last executing test programs:

15.428309892s ago: executing program 1 (id=611):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000010004850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
mount(&(0x7f00000001c0)=@filename='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000001200)='vfat\x00', 0x0, 0x0)

15.289603134s ago: executing program 1 (id=614):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
sendfile(r0, r0, 0x0, 0x7a68007c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_emit_ethernet(0x1f, 0x0, 0x0)

15.074312661s ago: executing program 1 (id=616):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/image_size', 0x10b902, 0x0)
write$cgroup_int(r2, &(0x7f0000000000), 0x12)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)={0x2, 0x3, 0x0, 0x9, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}]}, 0x70}, 0x1, 0x7}, 0x0)
r4 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000080)=[{0x80000006}]}, 0x10)
r5 = open(&(0x7f0000000000)='./file1\x00', 0x109042, 0x0)
getpid()
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$TIOCSETD(r9, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r9, 0x400455c8, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x2, 0xfff, 0x5}, 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000280), &(0x7f0000000380), 0xfff, r10}, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r11}, 0x10)
getitimer(0x0, &(0x7f0000000300))
ioctl$sock_bt_hci(r8, 0x400448ca, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
copy_file_range(r5, 0x0, r5, &(0x7f0000000100)=0xfffffffffffffff7, 0x0, 0x0)

4.650596351s ago: executing program 0 (id=667):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000010004850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
mount(&(0x7f00000001c0)=@filename='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000001200)='vfat\x00', 0x0, 0x0)

4.54015476s ago: executing program 0 (id=668):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
r1 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r1, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
readv(r1, &(0x7f0000000000)=[{&(0x7f0000000200)=""/150, 0x96}], 0x1)
fstat(r0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
stat(&(0x7f0000000500)='./file0\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
sendmmsg$unix(r1, &(0x7f00000009c0)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000000c0)="1e8fce3c4b99b01ba586b304b7f11ad492771ecb13b3acf8da6c16ed7fa299b552ab9c86c4e9f690a3d3d63261bafc1a7674e368f033d846f18f7b78c4f1c4dd32b655db9eed572a1694d763e3794a81724a611e2663e6392ff525bc5e836412c93e63de283532b3db32ecceb840f27a2cce", 0x72}, {&(0x7f0000000340)="640e4b9d1526e2fe2f54b0c7558c66b0680b1d4dfb09c06c045bb47a8cd2b15dd18817cc1dd4ed9b26dde2e5ed249a8e1f267d6d68c6ef10a8c41631e8f2c2efe3911b2c4bf26ff059e4a8112c3b9a8f1830c5f05461797c71c048ca758b04a0b645c2a30a1b2d551a16d1d88bba8e190ba36df2ac16df99de35fbecd9e92773606765a821c8fee05d3a9389caf10851bbc84483a8e04e31b7033be20be855b85e9e6a4229e23ac8c58537393470973b18124f296313598178821ecb80b701fffdf613a217058516bec4f3cf1dbf2093a66299c9160b469f22376ae8a9489d44e760843aa9665f030a3e58a9209bb3a685938852ebdccdcc6376bebbbdb5d7", 0xff}], 0x2, &(0x7f0000000680)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r2, r3}}}, @rights={{0x2c, 0x1, 0x1, [r0, r0, r0, r0, r0, r0, r4]}}], 0x50, 0xc8842}}, {{&(0x7f0000000700)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000000980)=[{&(0x7f0000000540)="ea34512c198527b319cd9d42fd357ccbd4debcc497881ff38e50a74987191611bd5a758df09f", 0x26}, {&(0x7f0000000780)="0c626f68296517e5d0ee51181626d18f2233629c47ff47dd7aa22856839d792bab880aeaea797795fb61474f47d59c8d91ba3cd191b4e7471b8bb23539fe5ba8da922607397b73e298279495eceaf16ecef006a769553cb84db0f3519456fab7e69336f403060aeead1e511edfd0cfc8ecaf66527e6df569d95c6f6518c869584479c14d3e5f9fca1f6d4503687e8ff4cd98", 0x92}, {&(0x7f0000000840)="d42eb86db4d6", 0x6}, {&(0x7f0000000880)="ac1f9add40a2bd84f5b245d2da4dcc37e670489a236313667bad3889135c463f263159ede7f3ac8411c19b9a9c6f5756f32da9e18da78ffcfb90d59c4fd7a7c8a02ebafbfb333c13f12faba05587ceffb386cb2b6eca140199a0c17ae2a27a6d0c1829dfc77004877fd8ac6a1e5206d1a3e755fb45008355b10955c14836c027520d2ab14b92613754a957f714e99f4e12042f4b3f4fad8e8492c2517b5e201f61561cabc5e03f8360fe26b56ae73125d844d04df38e6ce19d3be17984cf2975b4e2771fabceebedfd1c077e67f68d7761e2", 0xd2}], 0x4, 0x0, 0x0, 0x44080}}], 0x2, 0x4000810)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000001c0)='kmem_cache_free\x00'}, 0x10)
syz_emit_ethernet(0x86, &(0x7f00000001c0)={@random="591a1d9a2bdb", @link_local={0x1, 0x80, 0xc2, 0x25}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x29, 0x0, @empty, @multicast1}, {0x0, 0x0, 0x64, 0x0, @wg=@response={0x220, 0x0, 0x0, "bfd8a5dd2002c02142c4391145badd28fd7f0ffc0e896f38da00", "0bb10000085b2e00", {"bb3b2195c4b058706558a70864bef1f0", "524a72fc460b8cd26e095f24ab642591"}}}}}}}, 0x0)

4.526516351s ago: executing program 2 (id=669):
syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f0000005440), 0x26, 0x75c, &(0x7f0000005480)="$eJzs3M1rHGUYAPBnptmkH9GNIPhxEKGFFko3SXNpT40Xb4VCwWsNm0kImWRDdlO7sWDrWajNRUEQ9ezRq1DqH+BNCgreBdEaD+JlZTablMZsum3Sbkl/P5jO+87H+zxPd3izAzsTwAvr7eKfJGI4Ii5FRLmzPY2IwXbrcMSNjePW71+PgYhqEq3W5T+S4rRYb5W3xko662PRPiVej4i7pYjTH/8/br25Oj+V59lypz/aWFgarTdXz8wtTM1ms9ni+MT5sXMTE+fGJh5Zw2s91nrivfNHbv/47traT981br01cCaJyXbdsVFbtcdhHsvG/0kpJrdtX3wawfoo6XcCAAD0pPiefyii+F4fpSjHoXYLAAAAOEhaQy0AAADgwEui3xkAAAAAT9fm7wDW71+vbi7P8vcHv78TESM7xR9oP0MccThKEXF0PXnoyYRk4zTYkxs3I+LO5Pbr75viCruxx7HHtvUffkZ6cI+jsx/uFPPP5E7zT7o1/8QO88/A5rsT9qj7/Pcg/qEu89+lHmN8/+Ubpa7xb0a8ObBT/GQrftIl/vs9xr+19sntbvtaX0ec3PHvT/JQrF3eDzE5M5fv+vqBu/+eurdb/Ue7xU92r3+px/o/XP9rvttcUsQ/dXz3z3+n+MU18WknjzQibnfWRX9tW4zjCz//sFv90xGtJ/n8v+qx/l+/HbrW46EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQlkbEcCRpZaudppVKxLGIeDWOpnmt3jg9U1tZnC72RYxEKZ2Zy7OxiChv9JOiP95uP+if3dafiIhXfjmyEXQuzyrVWj7d7+IBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYciwihiNJKxGRRsTf5TStVCIGejh36BnkBwAAAOyTkX4nAAAAADx17v8BAADg4HvS+/9kn/MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrRLFy8WS2v9/vVq0Z++2lyZr109M53V5ysLK9VKtba8VJmt1WbzrFKtLTxqvLxWWxo/HyvXRhtZvTFab65eWaitLDauzC1MzWZXstIzqQoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDHNdxekrQSEWm7naaVSsRLETESpWRmLs/GIuLliLhXLg0V/fF+Jw0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC+qzdX56fyPFt+bhqDncyel3w0NPa/8dFzf4X3eWICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAv6s3V+ak8z5br/c4EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/kp/SyKiWE6WTwxv3zuY/FNuryPigy8uf3ZtqtFYHi+2/7m1vfF5Z/vZfuQPAAAAL4QLj3Pw5n365n08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAr+rN1fmpPM+W99a4EM3VVtLlmH7XCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJn/AgAA///3Y8EX")
bpf$MAP_CREATE(0x0, 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000200)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})

4.315759348s ago: executing program 2 (id=673):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000180), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=@ipv6_getaddrlabel={0x30, 0x1a, 0x1, 0x0, 0x0, {}, [@IFAL_ADDRESS={0x14, 0x1, @mcast2}]}, 0x30}}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x12, 0x9, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x5}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0xa7}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8}, 0x80)
syz_mount_image$exfat(&(0x7f00000001c0), &(0x7f0000000000)='./file1\x00', 0x8800, &(0x7f0000000540)=ANY=[@ANYBLOB='dmask=00000000000000000000002,errors=continue,namecase=1,iocharset=cp862,iocharset=cp437,discard,gid=', @ANYRESHEX=0xee01, @ANYBLOB="2c696f636861727365743d63703835372c757466382c6e616d65636173653d312c00afeb25c8d8bf6d820ca8d5b95843058cdb15a6d60184912a470be86a89b6eac3c4e6b79dc2fa753b117e9e53388343fc5e07b7bb127bacb9d8382c3e058cb9f57a56bc1b19e22474bc1032655d868d14175536dfe9252a00"], 0x5, 0x1506, &(0x7f0000002840)="$eJzs3AuYjVX7MPD7Xms9Y0zSbpLDsNa6H3ZyWCZJckiSQ5IkSZJTQtIkSUJiyClpSEJyGJLDEJLDxKRxPh9yTpKkSZKcckrWdyk+b2+9X//+/76/93rn/l3Xc+117+e5176ffe/D2s/FfNd5SI1GNas2ICL4H8Ffb5IBIBYABgDANQAQAEDZ+LLxF/bnlJj8P3sQ9vd6KO1KV8CuJO5/9sb9z964/9kb9z974/5nb9z/7I37n71x/xnLzjZNK3Atb9l34+v/2Rl///8HySo15qs1pa7v8hdSuP/ZG/f/P1bwXzmI+5+9cf+zN+5/9sb9zw5y/Ms93P/sjfvPWHZ2pa8/83Zltyv9+mOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxlj2c9pcpALg0vtJ1McYYY4wxxhhj7O/jc1zpChhjjDHGGGOMMfb/H4IACQoCiIEcEAs5IQ4EAFwNueEaiMC1EA/XQR64HvJCPsgPBSABCkIh0GDAAkEIhaEIROEGKAo3QjEoDiWgJDgoBYlwE5SGm6EM3AJl4VYoB7dBeagAFaES3A6V4Q6oAndCVbgLqkF1qAE14W6oBfdAbbgX6sB9UBfuh3rwANSHB6EBPAQN4WFoBI9AY3gUmkBTaAbNocV/K/9F6A4vQQ/oCcnQC3rDy9AH+kI/6A8D4BUYCK/CIHgNUmAwDIHXYSi8AcPgTRgOI2AkvAWj4G0YDWNgLIyDVBgPE+AdmAjvwiSYDFNgKqTBNJgO78EMmAmz4H2YDR/AHJgL82A+pMOHsAAWQgZ8BIvgY8iExbAElsIyWA4rYCWsgtWwBtbCOlgPG2AjbIJPYDNsga2wDbbDDtgJn8Iu+Ax2w+ewB774i/mn/im/CwICChSoUGEMxmAsxmIcxmEuzIW5MTdGMILxGI95MA/mxbyYH/NjAiZgISyEBg0SEhbGwhjFKBbFolgMi2EJLIEOHSZiIpbGm7EMlsGyWBbLYTksjxWwAlbCSlgZK2MVrIJVsSpWw2pYA2vg3Xg39sLaWBvrYB2si3UvXZ7CBtgAG2JDbISNsDE2xibYBJthM2yBLbAltsRW2ArbYBtsi22xHbbDJEzC9tgeO2AH7IgdsRN2ws7YGbtgV+yKL+YAfAlfwp5YTfTC3tgb+2Af7If9sT++ggPxVXwVX8MUHIxD8HV8Hd/AYXgSh+MIHIkjsbJ4G0fjGCQxDlMxFSfgBJyIE3ESTsbJOBXTcBpOx+k4A2fiTHwfZ+MH+AHOxbk4H9MxHRfgQszADFyEpzATF+MSXIrLcDkuw5W4ClfiGlyLa3A9rseNuBE/wU9wC27BbbgNd6ACwE/xM/wMU3AP7sG9uBf34T7cj/sxC7PwAB7Ag3gQD+EhPIyH8QgexWN4FE/gCTyJp/A0nsazeBbP4fMJ3zTcUXx1CogLlFAiRsSIWBEr4kScyCVyidwit4iIiIgX8SKPyCPyirwiv8gvEkSCKCQKCSOMIBHGAICIiqgoKoqKYqKYKCFKCCecSBSJorQoLcqIMqKsuFWUE7eJ8qKCaO0qiUqismjjqog7RVVRVVQT1UUNUVPUFLVELVFb1BZ1RB1RV9QV9cQDor7ohf3wIXGhM43EYGwshmAT0VTIi59gLcUwbCVaizbiCTECh2M70dIliadFezEaO4hnxRh8TnQS47CzeEF0EV1FN/Gi6C5auR6ip5iEvURvMRX7iL6in+gvZmB1caFjNcRrIkUMFkPE62I+viGGiTfFcDFCjBRviVHibTFajBFjxTiRKsaLCeIdMVG8KyaJyWKKmCrSxDQxXbwnZoiZYpZ4X8wWH4g5Yq6YJ+aLdPGhWCAWigzxkVgkPhaZYrFYIpaKZWK5WCFWilVitVgj1op1Yr3YIDaKTeITsVlsEVvFNrFd7BA7xadil/hM7Bafiz3iC7FXfCn2ia/EfvG1yBLfiAPiW3FQfCcOie/FYfGDOCKOimPiuDghfhQnxSlxWpwRZ8VP4pz4WZwXXoBEKaSUSgYyRuaQsTKnjJNXyVwyuPjsXivj5XUyj7xe5pX5ZH5ZQCbIgrKQ1NJIK0mGsrAsIqPyBllU3iiLyeKyhCwpnSwlE+VNsrS8WZaRt8iy8lZZTt4my8sKsqKsJG+XleUdsoq8U1aVd8lqsrqsIWvKu2UteY+sLe+VdeR9sq68X9aTD8j68kHZQD4kG8qHZSP5iGwsH5VNZFPZTDaXLeRjsqV8XLaSrWUb+YRsK5+U7eRTMkk+LdvLZ2QH+azsKJ+TneTzsrN8QXaRXWU3+bM8L73sIXvKZNlL9pYvyz6yr+wn+8sB8hU5UL4qB8nXZIocLIfI1+VQ+YYcJt+Uw+UIOVK+JUfJt+VoOUaOleNkqhwvJ8h35ET5rpwkJ8spcqpMk9Nkv4szzZLyT/Pf+YP8Qb88+ka5SX4iN8stcqvcJrfLHXKn3Cl3yV1yt9wt98g9cq/cK/fJfXK/3C+zZJY8IA/Ig/KgPCQPycPysDwij8oz8rg8IX+UJ+UpeUqekWflWXnu4nMACpVQUikVqBiVQ8WqnCpOXaVyqatVbnWNiqhrVby6TuVR16u8Kp/KrwqoBFVQFVJaGWUVqVAVVkVUVN2AF18wqoQqqZwqpRLVTX8lXxVVN6piqvhv8v+svhaqhWqpWqpWqpVqo9qotqqtaqfaqSSVpNqr9qqD6qA6qo6qk+qkOqvOqovqorqpbqq76q56qB4qWSWr3upl1Uf1Vf1UfzVAvaIGqoFqkBqkUlSKGqKGqKFqqBqmhqnhargaqUaqUWqUGq1Gq7FqrEpVqWqCmqAmqolqkpqkpqgpKk2lqelqupqhZqhZapaarWarOWqOmqfmqXSVrhaoBSpDZahFapHKVIvVYrVULVXL1XK1Uq1Uq9VqtVatVevVepWpNqlNarParLaqrWq72q52qp1ql9qldqvdao/ao/aqvWqf2qf2q/0qS2WpA+qAOqgOqkPqkDqsDqsj6og6po6pE+qEOqlOqtPqtDqrzqpz6pw6r85fWPYFIhCBClQQE8QEsUFsEBfEBbmCXEHuIHcQCSJBfBAf5AmuD/IG+YL8QYEgISgYFAp0YAIbiItNjwY3BEWDG4NiQfGgRFAycEGpIDG4KSgd3ByUCW4Jyga3BuWC24LyQYWgYlApuD2oHNwRVAnuDKoGdwXVgupBjaBmcHdQK7gnqB3cG9QJ7gvqBvcH9YIHgvrBg0GD4KGgYfBw0Ch4JGgcPBo0CZoGzYLmQYu/dX7vT+Z73PXQPXWy7qV765d1H91X99P99QD9ih6oX9WD9Gs6RQ/WQ/Treqh+Qw/Tb+rheoQeqd/So/TberQeo8fqcTpVj9cT9Dt6on5XT9KT9RQ9VafpaXq6fk/P0DP1LP2+nq0/0HP0XD1Pz9fp+kO9QC/UGfojvUh/rDP1Yr1EL9XL9HK9Qq/Uq/RqvUav1ev0er1Bb9Sb9Cd6s96it+pterveoXfqT/Uu/ZnerT/Xe/QXeq/+Uu/TX+n9+mudpb/RB/S3+qD+Th/S3+vD+gd9RB/Vx/RxfUL/qE/qU/q0PqPP6p/0Of2zPq/9hcX9ha93o4wyMSbGxJpYE2fiTC6Ty+Q2uU3EREy8iTd5TB6T1+Q1+U1+k2ASTCFTyFxAhkxhU9hETdQUNUVNMVPMlDAljDPOJJpEU9qUNmVMGVPWlDXlTDlT3pQ3FU1Fc7u53dxh7jB3mjvNXeYuU91UNzVNTVPL1DK1TW1Tx9QxdU1dU8/UM/VNfdPANDANTUPTyDQyjU1j08Q0Mc1MM9PCtDAtTUvTyrQybUwb09a0Ne1MO5Nkkkx70950MB1MR9PRdDKdTGfT2XQxXUw30810N91ND9PDJJtk09v0Nn1MH9PP9DMDzAAz0Aw0g8wgk2JSzBAzxAw1Q80wM8wMNyPMSPOWGWXeNqPNGDPWjDOpJtVMMBPMRDPRTDKTzBQzxaSZNDPdTDczzAwzy8wys81sM8fMMfPMPJNu0s0Cs8BkmAyzyCwymSbTLDFLzDKzzKwwK8wqs8qsMWvMOlhnNpgNZpPZZDabzWar2Wq2m+1mp9lpdpldZrfZbfaYPWav2Wv2mX1mv9lvskyWOWAOmIPmoDlkDpnD5rA5Yo6YY+aYOWFOmJPmpDltTpuzJt/FJZU3sTanjbNX2Vz2apvbXmP/Oc5vC9gEW9AWstrmtfl+ExtrbTFb3JawJa2zpWyivel3cXlbwVa0lezttrK9w1b5XVzL3mNr23ttHXufrWnv/k1c195v69lHbH1EANvUNrTNbSP7iG1sH7VNbFPbzDa3be2Ttp19yibZp217+8zv4gV2oV1lV9s1dq3dZT+zp+0Ze9B+Z8/an2wP29MOsK/YgfZVO8i+ZlPs4N/FI+1bdpR92462Y+xYO+538RQ71abZaXa6fc/OsDN/F6fbD+1sm2Hn2Ll2np3/S3yhpgz7kV1kP7aZdrFdYpfaZXa5XWFX/t9al9r1doPdaHfaT+1mu8Vutdvsdrvjl/jCeey2n9s99gt7wH5r99mv7H57yGbZb36JL5zfIfu9PWx/sEfsUXvMHrcn7I/2pD31y/lfOPfj9md73noLhCRIkqKAYigHxVJOiqOrKBddTbnpGorQtRRP11Eeup7yUj7KTwUogQpSIdJkyBJRSIWpCEXpBrq0Ti9BJclRKUqkm6g03Uxl6BYqS7dSObqNylMFqkiV6HaqTHdQFbqTqtJdVI2qUw2qSXdTLbqHatO9VIfuo7p0P9WjB6g+PUgN6CFqSA9TI3qEGtOj1ISaUjNqTi3oMWpJj1Mrak1t6AlqS09SO3qKkuhpak/PUAd6ljrSc9SJnqfO9AJ1oa7UjV6k7vQS9aCelEy9qDe9TH2oL/Wj/jSAXqGB9CoNotcohQbTEHqdhtIbNIzepOE0gkbSWzSK3qbRNIbG0jhKpfE0gd6hifQuTaLJNIWmUhpNo+n0Hs2gmTSL3qfZ9AHNobk0j+ZTOn1IC2ghZdBHtIg+pkxaTEtoKS2j5bSCVtIqWk1raC2to/W0gTbSJvqENtMW2krbaDvtoJ30Ke2iz2g3fU576AvaS1/SPvqK9tPXlEXf0AH6lg7Sd3SIvvc96Qc6QkfpGB2nE/QjnaRTdJrO0Fn6ic7Rz3SePEGIoQhlqMIgjAlzhLFhzjAuvCrMFV4d5g6vCSPhtWF8eF2YJ7w+zBvmC/OHBcKEsGBYKNShCW1IYRgWDouE0fCGsGh4Y1gsLB6WCEuGLiwVJoY3haXDm8My4S1h2fDWsFx4W1g+rBA+cl+l8PawcnhHWCW8M6wa3hVWC6uHNcKa4d1hrfCesHZ4b1gnvC8sE94f1gsfCOuHD4YNwofChuHDYaPwkbBx+GjYJGwaNgubhy3Cx8KW4eNhq7B12CZ8ImwbPhm2C58Kk8Knw/bhM3+6PznsFfYOXw5fDr2/V86Lzo+mRz+MLogujGZEP4ouin4czYwuji6JLo0uiy6ProiujK6Kro6uia6Nrouuj26Ibox6XzMHOHTCSadc4GJcDhfrcro4d5XL5a52ud01LuKudfHuOpfHXe/yunwuvyvgElxBV8hpZ5x15EJX2BVxUXeDK+pudMVccVfClXTOlXKJrrlr4Vq4lu5x18q1dm3cE+4J96R70j3lnnJPu/buGdfBPes6uudcJ/e8e9694Lq4rq6be9F1d+Nz//qeTHa9XW/Xx/Vx/Vw/N8ANcAPdQDfIDXIpLsUNcUPcUDfUDXPD3HA33I10I90oN8qNdqPdWDfWpbpUN8FNcBPdRDfJTXJT3BSX5tLcdDfdzXAzXOWZvz7KHDfHzXPzXLpLdwvchTVjhlvkFrlMl+mWuCVumVvmVrgVbpVb5da4NW6dW+c2uA1uk9vkNrvNbqvb6ra77W6n2+l2+Wt+ndTtcXvdXrfP7XP73dcuy33jDrhv3UH3nTvkvneH3Q/uiDvqjrnj7oT70Z10p9xpd8addT+5c+5nd955lxoZH5kQeScyMfJuZFJkcmRKZGokLTItMj3yXmRGZGZkVuT9yOzIB5E5kbmReZH5kfTIh5EFkYWRjMhHkUWRjyOZkcWRJZGlkWWR5RHvC24OfWFfxEf9Db6ov9EX88V9CV/SO1/KJ/qbfGl/sy/jb/Fl/a2+nL/Nl/cVfEX/qG/im/pmvrlv4R/zLf3jvpVv7dv4J3xb/6Rv55/ySf5p394/4zv4Z31H/5zv5J/3nf0Lvovv6rv5F313/5Lv4Xv6ZN/L9/Yv+z6+r+/n+/sB/hU/0L/qB/nXfIof7If41/1Q/4Yf5t/0w/0IPzLmLT/KX/p0HudT/Xg/wb/jJ/p3/SQ/2U/xU32an+an+/f8DD/Tz/Lv+9n+Az/Hz/Xz/Hyf7j/0C/xCn+E/8ov8xz7TL750Udmv8Cv9Kr/ar/Fr/Tq/3m/wG/0m/4nf7Lf4rX6b3+53+J3+U7/Lf+Z3+8/9Hv+F3+u/9Pv8V36//9pn+W/8Af+tP+i/84f89/6w/8Ef8Uf9MX/cn/A/+pP+lD/tz/iz/id/zv/sz/P/WWOMMcYY+y8Zf3ko/mh/rz+4T/zDwb0B4OotBbL+cf+FFeW6vL+O+4qEthEAeLpn54cubdWqJScnXzw2U0JQZC4ARC7nx8DleDG0gSchCVpD6T+sv6/oepb+ZP7orQBx/5ATC5fjy/N/+S/mf+yJkQvKhafj/x/zzwUoVuRyTk64HC+GNurCbWso8y/mz9fyT+rP+VUqQKt/yMkFl+PL9SfC4/AMJP3mSMYYY4wxxhhj7Fd9RcWOl35/XvoXn3/0+zxBXc7JAZfjP/t9zhhjjDHGGGOMsSvvua7dnnosKal1x78+qPLfyuLBv+vAe4BL9ygAuNL1/LsOUi6+df5517IzPoB/iwr/lsEV/mBijDHGGGOM/e0uL/p/e7+6UgUxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGPZ0P/GnxO70ufIGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMXWn/JwAA//9cqxFN")
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r3, &(0x7f0000000f80)=""/4096, 0x1000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000040)={r2, 0xe0, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe2c, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000001040), 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10)

