  224.917429][ T2188] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  224.925511][ T2188] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  224.950000][ T6661] device veth1_macvtap entered promiscuous mode
[  224.957101][ T6691] EXT4-fs (loop1): invalid inodes per group: 204800
[  224.957101][ T6691] 
[  224.977031][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  224.984566][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  225.002184][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  225.018795][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  225.035270][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  225.090038][ T2188] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  225.098689][ T2188] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  225.117009][ T2188] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  225.145395][ T2188] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  225.292198][ T6705] loop1: detected capacity change from 0 to 1024
[  225.417106][ T6705] EXT4-fs (loop1): Ignoring removed orlov option
[  225.424725][ T6705] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  225.457004][ T6705] EXT4-fs (loop1): mounted filesystem without journal. Opts: resgid=0x0000000000000000,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  225.499853][ T6715] xt_ecn: cannot match TCP bits for non-tcp packets
[  225.507179][   T30] audit: type=1400 audit(1720038429.595:1066): avc:  denied  { setattr } for  pid=6704 comm="syz.1.2256" name="file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  225.562509][ T6715] ------------[ cut here ]------------
[  225.584267][ T6715] trace type BPF program uses run-time allocation
[  225.615692][ T6716] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2259'.
[  225.628975][ T3103] usb 3-1: USB disconnect, device number 39
[  225.635148][ T3103] cdc_ether 3-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.2-1, CDC Ethernet Device
[  225.640692][ T6715] WARNING: CPU: 0 PID: 6715 at kernel/bpf/verifier.c:11656 check_map_prog_compatibility+0x6f1/0x890
[  225.776512][ T6715] Modules linked in:
[  225.797851][ T6715] CPU: 0 PID: 6715 Comm: syz.3.2259 Tainted: G        W         5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[  225.825962][ T6715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  225.843282][ T6715] RIP: 0010:check_map_prog_compatibility+0x6f1/0x890
[  225.868434][ T6715] Code: db e9 f9 fc ff ff e8 fe 39 ed ff 31 db e9 ed fc ff ff e8 f2 39 ed ff c6 05 7d 7e 80 05 01 48 c7 c7 e0 c1 67 85 e8 cf 7a be ff <0f> 0b e9 5a fb ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 84 f9 ff
[  225.919474][ T6715] RSP: 0018:ffffc900015b7348 EFLAGS: 00010246
[  225.925542][ T6715] RAX: 1e5461ee83d48b00 RBX: 0000000000000001 RCX: 0000000000040000
[  225.949985][ T6715] RDX: ffffc90002e50000 RSI: 0000000000000a3d RDI: 0000000000000a3e
[  225.990810][ T6715] RBP: ffffc900015b7390 R08: ffffffff81576265 R09: fffff520002b6d91
[  226.067798][ T6715] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000011
[  226.084757][ T6715] R13: ffff88811425d000 R14: ffffc90000811000 R15: dffffc0000000000
[  226.093369][ T6715] FS:  00007fce4a1216c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  226.102287][ T6715] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  226.109052][ T6715] CR2: 00007fde90841d58 CR3: 000000011ecb5000 CR4: 00000000003506b0
[  226.117413][ T6715] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  226.125350][ T6715] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  226.133363][ T6715] Call Trace:
[  226.136603][ T6715]  <TASK>
[  226.139429][ T6715]  ? show_regs+0x58/0x60
[  226.143544][ T6715]  ? __warn+0x160/0x2f0
[  226.147668][ T6715]  ? check_map_prog_compatibility+0x6f1/0x890
[  226.154249][ T6715]  ? report_bug+0x3d9/0x5b0
[  226.158787][ T6715]  ? check_map_prog_compatibility+0x6f1/0x890
[  226.164846][ T6715]  ? handle_bug+0x41/0x70
[  226.169023][ T6715]  ? exc_invalid_op+0x1b/0x50
[  226.173523][ T6715]  ? asm_exc_invalid_op+0x1b/0x20
[  226.179501][ T6715]  ? __wake_up_klogd+0xd5/0x110
[  226.188532][ T6715]  ? check_map_prog_compatibility+0x6f1/0x890
[  226.201105][ T6715]  ? check_map_prog_compatibility+0x6f1/0x890
[  226.213262][ T6715]  resolve_pseudo_ldimm64+0x671/0x1240
[  226.225037][ T6715]  ? check_attach_btf_id+0xef0/0xef0
[  226.235697][ T6715]  ? __mark_reg_known+0x1b0/0x1b0
[  226.264154][ T6715]  ? security_capable+0x87/0xb0
[  226.284072][ T6715]  bpf_check+0x3174/0x12bf0
[  226.299137][ T6715]  ? 0xffffffffa0014000
[  226.303194][ T6715]  ? is_bpf_text_address+0x172/0x190
[  226.308898][ T6715]  ? stack_trace_save+0x1c0/0x1c0
[  226.335886][ T6715]  ? __kernel_text_address+0x9b/0x110
[  226.347487][ T6715]  ? unwind_get_return_address+0x4d/0x90
[  226.359167][ T6715]  ? bpf_get_btf_vmlinux+0x60/0x60
[  226.369289][ T6715]  ? arch_stack_walk+0xf3/0x140
[  226.379217][ T6715]  ? stack_trace_save+0x113/0x1c0
[  226.392377][ T6715]  ? stack_trace_snprint+0xf0/0xf0
[  226.405655][ T6715]  ? stack_trace_snprint+0xf0/0xf0
[  226.416903][ T6715]  ? __stack_depot_save+0x34/0x470
[  226.435762][ T6715]  ? ____kasan_kmalloc+0xed/0x110
[  226.447249][ T6715]  ? ____kasan_kmalloc+0xdb/0x110
[  226.457297][ T6715]  ? __kasan_kmalloc+0x9/0x10
[  226.466964][ T6715]  ? kmem_cache_alloc_trace+0x115/0x210
[  226.483643][ T6715]  ? selinux_bpf_prog_alloc+0x51/0x140
[  226.496196][ T6715]  ? security_bpf_prog_alloc+0x62/0x90
[  226.507703][ T6715]  ? bpf_prog_load+0x9ee/0x1b50
[  226.524124][ T6715]  ? __sys_bpf+0x4bc/0x760
[  226.532520][ T6715]  ? __x64_sys_bpf+0x7c/0x90
[  226.542241][ T6715]  ? do_syscall_64+0x3d/0xb0
[  226.593098][ T6715]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  226.603712][ T6715]  ? __kasan_kmalloc+0x9/0x10
[  226.613312][ T6715]  ? memset+0x35/0x40
[  226.622444][ T6715]  ? bpf_obj_name_cpy+0x196/0x1e0
[  226.632510][ T6715]  bpf_prog_load+0x12ac/0x1b50
[  226.642577][ T6715]  ? map_freeze+0x370/0x370
[  226.651856][ T6715]  ? selinux_bpf+0xcb/0x100
[  226.663451][ T6715]  ? security_bpf+0x82/0xb0
[  226.672958][ T6715]  __sys_bpf+0x4bc/0x760
[  226.681226][ T6715]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  226.691671][ T6715]  ? __kasan_check_read+0x11/0x20
[  226.703737][ T6715]  __x64_sys_bpf+0x7c/0x90
[  226.822134][ T6715]  do_syscall_64+0x3d/0xb0
[  226.830567][ T6715]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  226.842579][ T6715] RIP: 0033:0x7fce4ae9fbd9
[  226.851995][ T6715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.902856][ T6715] RSP: 002b:00007fce4a121048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  226.911454][ T6715] RAX: ffffffffffffffda RBX: 00007fce4b02df60 RCX: 00007fce4ae9fbd9
[  226.961828][ T6715] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005
[  226.971346][ T6715] RBP: 00007fce4af0ea98 R08: 0000000000000000 R09: 0000000000000000
[  226.980073][ T6715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  226.988222][ T6715] R13: 000000000000000b R14: 00007fce4b02df60 R15: 00007fffff2c7e98
[  226.996117][ T6715]  </TASK>
[  227.001123][ T6715] ---[ end trace e0ea16bb8eea02c5 ]---
[  227.848631][ T6787] loop2: detected capacity change from 0 to 512
[  227.927065][ T6787] EXT4-fs (loop2): Ignoring removed nobh option
[  227.960985][ T6787] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2925: inode #16: comm syz.2.2284: corrupted xattr block 8
[  227.983868][ T6787] EXT4-fs (loop2): Remounting filesystem read-only
[  227.997855][ T6787] EXT4-fs warning (device loop2): ext4_evict_inode:303: xattr delete (err -117)
[  228.016417][ T6787] EXT4-fs (loop2): 1 orphan inode deleted
[  228.028536][ T6787] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,noquota,nouid32,auto_da_alloc=0x0000000000000000,inode_readahead_blks=0x0000000000000001,journal_dev=0x0000000000000003,barrier,nobh,nogrpid,. Quota mode: writeback.
[  228.079931][ T6787] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038 (0x7fffffff)
[  228.168758][ T6794] SELinux:  Context  is not valid (left unmapped).