4.034506881s ago: executing program 2 (id=675):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000002100)={0x0, 0x0, &(0x7f00000020c0)={&(0x7f0000000000)={0x14, 0x1f, 0xf09, 0x0, 0x0, {0x6}}, 0x14}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x87}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000406d041bc700000000000109022400010000000009042000010300000009210000000122070009058103"], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000ffdd18110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0xcd, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000008000000000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_read_part_table(0x5c3, &(0x7f00000005c0)="$eJzs2z9I22kYB/A31lBohw7XqVPbocPRpaVjM7QlSVsqhKiL3KCgiJgpghC5gKAHmkExgzi6iJDFP5Mxg5Oi4Czi4CE4uNyhi+BiDvG97e7wUI8rfD7w48n75vu+T54h4y/wXWsJvzebzUQIofnwrxPNfzjdWUtnvjzPfch3xMvCfPWXH64+Jv48HW99GdeHcb0w/6gxefY5WTtoP3/VvVlpid+PxufxYr3zDsbjni2ltp6MjRezU6XUwH62fDyxt9u2fJrO179Vqitfk596Y2471tZYh0IpjITB0BMKoRD6QvGO+s/Vjt5cPsvW1vrfX2Qa0xtvYy53yzlv2n/4xUxXtfzx9erT2Xel9Z38yYPrXOFv/l0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPy/LKW2noyNF7NTpdTAfrZ8PLG327Z8ms7Xv1WqK1+Tn3pjbjvW1liHQimMhMHQEwohEfpC8Y76z9WO3lw+y9bW+t9fZBrTG29jLnfLOW/af/jFTFe1/PH16tPZd6X1nfzJg+tc4eE9/QAAAAAAAAAAAAAAAAAAAAAIIaQzX57nPuQ7QkiEn0Jr+PG3n1uu9pvxffdEzL2M9TDuL8w/akyefU7WDtrPX3VvVn6N+6PxebxY7/zPh+Ff+yMAAP//17OV3g==")

3.848537106s ago: executing program 1 (id=664):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000040000000000080000100850000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040), 0x213)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x0, 0x5, 0x408, 0xcd, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b00000000001b000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000006ffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r3)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r4 = inotify_init1(0x0)
fcntl$setown(r4, 0x8, 0xffffffffffffffff)
fcntl$getownex(r4, 0x10, &(0x7f0000000140)={0x0, <r5=>0x0})
r6 = syz_open_procfs(r5, &(0x7f0000000600)='fd/4\x00')
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r6, 0x4004662b, &(0x7f0000000180)={@id={0x2, 0x0, @d}})
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x20, 0xda, 0xfb, 0x20, 0x499, 0x1010, 0x5f5, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x6f, 0x2b, 0xae}}]}}]}}, 0x0)

3.692027889s ago: executing program 0 (id=679):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x0, 0x0, 0x8000}, 0x48)
mkdirat(0xffffffffffffffff, &(0x7f00000001c0)='./cgroup\x00', 0x4c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r6, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a40)=@newqdisc={0x470, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x444, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0xfde97aa2f3edf49}, @TCA_TBF_PTAB={0x404, 0x3, [0x7, 0x5, 0x1, 0x7, 0x2, 0x1ff, 0x80f6, 0x8, 0xc, 0x0, 0x401, 0x4, 0x1ff, 0x6, 0xffffff00, 0x7, 0x4, 0x6, 0x7, 0xbf, 0x1, 0x5, 0x4, 0x6, 0x10, 0x4000000, 0x6, 0x6, 0x8, 0xdc31, 0x6, 0x100, 0x8, 0x7, 0x2, 0x3, 0x7, 0x8, 0x8, 0x5, 0x9, 0x1, 0x4, 0x7, 0x97a, 0x3ff, 0x9, 0x6, 0x7fff, 0x8, 0x40, 0xfffffffb, 0xe0, 0x8, 0x71, 0x8, 0x1, 0x6, 0x3, 0xfffffff7, 0x400, 0x2, 0x2, 0xe, 0x1, 0x4, 0x8000, 0x80000001, 0x7, 0xd, 0x401, 0x0, 0x60, 0x400, 0x8, 0x9, 0x0, 0x6, 0x6, 0x3baa, 0x6, 0x7, 0x3, 0x2, 0x3, 0x6f3, 0x3, 0x4, 0xffffb12c, 0x9, 0x5, 0x10000, 0x4, 0x8, 0x3, 0x53c, 0xaafc, 0x0, 0x7, 0x4, 0x1000, 0x7, 0xff, 0x200000, 0x1, 0x1, 0xc, 0xa96, 0x2, 0xfffffff7, 0x7f, 0x8b, 0x6, 0x355, 0x3, 0x7ff, 0xdf49, 0x0, 0x0, 0xfffffffb, 0x0, 0xfff, 0x1e, 0x365, 0x7, 0x8, 0xf, 0x4, 0x9, 0x6, 0xb, 0x5, 0x6, 0x8, 0x7, 0x40, 0x21, 0x8, 0x9, 0x7, 0xfffffff7, 0x7, 0x6, 0x8, 0x5, 0x800, 0xa4, 0x9, 0x4, 0xff, 0x761a, 0xffff, 0xb7c, 0x1, 0x10000, 0x2, 0x4, 0x2, 0x1, 0x7, 0x3, 0x4, 0x4, 0x6, 0x0, 0x9, 0xffffffff, 0xfffffff9, 0xffffffff, 0x6, 0x4, 0x9, 0x4, 0x401, 0x47, 0x1, 0x4aa, 0x9, 0x8, 0x3, 0x6, 0x124, 0xfd, 0x4, 0x8, 0x6, 0x6, 0x9, 0x9, 0x2, 0x40, 0xf86, 0x6, 0x9, 0x5, 0x2, 0xca7, 0x6, 0x100, 0x3, 0x9, 0x2, 0x1, 0x800, 0x6, 0x6, 0x4d0e, 0x9, 0x1000, 0x6, 0x9c00, 0xc, 0x5, 0x5, 0xbd3, 0xffff, 0xa95, 0xfffffff8, 0x13c1, 0xff, 0x36, 0x8, 0x401, 0x0, 0x5dcd3fc3, 0x6, 0xffffa81a, 0x411, 0x4, 0x6, 0xfffffff7, 0xd, 0xe766, 0x8, 0x4, 0x7, 0x10000004, 0x8, 0x5, 0x4, 0xb, 0x4, 0x1, 0x9, 0x8, 0x8, 0x80000001, 0x9, 0x7fff, 0x5, 0xc6, 0x4000000, 0x9, 0x4, 0x0, 0x9]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x81}}, @TCA_TBF_BURST={0x8, 0x6, 0xaf}]}}]}, 0x470}}, 0x0)
bind$packet(r3, &(0x7f0000000040)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$inet6(r3, &(0x7f0000000800)="4104082c1116480401020200c52cf7c25975e005b02f000006892f000300897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305fbe258161b6fd8f2428652265d94c6fdbaefc57376a57c2feffff188be9427c323ef024a37016d2a7f9ab6e7941a6fc4f95aa73c1dfff4941f6503b5bd8c91db22cd33795481c94085fa12cdc679ac2a5d7b5d99b93fb07acb0da680e78b74c74aae8d7690d5986a9af81622a0ac210bc7b5ca5fed11cb54d046642670041e846bb184ff5d39fe8516d2d2a8d84e6e7dfcb2b8a8023444db513a3d7a124b59f0a5cd36489dbbb75cce3145d0ea3c3aa21af7cbcbc7a7575db782e757ca543109f5ddcec4930aa91f4119ea3d1f56140cb86cfe0724b23904ef5d05c725ee23918a502b1afe09fb0757d", 0xfc13, 0x880, 0x0, 0xfffffffffffffef0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000001900)=ANY=[@ANYBLOB, @ANYRESDEC], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="e8000000000000000b210000ff3f7c081e0f315b91fcaec7bf495d5c618332756cbb1bb9ce6d12b9d976d1f33aca41e50a3342bcd67c311f7885a05c3fcf2ae21f1498ec481e7ca2c3ca4c7b3bf94448f62e111e5a79929b9182cc977ba6ae766ce37bdaac6da997fbc15f0c79f42155b99a280667b51fdc7902d7be5ef41f953fedb32aceeada13250626957eff13d5b12cc916541ccbeb0d4060a4dd89664eaba2f6b4ede0c9e3dc1c9446d9284ebe0e46eee7bc145ff0a2779c025553298812978ea53a8c60f254f23344a80a0aac7b141787bad6b0ba090000005f2f3158f0d200000000000070000000000000000701000040000000afbb30c2946e41ef3167d1f6ed47aa1f52bad114a89dbed741f74a23cd8d915e2dcc74a4932646b90f90a9d3956d5cadb642ac79fcb0aae3654482188263abd27e9d57cc28032453dc75f333e1f367ab38b7e7719805a454e79802d07ec60c00b0000000000000000100000001"], 0x208}, 0x0)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000240)={<r7=>0xffffffffffffffff})
sendmsg(r7, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x208}, 0x0)

2.81456523s ago: executing program 0 (id=684):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==")
pwritev2(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7a68007c)

2.68928185s ago: executing program 0 (id=686):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/image_size', 0x10b902, 0x0)
write$cgroup_int(r2, &(0x7f0000000000), 0x12)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)={0x2, 0x3, 0x0, 0x9, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}]}, 0x70}, 0x1, 0x7}, 0x0)
r4 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000080)=[{0x80000006}]}, 0x10)
r5 = open(&(0x7f0000000000)='./file1\x00', 0x109042, 0x0)
getpid()
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$TIOCSETD(r10, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r10, 0x400455c8, 0x0)
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x2, 0xfff, 0x5}, 0x48)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000280), &(0x7f0000000380), 0xfff, r11}, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r12}, 0x10)
getitimer(0x0, &(0x7f0000000300))
ioctl$sock_bt_hci(r9, 0x400448ca, 0x0)
close_range(r8, 0xffffffffffffffff, 0x0)
copy_file_range(0xffffffffffffffff, 0x0, r5, &(0x7f0000000100)=0xfffffffffffffff7, 0x0, 0x0)

2.543645463s ago: executing program 4 (id=687):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000048500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
setsockopt$inet6_int(r1, 0x29, 0xb, &(0x7f0000000b80)=0x5, 0x4)
listen(r1, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000180)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @private1, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

2.481936747s ago: executing program 4 (id=688):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
utimes(&(0x7f0000000540)='./file0\x00', 0x0) (fail_nth: 2)

2.250395286s ago: executing program 4 (id=689):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
syz_emit_ethernet(0xae, &(0x7f00000000c0)={@local, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000210", 0x78, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x18, 0xb, "00d414ce8ad4"}, {0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "005ff92900ddab4992020900"}]}}}}}}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$unix(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000002c0)="f7", 0x1}], 0x1}, 0x20004001)
recvmsg$unix(r5, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$unix(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)='9', 0x1}], 0x1}, 0x8841)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
utimes(&(0x7f0000000540)='./file0\x00', 0x0)

2.249263327s ago: executing program 2 (id=690):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r0}, &(0x7f0000000540), &(0x7f0000000580)='%pB    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, 0x0, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdd1}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000200)='xprtrdma_dma_maperr\x00', r4}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev={0xfe, 0x80, '\x00', 0x1a}, 0x0, 0x33}, 0x0, @in=@loopback, 0x0, 0x0, 0x0, 0xb7}}, 0xe8)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)

2.242295797s ago: executing program 0 (id=691):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./bus\x00', 0x0, &(0x7f0000000200), 0x1, 0x545, &(0x7f0000000bc0)="$eJzs3c9rHOUbAPBnNkl/pd8mXxT8cQootFC7aZqqFQTr3WJBPddlsw0lm0zJbkoTCrUHz3qoJ0+exZNnQfwfPCh48iK1RYpQvUVmM5tuk910m26y1fl8YLbvO+9s33l25nl5Z2eWBFBYU9lLKeKliPg8iZjoaBuNvHFqY7sH929U/7p/o5rE+voHfySR5Ova2yf5v+N55cWI+OHTiJOl7f02VtcWKvV6bTmvTzcXr043VtdOXVmszNfma0uz52ZfPzszc+bsuYHFWr5ZOXT3i/fv3l7+9dRHnz04nsT5OJq3dcYxKFMxlX8mY3F+S9vMoDsbsmTYO8CujOR5PhbZGDARI3nWA/99NyNiHSioRP5DQbXnAdn1b3sZ7oxkf917d+MCaHv8oxvfjcTEenZtdOTP5JEro+x6d3IA/Wd9nD958fdsiT36HgKgm09uRcTp0dHt41+Sj3+7d7qPbbb2YfyD/fN9Nv95rdv8p5Tn5qHW69b5z3iX3N2Nx+d/6c4Auukpm/+93XX+u3nTanIkr/2vNecbSy5fqdeyse1YRJyIsYNZfaf7OT8dfmuiV1vn/C9bsv7bc8F8P+6MHnz0PXOVZuVpYu5071bEy13nv8nm8U+6HP/s87jYZx/Hnnvj515tj49/b61/FXG86/F/eEcr2fn+5HTrfJhunxXbzY6svdCr/2HHnx3/IzvHP5l03q9tPHkfr34z/mOvtt2e/weSD1vlA/m665Vmc3km4kDy3vb1Zx6+t11vb5/Ff+KVnce/buf/4Yj4uM/4v5v9+pfdx7+3svjnnuj4P3nhy/Tbd3r139/xP9sqncjX9DP+9buDT/PZAQAAAAAAwLOmFBFHIymVN8ulUrm88XzH83GkVE8bzZOX05WluWj9VnYyxkrtO90THc9DzOTPw7brZ7bUZyPi/xFxe+Rwq16upvW5YQcPAAAAAAAAAAAAAAAAAAAAz4jxHr//z/w2Muy9A/acP/kNxSX/objkPxSX/Ifikv9QXPIfikv+Q3HJfygu+Q/FJf8BAAAAAAAAAAAAAAAAAAAAAAAAAABgoC5euJAt63/fv1HN6nPXVlcW0mun5mqNhfLiSrVcTZevlufTdL5eK1fTxcf9f/U0vfpmLK1cn27WGs3pxurapcV0Zal56cpiZb52qTa2L1EBAAAAAAAAAAAAAAAAAADAv0tjdW2hUq/XlhUUFBQ2C8MemQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgoX8CAAD//z8IGNY=")
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2000002, 0x40010, r0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000200)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r2}, 0xc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0x8, &(0x7f0000000380)=ANY=[@ANYBLOB="fc21dbadec4cf66d6b9efa1af541dc57a6bf83f3b3b4d19c9943cbd5a1a2e6af", @ANYRES32=r3, @ANYBLOB="0000000000000000b703825b845a142602ff00000c000000b700000000000000850000002900000077093000ffffffff8d62fcff01000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r4}, 0x10)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "7e12ddc5a89047bf00"})
r6 = syz_open_pts(r5, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000200)=0x2)
read(r6, 0x0, 0x2006)
r7 = dup2(r6, r5)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0)
r8 = userfaultfd(0x80001)
r9 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
r10 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
ioctl$USBDEVFS_REAPURB(r9, 0x4008550c, &(0x7f0000002680))
ioctl$USBDEVFS_FREE_STREAMS(r9, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002302230102090500000010000020d3"])
ioctl$UFFDIO_API(r8, 0xc018aa3f, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRESDEC=r9, @ANYRESHEX=r10, @ANYRES16=r9, @ANYBLOB="0d31a365c0a8e38df2d133d097f438c67c7f022c547c81b634070a7ba44f6c0e7e1e192a443099f39d572edba7104ff73fe1e5d82035911bb7bb2e960de9405063f23eac27d7121257afd9fae8bf271902c3cb8f94e8cece16030e0ea6d2cceb87c1a3a63498ce7a1be92ac7a71ab9d6998c3b55169965fd2894fe8cb91154d8032e6eec85c8092b6a0b673b4ee11953a7379443f2899aa05efa62b11ddbbb85db6db98bd559d49101829da4b6cf126fe15ec348320179d158bb308ef26123dbcbbb7e2d35f9088a07", @ANYRES32=r7, @ANYRES64=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x90)
r11 = syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000000000020961b0a0000000000000109022d000100000000090400000503000000092100000001220500090581034000"], 0x0)
syz_usb_control_io$hid(r11, 0x0, 0x0)
syz_usb_control_io(r11, &(0x7f0000000d40)={0x2c, &(0x7f0000000780)=ANY=[@ANYBLOB='\x00\x00\a\x00\x00'], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_open_dev$hidraw(&(0x7f0000000180), 0x7, 0x0)
r12 = syz_open_dev$hidraw(&(0x7f0000000940), 0x0, 0x0)
read$hidraw(r12, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})