[  228.175378][   T30] audit: type=1400 audit(1720038432.255:1067): avc:  denied  { relabelto } for  pid=6793 comm="syz.3.2285" name="bus" dev="tmpfs" ino=136 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=""
[  228.224304][   T30] audit: type=1400 audit(1720038432.255:1068): avc:  denied  { associate } for  pid=6793 comm="syz.3.2285" name="bus" dev="tmpfs" ino=136 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon=""
[  228.288473][   T30] audit: type=1400 audit(1720038432.265:1069): avc:  denied  { unlink } for  pid=6422 comm="syz-executor" name="bus" dev="tmpfs" ino=136 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=""
[  229.335948][ T6195] handle_bad_sector: 103541 callbacks suppressed
[  229.335970][ T6195] attempt to access beyond end of device
[  229.335970][ T6195] loop3: rw=0, want=58712, limit=40427
[  229.355257][ T6195] attempt to access beyond end of device
[  229.355257][ T6195] loop3: rw=0, want=58720, limit=40427
[  229.369529][ T6453] attempt to access beyond end of device
[  229.369529][ T6453] loop4: rw=524288, want=57864, limit=40427
[  229.391812][ T6195] attempt to access beyond end of device
[  229.391812][ T6195] loop3: rw=0, want=58728, limit=40427
[  229.399656][ T6453] attempt to access beyond end of device
[  229.399656][ T6453] loop4: rw=524288, want=57872, limit=40427
[  229.405439][ T6195] attempt to access beyond end of device
[  229.405439][ T6195] loop3: rw=0, want=58736, limit=40427
[  229.426189][ T6195] attempt to access beyond end of device
[  229.426189][ T6195] loop3: rw=0, want=58744, limit=40427
[  229.438171][ T6195] attempt to access beyond end of device
[  229.438171][ T6195] loop3: rw=0, want=58752, limit=40427
[  229.452292][ T6195] attempt to access beyond end of device
[  229.452292][ T6195] loop3: rw=0, want=58760, limit=40427
[  229.463740][ T6195] attempt to access beyond end of device
[  229.463740][ T6195] loop3: rw=0, want=58768, limit=40427
[  229.488017][   T30] audit: type=1400 audit(1720038433.575:1070): avc:  denied  { bind } for  pid=6828 comm="syz.2.2300" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  229.517918][   T30] audit: type=1400 audit(1720038433.575:1071): avc:  denied  { name_bind } for  pid=6828 comm="syz.2.2300" src=512 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  229.636738][   T30] audit: type=1400 audit(1720038433.575:1072): avc:  denied  { node_bind } for  pid=6828 comm="syz.2.2300" src=512 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  231.337133][ T6856] loop1: detected capacity change from 0 to 2048
[  231.367541][ T6859] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2310'.
[  231.416759][ T6856] EXT4-fs error (device loop1): ext4_orphan_get:1423: comm syz.1.2309: bad orphan inode 8192
[  231.417870][ T6870] loop2: detected capacity change from 0 to 128
[  231.434110][ T6856] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  231.507024][ T6870] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  231.521855][ T6870] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[  231.537963][ T6870] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  231.566804][ T6870] EXT4-fs (loop2): can't mount with journal_async_commit, fs mounted w/o journal
[  231.580857][ T6881] loop1: detected capacity change from 0 to 512
[  231.622523][ T6881] EXT4-fs error (device loop1): ext4_fill_super:4831: inode #2: comm syz.1.2318: casefold flag without casefold feature
[  231.636615][ T6881] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  231.663056][ T6881] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  232.108637][ T1479] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  232.954446][ T6892] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2320'.
[  233.052117][   T30] audit: type=1400 audit(1720038437.135:1073): avc:  denied  { create } for  pid=6912 comm="syz.2.2330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  233.338970][ T6923] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2334'.
[  233.396442][ T1479] usb 2-1: config 0 has an invalid interface number: 32 but max is 0
[  233.408622][ T1479] usb 2-1: config 0 has no interface number 0
[  233.420108][ T1479] usb 2-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid maxpacket 57964, setting to 1024
[  233.444802][ T1479] usb 2-1: New USB device found, idVendor=056a, idProduct=00f8, bcdDevice=15.b4
[  233.456581][  T537] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  233.462318][ T1479] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  233.480153][ T1479] usb 2-1: config 0 descriptor??
[  233.527084][ T1479] usbhid 2-1:0.32: couldn't find an input interrupt endpoint
[  233.829043][  T537] usb 3-1: Using ep0 maxpacket: 8
[  234.067119][  T537] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  234.075826][  T537] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  234.088000][  T537] usb 3-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  234.099044][ T6940] netlink: 'syz.1.2318': attribute type 16 has an invalid length.
[  234.187924][  T537] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  234.198016][  T537] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  234.222582][  T537] usb 3-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  234.233426][ T6940] netlink: 64138 bytes leftover after parsing attributes in process `syz.1.2318'.
[  234.288366][ T6948] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  234.326390][  T537] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  234.334692][  T537] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  234.356362][  T537] usb 3-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  234.368533][ T6453] handle_bad_sector: 44570 callbacks suppressed
[  234.368553][ T6453] attempt to access beyond end of device
[  234.368553][ T6453] loop4: rw=0, want=58912, limit=40427
[  234.372225][ T6195] attempt to access beyond end of device
[  234.372225][ T6195] loop3: rw=524288, want=59000, limit=40427
[  234.374667][ T6453] attempt to access beyond end of device
[  234.374667][ T6453] loop4: rw=0, want=58920, limit=40427
[  234.430990][ T6956] device wg2 entered promiscuous mode
[  234.436482][ T6195] attempt to access beyond end of device
[  234.436482][ T6195] loop3: rw=524288, want=59008, limit=40427
[  234.451712][ T6453] attempt to access beyond end of device
[  234.451712][ T6453] loop4: rw=0, want=58928, limit=40427
[  234.463305][ T6843] usb 2-1: USB disconnect, device number 34
[  234.463725][ T6195] attempt to access beyond end of device
[  234.463725][ T6195] loop3: rw=524288, want=59016, limit=40427
[  234.481298][ T6195] attempt to access beyond end of device
[  234.481298][ T6195] loop3: rw=524288, want=59024, limit=40427
[  234.493004][ T6453] attempt to access beyond end of device
[  234.493004][ T6453] loop4: rw=0, want=58936, limit=40427
[  234.504045][ T6195] attempt to access beyond end of device
[  234.504045][ T6195] loop3: rw=524288, want=59032, limit=40427
[  234.518851][ T6453] attempt to access beyond end of device
[  234.518851][ T6453] loop4: rw=0, want=58944, limit=40427
[  234.551189][   T30] audit: type=1400 audit(1720038438.635:1074): avc:  denied  { mount } for  pid=6962 comm="syz.3.2350" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  234.614054][   T30] audit: type=1400 audit(1720038438.665:1075): avc:  denied  { remount } for  pid=6962 comm="syz.3.2350" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  234.805695][   T30] audit: type=1400 audit(1720038438.825:1076): avc:  denied  { unmount } for  pid=6422 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  234.876422][  T537] usb 3-1: string descriptor 0 read error: -22
[  234.883706][  T537] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  234.907084][  T537] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  235.107165][ T6978] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.114021][ T6978] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.121605][ T6978] device bridge_slave_0 entered promiscuous mode
[  235.139754][ T6978] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.146674][ T6978] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.154026][ T6978] device bridge_slave_1 entered promiscuous mode
[  235.170260][ T1629] usb 3-1: USB disconnect, device number 40
[  235.269617][ T6976] loop1: detected capacity change from 0 to 40427
[  235.307188][ T6976] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  235.315263][ T6976] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  235.347810][ T6978] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.354686][ T6978] bridge0: port 2(bridge_slave_1) entered forwarding state
[  235.361923][ T6978] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.368802][ T6978] bridge0: port 1(bridge_slave_0) entered forwarding state
[  235.391009][ T6976] F2FS-fs (loop1): Found nat_bits in checkpoint
[  235.437738][  T537] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  235.454325][  T537] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.472025][  T537] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.496683][ T6976] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  235.505606][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  235.516540][ T6976] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  235.526932][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  235.545237][ T4956] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.552125][ T4956] bridge0: port 1(bridge_slave_0) entered forwarding state
[  235.576827][ T5606] device bridge_slave_1 left promiscuous mode
[  235.583942][ T5606] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.599819][ T5606] device bridge_slave_0 left promiscuous mode
[  235.612327][ T5606] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.628166][ T5606] device veth1_macvtap left promiscuous mode
[  235.640504][ T5606] device veth0_vlan left promiscuous mode
[  235.836657][ T6843] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  235.844894][ T6843] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  235.864960][ T6843] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.871960][ T6843] bridge0: port 2(bridge_slave_1) entered forwarding state
[  235.899825][ T6843] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  235.908968][ T6992] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  235.928937][ T6843] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  235.947683][ T6843] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  235.971935][ T6843] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  235.985039][ T6995] loop2: detected capacity change from 0 to 512
[  236.002583][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  236.021036][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  236.051997][ T6978] device veth0_vlan entered promiscuous mode
[  236.067753][ T6995] EXT4-fs error (device loop2): ext4_fill_super:4831: inode #2: comm syz.2.2360: casefold flag without casefold feature
[  236.071568][ T1629] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  236.087968][ T1629] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  236.096152][ T1629] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  236.103570][ T1629] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  236.136395][ T6995] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  236.198812][  T537] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  236.207370][  T537] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  236.231822][ T6995] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  236.257894][ T6978] device veth1_macvtap entered promiscuous mode
[  236.295753][  T537] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  236.303697][  T537] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  236.322733][  T537] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  236.348140][ T6843] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  236.358585][ T6843] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  236.576401][ T1479] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  236.936427][ T1479] usb 3-1: config 0 has an invalid interface number: 32 but max is 0
[  236.950476][ T1479] usb 3-1: config 0 has no interface number 0
[  236.966384][ T1479] usb 3-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid maxpacket 57964, setting to 1024
[  236.987600][ T1479] usb 3-1: New USB device found, idVendor=056a, idProduct=00f8, bcdDevice=15.b4
[  237.017867][ T1479] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  237.036585][ T1479] usb 3-1: config 0 descriptor??