2.190324681s ago: executing program 2 (id=692):
socket$key(0xf, 0x3, 0x2)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="9feb01001800000000000000c7000000c7000000040000000200000000000009000000000800000000000001000000000e00000000000008000000000f0000000100000f03000000020000000500000003000000d79b77080000000000000100000000750014050000000006000006040000000f000000800000000200000006000000040000002000000002000000080000000e000000200000001000000000000000ffffffff04000006040000000b0000003f0000000000000002000000090000000000000006000000080000000b0000000000000100000000720040060000302e00"], &(0x7f0000000240)=""/155, 0xe4, 0x9b, 0x0, 0x2}, 0x20)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, r1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
epoll_create1(0x0)
epoll_create1(0x0)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x1808014, &(0x7f0000000600)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461002018bbdecde39739fcd1df176dde746ec834120600000000003b048000000000000072462abc30ef5b65c70f73ecea54b5e5bec5aca9836c319f653557e79a002208ceae6dda659bd5ba0f4ce5c2080002223dc60000000000000044cd0a1e36868736000000f6a55493b4b81d5b9fa9b40fe4d76afc3a989c6d60044e89eb96e44d01a1174e3797ffa86870b82939f41ffa0f3d726f085663c29cbdc4c766a7eb77cc369c71e57fafab52f325ca91e684160191acf5ae7469c82ab4145b595b987d75912afdcc1c061835294cc0c618aba204f8adaa20c80108d356cd887ba217c8f569e6d0caf75052a77056b06e7068c40f807d9e539f8f5b64a8ee0725aa8d00000000007cb6ac0d90ea79b8027cf75964dd86c2ed2b5e75779677a28c76b848dd03dab190b5f02ec52830f3ff01eaae1c3df076000000000000000000000000000083a48a6b926c668b9ba42490175018ea3619f9d80a0b894e212178e1a19909d764666264fa29e2c055fd7f8e67c2acfb75f0a8d41692f4542a575ee42ed94a0014fba44985cca9df12fe93bfaccf0122a6e7e593613ac011170182f99766e86fb125cc6799c43aa4dc708dc4a00a6decad26f0378072a571da000000aec3dfbae348b5b494f6fddb9f56142a47a40ef81690a7eca421bd0ad198afa58ce69d61c29deaa93c0efea0f1415e90fd0400bad5f796374bb196e60e537b8ffca80a5ec3c5c063aab2c87a7824c4fbfab7264185e1b2e59012acbf3732abe75b848de8ec4aaba2e3c8cd14dd9bf9499952815b9fb34057a585a9c18a11f3d496825b3fcb0c8aa89e079fd78997da864b302139b2b10597100846b55f7d0b050b7b0ef7e9c897c50b53404acdd701425323201b33465fddec69c37cb13fd441a830af5ea73f4ac82d7926eb0db1141003d148473077a76c3bee7e37dc799abb47bd67cde7958c50fb2d15c9cc196e4bff1d00"/716], 0x5, 0x558b, &(0x7f00000079c0)="$eJzs3EtvG2UXAOAzTtP71y9CLNh1pAopkWqrTi+CFQVacRGtKi4LVuDYruXW9kSx64auumCJWPBPEEisWPIbWMASdogFiB1SkWcmULdJC63jQPs80vjMHL8+874jK9KZiRzAU2sp/e2XJI7FoYhYiIijSeT7SblF3I44X4x9LiKOR0Tlri0p838m9kfE4Yg4Nile1EzKtz47OT5x9uc3f/362wP7jnz+1Xd7unBgTz0fEf31Yv9mv4hZJw93Fsp8Y9zNY//MuIzrUzX6WZG/2V7LK9xsbI1r5PF0pxifrd8YTuLVXqM5iZ3u1Ty/PihOOBx3tupMPpBea2zkx632Wh67wyyPnVvFeTdvFX/bbg1HRZ1WWe+jvHyMRluxyLc328V61q/nsTkYlfmibtZqb07iuIzl6aKZ9Vr5PNYe9Sr/+73VHdzYTMftjWE3G6Rna/UXavVz1fpG1mqP2meqjX7r3Jl0udObDKuO2o3++U6WdXrtWjPrr6TLnWazWq+nyxfaa93GIK3Xa6drp6pnV8q9k+lrl99Le610eRJf6Q5ujLq9YXo120iLT6ykq7XTL66kJ+rpO5eupFfevnjx0pV3P7jw/uWXL73xajnovmmly6unVler9VPV1frKU7T+j8tJ/4P1J9unf/j+8S4bFHb4ggGws/v6/7i3/w/9PzBzD+j/49pD+v/+9fJ4d/r/2Lb/r0z3/zHL/n/SUun/H97/Vvag/10M/f8urh8ey6P1//tnPg8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAObux8UvXs93lorjI2X+f2XqmfI4iYhKRNzZxkLsn6q5UNZZ3GH84j1z+CaJvMLkHAfK7XBEnC+33/+/21cBAAAAnlxf3j7+adGtFy9Lez0h5qm4aVM5+uGM6iURsbj004yqVSYvz86oWP793hebM6qW38A6OKNixS23fbOq9rcsTIWDd4WkCJW5TgcAAJiL6U5gvl0IAAAA8/TJA999aW7zYM6S2HqUufUsOP/P+78eCB6aeg8AAAD4D0r2egIAAADArsv7f7//BwAAAE+24vf/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YOd+ctMGojgAPxsM/auiqvtepTs4Ro/QZZeFA/QSHIGeoFIvwBmolEWOkIQIe4LkBKRIjHGCvk+ynRlHP88AmzeWBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu/a9Wsz+/vv4+Mebv7fY0maYDAAAAHLCpVrP6j0nTfp/6P6auz6ldREQZEYdq90GMWpmDlFMd+f/q0Rj+RdQJu/5xOt5FxLd03Hzq+lMAAACAy7VeLKdNtd6c0hLAVb+j4kyaRZvyw/dMeUVEVJPrTGnl7vQlU1j9+x7Gz0xp9QLWm0xhzZLb8PC9Ua6HtA1al4eZzOsvsW6V3TwXAADoU7sSOFKFAAAAcAF+9D0AzuFpaV/sT/v3jOPmkl4Ivm21AAAAgFeo6HsAAAAAQOfq+v8l7f9X2P8PAAAAsmv2/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBLm2o1Wy+W02P358/MudueJt+MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB79ucdBUIgDMJg7/rOZO5/WGnQ0NikCoSPvzEYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN787i//J6bGmWTutbH0PJKsnRpbp8beuXH0h/H1awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYn5cUCIEgiII5438nff/DSoKeQYQIaHhUUYsGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAL/rdL/8npsaZZO60sXQ8kqxdNbauGnsPGkcPxtu/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYt2PfNqowAOCffbbbFBAhoEgEUJE6wEJTt7R0RQgUMfAnIEWpUwIuhTYDrSJKFjaUuQuCESEkUNjyP3RupC5l65AhSEwMQXe+S8+JoVFp79zm95Oe3+fz9b3vna0qn98ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKCw9W682szjJH2YHMTFsdvbKwtpv7mnT22s3ZlJWxo3Ks77CfBa+cnx6foSAQAA4PBIivo+Iu621+fSvjmZ1f/t4py05v/huUFc1PN76/7N7ZWj+UszRf3/+2/3XtqdaDLJ5kkHXVzq907tT6X1mJY49p5/4Bmt7Mpn370k2RvS/HD1xa12dj0b39269X4nC49UkS0A8DBOFn0eFH8PpX23zsQAODRapcK7qP+TyXpzAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKjC1mo8U8SNiJhp3Y9Tm9srC6P6b9buzGzk7dzNm2vlMdMh2hGxuNTvnapwLeOruJrXP5vv93tXrl6rOjgeESNeunGwf57k6f/rOZ2IGDpy4uUR43x8gLn2jLMvyD+eUe01nEjX98CTG0NHGvsu+Hs7A3V8AKoKmvn7My75PMqg+Ow9+pEr/u8IAICnXjtvaSV6t70+lx5rTEXs/Dhc/79RimOo7t+5MTgyeL5Rqv/vfXLudnmucv3frWh9T4LZ5UtfzF69dv2tpUvzF3sXe5+/fbr7TvfM+bNnz89m35XMLkbTNyYAAAD8D528lev/5tT+/f9jpTj+Y/+/XP9/+X336/Jcifp/pPubfnVnAgAAcBh1dqMXXv/rz8aIMxqdTnw1v7x8pTt43H1+evBYaboP6UjeyvV/MlV3VgAAAEAVtlYbQ/v/F0pxHHD//9mfXvmlPGYSERMRlyOid3Lhcv9CdcsZa1X8UDmbqFP3SgEAAKjLRN7K+//t7P7/5u4tD82IePNExN/5b/jjgPV/8sG3P5fnKt//f6bSVY6f5vTgemT9dERruu6MAAAAeJodzVta7P/RXp/79NdjH3Xc/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQtX8CAAD//4ztMoY=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
getrlimit(0xd, &(0x7f0000000300))
r6 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r6, &(0x7f0000002440)=@name={0x1e, 0x2, 0x0, {{0x43}}}, 0x10)
sendmsg$TIPC_CMD_GET_NODES(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {0x0, 0x6}}}, 0xfd53}}, 0x0)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x28, r7, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES_IRQ={0x8}]}, 0x28}}, 0x20000800)

1.96356495s ago: executing program 3 (id=695):
syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f0000005440), 0x26, 0x75c, &(0x7f0000005480)="$eJzs3M1rHGUYAPBnptmkH9GNIPhxEKGFFko3SXNpT40Xb4VCwWsNm0kImWRDdlO7sWDrWajNRUEQ9ezRq1DqH+BNCgreBdEaD+JlZTablMZsum3Sbkl/P5jO+87H+zxPd3izAzsTwAvr7eKfJGI4Ii5FRLmzPY2IwXbrcMSNjePW71+PgYhqEq3W5T+S4rRYb5W3xko662PRPiVej4i7pYjTH/8/br25Oj+V59lypz/aWFgarTdXz8wtTM1ms9ni+MT5sXMTE+fGJh5Zw2s91nrivfNHbv/47traT981br01cCaJyXbdsVFbtcdhHsvG/0kpJrdtX3wawfoo6XcCAAD0pPiefyii+F4fpSjHoXYLAAAAOEhaQy0AAADgwEui3xkAAAAAT9fm7wDW71+vbi7P8vcHv78TESM7xR9oP0MccThKEXF0PXnoyYRk4zTYkxs3I+LO5Pbr75viCruxx7HHtvUffkZ6cI+jsx/uFPPP5E7zT7o1/8QO88/A5rsT9qj7/Pcg/qEu89+lHmN8/+Ubpa7xb0a8ObBT/GQrftIl/vs9xr+19sntbvtaX0ec3PHvT/JQrF3eDzE5M5fv+vqBu/+eurdb/Ue7xU92r3+px/o/XP9rvttcUsQ/dXz3z3+n+MU18WknjzQibnfWRX9tW4zjCz//sFv90xGtJ/n8v+qx/l+/HbrW46EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQlkbEcCRpZaudppVKxLGIeDWOpnmt3jg9U1tZnC72RYxEKZ2Zy7OxiChv9JOiP95uP+if3dafiIhXfjmyEXQuzyrVWj7d7+IBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYciwihiNJKxGRRsTf5TStVCIGejh36BnkBwAAAOyTkX4nAAAAADx17v8BAADg4HvS+/9kn/MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrRLFy8WS2v9/vVq0Z++2lyZr109M53V5ysLK9VKtba8VJmt1WbzrFKtLTxqvLxWWxo/HyvXRhtZvTFab65eWaitLDauzC1MzWZXstIzqQoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDHNdxekrQSEWm7naaVSsRLETESpWRmLs/GIuLliLhXLg0V/fF+Jw0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC+qzdX56fyPFt+bhqDncyel3w0NPa/8dFzf4X3eWICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAv6s3V+ak8z5br/c4EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/kp/SyKiWE6WTwxv3zuY/FNuryPigy8uf3ZtqtFYHi+2/7m1vfF5Z/vZfuQPAAAAL4QLj3Pw5n365n08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAr+rN1fmpPM+W99a4EM3VVtLlmH7XCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJn/AgAA///3Y8EX")
bpf$MAP_CREATE(0x0, 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000200)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)})

1.788860684s ago: executing program 3 (id=696):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==")
pwritev2(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7a68007c)

1.700695701s ago: executing program 1 (id=697):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x0, 0x0, 0x8000}, 0x48)
mkdirat(0xffffffffffffffff, &(0x7f00000001c0)='./cgroup\x00', 0x4c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r6, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a40)=@newqdisc={0x470, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x444, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0xfde97aa2f3edf49}, @TCA_TBF_PTAB={0x404, 0x3, [0x7, 0x5, 0x1, 0x7, 0x2, 0x1ff, 0x80f6, 0x8, 0xc, 0x0, 0x401, 0x4, 0x1ff, 0x6, 0xffffff00, 0x7, 0x4, 0x6, 0x7, 0xbf, 0x1, 0x5, 0x4, 0x6, 0x10, 0x4000000, 0x6, 0x6, 0x8, 0xdc31, 0x6, 0x100, 0x8, 0x7, 0x2, 0x3, 0x7, 0x8, 0x8, 0x5, 0x9, 0x1, 0x4, 0x7, 0x97a, 0x3ff, 0x9, 0x6, 0x7fff, 0x8, 0x40, 0xfffffffb, 0xe0, 0x8, 0x71, 0x8, 0x1, 0x6, 0x3, 0xfffffff7, 0x400, 0x2, 0x2, 0xe, 0x1, 0x4, 0x8000, 0x80000001, 0x7, 0xd, 0x401, 0x0, 0x60, 0x400, 0x8, 0x9, 0x0, 0x6, 0x6, 0x3baa, 0x6, 0x7, 0x3, 0x2, 0x3, 0x6f3, 0x3, 0x4, 0xffffb12c, 0x9, 0x5, 0x10000, 0x4, 0x8, 0x3, 0x53c, 0xaafc, 0x0, 0x7, 0x4, 0x1000, 0x7, 0xff, 0x200000, 0x1, 0x1, 0xc, 0xa96, 0x2, 0xfffffff7, 0x7f, 0x8b, 0x6, 0x355, 0x3, 0x7ff, 0xdf49, 0x0, 0x0, 0xfffffffb, 0x0, 0xfff, 0x1e, 0x365, 0x7, 0x8, 0xf, 0x4, 0x9, 0x6, 0xb, 0x5, 0x6, 0x8, 0x7, 0x40, 0x21, 0x8, 0x9, 0x7, 0xfffffff7, 0x7, 0x6, 0x8, 0x5, 0x800, 0xa4, 0x9, 0x4, 0xff, 0x761a, 0xffff, 0xb7c, 0x1, 0x10000, 0x2, 0x4, 0x2, 0x1, 0x7, 0x3, 0x4, 0x4, 0x6, 0x0, 0x9, 0xffffffff, 0xfffffff9, 0xffffffff, 0x6, 0x4, 0x9, 0x4, 0x401, 0x47, 0x1, 0x4aa, 0x9, 0x8, 0x3, 0x6, 0x124, 0xfd, 0x4, 0x8, 0x6, 0x6, 0x9, 0x9, 0x2, 0x40, 0xf86, 0x6, 0x9, 0x5, 0x2, 0xca7, 0x6, 0x100, 0x3, 0x9, 0x2, 0x1, 0x800, 0x6, 0x6, 0x4d0e, 0x9, 0x1000, 0x6, 0x9c00, 0xc, 0x5, 0x5, 0xbd3, 0xffff, 0xa95, 0xfffffff8, 0x13c1, 0xff, 0x36, 0x8, 0x401, 0x7, 0x0, 0x6, 0xffffa81a, 0x411, 0x4, 0x6, 0xfffffff7, 0xd, 0xe766, 0x8, 0x4, 0x7, 0x10000004, 0x8, 0x5, 0x4, 0xb, 0x4, 0x1, 0x9, 0x8, 0x8, 0x80000001, 0x9, 0x7fff, 0x5, 0xc6, 0x4000000, 0x9, 0x4, 0x0, 0x9]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x81}}, @TCA_TBF_BURST={0x8, 0x6, 0xaf}]}}]}, 0x470}}, 0x0)
bind$packet(r3, &(0x7f0000000040)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$inet6(r3, &(0x7f0000000800)="4104082c1116480401020200c52cf7c25975e005b02f000006892f000300897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305fbe258161b6fd8f2428652265d94c6fdbaefc57376a57c2feffff188be9427c323ef024a37016d2a7f9ab6e7941a6fc4f95aa73c1dfff4941f6503b5bd8c91db22cd33795481c94085fa12cdc679ac2a5d7b5d99b93fb07acb0da680e78b74c74aae8d7690d5986a9af81622a0ac210bc7b5ca5fed11cb54d046642670041e846bb184ff5d39fe8516d2d2a8d84e6e7dfcb2b8a8023444db513a3d7a124b59f0a5cd36489dbbb75cce3145d0ea3c3aa21af7cbcbc7a7575db782e757ca543109f5ddcec4930aa91f4119ea3d1f56140cb86cfe0724b23904ef5d05c725ee23918a502b1afe09fb0757d", 0xfc13, 0x880, 0x0, 0xfffffffffffffef0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000001900)=ANY=[@ANYBLOB, @ANYRESDEC], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="e8000000000000000b210000ff3f7c081e0f315b91fcaec7bf495d5c618332756cbb1bb9ce6d12b9d976d1f33aca41e50a3342bcd67c311f7885a05c3fcf2ae21f1498ec481e7ca2c3ca4c7b3bf94448f62e111e5a79929b9182cc977ba6ae766ce37bdaac6da997fbc15f0c79f42155b99a280667b51fdc7902d7be5ef41f953fedb32aceeada13250626957eff13d5b12cc916541ccbeb0d4060a4dd89664eaba2f6b4ede0c9e3dc1c9446d9284ebe0e46eee7bc145ff0a2779c025553298812978ea53a8c60f254f23344a80a0aac7b141787bad6b0ba090000005f2f3158f0d200000000000070000000000000000701000040000000afbb30c2946e41ef3167d1f6ed47aa1f52bad114a89dbed741f74a23cd8d915e2dcc74a4932646b90f90a9d3956d5cadb642ac79fcb0aae3654482188263abd27e9d57cc28032453dc75f333e1f367ab38b7e7719805a454e79802d07ec60c00b0000000000000000100000001"], 0x208}, 0x0)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000240)={<r7=>0xffffffffffffffff})
sendmsg(r7, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x208}, 0x0)

1.626541997s ago: executing program 3 (id=698):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r1 = inotify_init1(0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r2}, 0x0, &(0x7f0000000040)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r3}, 0x10)
fcntl$setown(r1, 0x8, 0xffffffffffffffff)
fcntl$getownex(r1, 0x10, &(0x7f0000000140)={0x0, <r4=>0x0})
r5 = syz_open_procfs(r4, &(0x7f0000000600)='fd/4\x00')
quotactl_fd$Q_QUOTAOFF(r5, 0xffffffff80000302, 0x0, 0x0) (fail_nth: 2)

634.493768ms ago: executing program 4 (id=699):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000048500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
setsockopt$inet6_int(r1, 0x29, 0xb, &(0x7f0000000b80)=0x5, 0x4)
listen(r1, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000180)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @private1, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

252.441529ms ago: executing program 1 (id=700):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000002100)={0x0, 0x0, &(0x7f00000020c0)={&(0x7f0000000000)={0x14, 0x1f, 0xf09, 0x0, 0x0, {0x6}}, 0x14}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x87}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000406d041bc700000000000109022400010000000009042000010300000009210000000122070009058103"], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000ffdd18110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0xcd, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000008000000000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_read_part_table(0x5c3, &(0x7f00000005c0)="$eJzs2z9I22kYB/A31lBohw7XqVPbocPRpaVjM7QlSVsqhKiL3KCgiJgpghC5gKAHmkExgzi6iJDFP5Mxg5Oi4Czi4CE4uNyhi+BiDvG97e7wUI8rfD7w48n75vu+T54h4y/wXWsJvzebzUQIofnwrxPNfzjdWUtnvjzPfch3xMvCfPWXH64+Jv48HW99GdeHcb0w/6gxefY5WTtoP3/VvVlpid+PxufxYr3zDsbjni2ltp6MjRezU6XUwH62fDyxt9u2fJrO179Vqitfk596Y2471tZYh0IpjITB0BMKoRD6QvGO+s/Vjt5cPsvW1vrfX2Qa0xtvYy53yzlv2n/4xUxXtfzx9erT2Xel9Z38yYPrXOFv/l0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPy/LKW2noyNF7NTpdTAfrZ8PLG327Z8ms7Xv1WqK1+Tn3pjbjvW1liHQimMhMHQEwohEfpC8Y76z9WO3lw+y9bW+t9fZBrTG29jLnfLOW/af/jFTFe1/PH16tPZd6X1nfzJg+tc4eE9/QAAAAAAAAAAAAAAAAAAAAAIIaQzX57nPuQ7QkiEn0Jr+PG3n1uu9pvxffdEzL2M9TDuL8w/akyefU7WDtrPX3VvVn6N+6PxebxY7/zPh+Ff+yMAAP//17OV3g==")