[  237.086893][ T1479] usbhid 3-1:0.32: couldn't find an input interrupt endpoint
[  237.668381][ T7017] netlink: 'syz.2.2360': attribute type 16 has an invalid length.
[  237.714043][ T7017] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.2360'.
[  238.151620][ T1629] usb 3-1: USB disconnect, device number 41
[  238.763707][   T30] audit: type=1400 audit(1720038442.845:1077): avc:  denied  { read } for  pid=7041 comm="syz.0.2375" name="loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  238.981022][   T30] audit: type=1400 audit(1720038442.845:1078): avc:  denied  { open } for  pid=7041 comm="syz.0.2375" path="/dev/loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  239.021957][ T7050] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2378'.
[  239.068749][ T7050] syz.0.2378 (7050) used greatest stack depth: 19352 bytes left
[  239.076455][   T30] audit: type=1400 audit(1720038442.845:1079): avc:  denied  { ioctl } for  pid=7041 comm="syz.0.2375" path="/dev/loop-control" dev="devtmpfs" ino=111 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  239.183068][ T7064] loop2: detected capacity change from 0 to 16
[  239.227014][ T7064] erofs: (device loop2): mounted with root inode @ nid 36.
[  239.246791][ T7066] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2385'.
[  239.273548][ T7069] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2387'.
[  239.376702][ T6195] handle_bad_sector: 93250 callbacks suppressed
[  239.376721][ T6195] attempt to access beyond end of device
[  239.376721][ T6195] loop3: rw=524288, want=58672, limit=40427
[  239.394602][ T6453] attempt to access beyond end of device
[  239.394602][ T6453] loop4: rw=0, want=58360, limit=40427
[  239.417407][   T30] audit: type=1400 audit(1720038443.505:1080): avc:  denied  { create } for  pid=7084 comm="syz.0.2393" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  239.431543][ T7086] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2391'.
[  239.475039][ T6195] attempt to access beyond end of device
[  239.475039][ T6195] loop3: rw=524288, want=58680, limit=40427
[  239.496551][ T6453] attempt to access beyond end of device
[  239.496551][ T6453] loop4: rw=0, want=58368, limit=40427
[  239.508387][ T7090] netlink: 'syz.0.2395': attribute type 2 has an invalid length.
[  239.556954][ T6453] attempt to access beyond end of device
[  239.556954][ T6453] loop4: rw=0, want=58376, limit=40427
[  239.568004][ T6195] attempt to access beyond end of device
[  239.568004][ T6195] loop3: rw=524288, want=58688, limit=40427
[  239.628500][ T6453] attempt to access beyond end of device
[  239.628500][ T6453] loop4: rw=0, want=58384, limit=40427
[  239.653422][   T30] audit: type=1326 audit(1720038443.735:1081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7070 comm="syz.2.2386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c767bebd9 code=0x7ffc0000
[  239.686487][ T6195] attempt to access beyond end of device
[  239.686487][ T6195] loop3: rw=524288, want=58696, limit=40427
[  239.700274][ T7083] loop2: detected capacity change from 0 to 256
[  239.706438][ T6453] attempt to access beyond end of device
[  239.706438][ T6453] loop4: rw=0, want=58392, limit=40427
[  239.719191][ T6195] attempt to access beyond end of device
[  239.719191][ T6195] loop3: rw=524288, want=58704, limit=40427
[  239.736381][   T30] audit: type=1326 audit(1720038443.735:1082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7070 comm="syz.2.2386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c767bebd9 code=0x7ffc0000
[  239.788016][ T7102] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2399'.
[  239.806411][   T30] audit: type=1326 audit(1720038443.735:1083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7070 comm="syz.2.2386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8c767bebd9 code=0x7ffc0000
[  239.876365][   T30] audit: type=1326 audit(1720038443.735:1084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7070 comm="syz.2.2386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c767bebd9 code=0x7ffc0000
[  239.956502][   T30] audit: type=1326 audit(1720038443.735:1085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7070 comm="syz.2.2386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c767bebd9 code=0x7ffc0000
[  240.056374][   T30] audit: type=1326 audit(1720038443.735:1086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7070 comm="syz.2.2386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8c767bebd9 code=0x7ffc0000
[  240.101104][ T7123] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2408'.
[  240.584998][ T7137] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2414'.
[  241.157736][ T7157] loop2: detected capacity change from 0 to 256
[  241.206675][ T7157] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  241.346830][ T6843] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  241.627134][ T7171] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2426'.
[  241.726361][ T6843] usb 4-1: Using ep0 maxpacket: 8
[  241.846420][ T6843] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  241.854437][ T6843] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  241.886350][ T6843] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  241.896095][ T6843] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  241.924313][ T6843] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  241.948562][ T7186] x_tables: duplicate underflow at hook 4
[  241.949881][ T6843] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  241.972024][ T6843] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.993160][ T7191] tap0: tun_chr_ioctl cmd 1074025677
[  242.006611][ T7191] tap0: linktype set to 0
[  242.088674][ T7197] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2437'.
[  242.955962][ T7224] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2448'.
[  242.995743][ T6976] F2FS-fs (loop1): f2fs_pin_file_control: Enable GC = ino a after 801 GC trials
[  243.141663][ T7231] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.156368][ T7231] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.173891][ T7231] device bridge_slave_0 entered promiscuous mode
[  243.195192][ T7231] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.228754][ T7231] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.250322][ T7231] device bridge_slave_1 entered promiscuous mode
[  243.461117][ T7231] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.468177][ T7231] bridge0: port 2(bridge_slave_1) entered forwarding state
[  243.475275][ T7231] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.482152][ T7231] bridge0: port 1(bridge_slave_0) entered forwarding state
[  243.578640][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  243.586582][    T6] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.608314][    T6] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.640607][  T537] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  243.648907][  T537] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.655758][  T537] bridge0: port 1(bridge_slave_0) entered forwarding state
[  243.678654][  T537] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  243.696625][  T537] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.703489][  T537] bridge0: port 2(bridge_slave_1) entered forwarding state
[  243.726469][  T537] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  243.734441][  T537] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  243.780028][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  243.793557][ T7231] device veth0_vlan entered promiscuous mode
[  243.817170][  T537] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  243.825117][  T537] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  243.848925][  T537] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  243.860637][    T8] device bridge_slave_1 left promiscuous mode
[  243.870345][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.896914][    T8] device bridge_slave_0 left promiscuous mode
[  243.902891][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.911293][    T8] device veth1_macvtap left promiscuous mode
[  243.917178][    T8] device veth0_vlan left promiscuous mode
[  244.031023][ T4956] usb 4-1: USB disconnect, device number 32
[  244.096371][ T1479] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  244.156706][ T7231] device veth1_macvtap entered promiscuous mode
[  244.164291][  T537] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  244.253859][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  244.262542][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  244.270784][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  244.278933][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  244.339660][ T7248] loop2: detected capacity change from 0 to 512
[  244.387228][ T6453] handle_bad_sector: 132175 callbacks suppressed
[  244.387251][ T6453] attempt to access beyond end of device
[  244.387251][ T6453] loop4: rw=0, want=59160, limit=40427
[  244.388921][ T6195] attempt to access beyond end of device
[  244.388921][ T6195] loop3: rw=0, want=58648, limit=40427
[  244.393596][ T6976] attempt to access beyond end of device
[  244.393596][ T6976] loop1: rw=524288, want=57440, limit=40427
[  244.404397][ T7248] EXT4-fs (loop2): error: could not find journal device path: error -2
[  244.415129][ T6453] attempt to access beyond end of device
[  244.415129][ T6453] loop4: rw=0, want=59168, limit=40427
[  244.426413][ T6195] attempt to access beyond end of device
[  244.426413][ T6195] loop3: rw=0, want=58656, limit=40427
[  244.434473][ T6976] attempt to access beyond end of device
[  244.434473][ T6976] loop1: rw=524288, want=57448, limit=40427
[  244.474499][ T6195] attempt to access beyond end of device
[  244.474499][ T6195] loop3: rw=0, want=58664, limit=40427
[  244.476443][ T6453] attempt to access beyond end of device
[  244.476443][ T6453] loop4: rw=0, want=59176, limit=40427
[  244.488234][ T6195] attempt to access beyond end of device
[  244.488234][ T6195] loop3: rw=0, want=58672, limit=40427
[  244.500408][ T6976] attempt to access beyond end of device
[  244.500408][ T6976] loop1: rw=524288, want=57456, limit=40427
[  244.526505][ T1479] usb 5-1: config 0 has an invalid interface number: 32 but max is 0
[  244.536576][ T1479] usb 5-1: config 0 has no interface number 0
[  244.542488][ T1479] usb 5-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid maxpacket 57964, setting to 1024
[  244.573973][ T1479] usb 5-1: New USB device found, idVendor=056a, idProduct=00f8, bcdDevice=15.b4
[  244.597068][ T1479] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  244.666147][ T1479] usb 5-1: config 0 descriptor??