241.63676ms ago: executing program 2 (id=701):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/image_size', 0x10b902, 0x0)
write$cgroup_int(r2, &(0x7f0000000000), 0x12)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)={0x2, 0x3, 0x0, 0x9, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}]}, 0x70}, 0x1, 0x7}, 0x0)
r4 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000080)=[{0x80000006}]}, 0x10)
r5 = open(&(0x7f0000000000)='./file1\x00', 0x109042, 0x0)
getpid()
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$TIOCSETD(r10, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r10, 0x400455c8, 0x0)
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x2, 0xfff, 0x5}, 0x48)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000280), &(0x7f0000000380), 0xfff, r11}, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r12}, 0x10)
getitimer(0x0, &(0x7f0000000300))
ioctl$sock_bt_hci(r9, 0x400448ca, 0x0)
close_range(r8, 0xffffffffffffffff, 0x0)
copy_file_range(0xffffffffffffffff, 0x0, r5, &(0x7f0000000100)=0xfffffffffffffff7, 0x0, 0x0)

240.94279ms ago: executing program 4 (id=702):
r0 = socket$inet6(0xa, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000680)=ANY=[@ANYRESOCT=r0, @ANYRES64=r0, @ANYBLOB="26d2544f11fe1c4af040b88cb502b68c86638e5ba696eb4a196d2c805f3b40aaeaa2330a07f502cd26529ce1c8f346d1d171630eadf454d1aa2dff2f3b8fe86e63f506f3f71349a004ca2fe5758264033ab95d2f742e38317e99f09cd43e416f83c16ab22d8df1f1444478e1ab881e32f194159539a3c985f858b5450b06b9c3ac81385187660e50298e178ad7101db1f7366ce5a31afcdbf21807a15ac78ed509460db2757e2d2d93acd6ea8c9d6154196aa8fb1fe491c7c0a7cc51b183dbbb5403aa8d38bb871ad1c4674b6b73abc5704cfdc858f5ac43246716c7097d70b388e75f9c4ac0a2e59c9559edc35f4861af3e2c36311cf6bc3bbbbd07b414bf78429368f735b3fa21f6bc5f9e3fb8b4028f82d58979d1a5dee1e66b7b631796c0c907a4df962c577ba36b296e7dc65d7a88981550b9e88967a56064f8b8fcd4dfcd11a4ef32a01540371c5f792882dc1afd34f91bd9fe0e5dccaebd818f6c375f0a7f10834f6e4db44bfdd0b31fe676d5ba8c683219e83d4f66e20f7f18d2d1b7f1be2817a44bfcda56c0dd7a2007045d7209303922dda82a1973e9af814fe463625bb1a0b19a14b7beaf865ffdae8d1a35b848b59c5530774c6634339dc6838e0c0eb4e50250c7eaf915e65ee842b7502a4d11e73a37646cbe1107606b19d3d68a62c646f51d91fed4cd3bfc9de9b565c22edc90b75be329517e19ff94422d301bf0dd7caa32459daeefd7a19584aa865fe10b5e85751d181ac76c123015939f66ba771bb52b8866f468f89832e4654d9930cd698d433c8a2bec795156674e8ecb1daa35b990261eaab38686808b2cae7ec0c9190fca008f7f1c10df0a433a02ec51840a19f649ff9e843b738345f8bec299dab61a3bb86621777e2fef5f916178ed9670271cb564a203c4d8725fa3a32854ccd50cf81ca60755ef190a0976685278fd274c6c7dadf548595f31e6531e1cbf8b25cee9cc9251ae4c5a9d3f1d11dca06b75438e4675bcc448e0bcbcf9752322a3ee88ccd5c042ae5bf264a20663d2639f984e49888dfad69bdf7089caca0df7476a61f1f88317db6e96c42bbfbfacd0e0510fe48877d52868a69cf696469bc4ecfc603cf905457b418925713ffe890a6e431a0c8feedd8213d785dcda03ec6483cf10626facce0a300115a398ee34f9cc172a3028d92084da3db19ec8feccf753db51af4d62d968ba3a9a3f036e41e6b8ffcc0aebf74cdeba5098bf46ca85c2dbfedcbfd52ae509009e8a1a06c2c6677871e372b75cd24be6fcf54cd919f98d3e4f59b0835bc506fb7dd4473e71b4cd44ff76223854c367cf189be624739d4b94d6265bca495bb2c9e9cc69455d9e2c43db941b9d189021616b411415d89e44d2845e81ddad58cb4461b28d73ea334b39473985a62b8020297bfa6900786d029cc276f774a100e4851d2e55ec2c25be97f80575a9b7339d3b6c455246f477f5857da7405cd4de0a5b066d1f85a25450a9ef4c2826f31a2bd92acbddc26a4c9bf2a97b7e794e00e4e27ff059b26465b2aa78eda16044790a07ceebcb095a1c108983730d597a573a836f7fdecfe4eea974fe0d964dfb52b10950be45c663504d443d74ea2305beb8f0eb652b5eac85fcdd91296525c993dda13382ef67a0f293d006b41ffde2494b9c3c6344daa536a3c3f7df7fcf2d0e4b8d7b0900f5bd317ee754c976b1b871d347da5bd6e811c52256aecd6f5a69ce96264d2fc42707f679e35d164d81bf8f0f5150cbd2758dc534b5f9a014e57fb11da3b6c056319c3eff204640562cae816f3a338570d152f16b2ae92ff3a469ea5a43b704827409ebb1e465e2d108fa657ff8d9ac63632295e36ac90beeb5189926ea17c26694a8c4f83f32bb22e869a2761e3ecdd24194cdec3440f2040b73249bc35209bb23bf5bad1d0c6ae6257820e8a1cbf9aa8ab62afc629868fb852fa2c0e01f6515256aa9dba6d53a079c9277933a2fc2fd434f6ebe915f4a04d90087d29076c73f2f4a1008cceef39912f4d3c4dfb6d61ade9b99beabfb36ddf81d6624894eda2c42a79d8a7f15a72ce1a895c98528bb0c6f36a3e97db45eb46dfe962b24df99a1a16dd3a120336da29a3f72ce35b0673687ee6e6feac6cfcda9530a750b469da5ec6f1b04840eaa246faa86ac9b78feffc7e56983ff976879aaef165187d51aa9e46f9e85415144f93d001bb3430f2049df12362f8c78817fe9981bc7eb39edc13b01676867c94ae99b0ee4dd879da53650c7f3fe3f78b7624d688acbf118a7cd4bae976aaeaa3767a50c57aab9f2a8f5e7497ef3a62281139d58155b55e61d3f9f02abb07a09d8c5d06339fec64e3feab87abb52caf3fd61fbb7be51be050c84678feb60680dddc453d9e46a5180cf79a495fdbb80ba8f54dd8cfeda92cb82e075faac23421e0890585057e993082caa10315111888dacf428345a9f19446d8170bf84e827f19e81ba2cb78717890bf84e266ab1334a99936b2e1d1401b7a0cfd679823f759fe5ccb0f39fa7b26e8b784b2213defb638e79527df51328a479f3bcf96351d7c80d1a311cc35d2ce3ac02bbaa91f5340ec09e620c96420172d44851d58b198ca3c6023f79a76c18b70b634f01361c6108dd2f684d2b889447f4d6d28fc7144480cfe311cfd8c4ff7789791f3c19c153de9edcd08f669b62bd741cffd3fa635888f4890d03d80e34014a816235e5167986f78ede6989241589b4d4937d72fa858615e6cb9d2ddd8f8cd84d18357c1fa15b11e9377875a8bd5a3bf33900431bc8eba0b5ccfd759fa68c750d969ff70fbcab1a8dbffb103809f91e5215b90df7e6c3944887a0c894cfdb41b0d1de7e154772f6788142fe47fedec93b435f2f379f26e3ac873ff2fdcbd8d27e6b70382d3aac7ddeea161728f58d9ace1fe8ad92f4a3907022e8467b3be3b1e82a60e2e105367d7b18c848e73dc5854e708f4cb129a1b15bded5dbcbf268a85b37c04576e05c716f5649efb3b3b55cf8d26a05ba2b0c2d4cdaeef9c7009347bbbc3c12c6abadf97ad32721609a19216de8bdc25b1397d7dbdcec43a9ab8307542e360286dbda08de2229cac44722c38683c99d4ddfc46f939dc24710c2bbc0049b867cb2733ce8634f56691ff5375923fcaf9f2acad8c2b7f58f222f9b6550233cb8f3e93d49fe3e0ee259ca86c3cc150f415072199570eaf1f9f9d78648e4d6ccd00cd7ebe4248f0045f2869adb5fa940bc3fe7222536495266ac50c7ce586ed0411bb0f12f7bc138851a85c94db8477917937b4c433dd62e4200ab312237ab0071fa351fa097b9a47c8760bfa86521a8ae4909d3a4b837a7d0505f7049bed474db407ffbc2341c8afbe9dd8393377fd5b900bb15c6292163f6f1a1213e2ea71ae649011eba857fcad001216b798604b4208dea8fb9c72b9696844d44461cdc1779b3f66ad4363ae8722e441c80cc5929ba508f2aa2dd4758ca95e27b53861287b9e6fe56bdf4d8e0c94adc58b6919394639bc1324220f932271a69967eb079601671f30868b492475b2b85ec0f8150f7371b4c7232d30b41e6f08eccd1452e4af557caf811234e547a1e0f613b1c77543eca915d00caf02d2e238212722978dfbcdce042330e6dc1c70f69ab03c1926e135ce39b92e447bead25c0113e5a4ee770274f2667d1fdd13e7b0aa54f744c640d68e1f8b4e91f5a6c11563c015936ff27c4907cc91c3a79a6174f3d3a840133a313dfa6df6ebb5b7df9b5b55511a2ef0de73b6793a413387b1ee72ebc0d4e90c7793da5af2aa867114c3d051c61b164970193210c35e0f3de7dc213ca958d6b632adc981b2f1410c33e20adc4dc031a6f3030eb9b113391477d4998d74b597d8d74110b8309cfc7da904a6fa0724ed0a62a476e2cbcf3205388b582b8ec98372272848ae044907e8a05d708f463b086fabef7267a11f6340bab38b08f57c8f7e743368e68a5c1109c8be0ca213fb8fed0f13dce46631946974d18b96c9526277fe7a6b804eb04fde4f7aacefc26fe4a62fd9a2c99d0f32a1778ab84dd546a9037e240e49652c2f6cb1601528926411c71e554c51d44e9654cf3ab329bab9af33f0ee6b6b2136fa125f7df1d96a854424e53040f21a0a7417502c2026e9d8aba8289347fa569d35639264f0966670dbf8afd99dd3d69cf25ef710be66a3d0a5faea1d437d944ddb0443dee0bd19e0968ace2269ecc38ba10faa0c2b3e543b1bd1a2a46f615bc752982e99f88c77f663fc68f93cc9102d49fc8fcfbc3f6a4276e5e91ba0035575389a5a1ccfc9f940312ea19dd59c11b2c03accf2157d44e8d6ad689e89903c169c1caee268b37a2df82dde699f48340868a5b78e3965cb4d41c99912380ee3f96416100e4976ae6f53c9972f00f6d97325f296ae4ba4f4d1e3565ae6fcc00a512da1aa5457cc90c9f5fe701da5208e4a63d14db773d6f017a80e7024354900d711788ce061d5c138a57d01f501ac520d536b08ea3e2df2817689e31ef97f4685e55663614015dbd84fbe2d2af9b50a23b12d143cb9f7eb2cc1a286bf54dc65cc33b3645ad0d3fa13d31243e1d9e5413be84c7937b288fd3d2ad7b8b88050d8894370aaf5618c58832bfa45591d99b28f5f0486a185c9515102eb9033442f6396ae5eb06011825a709be70f1b2c735164b310667b497912c00673dc6b1f989d52cef42cd7de633d868fc9b067583aa3753b13e1487fed7901f6cf6eff11dfd5207601aa5e88408aa847a47e0004f3ce160e9ca16839c83031d18af1efdd153fe15bd640072d81e00d318f35cd5e9def7da1d855356d5d3910386a31e9043f7c9f542c8f4a5987d28ff4b7125d089b7aa540865a18772b3823b0a3f77d75505c91dba2e5b5da009dd727965395e8968e79376cd11baf156c74dbbde23b646ed13980628d39655c5c0cf3d007c311391b0c10f2fe17849b8da957c400af5cfb1c3b4e37ba7b012d1e4162001809baaa5b4c90a39ccb1c4b55043b548d8d537426f7f2e1798747ec3a3d49a2b52e171acc55e5956f7ec6c552f07b75f45288b0b13c68f6ff57386359b95ac4963657e3143e626900581632ae5958227e1fd8a402061d59ade9d4e7d3dcfe6fc8abb8220d1f2d05c1668de282f19e20c01e136a7906a068b96122231871507328c77beed8001c28d86584726ab6baaa2dbf5d8ab47b8a50cabdf8d78b314e16d3d1213837d5450bbac8b024d514599dd95a5bfc94eebb5084a38f258a8bfd57c2f8645ec372947241215aded2812d728d4055f2e7ac1ae1c138e83fef52735bdb875bf2a9351ade19f1006573f40b73f43d0c22103c84add35ffd45d4331659b9125baef86fa65721f8a8f3ae84db552f1188f1304092f404dce0f82394b2587f87426d97d815072e337f2318fbefd0621a0a8ce6f01949f04042c0d93612bf67de37c9fc9978e22eb1d035908481138d2687206c57af0d5e61d46eb5ca53ad8b9bb99b33510a940b23a32638d6c88ea31cdb2bc8ab7ded65e2e8e8632ee8ad3bec8174cf2c1716e3f2ea34e32ee52cee48500941970448f0a6c8c1f8fa806b1175fa010fef8f7ba93a9b61e97200bd15f5a10668ade6ff6a43094acd1cb8c7adde5e2a02938b6cb8ce7bcf576c16ff37a01da4301f58e4796ea33adc0400633fdbee4560998470173e96215017cca544efc6d8920d619a287388d2e568bb2dc10cc886c750b2deb65a7b257994d71dd73e62b830d4028c0d0bf936dad61b2eeb17a8077a67ad740fa3f24d6cff52a483e3e61397284aa240839fcb301cdbe79"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6a, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0x541b, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r5, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYRESOCT=r2, @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r6}, 0x10)
open(&(0x7f0000000040)='./file0\x00', 0x903840, 0x0)
r7 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fcntl$setlease(r7, 0x400, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r8 = getpid()
sched_setscheduler(r8, 0x2, &(0x7f0000000280)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
connect$unix(r9, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r10, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r9, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair(0x1e, 0x0, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x7)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)

114.42943ms ago: executing program 3 (id=703):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r0}, &(0x7f0000000540), &(0x7f0000000580)='%pB    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, 0x0, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdd1}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000200)='xprtrdma_dma_maperr\x00', r4}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev={0xfe, 0x80, '\x00', 0x1a}, 0x0, 0x33}, 0x0, @in=@loopback, 0x0, 0x0, 0x0, 0xb7}}, 0xe8)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)

100.411621ms ago: executing program 3 (id=704):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x200801f, &(0x7f00000000c0), 0xfe, 0x4ef, &(0x7f0000000380)="$eJzs3d9rHFsdAPDvTHbvbdpcN1d9uF7w3outJEW7SRrbBh+qguhTQa3vNSbbELLJlmTTNqFoin+AIKKCL/rki+AfIEj/BBEK9l1UFNFWH3yojuzubEzT3SSl+0Oznw+czDkzs/s9J8OcnTMzzAQwsj6IiOmIyLIsuxgRpXx+mqfYa6XGes+ePlhqpCSy7OZfk0jyee3vejOfnss/diYivvbliG8mL8fd2tldW6xWK5t5eaa+njzPst1Lq+uLK5WVysb8/NzVhWsLVxZme9LOyYi4/sU//uC7P/vS9V99+t7vbv15+lutBrYcbEcvtZpebP4v2goRsdmPYENSaLaw5cqQ6wIAwNEax/sfjohPRMTFKMVY82gOAAAAOE2yz03E86R1/Q8AAAA4ndKImIgkLef3+05EmpbLrXt4Pxpn02ptq/6prLR/vmAyiunt1WplNr93YDKKSaM8l99j2y5fPlSej4i3I+L7pfFmubxUqy4P9cwHAAAAjI5zh8b//yi1xv8AAADAKTM57AoAAAAAfWf8DwAAAKef8T8AAACcal+5caORsvb7r5fv7myv1e5eWq5srZXXt5fKS7XNO+WVWm2l+cy+9eO+r1qr3flMbGzfn6lXtuozWzu7t9Zr2xv1W6svvAIbAAAAGKC333/0JImIvc+OpxGRJQeWFSOysYMrFwZfP6B/0ldZ+Q/9qwcweGPDrgAwNA7pYXQVh10BYOiO6we63rzz697XBQAA6I+pjz16Eq3r/83U8Ea+LBlmxYC+y6//J/Z1GD2u/8Pocv0PRlfxqCMAgwI49dIT7Oqvf/0/y16pUgAAQM9NNFOSlvNxwESkabkc8VbztQDF5PZqtTIbER+KiN+Wim82ynPNTyZODwAAAAAAAAAAAAAAAAAAAAAAAADACWVZElkX4/vrAAAAAP/PItI/Jfn7v6ZKFyYOnx94I/lnqTmNiHs/vvnD+4v1+uZcY/7f9ufXf5TPvzzosxcAAABAJ+1xenscDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC99Ozpg6V2GmTcv3whIiY7xS/Emeb0TBQj4uzfkygc+FwSEWM9iL/3MCLe6RQ/aVQrJvNaHI6fRsT4kOOf60F8GGWPGv3P5zvtf2l80Jx23v8KeXpd3fu/dL//G+vS/73V6QvTl2e9+/gXM13jP4x4t9C5/2nHT7rEP3/CNn7j67u73ZZlP42Y6vj7k7wQayYp3JnZ2tm9tLq+uFJZqWzMz89dXbi2cGVhdub2arWS/+0Y43sf/+W/j2r/2S7xJ49p/4UTtv9fj+8//UgrWzy0qBg/ybLp8523/ztd4rd/+z6Zb+5Geaqd32vlD3rv57957/0j2r/cpf3Hbf/pE7b/4le/8/sTrgoADMDWzu7aYrVa2ZSR6VtmPAYYdDGOWqd9EDuA+nw7D/U/sQleOTPETgkAAOiL/x70D7smAAAAAAAAAAAAAAAAAAAAMLqOewxY9OBxYodj7g2nqQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAR/pPAAAA//+e/ctD") (async, rerun: 32)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0) (async, rerun: 32)
socket$nl_route(0x10, 0x3, 0x0) (async)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000200)={[{@utf8no}, {@uni_xlate}, {@rodir}, {@shortname_lower}, {@uni_xlateno}, {@utf8no}, {@shortname_mixed}, {@rodir}, {@shortname_mixed}, {@fat=@check_strict}, {@shortname_winnt}, {@uni_xlateno}, {@rodir}, {@utf8}, {@fat=@allow_utime={'allow_utime', 0x3d, 0xee9}}, {@fat=@errors_remount}], [{@smackfsfloor={'smackfsfloor', 0x3d, 'uni_x\x9a\xfdte=1'}}]}, 0x6, 0x2d0, &(0x7f00000003c0)="$eJzs3b1uHFUUAOAz653ZBYp1QYWQGAkKqihOS7MWSiSEKyIXQAGGJBLyrpBiyRI/YklFS0NBwRNQ8SA0iBdAokWiI0iRLprZmf1xJhstYRMg39f4+N5z5p67O7bHha/ff3F6eqOMW3c+/yWGwyx64xjH3Sz2oxetL2PN+OsAAP7L7qYUv6e5beqyiBjuri0AYIe2/vn/w85bAgB27Prb77x5eHR09a2yHMa16Vfnx9Vv9tXH+fzhrfgoJnEzLsco7kXUDwp51E8LVXgtpTTrl5X9eGU6Oz+uKqfv/dhc//C3iLr+IEaxXw8tnjbq+jeOrh6Ucyv1s6qPZ5v1x1X9lRjF84vitforHfVxXMSrL6/0fylG8dOH8XFM4kbdxLL+i4OyfD1988dn71btVfXZ7Px4UOctpb3H/NYAAAAAAAAAAAAAAAAAAAAAAPA/dqk5O2cQ9fk91VBz/s7eveqTPMrW/vr5PPP6rL3Q6vlAKaVZiu/a83Uul2WZmsRlfT9e6Ef/yewaAAAAAAAAAAAAAAAAAAAA/l3OPvn09GQyuXn7Hwna0wD6EfHn9Yi/e53xyshLsTl50Kx5Mpn0mnA9pz9YGYm9NieL2NhGtYnuqZStLtF79Nfwmft6boLvP8i3vODw4Tl591oXg/4j7Ku9u05Psu7XcBDtyLC5Sb4tIpY5RTxkifZdLx6Uk2Kb26/onBptvffiuTqYbciJbFNjr/0631czkl3cRVG/qp3leRNEHt1fMsMH3M/dwf3fKzKndQAAAAAAAAAAAAAAAAAAwE5liz/67Zi8s7G0lwY7awsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHquzxf//XwQ/5xGLkXxtqglmTXHH1MWgiNtnT3iLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAX+CgAA//8wK1Yb") (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000880)='xprtrdma_reply\x00'}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) (async, rerun: 32)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (rerun: 32)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000006c0)={'ip6gre0\x00', &(0x7f0000000340)={'syztnl1\x00', 0x0, 0x4, 0x26, 0x3, 0x6, 0xd, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0={0xfc, 0x0, '\x00', 0x1}, 0x1, 0x1, 0x6, 0x800000}}) (async)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000003c0)=0x70, 0x4) (async)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r5 = open_tree(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x8001)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
dup3(r6, 0xffffffffffffffff, 0x0) (async)
move_mount(0xffffffffffffffff, &(0x7f00000008c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r6, &(0x7f0000000300)='./file2\x00', 0x0) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

99.768981ms ago: executing program 4 (id=705):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
r1 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r1, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
readv(r1, &(0x7f0000000000)=[{&(0x7f0000000200)=""/150, 0x96}], 0x1)
fstat(r0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
stat(&(0x7f0000000500)='./file0\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
sendmmsg$unix(r1, &(0x7f00000009c0)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000000c0)="1e8fce3c4b99b01ba586b304b7f11ad492771ecb13b3acf8da6c16ed7fa299b552ab9c86c4e9f690a3d3d63261bafc1a7674e368f033d846f18f7b78c4f1c4dd32b655db9eed572a1694d763e3794a81724a611e2663e6392ff525bc5e836412c93e63de283532b3db32ecceb840f27a2cce", 0x72}, {&(0x7f0000000340)="640e4b9d1526e2fe2f54b0c7558c66b0680b1d4dfb09c06c045bb47a8cd2b15dd18817cc1dd4ed9b26dde2e5ed249a8e1f267d6d68c6ef10a8c41631e8f2c2efe3911b2c4bf26ff059e4a8112c3b9a8f1830c5f05461797c71c048ca758b04a0b645c2a30a1b2d551a16d1d88bba8e190ba36df2ac16df99de35fbecd9e92773606765a821c8fee05d3a9389caf10851bbc84483a8e04e31b7033be20be855b85e9e6a4229e23ac8c58537393470973b18124f296313598178821ecb80b701fffdf613a217058516bec4f3cf1dbf2093a66299c9160b469f22376ae8a9489d44e760843aa9665f030a3e58a9209bb3a685938852ebdccdcc6376bebbbdb5d7", 0xff}], 0x2, &(0x7f0000000680)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r2, r3}}}, @rights={{0x2c, 0x1, 0x1, [r0, r0, r0, r0, r0, r0, r4]}}], 0x50, 0xc8842}}, {{&(0x7f0000000700)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000000980)=[{&(0x7f0000000540)="ea34512c198527b319cd9d42fd357ccbd4debcc497881ff38e50a74987191611bd5a758df09f", 0x26}, {&(0x7f0000000780)="0c626f68296517e5d0ee51181626d18f2233629c47ff47dd7aa22856839d792bab880aeaea797795fb61474f47d59c8d91ba3cd191b4e7471b8bb23539fe5ba8da922607397b73e298279495eceaf16ecef006a769553cb84db0f3519456fab7e69336f403060aeead1e511edfd0cfc8ecaf66527e6df569d95c6f6518c869584479c14d3e5f9fca1f6d4503687e8ff4cd98", 0x92}, {&(0x7f0000000840)="d42eb86db4d6", 0x6}, {&(0x7f0000000880)="ac1f9add40a2bd84f5b245d2da4dcc37e670489a236313667bad3889135c463f263159ede7f3ac8411c19b9a9c6f5756f32da9e18da78ffcfb90d59c4fd7a7c8a02ebafbfb333c13f12faba05587ceffb386cb2b6eca140199a0c17ae2a27a6d0c1829dfc77004877fd8ac6a1e5206d1a3e755fb45008355b10955c14836c027520d2ab14b92613754a957f714e99f4e12042f4b3f4fad8e8492c2517b5e201f61561cabc5e03f8360fe26b56ae73125d844d04df38e6ce19d3be17984cf2975b4e2771fabceebedfd1c077e67f68d7761e20d9ef2", 0xd5}], 0x4, 0x0, 0x0, 0x44080}}], 0x2, 0x4000810)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000001c0)='kmem_cache_free\x00'}, 0x10)
syz_emit_ethernet(0x86, &(0x7f00000001c0)={@random="591a1d9a2bdb", @link_local={0x1, 0x80, 0xc2, 0x25}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x29, 0x0, @empty, @multicast1}, {0x0, 0x0, 0x64, 0x0, @wg=@response={0x220, 0x0, 0x0, "bfd8a5dd2002c02142c4391145badd28fd7f0ffc0e896f38da00", "0bb10000085b2e00", {"bb3b2195c4b058706558a70864bef1f0", "524a72fc460b8cd26e095f24ab642591"}}}}}}}, 0x0)

0s ago: executing program 3 (id=706):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r1 = inotify_init1(0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r2, <r3=>0xffffffffffffffff}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x1, 0xfff, 0x2, 0x7ff, 0x40, r3, 0x5031, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x5}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r4}, 0x10)
fcntl$setown(r1, 0x8, 0xffffffffffffffff)
fcntl$getownex(r1, 0x10, &(0x7f0000000140)={0x0, <r5=>0x0})
r6 = syz_open_procfs(r5, &(0x7f0000000600)='fd/4\x00')
write$FUSE_NOTIFY_STORE(r6, &(0x7f0000000200)={0x2a, 0x4, 0x0, {0x2, 0x6, 0x2, 0x0, [0x0, 0x0]}}, 0x2a)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="240000006800010400000000000000000a000000000000000800010001000000040004"], 0x24}}, 0x0)
quotactl_fd$Q_QUOTAOFF(r6, 0xffffffff80000302, 0x0, 0x0)

kernel console output (not intermixed with test programs):