[  244.707835][ T1479] usbhid 5-1:0.32: couldn't find an input interrupt endpoint
[  245.649976][ T7259] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.656949][ T7259] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.664919][ T7259] device bridge_slave_0 entered promiscuous mode
[  245.672446][ T7259] bridge0: port 2(bridge_slave_1) entered blocking state
[  245.679574][ T7259] bridge0: port 2(bridge_slave_1) entered disabled state
[  245.686918][ T7259] device bridge_slave_1 entered promiscuous mode
[  245.797004][ T7259] bridge0: port 2(bridge_slave_1) entered blocking state
[  245.803937][ T7259] bridge0: port 2(bridge_slave_1) entered forwarding state
[  245.811042][ T7259] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.817902][ T7259] bridge0: port 1(bridge_slave_0) entered forwarding state
[  245.868402][ T1479] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.876169][ T1479] bridge0: port 2(bridge_slave_1) entered disabled state
[  245.891772][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  245.904805][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  245.935886][  T343] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  245.946573][  T343] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.953440][  T343] bridge0: port 1(bridge_slave_0) entered forwarding state
[  245.997837][  T343] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  246.028069][  T343] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.035121][  T343] bridge0: port 2(bridge_slave_1) entered forwarding state
[  246.076449][  T343] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  246.079879][ T7276] netlink: 'syz.4.2454': attribute type 16 has an invalid length.
[  246.104675][  T343] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  246.129558][ T7276] netlink: 64138 bytes leftover after parsing attributes in process `syz.4.2454'.
[  246.141521][ T4948] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  246.160314][ T4948] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  246.172514][ T7259] device veth0_vlan entered promiscuous mode
[  246.185529][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  246.195020][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  246.221500][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  246.242511][ T7259] device veth1_macvtap entered promiscuous mode
[  246.265089][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  246.282971][  T343] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  248.180715][ T7301] BUG: unable to handle page fault for address: ffffffffff600000
[  248.188298][ T7301] #PF: supervisor read access in kernel mode
[  248.194088][ T7301] #PF: error_code(0x0001) - permissions violation
[  248.200336][ T7301] PGD 6812067 P4D 6812067 PUD 6814067 PMD 6816067 PTE 8000000006809165
[  248.208590][ T7301] Oops: 0001 [#1] PREEMPT SMP KASAN
[  248.213617][ T7301] CPU: 0 PID: 7301 Comm: syz.3.2470 Tainted: G        W         5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[  248.224726][ T7301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  248.234621][ T7301] RIP: 0010:copy_from_kernel_nofault+0x86/0x2e0
[  248.240708][ T7301] Code: 48 89 55 d0 0f 85 ea 01 00 00 ff 02 bf 07 00 00 00 4c 89 ee e8 8b 92 d6 ff 49 83 fd 07 76 5c 4d 89 fe 49 83 c5 f8 49 83 c7 08 <49> 8b 1c 24 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 80
[  248.260137][ T7301] RSP: 0018:ffffc90000f17b10 EFLAGS: 00010292
[  248.266476][ T7301] RAX: 0000000000000002 RBX: 00007ffffffff000 RCX: ffff888111448000
[  248.274295][ T7301] RDX: ffff888111448b90 RSI: 0000000000000008 RDI: 0000000000000007
[  248.282090][ T7301] RBP: ffffc90000f17b48 R08: ffffffff8199a955 R09: ffffed1022289001
[  248.290027][ T7301] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffffffff600000
[  248.297830][ T7301] R13: 0000000000000000 R14: ffffc90000f17ba8 R15: ffffc90000f17bb0
[  248.305642][ T7301] FS:  00007f2a72d936c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  248.314409][ T7301] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  248.320832][ T7301] CR2: ffffffffff600000 CR3: 000000011174d000 CR4: 00000000003506b0