T443] device veth0_vlan left promiscuous mode
[  100.932741][ T1963] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  100.939694][ T1963] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  101.056539][ T1968] loop0: detected capacity change from 0 to 40427
[  101.295552][ T1954] device veth0_vlan entered promiscuous mode
[  101.307544][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  101.321358][ T1968] F2FS-fs (loop0): Found nat_bits in checkpoint
[  101.330199][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  101.346026][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  101.370358][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  101.381571][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  101.394549][ T1968] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  101.395293][ T1954] device veth1_macvtap entered promiscuous mode
[  101.406318][ T1968] FAULT_INJECTION: forcing a failure.
[  101.406318][ T1968] name failslab, interval 1, probability 0, space 0, times 0
[  101.433210][ T1968] CPU: 0 PID: 1968 Comm: syz.0.454 Tainted: G        W         5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[  101.444334][ T1968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  101.454233][ T1968] Call Trace:
[  101.457420][ T1968]  <TASK>
[  101.460129][ T1968]  dump_stack_lvl+0x151/0x1b7
[  101.464642][ T1968]  ? io_uring_drop_tctx_refs+0x190/0x190
[  101.470109][ T1968]  dump_stack+0x15/0x17
[  101.474183][ T1968]  should_fail+0x3c6/0x510
[  101.478437][ T1968]  __should_failslab+0xa4/0xe0
[  101.483038][ T1968]  ? __anon_vma_prepare+0xa0/0x430
[  101.488000][ T1968]  should_failslab+0x9/0x20
[  101.492322][ T1968]  slab_pre_alloc_hook+0x37/0xd0
[  101.497104][ T1968]  ? __anon_vma_prepare+0xa0/0x430
[  101.502043][ T1968]  kmem_cache_alloc+0x44/0x200
[  101.506687][ T1968]  __anon_vma_prepare+0xa0/0x430
[  101.511419][ T1968]  wp_page_copy+0x14a7/0x1b00
[  101.515933][ T1968]  ? __kasan_check_write+0x14/0x20
[  101.521023][ T1968]  ? insert_page_into_pte_locked+0x4e0/0x4e0
[  101.526781][ T1968]  ? __pte_map_lock+0x442/0x620
[  101.531467][ T1968]  do_wp_page+0x6fa/0xb60
[  101.535634][ T1968]  handle_pte_fault+0x7c0/0x24d0
[  101.540408][ T1968]  ? fault_around_bytes_set+0xc0/0xc0
[  101.545615][ T1968]  do_handle_mm_fault+0x1ea9/0x23a0
[  101.550653][ T1968]  ? numa_migrate_prep+0xe0/0xe0
[  101.555422][ T1968]  ? down_read+0xa9b/0x1360
[  101.559775][ T1968]  ? __stack_depot_save+0x34/0x470
[  101.564716][ T1968]  ? kmem_cache_free+0x116/0x2e0
[  101.569495][ T1968]  ? kmem_cache_free+0x116/0x2e0
[  101.574257][ T1968]  ? down_read_trylock+0x1f9/0x300
[  101.579204][ T1968]  ? vmacache_find+0x21f/0x4d0
[  101.583803][ T1968]  ? __find_vma+0x30/0x150
[  101.588095][ T1968]  exc_page_fault+0x3b5/0x830
[  101.592675][ T1968]  asm_exc_page_fault+0x27/0x30
[  101.597358][ T1968] RIP: 0010:__put_user_nocheck_4+0x3/0x11
[  101.602912][ T1968] Code: 00 00 48 39 d9 73 54 0f 01 cb 66 89 01 31 c9 0f 01 ca c3 0f 1f 44 00 00 48 bb fd ef ff ff ff 7f 00 00 48 39 d9 73 34 0f 01 cb <89> 01 31 c9 0f 01 ca c3 66 0f 1f 44 00 00 48 bb f9 ef ff ff ff 7f
[  101.622355][ T1968] RSP: 0018:ffffc90000c47c58 EFLAGS: 00050297
[  101.628257][ T1968] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 0000000020000000
[  101.636079][ T1968] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  101.643880][ T1968] RBP: ffffc90000c47e60 R08: ffffffff83de02f1 R09: ffffffff83ddec8a
[  101.651775][ T1968] R10: 000000000000003a R11: ffff88810c78cf00 R12: 0000000000000000
[  101.659589][ T1968] R13: dffffc0000000000 R14: 1ffff92000188f94 R15: 0000000000000000
[  101.667402][ T1968]  ? sock_getsockopt+0x19a/0x21f0
[  101.672260][ T1968]  ? sock_getsockopt+0x1801/0x21f0
[  101.677223][ T1968]  ? sock_getsockopt+0x1828/0x21f0
[  101.682156][ T1968]  ? dst_negative_advice+0x220/0x220
[  101.687316][ T1968]  ? selinux_socket_getsockopt+0x243/0x340
[  101.692925][ T1968]  ? selinux_socket_getpeername+0x340/0x340
[  101.698648][ T1968]  ? wait_for_completion_killable_timeout+0x10/0x10
[  101.705087][ T1968]  ? __fget_files+0x31e/0x380
[  101.709582][ T1968]  ? security_socket_getsockopt+0x82/0xb0
[  101.715137][ T1968]  __sys_getsockopt+0x227/0x4f0
[  101.719917][ T1968]  __x64_sys_getsockopt+0xbf/0xd0
[  101.724771][ T1968]  do_syscall_64+0x3d/0xb0
[  101.729031][ T1968]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  101.734751][ T1968] RIP: 0033:0x7fc87f0a2bd9
[  101.739008][ T1968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.758448][ T1968] RSP: 002b:00007fc87e324048 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  101.766691][ T1968] RAX: ffffffffffffffda RBX: 00007fc87f230f60 RCX: 00007fc87f0a2bd9
[  101.774502][ T1968] RDX: 0000000000000024 RSI: 0000000000000001 RDI: 0000000000000005
[  101.782313][ T1968] RBP: 00007fc87e3240a0 R08: 0000000020000000 R09: 0000000000000000
[  101.790211][ T1968] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000002
[  101.798027][ T1968] R13: 000000000000000b R14: 00007fc87f230f60 R15: 00007ffe9d93dad8
[  101.805842][ T1968]  </TASK>
[  101.820158][ T1739] attempt to access beyond end of device
[  101.820158][ T1739] loop0: rw=2049, want=45104, limit=40427
[  101.859740][  T392] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  101.875557][  T392] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  101.890715][ T1993] loop2: detected capacity change from 0 to 2048
[  101.892353][  T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  101.905577][  T392] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  101.913853][  T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  101.949284][ T1969] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.966531][ T1969] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.975697][ T1969] device bridge_slave_0 entered promiscuous mode
[  101.982530][ T1993] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  101.982967][ T1969] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.000052][ T1969] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.007099][ T1993] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038 (0x7fffffff)
[  102.007690][ T1969] device bridge_slave_1 entered promiscuous mode
[  102.053834][ T1993] fs-verity (loop2, inode 13): fs-verity keyring is empty, rejecting signed file!
[  102.066582][ T2001] blk_update_request: I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  102.077595][ T2001] FAT-fs (loop1): unable to read boot sector
[  102.095695][ T2003] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  102.106805][  T309] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  102.189789][ T2013] fuse: Unknown parameter 'grou00000000000000000000'
[  102.286489][ T1969] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.293490][ T1969] bridge0: port 2(bridge_slave_1) entered forwarding state
[  102.300570][ T1969] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.307396][ T1969] bridge0: port 1(bridge_slave_0) entered forwarding state
[  102.633729][  T309] usb 2-1: Using ep0 maxpacket: 8
[  102.642569][ T1540] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.650392][ T1540] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.666549][ T2019] netlink: 4 bytes leftover after parsing attributes in process `syz.2.464'.
[  102.696073][  T391] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  102.704082][  T391] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  102.721012][ T1540] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  102.729125][ T1540] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  102.737365][ T1540] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.744235][ T1540] bridge0: port 1(bridge_slave_0) entered forwarding state
[  102.751627][ T1540] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  102.759749][ T1540] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  102.767931][ T1540] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.774881][ T1540] bridge0: port 2(bridge_slave_1) entered forwarding state
[  102.782166][  T309] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  102.791658][  T309] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  102.806976][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  102.808558][  T309] usb 2-1: config 0 descriptor??
[  102.818137][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  102.834296][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  102.847793][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  102.870936][ T1320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  102.887688][ T1320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  102.903465][ T1969] device veth0_vlan entered promiscuous mode
[  102.910288][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  102.918550][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  102.934455][ T2023] loop3: detected capacity change from 0 to 1024
[  102.948550][ T1969] device veth1_macvtap entered promiscuous mode
[  102.958398][ T1320] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  102.966388][ T1320] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  102.974011][ T1320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  102.982804][ T1320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  102.991144][ T1320] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  103.019987][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  103.028556][ T2023] SELinux: security_context_str_to_sid(user_u) failed for (dev ?, type ?) errno=-22
[  103.038268][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  103.058418][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  103.071708][ T2023] EXT4-fs (loop3): Unrecognized mount option "func=CREDS_CHECK" or missing value
[  103.080924][  T309] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  103.091576][  T309] asix: probe of 2-1:0.0 failed with error -71
[  103.098793][  T309] usb 2-1: USB disconnect, device number 14
[  103.111188][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  103.266024][ T2037] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  103.277285][ T2037] FAT-fs (loop5): unable to read boot sector
[  103.351587][  T443] device bridge_slave_1 left promiscuous mode
[  103.360319][  T443] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.397675][ T2040] loop2: detected capacity change from 0 to 2048
[  103.408406][  T443] device bridge_slave_0 left promiscuous mode
[  103.431001][  T443] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.618662][ T2040] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  103.679068][  T443] device veth1_macvtap left promiscuous mode
[  103.700513][ T2040] ext4 filesystem being mounted at /5/file0 supports timestamps until 2038 (0x7fffffff)
[  103.703734][ T2023] syz.3.467 (2023) used greatest stack depth: 18680 bytes left
[  103.723635][ T2026] loop0: detected capacity change from 0 to 40427
[  103.733251][ T2040] fs-verity (loop2, inode 13): fs-verity keyring is empty, rejecting signed file!
[  103.745534][  T443] device veth0_vlan left promiscuous mode
[  103.758347][ T2026] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  103.786021][ T2026] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  103.810682][ T2026] F2FS-fs (loop0): invalid crc value
[  103.837952][ T2049] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  103.852690][ T2026] F2FS-fs (loop0): Found nat_bits in checkpoint
[  103.938678][ T2026] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  103.947783][ T2026] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  104.069386][ T2030] loop1: detected capacity change from 0 to 40427
[  104.090846][ T2063] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  104.101640][ T2063] FAT-fs (loop5): unable to read boot sector
[  104.133440][ T2030] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  104.171164][ T2030] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  104.190750][ T2030] F2FS-fs (loop1): invalid crc value
[  104.229804][ T2030] F2FS-fs (loop1): Found nat_bits in checkpoint
[  104.289766][ T2030] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  104.296762][ T2030] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  104.324981][ T2074] netlink: 4 bytes leftover after parsing attributes in process `syz.4.480'.
[  104.340859][  T392] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  104.600801][  T392] usb 4-1: Using ep0 maxpacket: 16
[  104.628666][ T2067] loop2: detected capacity change from 0 to 40427
[  104.654824][ T2067] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  104.671350][ T2067] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  105.211384][  T392] usb 4-1: config 0 has an invalid interface number: 0 but max is -1
[  105.219304][  T392] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0
[  105.240070][ T2067] F2FS-fs (loop2): invalid crc value
[  105.255534][  T392] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  105.271903][ T2067] F2FS-fs (loop2): Found nat_bits in checkpoint
[  105.276429][  T392] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  105.307883][  T392] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  105.330730][  T392] usb 4-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[  105.344264][  T392] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.370135][  T392] usb 4-1: config 0 descriptor??
[  105.400215][ T2067] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  105.422011][   T45] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  105.432740][ T2067] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  105.451137][   T45] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  105.533151][ T2083] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  105.657054][ T2087] loop4: detected capacity change from 0 to 2048
[  106.030432][ T1047] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  106.064190][ T2087] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  106.075539][ T2087] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038 (0x7fffffff)
[  106.090383][ T2087] fs-verity (loop4, inode 13): fs-verity keyring is empty, rejecting signed file!
[  106.099552][  T392] usbhid 4-1:0.0: can't add hid device: -71
[  106.105906][  T392] usbhid: probe of 4-1:0.0 failed with error -71
[  106.112958][  T392] usb 4-1: USB disconnect, device number 12
[  106.182703][ T2096] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  106.191944][ T2098] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  106.242298][   T30] kauditd_printk_skb: 38 callbacks suppressed
[  106.242314][   T30] audit: type=1326 audit(1720409646.947:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2105 comm="syz.0.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000
[  106.274030][ T2107] blk_update_request: I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  106.363687][ T2112] netlink: 12 bytes leftover after parsing attributes in process `syz.2.489'.
[  106.375400][ T2112] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 !
[  106.405133][ T1047] usb 2-1: Using ep0 maxpacket: 32
[  106.411289][ T2107] FAT-fs (loop1): unable to read boot sector
[  106.740291][   T30] audit: type=1326 audit(1720409646.977:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2105 comm="syz.0.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000
[  106.764887][   T30] audit: type=1326 audit(1720409646.977:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2105 comm="syz.0.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000
[  106.788940][   T30] audit: type=1326 audit(1720409646.977:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2105 comm="syz.0.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000
[  106.832535][   T30] audit: type=1326 audit(1720409647.407:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2105 comm="syz.0.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000
[  106.864696][   T30] audit: type=1326 audit(1720409647.407:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2105 comm="syz.0.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000
[  106.888332][   T30] audit: type=1326 audit(1720409647.557:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2117 comm="syz.3.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4072778bd9 code=0x7ffc0000
[  106.912985][   T30] audit: type=1326 audit(1720409647.567:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2117 comm="syz.3.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4072778bd9 code=0x7ffc0000
[  106.937697][   T30] audit: type=1326 audit(1720409647.567:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2117 comm="syz.3.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4072778bd9 code=0x7ffc0000
[  106.963311][   T30] audit: type=1326 audit(1720409647.567:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2117 comm="syz.3.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4072778bd9 code=0x7ffc0000
[  107.008098][ T2121] fuse: Unknown parameter 'group_i00000000000000000000'
[  107.021032][ T1047] usb 2-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  107.037492][ T1047] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  107.054828][ T1047] usb 2-1: Product: syz
[  107.072449][ T1047] usb 2-1: Manufacturer: syz
[  107.077052][ T1047] usb 2-1: SerialNumber: syz
[  107.079534][ T2116] loop0: detected capacity change from 0 to 40427
[  107.085984][ T1047] usb 2-1: config 0 descriptor??
[  107.216847][ T2116] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  107.275261][ T2116] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  107.358792][ T1047] snd-usb-audio: probe of 2-1:0.0 failed with error -2
[  107.381201][ T2116] F2FS-fs (loop0): invalid crc value
[  107.382268][ T2128] loop4: detected capacity change from 0 to 2048
[  107.408036][ T2116] F2FS-fs (loop0): Found nat_bits in checkpoint
[  107.420073][ T1047] usb 2-1: USB disconnect, device number 15
[  107.463439][ T2128] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  107.474199][ T2116] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  107.474307][ T2128] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038 (0x7fffffff)
[  107.491108][ T2116] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  107.550306][ T2123] loop2: detected capacity change from 0 to 40427
[  107.595387][ T2123] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  107.604200][ T2123] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  107.613478][ T2123] F2FS-fs (loop2): invalid crc value
[  107.620216][ T2123] F2FS-fs (loop2): Found nat_bits in checkpoint
[  107.906857][ T2144] loop4: detected capacity change from 0 to 2048
[  107.927224][ T2123] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  107.941664][ T2123] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  108.092346][ T2144] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  108.103189][ T2144] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038 (0x7fffffff)
[  108.118796][ T2144] fs-verity (loop4, inode 13): fs-verity keyring is empty, rejecting signed file!
[  108.146494][ T2154] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  108.439629][ T2162] FAULT_INJECTION: forcing a failure.
[  108.439629][ T2162] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  108.455183][ T2162] CPU: 1 PID: 2162 Comm: syz.1.505 Tainted: G        W         5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[  108.466235][ T2162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  108.476097][ T2162] Call Trace:
[  108.479224][ T2162]  <TASK>
[  108.482014][ T2162]  dump_stack_lvl+0x151/0x1b7
[  108.486509][ T2162]  ? io_uring_drop_tctx_refs+0x190/0x190
[  108.491979][ T2162]  ? unwind_get_return_address+0x4d/0x90
[  108.497451][ T2162]  dump_stack+0x15/0x17
[  108.501441][ T2162]  should_fail+0x3c6/0x510
[  108.505691][ T2162]  should_fail_alloc_page+0x5a/0x80
[  108.510724][ T2162]  prepare_alloc_pages+0x15c/0x700
[  108.515675][ T2162]  ? stack_trace_snprint+0xf0/0xf0
[  108.520622][ T2162]  ? __alloc_pages_bulk+0xe40/0xe40
[  108.525655][ T2162]  __alloc_pages+0x18c/0x8f0
[  108.530635][ T2162]  ? lookup_one_qstr_excl+0x143/0x290
[  108.535976][ T2162]  ? prep_new_page+0x110/0x110
[  108.540574][ T2162]  new_slab+0x9a/0x4e0
[  108.544483][ T2162]  ___slab_alloc+0x39e/0x830
[  108.548899][ T2162]  ? p9_client_prepare_req+0x2eb/0xb20
[  108.554302][ T2162]  ? p9_client_prepare_req+0x2eb/0xb20
[  108.559661][ T2162]  __slab_alloc+0x4a/0x90
[  108.563834][ T2162]  ? p9_client_prepare_req+0x2eb/0xb20
[  108.569123][ T2162]  kmem_cache_alloc+0x134/0x200
[  108.573822][ T2162]  p9_client_prepare_req+0x2eb/0xb20
[  108.578933][ T2162]  p9_client_rpc+0x159/0x13a0
[  108.583453][ T2162]  ? htab_percpu_map_lookup_elem+0x1cf/0x310
[  108.589258][ T2162]  ? p9_client_clunk+0x57/0x3a0
[  108.593944][ T2162]  ? p9_fid_create+0x280/0x280
[  108.598543][ T2162]  ? bpf_trace_run3+0x123/0x250
[  108.603231][ T2162]  ? bpf_trace_run2+0x210/0x210
[  108.607917][ T2162]  ? p9_req_put+0x145/0x180
[  108.612354][ T2162]  ? p9_req_put+0x145/0x180
[  108.616772][ T2162]  ? p9_req_put+0x145/0x180
[  108.621123][ T2162]  ? __bpf_trace_kmem_cache_free+0x99/0xc0
[  108.626857][ T2162]  ? kmem_cache_free+0x2c3/0x2e0
[  108.631621][ T2162]  p9_client_clunk+0xbe/0x3a0
[  108.636140][ T2162]  p9_client_walk+0x4f2/0x7b0
[  108.640645][ T2162]  ? p9_client_rpc+0x13a0/0x13a0
[  108.645415][ T2162]  ? v9fs_fid_lookup+0x118/0x160
[  108.650187][ T2162]  v9fs_vfs_lookup+0x198/0x3d0
[  108.654827][ T2162]  ? __d_alloc+0x4ec/0x6c0
[  108.659040][ T2162]  ? v9fs_inode_from_fid+0x2f0/0x2f0
[  108.664265][ T2162]  ? _raw_spin_unlock+0x4d/0x70
[  108.669042][ T2162]  ? d_alloc+0x199/0x1d0
[  108.673207][ T2162]  lookup_one_qstr_excl+0x143/0x290
[  108.678241][ T2162]  filename_create+0x28e/0x530
[  108.682843][ T2162]  ? kern_path_create+0x1a0/0x1a0
[  108.687719][ T2162]  do_mkdirat+0xbd/0x450
[  108.691793][ T2162]  ? strncpy_from_user+0x18e/0x2d0
[  108.696776][ T2162]  ? vfs_mkdir+0x610/0x610
[  108.700980][ T2162]  ? getname_flags+0x1fd/0x520
[  108.705590][ T2162]  __x64_sys_mkdir+0x6e/0x80
[  108.710013][ T2162]  do_syscall_64+0x3d/0xb0
[  108.714349][ T2162]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  108.720166][ T2162] RIP: 0033:0x7fbe4f135bd9
[  108.724437][ T2162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.743858][ T2162] RSP: 002b:00007fbe4e3b7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  108.752104][ T2162] RAX: ffffffffffffffda RBX: 00007fbe4f2c3f60 RCX: 00007fbe4f135bd9
[  108.759914][ T2162] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000300
[  108.767726][ T2162] RBP: 00007fbe4e3b70a0 R08: 0000000000000000 R09: 0000000000000000
[  108.775536][ T2162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  108.783347][ T2162] R13: 000000000000000b R14: 00007fbe4f2c3f60 R15: 00007ffe7a355d88
[  108.791254][ T2162]  </TASK>
[  108.859309][ T2164] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  108.961683][ T2175] netlink: 12 bytes leftover after parsing attributes in process `syz.3.507'.
[  108.987735][ T2175] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 !
[  109.669061][ T2179] blk_update_request: I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  109.680043][ T2179] FAT-fs (loop1): unable to read boot sector
[  109.725040][ T2181] 9pnet: Insufficient options for proto=fd
[  109.774037][ T2185] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  109.840518][ T2190] loop1: detected capacity change from 0 to 2048
[  109.860938][ T1320] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  109.951382][ T2190] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  109.969698][ T2190] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038 (0x7fffffff)
[  109.992430][ T2190] fs-verity (loop1, inode 13): fs-verity keyring is empty, rejecting signed file!
[  110.070916][   T26] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  110.075206][ T2193] loop3: detected capacity change from 0 to 40427
[  110.101062][ T1320] usb 5-1: Using ep0 maxpacket: 32
[  110.156445][ T2193] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  110.164618][ T2193] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  110.173700][ T2193] F2FS-fs (loop3): invalid crc value
[  110.180209][ T2193] F2FS-fs (loop3): Found nat_bits in checkpoint
[  110.203977][ T2193] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  110.211106][ T2193] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  110.394742][  T397] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  110.421196][  T312] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  110.422006][ T1320] usb 5-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  110.439258][ T1320] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  110.450012][ T1320] usb 5-1: Product: syz
[  110.454962][ T1320] usb 5-1: Manufacturer: syz
[  110.459792][ T1320] usb 5-1: SerialNumber: syz
[  110.468818][ T1320] usb 5-1: config 0 descriptor??
[  110.480943][   T26] usb 1-1: config 0 has an invalid interface number: 32 but max is 0
[  110.489067][   T26] usb 1-1: config 0 has no interface number 0
[  110.495019][   T26] usb 1-1: config 0 interface 32 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  110.505963][   T26] usb 1-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  110.516401][ T1320] snd-usb-audio: probe of 5-1:0.0 failed with error -2
[  110.523196][   T26] usb 1-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00
[  110.533407][   T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.541949][   T26] usb 1-1: config 0 descriptor??
[  110.680996][  T312] usb 3-1: Using ep0 maxpacket: 8
[  110.723480][ T1320] usb 5-1: USB disconnect, device number 9
[  110.760976][  T397] usb 2-1: config 0 has an invalid interface number: 32 but max is 0
[  110.769185][  T397] usb 2-1: config 0 has no interface number 0
[  110.775328][  T397] usb 2-1: config 0 interface 32 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  110.786345][  T397] usb 2-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  110.798941][ T2187] loop0: detected capacity change from 0 to 2048
[  110.800293][  T397] usb 2-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00
[  110.814375][  T312] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  110.825806][  T312] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  110.835722][  T397] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.843967][  T312] usb 3-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  110.847803][ T2209] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  110.853659][  T397] usb 2-1: config 0 descriptor??
[  110.868761][  T312] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.877660][ T2187] Alternate GPT is invalid, using primary GPT.
[  110.877883][  T312] usb 3-1: config 0 descriptor??
[  110.891420][ T2187]  loop0: p1 p2 p3
[  111.007289][ T2211] loop3: detected capacity change from 0 to 40427
[  111.013608][   T26] usbhid 1-1:0.32: can't add hid device: -71
[  111.019371][   T26] usbhid: probe of 1-1:0.32 failed with error -71
[  111.028070][   T26] usb 1-1: USB disconnect, device number 15
[  111.061566][ T2211] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  111.069207][ T2211] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  111.078380][ T2211] F2FS-fs (loop3): invalid crc value
[  111.085002][ T2211] F2FS-fs (loop3): Found nat_bits in checkpoint
[  111.109625][ T2211] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  111.116721][ T2211] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  111.136497][ T2199] loop1: detected capacity change from 0 to 2048
[  111.181796][ T2199] Alternate GPT is invalid, using primary GPT.
[  111.187870][ T2199]  loop1: p1 p2 p3
[  111.320988][  T397] usbhid 2-1:0.32: can't add hid device: -71
[  111.329430][  T397] usbhid: probe of 2-1:0.32 failed with error -71
[  111.406846][  T312] steelseries_srws1 0003:1038:1410.0009: unknown main item tag 0xd
[  111.421676][  T312] steelseries_srws1 0003:1038:1410.0009: item fetching failed at offset 6/7
[  111.430833][   T30] kauditd_printk_skb: 17 callbacks suppressed
[  111.430849][   T30] audit: type=1326 audit(1720409652.127:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2218 comm="syz.4.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000
[  111.432150][ T2219] blk_update_request: I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  111.436752][   T30] audit: type=1326 audit(1720409652.137:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2218 comm="syz.4.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000
[  111.436781][   T30] audit: type=1326 audit(1720409652.137:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2218 comm="syz.4.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000
[  111.459884][ T2219] FAT-fs (loop9): unable to read boot sector
[  111.472843][  T397] usb 2-1: USB disconnect, device number 16
[  111.498416][   T30] audit: type=1326 audit(1720409652.137:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2218 comm="syz.4.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000
[  111.517299][  T312] steelseries_srws1 0003:1038:1410.0009: parse failed
[  111.558350][   T30] audit: type=1326 audit(1720409652.197:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2218 comm="syz.4.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000
[  111.558380][   T30] audit: type=1326 audit(1720409652.197:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2218 comm="syz.4.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000
[  111.644218][  T312] steelseries_srws1: probe of 0003:1038:1410.0009 failed with error -22
[  111.660295][  T312] usb 3-1: USB disconnect, device number 11
[  112.114559][ T2226] netlink: 12 bytes leftover after parsing attributes in process `syz.0.521'.
[  112.267019][ T2226] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 !
[  112.394338][ T2228] netlink: 4 bytes leftover after parsing attributes in process `syz.4.520'.
[  112.478791][ T2230] loop1: detected capacity change from 0 to 2048
[  112.530056][ T2232] loop3: detected capacity change from 0 to 1024
[  112.601186][ T2230] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  112.610844][ T2239] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  112.620878][ T2230] ext4 filesystem being mounted at /37/file0 supports timestamps until 2038 (0x7fffffff)
[  112.636550][ T2232] loop3: detected capacity change from 0 to 512
[  112.651695][ T2230] fs-verity (loop1, inode 13): fs-verity keyring is empty, rejecting signed file!
[  112.740603][ T2247] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  112.758626][   T30] audit: type=1326 audit(1720409653.457:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2248 comm="syz.4.530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000
[  112.759506][ T2249] blk_update_request: I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  112.782249][   T30] audit: type=1326 audit(1720409653.457:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2248 comm="syz.4.530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000
[  112.801065][ T2249] FAT-fs (loop9): unable to read boot sector
[  112.926935][ T2253] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[  113.082059][   T30] audit: type=1326 audit(1720409653.457:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2248 comm="syz.4.530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000
[  113.104299][ T2256] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  113.105691][   T30] audit: type=1326 audit(1720409653.457:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2248 comm="syz.4.530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000
[  113.140264][ T2256] FAT-fs (loop5): unable to read boot sector
[  113.364891][ T2259] loop4: detected capacity change from 0 to 40427
[  113.378761][ T2259] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  113.387853][ T2259] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  113.402177][ T2259] F2FS-fs (loop4): invalid crc value
[  113.409215][ T2259] F2FS-fs (loop4): Found nat_bits in checkpoint
[  113.448651][ T2259] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  113.455783][ T2259] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  113.462892][ T2261] loop2: detected capacity change from 0 to 40427
[  113.485802][ T2261] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  113.493711][ T2261] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  113.502839][ T2261] F2FS-fs (loop2): invalid crc value
[  113.527307][ T2261] F2FS-fs (loop2): Found nat_bits in checkpoint
[  113.569256][ T2261] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  113.576254][ T2261] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  113.670825][  T312] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  113.913898][ T2281] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  113.945123][ T2284] loop0: detected capacity change from 0 to 2048
[  114.805251][ T2284] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  114.817328][ T2284] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038 (0x7fffffff)
[  114.901698][ T2297] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  114.912817][ T2297] FAT-fs (loop3): unable to read boot sector
[  114.930040][  T312] usb 4-1: config 0 has an invalid interface number: 32 but max is 0
[  114.941266][  T312] usb 4-1: config 0 has no interface number 0
[  114.947630][  T312] usb 4-1: config 0 interface 32 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  114.959512][  T312] usb 4-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  114.969651][  T312] usb 4-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00
[  114.979133][  T312] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.994184][  T312] usb 4-1: config 0 descriptor??
[  115.010104][  T318] Bluetooth: hci0: Frame reassembly failed (-84)
[  115.062212][ T2305] loop2: detected capacity change from 0 to 2048
[  115.095030][ T2308] netlink: 4 bytes leftover after parsing attributes in process `syz.4.540'.
[  115.120255][ T2305] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  115.140947][ T2305] ext4 filesystem being mounted at /17/file0 supports timestamps until 2038 (0x7fffffff)
[  115.196056][ T2313] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[  115.245160][   T45] Bluetooth: hci1: Frame reassembly failed (-84)
[  115.255541][ T2263] loop3: detected capacity change from 0 to 2048
[  115.301672][ T2263] Alternate GPT is invalid, using primary GPT.
[  115.309071][ T2263]  loop3: p1 p2 p3
[  115.371002][  T100] Alternate GPT is invalid, using primary GPT.
[  115.377139][  T100]  loop3: p1 p2 p3
[  115.450855][  T312] usbhid 4-1:0.32: can't add hid device: -71
[  115.456703][  T312] usbhid: probe of 4-1:0.32 failed with error -71
[  115.467271][  T312] usb 4-1: USB disconnect, device number 13
[  115.932593][ T2326] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[  115.961883][ T2323] loop4: detected capacity change from 0 to 40427
[  115.984077][ T2328] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  116.007103][ T2323] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  116.023907][ T2323] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  116.032950][ T2323] F2FS-fs (loop4): invalid crc value
[  116.039468][ T2323] F2FS-fs (loop4): Found nat_bits in checkpoint
[  116.062019][ T2323] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  116.068982][ T2323] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  116.280845][  T312] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  116.540843][  T312] usb 1-1: Using ep0 maxpacket: 32
[  116.731508][   T30] kauditd_printk_skb: 18 callbacks suppressed
[  116.731524][   T30] audit: type=1400 audit(1720409657.437:611): avc:  denied  { read } for  pid=2334 comm="syz.3.554" name="ptp0" dev="devtmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  116.732942][ T2335] IPv6: NLM_F_CREATE should be specified when creating new route
[  116.737441][   T30] audit: type=1400 audit(1720409657.437:612): avc:  denied  { open } for  pid=2334 comm="syz.3.554" path="/dev/ptp0" dev="devtmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  116.760321][ T2335] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  116.792857][   T30] audit: type=1400 audit(1720409657.437:613): avc:  denied  { ioctl } for  pid=2334 comm="syz.3.554" path="socket:[25038]" dev="sockfs" ino=25038 ioctlcmd=0x7437 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  116.797685][ T2335] IPv6: NLM_F_CREATE should be set when creating new route
[  116.829220][ T2335] IPv6: NLM_F_CREATE should be set when creating new route
[  116.869723][ T2343] loop4: detected capacity change from 0 to 2048
[  116.900996][  T312] usb 1-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  116.910091][  T312] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  116.918335][  T312] usb 1-1: Product: syz
[  116.922408][ T2343] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  116.922418][  T312] usb 1-1: Manufacturer: syz
[  116.922437][  T312] usb 1-1: SerialNumber: syz
[  116.933382][ T2343] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038 (0x7fffffff)
[  116.941124][  T312] usb 1-1: config 0 descriptor??
[  116.945518][ T2343] fs-verity (loop4, inode 13): fs-verity keyring is empty, rejecting signed file!
[  117.001235][ T2348] FAULT_INJECTION: forcing a failure.
[  117.001235][ T2348] name failslab, interval 1, probability 0, space 0, times 0
[  117.001529][  T312] snd-usb-audio: probe of 1-1:0.0 failed with error -2
[  117.014079][ T2348] CPU: 0 PID: 2348 Comm: syz.4.556 Tainted: G        W         5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[  117.031829][ T2348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  117.041830][ T2348] Call Trace:
[  117.044932][ T2348]  <TASK>
[  117.047712][ T2348]  dump_stack_lvl+0x151/0x1b7
[  117.052336][ T2348]  ? io_uring_drop_tctx_refs+0x190/0x190
[  117.057817][ T2348]  dump_stack+0x15/0x17
[  117.061887][ T2348]  should_fail+0x3c6/0x510
[  117.066144][ T2348]  __should_failslab+0xa4/0xe0
[  117.070738][ T2348]  ? __alloc_file+0x29/0x2a0
[  117.071009][  T312] Bluetooth: hci0: command 0x1003 tx timeout
[  117.075166][ T2348]  should_failslab+0x9/0x20
[  117.075189][ T2348]  slab_pre_alloc_hook+0x37/0xd0
[  117.081106][ T1570] Bluetooth: hci0: sending frame failed (-49)
[  117.085320][ T2348]  ? __alloc_file+0x29/0x2a0
[  117.100511][ T2348]  kmem_cache_alloc+0x44/0x200
[  117.105122][ T2348]  __alloc_file+0x29/0x2a0
[  117.109369][ T2348]  alloc_empty_file+0x95/0x180
[  117.113962][ T2348]  path_openat+0xfe/0x2f40
[  117.118315][ T2348]  ? stack_trace_snprint+0xf0/0xf0
[  117.123249][ T2348]  ? _raw_spin_lock_irqsave+0xf9/0x210
[  117.128551][ T2348]  ? kmem_cache_free+0x116/0x2e0
[  117.133454][ T2348]  ? __kasan_slab_alloc+0xc3/0xe0
[  117.138304][ T2348]  ? __kasan_slab_alloc+0xb1/0xe0
[  117.143697][ T2348]  ? slab_post_alloc_hook+0x53/0x2c0
[  117.148956][ T2348]  ? kmem_cache_alloc+0xf5/0x200
[  117.153934][ T2348]  ? getname_flags+0xba/0x520
[  117.158573][ T2348]  ? getname+0x19/0x20
[  117.162470][ T2348]  ? do_sys_openat2+0xd7/0x830
[  117.167157][ T2348]  ? __x64_sys_openat+0x243/0x290
[  117.171358][ T1320] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  117.172019][ T2348]  ? do_syscall_64+0x3d/0xb0
[  117.184027][ T2348]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  117.190080][ T2348]  ? do_filp_open+0x460/0x460
[  117.194587][ T2348]  do_filp_open+0x21c/0x460
[  117.198934][ T2348]  ? vfs_tmpfile+0x2c0/0x2c0
[  117.203359][ T2348]  do_sys_openat2+0x13f/0x830
[  117.207896][ T2348]  ? __kasan_check_write+0x14/0x20
[  117.212813][ T2348]  ? mutex_unlock+0xb2/0x260
[  117.217236][ T2348]  ? wait_for_completion_killable_timeout+0x10/0x10
[  117.223661][ T2348]  ? do_sys_open+0x220/0x220
[  117.228270][ T2348]  ? __kasan_check_write+0x14/0x20
[  117.233206][ T2348]  ? fput_many+0x160/0x1b0
[  117.237457][ T2348]  ? fput+0x1a/0x20
[  117.241104][ T2348]  __x64_sys_openat+0x243/0x290
[  117.245798][ T2348]  ? __ia32_sys_open+0x270/0x270
[  117.250564][ T2348]  ? debug_smp_processor_id+0x17/0x20
[  117.255774][ T2348]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  117.261675][ T2348]  ? exit_to_user_mode_prepare+0x39/0xa0
[  117.267140][ T2348]  do_syscall_64+0x3d/0xb0
[  117.271393][ T2348]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  117.277120][ T2348] RIP: 0033:0x7f36d52edbd9
[  117.281490][ T2348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.301160][ T2348] RSP: 002b:00007f36d456f048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  117.309504][ T2348] RAX: ffffffffffffffda RBX: 00007f36d547bf60 RCX: 00007f36d52edbd9
[  117.317315][ T2348] RDX: 0000000000000000 RSI: 0000000020004280 RDI: ffffffffffffff9c
[  117.325376][ T2348] RBP: 00007f36d456f0a0 R08: 0000000000000000 R09: 0000000000000000
[  117.333182][ T2348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  117.342123][ T2348] R13: 000000000000000b R14: 00007f36d547bf60 R15: 00007ffda1589d48
[  117.349922][ T2348]  </TASK>
[  117.353436][   T20] Bluetooth: hci1: command 0x1003 tx timeout
[  117.359283][ T1570] Bluetooth: hci1: sending frame failed (-49)
[  117.363542][  T392] usb 1-1: USB disconnect, device number 16
[  117.411728][ T2350] loop4: detected capacity change from 0 to 2048
[  117.512157][ T2350] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  117.522710][ T2350] ext4 filesystem being mounted at /22/file0 supports timestamps until 2038 (0x7fffffff)
[  117.591013][ T2354] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  117.631043][ T1320] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  117.651135][ T1320] usb 4-1: New USB device found, idVendor=050d, idProduct=011b, bcdDevice=6f.a4
[  117.660097][ T1320] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.668602][ T1320] usb 4-1: config 0 descriptor??
[  117.711344][ T1320] rndis_host: probe of 4-1:0.0 failed with error -22
[  117.890838][  T312] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  117.913777][  T392] usb 4-1: USB disconnect, device number 14
[  118.130907][  T312] usb 5-1: Using ep0 maxpacket: 32
[  118.290864][ T1320] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  118.433687][ T2365] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  118.441014][  T312] usb 5-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  118.453905][  T312] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.467170][  T312] usb 5-1: Product: syz
[  118.471432][  T312] usb 5-1: Manufacturer: syz
[  118.475843][  T312] usb 5-1: SerialNumber: syz
[  118.484607][  T312] usb 5-1: config 0 descriptor??
[  118.521778][  T312] snd-usb-audio: probe of 5-1:0.0 failed with error -2
[  118.574124][ T2367] loop3: detected capacity change from 0 to 40427
[  118.660883][ T1320] usb 1-1: config 0 has an invalid interface number: 32 but max is 0
[  118.669262][ T1320] usb 1-1: config 0 has no interface number 0
[  118.670642][ T2367] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  118.675364][ T1320] usb 1-1: config 0 interface 32 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  118.683258][ T2367] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  118.693760][ T1320] usb 1-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  118.703146][ T2367] F2FS-fs (loop3): invalid crc value
[  118.711586][ T1320] usb 1-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00
[  118.718265][ T2367] F2FS-fs (loop3): Found nat_bits in checkpoint
[  118.733761][ T1320] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.746103][ T1320] usb 1-1: config 0 descriptor??
[  118.757806][  T312] usb 5-1: USB disconnect, device number 10
[  118.761415][ T2367] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  118.770402][ T2367] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  118.997061][ T2363] loop0: detected capacity change from 0 to 2048
[  119.051778][ T2363] Alternate GPT is invalid, using primary GPT.
[  119.057923][ T2363]  loop0: p1 p2 p3
[  119.150943][ T1320] usbhid 1-1:0.32: can't add hid device: -71
[  119.156858][ T1320] usbhid: probe of 1-1:0.32 failed with error -71
[  119.164388][ T1320] usb 1-1: USB disconnect, device number 17
[  119.171546][  T397] Bluetooth: hci0: command 0x1001 tx timeout
[  119.177409][ T1570] Bluetooth: hci0: sending frame failed (-49)
[  119.400886][  T397] Bluetooth: hci1: command 0x1001 tx timeout
[  119.406810][ T1570] Bluetooth: hci1: sending frame failed (-49)
[  119.463167][ T2377] loop3: detected capacity change from 0 to 2048
[  119.661326][ T2377] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  119.671933][ T2377] ext4 filesystem being mounted at /53/file0 supports timestamps until 2038 (0x7fffffff)
[  119.684553][ T2377] fs-verity (loop3, inode 13): fs-verity keyring is empty, rejecting signed file!
[  119.747726][ T2389] loop3: detected capacity change from 0 to 2048
[  119.792472][ T2389] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  119.803055][ T2389] ext4 filesystem being mounted at /54/file0 supports timestamps until 2038 (0x7fffffff)
[  119.857276][ T2394] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  119.871004][ T2387] loop0: detected capacity change from 0 to 40427
[  119.963864][ T2387] F2FS-fs (loop0): Found nat_bits in checkpoint
[  119.991790][ T2387] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  120.006129][ T2387] input: syz1 as /devices/virtual/input/input18
[  120.013042][   T30] audit: type=1400 audit(1720409660.717:614): avc:  denied  { ioctl } for  pid=85 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=1067 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  120.084313][ T1739] attempt to access beyond end of device
[  120.084313][ T1739] loop0: rw=2049, want=45104, limit=40427
[  120.152479][  T397] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  120.214960][ T2403] loop4: detected capacity change from 0 to 2048
[  120.240845][ T2405] FAULT_INJECTION: forcing a failure.
[  120.240845][ T2405] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  120.255307][ T2405] CPU: 0 PID: 2405 Comm: syz.0.573 Tainted: G        W         5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[  120.266545][ T2405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  120.276525][ T2405] Call Trace:
[  120.279658][ T2405]  <TASK>
[  120.282431][ T2405]  dump_stack_lvl+0x151/0x1b7
[  120.286936][ T2405]  ? io_uring_drop_tctx_refs+0x190/0x190
[  120.292433][ T2405]  ? __mod_memcg_lruvec_state+0x11c/0x1b0
[  120.297958][ T2405]  dump_stack+0x15/0x17
[  120.301954][ T2405]  should_fail+0x3c6/0x510
[  120.306204][ T2405]  should_fail_alloc_page+0x5a/0x80
[  120.311243][ T2405]  prepare_alloc_pages+0x15c/0x700
[  120.312599][ T2403] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  120.316190][ T2405]  ? __alloc_pages_bulk+0xe40/0xe40
[  120.316218][ T2405]  __alloc_pages+0x18c/0x8f0
[  120.336151][ T2405]  ? prep_new_page+0x110/0x110
[  120.340753][ T2405]  ? __pte_map_lock+0x442/0x620
[  120.345440][ T2405]  ? do_wp_page+0x6fa/0xb60
[  120.349793][ T2403] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  120.349958][ T2405]  handle_pte_fault+0xea0/0x24d0
[  120.349986][ T2405]  ? fault_around_bytes_set+0xc0/0xc0
[  120.365212][ T2403] EXT4-fs (loop4): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  120.369304][ T2405]  ? trace_raw_output_vm_unmapped_area+0x220/0x220
[  120.393468][ T2405]  ? do_handle_mm_fault+0x1578/0x23a0
[  120.398641][ T2405]  ? memcpy+0x56/0x70
[  120.402486][ T2405]  do_handle_mm_fault+0x1ea9/0x23a0
[  120.407495][ T2405]  ? numa_migrate_prep+0xe0/0xe0
[  120.412265][ T2405]  ? memset+0x35/0x40
[  120.416087][ T2405]  ? get_unmapped_area+0x31d/0x380
[  120.421032][ T2405]  ? userfaultfd_unmap_prep+0x4a0/0x4a0
[  120.426423][ T2405]  ? debug_smp_processor_id+0x17/0x20
[  120.431619][ T2405]  ? exc_page_fault+0x222/0x830
[  120.436308][ T2405]  ? access_error+0x246/0x270
[  120.440823][ T2405]  exc_page_fault+0x26f/0x830
[  120.445348][ T2405]  asm_exc_page_fault+0x27/0x30
[  120.450134][ T2405] RIP: 0033:0x7fc87ef68500
[  120.454379][ T2405] Code: 39 4f 08 72 4c 8d 4d ff 85 ed 74 33 66 0f 1f 44 00 00 48 39 f0 72 1b 4d 8b 07 49 89 c1 49 29 f1 47 0f b6 0c 08 45 84 c9 74 08 <45> 88 0c 00 49 8b 47 10 48 83 c0 01 49 89 47 10 83 e9 01 73 d3 41
[  120.473958][ T2405] RSP: 002b:00007fc87e3234b0 EFLAGS: 00010286
[  120.479849][ T2405] RAX: 0000000000001000 RBX: 00007fc87e323550 RCX: 0000000000000001
[  120.487660][ T2405] RDX: 0000000000000009 RSI: 0000000000000001 RDI: 00007fc87e3235f0
[  120.495478][ T2405] RBP: 00000000000000db R08: 00007fc875f04000 R09: 00000000000000ff
[  120.503281][ T2405] R10: 0000000000000000 R11: 00007fc87e323560 R12: 0000000000000001
[  120.511287][ T2405] R13: 00007fc87f122fa0 R14: 0000000000000000 R15: 00007fc87e3235f0
[  120.519186][ T2405]  </TASK>
[  120.522494][ T2405] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  120.522621][ T2403] EXT4-fs (loop4): This should not happen!! Data will be lost
[  120.522621][ T2403] 
[  120.542543][ T2405] loop0: detected capacity change from 0 to 512
[  120.558955][ T2403] EXT4-fs (loop4): Total free blocks count 0
[  120.564907][ T2403] EXT4-fs (loop4): Free/Dirty block details
[  120.571257][  T397] usb 4-1: Using ep0 maxpacket: 32
[  120.571266][ T2403] EXT4-fs (loop4): free_blocks=2415919104
[  120.571284][ T2403] EXT4-fs (loop4): dirty_blocks=16
[  120.571295][ T2403] EXT4-fs (loop4): Block reservation details
[  120.585614][ T2405] EXT4-fs (loop0): 1 truncate cleaned up
[  120.587091][ T2403] EXT4-fs (loop4): i_reserved_data_blocks=1
[  120.593813][ T2405] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  120.599925][ T2408] EXT4-fs (loop4): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  120.627389][ T2408] EXT4-fs (loop4): This should not happen!! Data will be lost
[  120.627389][ T2408] 
[  120.692630][ T2412] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  120.906159][ T2421] FAULT_INJECTION: forcing a failure.
[  120.906159][ T2421] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  120.919199][ T2421] CPU: 1 PID: 2421 Comm: syz.0.577 Tainted: G        W         5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[  120.930157][ T2421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  120.940054][ T2421] Call Trace:
[  120.943176][ T2421]  <TASK>
[  120.945958][ T2421]  dump_stack_lvl+0x151/0x1b7
[  120.950473][ T2421]  ? io_uring_drop_tctx_refs+0x190/0x190
[  120.956025][ T2421]  dump_stack+0x15/0x17
[  120.960015][ T2421]  should_fail+0x3c6/0x510
[  120.964270][ T2421]  should_fail_usercopy+0x1a/0x20
[  120.969122][ T2421]  _copy_to_user+0x20/0x90
[  120.973385][ T2421]  simple_read_from_buffer+0xc7/0x150
[  120.978685][ T2421]  proc_fail_nth_read+0x1a3/0x210
[  120.983541][ T2421]  ? proc_fault_inject_write+0x390/0x390
[  120.984108][ T2416] loop4: detected capacity change from 0 to 40427
[  120.989000][ T2421]  ? proc_fault_inject_write+0x390/0x390
[  120.989024][ T2421]  vfs_read+0x27d/0xd40
[  120.989041][ T2421]  ? kernel_read+0x1f0/0x1f0
[  121.009199][ T2421]  ? __kasan_check_write+0x14/0x20
[  121.014174][ T2421]  ? mutex_lock+0xb6/0x1e0
[  121.018466][ T2421]  ? wait_for_completion_killable_timeout+0x10/0x10
[  121.024850][ T2421]  ? __fdget_pos+0x2e7/0x3a0
[  121.029270][ T2421]  ? ksys_read+0x77/0x2c0
[  121.033439][ T2421]  ksys_read+0x199/0x2c0
[  121.037537][ T2421]  ? vfs_write+0x1110/0x1110
[  121.041944][ T2421]  ? __kasan_check_read+0x11/0x20
[  121.046824][ T2421]  __x64_sys_read+0x7b/0x90
[  121.051148][ T2421]  do_syscall_64+0x3d/0xb0
[  121.055398][ T2421]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  121.061284][ T2421] RIP: 0033:0x7fc87f0a16bc
[  121.065542][ T2421] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  121.084979][ T2421] RSP: 002b:00007fc87e2e2040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  121.093217][ T2421] RAX: ffffffffffffffda RBX: 00007fc87f231110 RCX: 00007fc87f0a16bc
[  121.101029][ T2421] RDX: 000000000000000f RSI: 00007fc87e2e20b0 RDI: 0000000000000009
[  121.108847][ T2421] RBP: 00007fc87e2e20a0 R08: 0000000000000000 R09: 0000000000000000
[  121.116653][ T2421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  121.124466][ T2421] R13: 000000000000006e R14: 00007fc87f231110 R15: 00007ffe9d93dad8
[  121.132491][ T2421]  </TASK>
[  121.164290][ T2416] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  121.171985][ T2416] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  121.181212][ T2416] F2FS-fs (loop4): invalid crc value
[  121.187835][ T2416] F2FS-fs (loop4): Found nat_bits in checkpoint
[  121.200957][  T397] usb 4-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  121.210562][  T397] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.218875][  T397] usb 4-1: Product: syz
[  121.221938][ T2416] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  121.222947][  T397] usb 4-1: Manufacturer: syz
[  121.230179][ T2416] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  121.234313][  T397] usb 4-1: SerialNumber: syz
[  121.249848][  T397] usb 4-1: config 0 descriptor??
[  121.254803][ T1320] Bluetooth: hci0: command 0x1009 tx timeout
[  121.301556][  T397] snd-usb-audio: probe of 4-1:0.0 failed with error -2
[  121.440898][ T1320] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  121.470887][  T397] Bluetooth: hci1: command 0x1009 tx timeout
[  121.505668][  T397] usb 4-1: USB disconnect, device number 15
[  121.626400][ T2430] loop4: detected capacity change from 0 to 2048
[  121.722773][ T2430] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  121.733465][ T2430] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038 (0x7fffffff)
[  121.746655][ T2430] fs-verity (loop4, inode 13): fs-verity keyring is empty, rejecting signed file!
[  121.810924][ T1320] usb 1-1: config 0 has an invalid interface number: 32 but max is 0
[  121.818978][ T1320] usb 1-1: config 0 has no interface number 0
[  121.824920][ T1320] usb 1-1: config 0 interface 32 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  121.835774][ T1320] usb 1-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  121.845728][ T1320] usb 1-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00
[  121.854676][ T1320] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.860563][ T2437] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[  121.863279][ T1320] usb 1-1: config 0 descriptor??
[  122.174213][ T2441] input: syz1 as /devices/virtual/input/input19
[  122.299570][ T2423] loop0: detected capacity change from 0 to 2048
[  122.332265][ T2423] Alternate GPT is invalid, using primary GPT.
[  122.338526][ T2423]  loop0: p1 p2 p3
[  122.470879][ T1320] usbhid 1-1:0.32: can't add hid device: -71
[  122.476912][ T1320] usbhid: probe of 1-1:0.32 failed with error -71
[  122.484546][ T1320] usb 1-1: USB disconnect, device number 18
[  122.792219][ T2445] FAULT_INJECTION: forcing a failure.
[  122.792219][ T2445] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  122.805393][ T2445] CPU: 1 PID: 2445 Comm: syz.4.582 Tainted: G        W         5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[  122.816358][ T2445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  122.826225][ T2445] Call Trace:
[  122.829347][ T2445]  <TASK>
[  122.832129][ T2445]  dump_stack_lvl+0x151/0x1b7
[  122.836651][ T2445]  ? io_uring_drop_tctx_refs+0x190/0x190
[  122.842108][ T2445]  ? __kasan_check_read+0x11/0x20
[  122.846968][ T2445]  ? preempt_schedule_irq+0xe7/0x140
[  122.852096][ T2445]  ? __cond_resched+0x20/0x20
[  122.856599][ T2445]  dump_stack+0x15/0x17
[  122.860685][ T2445]  should_fail+0x3c6/0x510
[  122.864935][ T2445]  should_fail_alloc_page+0x5a/0x80
[  122.869967][ T2445]  prepare_alloc_pages+0x15c/0x700
[  122.874912][ T2445]  ? __alloc_pages_bulk+0xe40/0xe40
[  122.879951][ T2445]  ? kasan_check_range+0x7e/0x2a0
[  122.884814][ T2445]  __alloc_pages+0x18c/0x8f0
[  122.889329][ T2445]  ? prep_new_page+0x110/0x110
[  122.893933][ T2445]  ? __kasan_check_read+0x11/0x20
[  122.898892][ T2445]  ? __mod_node_page_state+0xac/0xf0
[  122.904017][ T2445]  kmalloc_order+0x4a/0x160
[  122.908378][ T2445]  ? sysvec_reschedule_ipi+0x7d/0x150
[  122.913565][ T2445]  kmalloc_order_trace+0x1a/0xb0
[  122.918335][ T2445]  __kmalloc+0x19c/0x270
[  122.922709][ T2445]  input_register_device+0x84a/0x10c0
[  122.927965][ T2445]  uinput_create_device+0x413/0x630
[  122.933052][ T2445]  uinput_ioctl_handler+0xa63/0x16a0
[  122.938119][ T2445]  ? uinput_release+0x50/0x50
[  122.942761][ T2445]  ? selinux_file_ioctl+0x3cc/0x540
[  122.947773][ T2445]  ? __fget_files+0x31e/0x380
[  122.952255][ T2445]  uinput_ioctl+0x28/0x30
[  122.956419][ T2445]  ? uinput_poll+0x120/0x120
[  122.960853][ T2445]  __se_sys_ioctl+0x114/0x190
[  122.965370][ T2445]  __x64_sys_ioctl+0x7b/0x90
[  122.969791][ T2445]  do_syscall_64+0x3d/0xb0
[  122.974134][ T2445]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  122.979948][ T2445] RIP: 0033:0x7f36d52edbd9
[  122.984204][ T2445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.003654][ T2445] RSP: 002b:00007f36d452d048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  123.011895][ T2445] RAX: ffffffffffffffda RBX: 00007f36d547c110 RCX: 00007f36d52edbd9