[  248.328654][ T7301] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  248.336454][ T7301] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  248.344266][ T7301] Call Trace:
[  248.347389][ T7301]  <TASK>
[  248.350169][ T7301]  ? __die_body+0x62/0xb0
[  248.354422][ T7301]  ? __die+0x7e/0x90
[  248.358152][ T7301]  ? page_fault_oops+0x7f9/0xa90
[  248.362929][ T7301]  ? kernelmode_fixup_or_oops+0x270/0x270
[  248.368480][ T7301]  ? security_file_alloc+0x29/0x120
[  248.373531][ T7301]  ? kmem_cache_alloc+0xf5/0x200
[  248.378293][ T7301]  ? exc_page_fault+0x521/0x830
[  248.382976][ T7301]  ? errseq_sample+0x44/0x70
[  248.387407][ T7301]  ? asm_exc_page_fault+0x27/0x30
[  248.392261][ T7301]  ? copy_from_kernel_nofault+0x75/0x2e0
[  248.397731][ T7301]  ? copy_from_kernel_nofault+0x86/0x2e0
[  248.403198][ T7301]  bpf_probe_read_compat+0x112/0x180
[  248.408319][ T7301]  bpf_prog_baa065642a502c00+0x64/0x4f8
[  248.413698][ T7301]  __bpf_prog_test_run_raw_tp+0xa0/0x1d0
[  248.419166][ T7301]  ? bpf_prog_test_run_raw_tp+0x4c5/0x6c0
[  248.424733][ T7301]  bpf_prog_test_run_raw_tp+0x4cd/0x6c0
[  248.430103][ T7301]  ? bpf_prog_test_run_tracing+0x710/0x710
[  248.435749][ T7301]  ? __kasan_check_write+0x14/0x20
[  248.440781][ T7301]  ? fput_many+0x160/0x1b0
[  248.445030][ T7301]  ? bpf_prog_test_run_tracing+0x710/0x710
[  248.450674][ T7301]  bpf_prog_test_run+0x3b0/0x630
[  248.455542][ T7301]  ? bpf_prog_query+0x220/0x220
[  248.460229][ T7301]  ? selinux_bpf+0xd2/0x100
[  248.464569][ T7301]  ? security_bpf+0x82/0xb0
[  248.468911][ T7301]  __sys_bpf+0x525/0x760
[  248.472988][ T7301]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  248.478195][ T7301]  ? __kasan_check_read+0x11/0x20
[  248.483055][ T7301]  __x64_sys_bpf+0x7c/0x90
[  248.487310][ T7301]  do_syscall_64+0x3d/0xb0
[  248.491577][ T7301]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  248.497292][ T7301] RIP: 0033:0x7f2a73b11bd9
[  248.501541][ T7301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  248.520985][ T7301] RSP: 002b:00007f2a72d93048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  248.529226][ T7301] RAX: ffffffffffffffda RBX: 00007f2a73c9ff60 RCX: 00007f2a73b11bd9
[  248.537125][ T7301] RDX: 0000000000000050 RSI: 0000000020000680 RDI: 000000000000000a
[  248.544935][ T7301] RBP: 00007f2a73b80a98 R08: 0000000000000000 R09: 0000000000000000
[  248.552922][ T7301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  248.560732][ T7301] R13: 000000000000000b R14: 00007f2a73c9ff60 R15: 00007ffda48fb048
[  248.568548][ T7301]  </TASK>
[  248.571501][ T7301] Modules linked in:
[  248.575241][ T7301] CR2: ffffffffff600000
[  248.579229][ T7301] ---[ end trace e0ea16bb8eea02c6 ]---
[  248.584602][ T7301] RIP: 0010:copy_from_kernel_nofault+0x86/0x2e0
[  248.590678][ T7301] Code: 48 89 55 d0 0f 85 ea 01 00 00 ff 02 bf 07 00 00 00 4c 89 ee e8 8b 92 d6 ff 49 83 fd 07 76 5c 4d 89 fe 49 83 c5 f8 49 83 c7 08 <49> 8b 1c 24 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 80
[  248.610208][ T7301] RSP: 0018:ffffc90000f17b10 EFLAGS: 00010292
[  248.616192][ T7301] RAX: 0000000000000002 RBX: 00007ffffffff000 RCX: ffff888111448000
[  248.624004][ T7301] RDX: ffff888111448b90 RSI: 0000000000000008 RDI: 0000000000000007
[  248.631919][ T7301] RBP: ffffc90000f17b48 R08: ffffffff8199a955 R09: ffffed1022289001
[  248.639731][ T7301] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffffffff600000
[  248.647545][ T7301] R13: 0000000000000000 R14: ffffc90000f17ba8 R15: ffffc90000f17bb0
[  248.655354][ T7301] FS:  00007f2a72d936c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  248.664134][ T7301] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  248.670550][ T7301] CR2: ffffffffff600000 CR3: 000000011174d000 CR4: 00000000003506b0
[  248.678356][ T7301] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  248.686166][ T7301] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  248.693992][ T7301] Kernel panic - not syncing: Fatal exception
[  248.700056][ T7301] Kernel Offset: disabled
[  248.704177][ T7301] Rebooting in 86400 seconds..