[  123.019710][ T2445] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000003
[  123.027514][ T2445] RBP: 00007f36d452d0a0 R08: 0000000000000000 R09: 0000000000000000
[  123.035471][ T2445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.043276][ T2445] R13: 000000000000006e R14: 00007f36d547c110 R15: 00007ffda1589d48
[  123.051269][ T2445]  </TASK>
[  123.104150][ T2448] loop3: detected capacity change from 0 to 2048
[  123.142862][ T2448] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  123.157014][ T2448] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  123.171867][ T2448] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  123.184688][ T2448] EXT4-fs (loop3): This should not happen!! Data will be lost
[  123.184688][ T2448] 
[  123.194825][ T2448] EXT4-fs (loop3): Total free blocks count 0
[  123.200981][ T2448] EXT4-fs (loop3): Free/Dirty block details
[  123.206795][ T2448] EXT4-fs (loop3): free_blocks=2415919104
[  123.213072][ T2448] EXT4-fs (loop3): dirty_blocks=16
[  123.218072][ T2448] EXT4-fs (loop3): Block reservation details
[  123.223921][ T2448] EXT4-fs (loop3): i_reserved_data_blocks=1
[  123.231019][ T2459] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  123.243343][ T2459] EXT4-fs (loop3): This should not happen!! Data will be lost
[  123.243343][ T2459] 
[  123.468627][ T2463] input: syz1 as /devices/virtual/input/input21
[  123.629763][ T2465] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  123.703114][ T2468] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[  124.220812][  T312] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  124.289919][ T2473] loop3: detected capacity change from 0 to 40427
[  124.381208][ T2473] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  124.388845][ T2473] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  124.398367][ T2473] F2FS-fs (loop3): invalid crc value
[  124.405385][ T2473] F2FS-fs (loop3): Found nat_bits in checkpoint
[  124.429602][ T2473] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  124.436810][ T2473] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  124.485657][  T312] usb 1-1: Using ep0 maxpacket: 8
[  124.497292][   T30] audit: type=1326 audit(1720409665.197:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2478 comm="syz.4.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000
[  124.498006][ T2479] blk_update_request: I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  124.520974][   T30] audit: type=1326 audit(1720409665.197:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2478 comm="syz.4.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000
[  124.532249][ T2479] FAT-fs (loop9): unable to read boot sector
[  124.601009][  T312] usb 1-1: unable to get BOS descriptor or descriptor too short
[  124.711166][  T312] usb 1-1: config index 0 descriptor too short (expected 16914, got 18)
[  124.727452][  T312] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  124.761397][   T30] audit: type=1326 audit(1720409665.197:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2478 comm="syz.4.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000
[  124.764189][ T2483] loop4: detected capacity change from 0 to 2048
[  124.784879][  T312] usb 1-1: config 0 has no interfaces?
[  124.790889][   T30] audit: type=1326 audit(1720409665.197:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2478 comm="syz.4.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000
[  124.819542][   T30] audit: type=1326 audit(1720409665.267:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2478 comm="syz.4.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000
[  124.902208][ T2483] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  124.913147][ T2483] ext4 filesystem being mounted at /34/file0 supports timestamps until 2038 (0x7fffffff)
[  125.011015][ T2489] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.022883][ T2489] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.030470][ T2489] device bridge_slave_0 entered promiscuous mode
[  125.037692][ T2489] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.044721][ T2489] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.052161][ T2489] device bridge_slave_1 entered promiscuous mode
[  125.056135][  T312] usb 1-1: New USB device found, idVendor=0bb4, idProduct=0a9b, bcdDevice=30.9b
[  125.072570][  T312] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.080449][  T312] usb 1-1: Product: syz
[  125.085389][  T312] usb 1-1: Manufacturer: syz
[  125.089827][  T312] usb 1-1: SerialNumber: syz
[  125.096920][  T312] usb 1-1: config 0 descriptor??
[  125.123787][ T2494] netlink: 4 bytes leftover after parsing attributes in process `syz.4.594'.
[  125.190395][ T2489] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.197319][ T2489] bridge0: port 2(bridge_slave_1) entered forwarding state
[  125.204603][ T2489] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.211682][ T2489] bridge0: port 1(bridge_slave_0) entered forwarding state
[  125.239187][  T391] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  125.248077][  T391] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.255533][  T391] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.275551][  T391] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  125.275741][  T391] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.275756][  T391] bridge0: port 1(bridge_slave_0) entered forwarding state
[  125.284180][  T391] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  125.306515][  T391] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.313374][  T391] bridge0: port 2(bridge_slave_1) entered forwarding state
[  125.337119][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  125.362792][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  125.407652][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  125.425347][ T2489] device veth0_vlan entered promiscuous mode
[  125.432193][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  125.456826][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  125.464260][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  125.477303][ T2500] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.484548][ T2500] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.494822][ T2500] device bridge_slave_0 entered promiscuous mode
[  125.517166][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  125.528831][ T2500] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.536636][ T2500] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.547058][ T2500] device bridge_slave_1 entered promiscuous mode
[  125.584201][ T2489] device veth1_macvtap entered promiscuous mode
[  125.763282][  T391] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  125.772772][  T391] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  125.827788][ T2500] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.834677][ T2500] bridge0: port 2(bridge_slave_1) entered forwarding state
[  125.841776][ T2500] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.848541][ T2500] bridge0: port 1(bridge_slave_0) entered forwarding state
[  125.875628][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  125.883592][  T397] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.890869][  T397] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.902254][  T391] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  125.910300][  T391] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.917259][  T391] bridge0: port 1(bridge_slave_0) entered forwarding state
[  125.953557][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  125.962815][  T397] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.969761][  T397] bridge0: port 2(bridge_slave_1) entered forwarding state
[  126.008518][ T2521] netlink: 12 bytes leftover after parsing attributes in process `syz.4.600'.
[  126.029994][ T2521] FAULT_INJECTION: forcing a failure.
[  126.029994][ T2521] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  126.043079][ T2521] CPU: 1 PID: 2521 Comm: syz.4.600 Tainted: G        W         5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[  126.054199][ T2521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  126.064073][ T2521] Call Trace:
[  126.067197][ T2521]  <TASK>
[  126.069975][ T2521]  dump_stack_lvl+0x151/0x1b7
[  126.074487][ T2521]  ? io_uring_drop_tctx_refs+0x190/0x190
[  126.079953][ T2521]  ? find_lock_lowest_rq+0x75/0x480
[  126.084990][ T2521]  dump_stack+0x15/0x17
[  126.088980][ T2521]  should_fail+0x3c6/0x510
[  126.093234][ T2521]  should_fail_usercopy+0x1a/0x20
[  126.098181][ T2521]  _copy_from_user+0x20/0xd0
[  126.102694][ T2521]  __copy_msghdr_from_user+0xaf/0x7c0
[  126.107954][ T2521]  ? __ia32_sys_shutdown+0x70/0x70
[  126.112851][ T2521]  ? __sched_text_start+0x8/0x8
[  126.117536][ T2521]  ___sys_sendmsg+0x166/0x2e0
[  126.122161][ T2521]  ? rcu_preempt_deferred_qs_irqrestore+0x709/0x9f0
[  126.128710][ T2521]  ? __sys_sendmsg+0x260/0x260
[  126.133296][ T2521]  ? rcu_read_unlock_special+0xdb/0x4c0
[  126.138777][ T2521]  ? __fdget+0x1bc/0x240
[  126.142843][ T2521]  __se_sys_sendmsg+0x19a/0x260
[  126.147527][ T2521]  ? __x64_sys_sendmsg+0x90/0x90
[  126.152300][ T2521]  ? switch_fpu_return+0x1ed/0x3d0
[  126.157250][ T2521]  ? __kasan_check_read+0x11/0x20
[  126.162113][ T2521]  __x64_sys_sendmsg+0x7b/0x90
[  126.166709][ T2521]  do_syscall_64+0x3d/0xb0
[  126.170962][ T2521]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  126.176691][ T2521] RIP: 0033:0x7f36d52edbd9
[  126.180948][ T2521] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  126.200392][ T2521] RSP: 002b:00007f36d452d048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  126.208639][ T2521] RAX: ffffffffffffffda RBX: 00007f36d547c110 RCX: 00007f36d52edbd9
[  126.216525][ T2521] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000005
[  126.224426][ T2521] RBP: 00007f36d452d0a0 R08: 0000000000000000 R09: 0000000000000000
[  126.232435][ T2521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  126.240244][ T2521] R13: 000000000000006e R14: 00007f36d547c110 R15: 00007ffda1589d48
[  126.248152][ T2521]  </TASK>
[  126.401272][ T1320] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  126.473150][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  126.482529][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  126.483055][ T2523] fuse: Bad value for 'user_id'
[  126.497549][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  126.505782][  T397] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  126.527357][ T2500] device veth0_vlan entered promiscuous mode
[  126.541246][ T2500] device veth1_macvtap entered promiscuous mode
[  126.570402][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  126.588414][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  126.597107][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  126.606010][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  126.614514][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  126.623042][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  126.631367][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  126.904887][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  126.913173][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  126.921442][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  126.929574][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  126.937536][ T1320] usb 2-1: Using ep0 maxpacket: 16
[  126.945470][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  126.960866][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  126.972851][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  126.980454][  T312] usb 1-1: USB disconnect, device number 19
[  127.010545][ T2535] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[  127.041703][   T45] device bridge_slave_1 left promiscuous mode
[  127.047955][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.055908][   T45] device bridge_slave_0 left promiscuous mode
[  127.062041][ T1320] usb 2-1: New USB device found, idVendor=0582, idProduct=007d, bcdDevice=a3.85
[  127.071786][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.078872][ T1320] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.087760][ T1320] usb 2-1: config 0 descriptor??
[  127.094071][   T45] device veth1_macvtap left promiscuous mode
[  127.116959][   T45] device veth0_vlan left promiscuous mode
[  127.158590][ T2534] loop0: detected capacity change from 0 to 40427
[  127.203726][ T2534] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  127.216536][ T2534] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  127.232362][ T2534] F2FS-fs (loop0): invalid crc value
[  127.248353][ T2534] F2FS-fs (loop0): Found nat_bits in checkpoint
[  127.333304][  T391] usb 2-1: USB disconnect, device number 17
[  127.346245][ T2534] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  127.353448][ T2534] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  127.364113][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  127.810132][ T2552] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  128.073305][ T2560] netlink: 4 bytes leftover after parsing attributes in process `syz.0.609'.
[  128.130868][   T26] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  128.130919][  T392] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  128.321601][   T45] device bridge_slave_1 left promiscuous mode
[  128.327601][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.334981][   T45] device bridge_slave_0 left promiscuous mode
[  128.341343][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.349410][   T45] device veth1_macvtap left promiscuous mode
[  128.355588][   T45] device veth0_vlan left promiscuous mode
[  128.370848][   T26] usb 3-1: Using ep0 maxpacket: 32
[  128.410909][  T392] usb 5-1: Using ep0 maxpacket: 8
[  128.560952][  T392] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  128.571819][  T392] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  128.581456][  T392] usb 5-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  128.590489][  T392] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.599412][  T392] usb 5-1: config 0 descriptor??
[  128.650881][   T26] usb 3-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  128.659944][   T26] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  128.667726][   T26] usb 3-1: Product: syz
[  128.671913][   T26] usb 3-1: Manufacturer: syz
[  128.676415][   T26] usb 3-1: SerialNumber: syz
[  128.681535][   T26] usb 3-1: config 0 descriptor??
[  128.721639][   T26] snd-usb-audio: probe of 3-1:0.0 failed with error -2
[  128.805589][   T30] audit: type=1326 audit(1720409669.507:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2561 comm="syz.1.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8c632bd9 code=0x7ffc0000
[  128.836284][   T30] audit: type=1326 audit(1720409669.537:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2561 comm="syz.1.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8c632bd9 code=0x7ffc0000
[  128.860549][ T2562] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  128.878361][ T2562] FAT-fs (loop3): unable to read boot sector
[  128.879882][   T30] audit: type=1326 audit(1720409669.567:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2561 comm="syz.1.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f4d8c632bd9 code=0x7ffc0000
[  128.908194][   T30] audit: type=1326 audit(1720409669.567:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2561 comm="syz.1.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8c632bd9 code=0x7ffc0000
[  128.944038][   T30] audit: type=1326 audit(1720409669.567:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2561 comm="syz.1.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f4d8c632bd9 code=0x7ffc0000
[  128.956030][   T26] usb 3-1: USB disconnect, device number 12
[  128.979432][ T2571] loop1: detected capacity change from 0 to 2048
[  129.002438][ T2571] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  129.019227][ T2573] loop0: detected capacity change from 0 to 512
[  129.027437][ T2571] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  129.042601][ T2571] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  129.054956][ T2571] EXT4-fs (loop1): This should not happen!! Data will be lost
[  129.054956][ T2571] 
[  129.065170][ T2571] EXT4-fs (loop1): Total free blocks count 0
[  129.071417][ T2571] EXT4-fs (loop1): Free/Dirty block details
[  129.078927][ T2571] EXT4-fs (loop1): free_blocks=2415919104
[  129.084864][ T2571] EXT4-fs (loop1): dirty_blocks=16
[  129.089806][ T2571] EXT4-fs (loop1): Block reservation details
[  129.096032][ T2571] EXT4-fs (loop1): i_reserved_data_blocks=1
[  129.104133][ T2577] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  129.116525][ T2577] EXT4-fs (loop1): This should not happen!! Data will be lost
[  129.116525][ T2577] 
[  129.131714][  T392] steelseries_srws1 0003:1038:1410.000A: unknown main item tag 0xd
[  129.139418][ T2573] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[  129.140016][  T392] steelseries_srws1 0003:1038:1410.000A: item fetching failed at offset 6/7
[  129.161064][  T392] steelseries_srws1 0003:1038:1410.000A: parse failed
[  129.162465][ T2573] ext4 filesystem being mounted at /60/file0 supports timestamps until 2038 (0x7fffffff)
[  129.167807][  T392] steelseries_srws1: probe of 0003:1038:1410.000A failed with error -22
[  129.229709][  T440] Bluetooth: hci1: Frame reassembly failed (-84)
[  129.280087][ T2585] fuse: Bad value for 'fd'
[  129.345682][  T392] usb 5-1: USB disconnect, device number 11
[  129.596326][  T292] Bluetooth: hci0: command 0x1003 tx timeout
[  129.603132][ T1570] Bluetooth: hci0: sending frame failed (-49)
[  129.673745][ T2590] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[  130.252687][ T2593] loop4: detected capacity change from 0 to 40427
[  130.341184][ T2593] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  130.349188][ T2593] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  130.358326][ T2593] F2FS-fs (loop4): invalid crc value
[  130.365070][ T2593] F2FS-fs (loop4): Found nat_bits in checkpoint
[  130.389649][ T2593] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  130.396641][ T2593] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  130.604430][ T2602] netlink: 4 bytes leftover after parsing attributes in process `syz.2.622'.
[  131.046462][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  131.046478][   T30] audit: type=1326 audit(1720409671.747:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2610 comm="syz.0.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000
[  131.077937][ T2611] blk_update_request: I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  131.083798][   T30] audit: type=1326 audit(1720409671.777:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2610 comm="syz.0.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000
[  131.112104][ T2611] FAT-fs (loop1): unable to read boot sector
[  131.123020][ T2614] loop4: detected capacity change from 0 to 2048
[  131.131888][   T30] audit: type=1326 audit(1720409671.777:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2610 comm="syz.0.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000
[  131.142263][ T2616] loop0: detected capacity change from 0 to 2048
[  131.155360][   T30] audit: type=1326 audit(1720409671.777:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2610 comm="syz.0.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000
[  131.184553][   T30] audit: type=1326 audit(1720409671.777:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2610 comm="syz.0.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000
[  131.208013][   T30] audit: type=1326 audit(1720409671.777:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2610 comm="syz.0.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000
[  131.231930][   T30] audit: type=1326 audit(1720409671.817:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2610 comm="syz.0.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000
[  131.231936][   T26] Bluetooth: hci1: command 0x1003 tx timeout
[  131.232594][ T1570] Bluetooth: hci1: sending frame failed (-49)
[  131.275602][ T2616] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  131.286514][ T2614] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  131.309351][ T2616] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  131.310883][ T2614] ext4 filesystem being mounted at /42/file0 supports timestamps until 2038 (0x7fffffff)
[  131.325503][ T2616] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  131.347464][ T2616] EXT4-fs (loop0): This should not happen!! Data will be lost
[  131.347464][ T2616] 
[  131.365418][ T2616] EXT4-fs (loop0): Total free blocks count 0
[  131.372156][ T2614] fs-verity (loop4, inode 13): fs-verity keyring is empty, rejecting signed file!
[  131.381352][ T2616] EXT4-fs (loop0): Free/Dirty block details
[  131.387159][ T2616] EXT4-fs (loop0): free_blocks=2415919104
[  131.393444][ T2616] EXT4-fs (loop0): dirty_blocks=16
[  131.398657][ T2616] EXT4-fs (loop0): Block reservation details
[  131.404811][ T2616] EXT4-fs (loop0): i_reserved_data_blocks=1
[  131.413052][ T2622] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  131.420024][ T2626] fuse: Bad value for 'user_id'
[  131.430066][ T2622] EXT4-fs (loop0): This should not happen!! Data will be lost
[  131.430066][ T2622] 
[  131.510177][ T2630] fuse: Bad value for 'fd'
[  131.571884][ T2632] netlink: 12 bytes leftover after parsing attributes in process `syz.4.629'.
[  131.583545][ T2632] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 !
[  131.632816][   T26] Bluetooth: hci0: command 0x1001 tx timeout
[  133.351189][ T1570] Bluetooth: hci0: sending frame failed (-49)
[  133.358802][  T292] Bluetooth: hci1: command 0x1001 tx timeout
[  133.364458][ T2639] loop0: detected capacity change from 0 to 8
[  133.365363][ T1570] Bluetooth: hci1: sending frame failed (-49)
[  133.371443][    C0] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  133.387479][    C0] Buffer I/O error on dev loop0, logical block 0, async page read
[  133.395612][    C1] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  133.407042][    C1] Buffer I/O error on dev loop0, logical block 0, async page read
[  133.415129][ T2639]  loop0: unable to read partition table
[  133.421072][ T2639] loop_reread_partitions: partition scan of loop0 (�被x������ڬ��dƤ����ݡ�����
[  133.421072][ T2639] 
) failed (rc=-5)
[  133.498689][    C1] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  133.509671][    C1] Buffer I/O error on dev loop0, logical block 0, async page read
[  133.518284][    C1] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  133.529004][    C1] Buffer I/O error on dev loop0, logical block 0, async page read
[  133.536640][  T100]  loop0: unable to read partition table
[  133.549857][    C1] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  133.560777][    C1] Buffer I/O error on dev loop0, logical block 0, async page read
[  133.568486][    C0] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  133.579209][    C0] Buffer I/O error on dev loop0, logical block 0, async page read
[  133.587306][    C0] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  133.598017][    C0] Buffer I/O error on dev loop0, logical block 0, async page read
[  133.606091][    C0] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  133.616916][    C0] Buffer I/O error on dev loop0, logical block 0, async page read
[  133.629717][    C0] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  133.640475][    C0] Buffer I/O error on dev loop0, logical block 0, async page read
[  133.688895][ T2644] loop2: detected capacity change from 0 to 40427
[  133.781194][ T2644] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  133.788917][ T2644] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  133.798356][ T2644] F2FS-fs (loop2): invalid crc value
[  133.803672][   T26] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  133.805482][ T2644] F2FS-fs (loop2): Found nat_bits in checkpoint
[  133.833641][ T2644] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  133.840515][ T2644] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  134.060822][   T26] usb 1-1: Using ep0 maxpacket: 16
[  134.190976][   T26] usb 1-1: New USB device found, idVendor=0582, idProduct=007d, bcdDevice=a3.85
[  134.200136][   T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.208552][   T26] usb 1-1: config 0 descriptor??
[  134.463638][  T391] usb 1-1: USB disconnect, device number 20
[  134.545561][ T2664] loop2: detected capacity change from 0 to 2048
[  134.820459][ T2664] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  134.831915][ T2664] ext4 filesystem being mounted at /11/file0 supports timestamps until 2038 (0x7fffffff)
[  134.847837][ T2664] fs-verity (loop2, inode 13): fs-verity keyring is empty, rejecting signed file!
[  134.925126][ T2671] loop2: detected capacity change from 0 to 2048
[  134.972291][ T2671] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  135.142934][ T2679] netlink: 12 bytes leftover after parsing attributes in process `syz.2.642'.
[  135.152210][ T2679] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 !
[  135.314816][ T2681] fuse: Bad value for 'fd'
[  135.427015][  T312] Bluetooth: hci1: command 0x1009 tx timeout
[  135.446969][  T312] Bluetooth: hci0: command 0x1009 tx timeout
[  135.456310][ T2684] loop4: detected capacity change from 0 to 512
[  135.493529][ T2684] EXT4-fs (loop4): bad geometry: first data block 1 is beyond end of filesystem (1)
[  135.734601][ T2688] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  135.989771][ T2690] loop2: detected capacity change from 0 to 40427
[  136.020860][  T391] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  136.081203][ T2690] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  136.088882][ T2690] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  136.100171][ T2690] F2FS-fs (loop2): invalid crc value
[  136.122767][ T2690] F2FS-fs (loop2): Found nat_bits in checkpoint
[  136.135754][ T2695] loop0: detected capacity change from 0 to 512
[  136.156648][ T2690] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  136.163593][ T2690] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  136.164213][ T2695] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled
[  136.181966][ T2695] [EXT4 FS bs=4096, gc=1, bpg=71, ipg=32, mo=a842c09c, mo2=0000]
[  136.189691][ T2695] System zones: 0-2, 18-18, 34-34
[  136.196298][ T2695] EXT4-fs (loop0): 1 orphan inode deleted
[  136.202057][ T2695] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,stripe=0x0000000000000000,nolazytime,noquota,jqfmt=vfsold,minixdf,nodiscard,grpid,debug,,errors=continue. Quota mode: writeback.
[  136.224082][ T2695] ext4 filesystem being mounted at /71/file1 supports timestamps until 2038 (0x7fffffff)
[  136.245363][   T30] audit: type=1400 audit(1720409676.947:633): avc:  denied  { ioctl } for  pid=2694 comm="syz.0.648" path="/71/file1/file0/.log" dev="incremental-fs" ino=3 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  136.270894][  T391] usb 5-1: Using ep0 maxpacket: 32
[  136.272963][ T1739] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory hole found for htree leaf block
[  136.290294][ T1739] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory hole found for htree leaf block
[  136.304057][ T1739] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory hole found for htree leaf block
[  136.317305][ T1739] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory hole found for htree leaf block
[  136.330837][ T1739] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory hole found for htree leaf block
[  136.344959][ T1739] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory hole found for htree leaf block
[  136.358465][ T1739] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory hole found for htree leaf block
[  136.372482][ T1739] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory hole found for htree leaf block
[  136.385752][ T1739] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory hole found for htree leaf block
[  136.398982][ T1739] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory hole found for htree leaf block
[  136.590883][  T391] usb 5-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  136.599894][  T391] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.608007][  T391] usb 5-1: Product: syz
[  136.612091][  T391] usb 5-1: Manufacturer: syz
[  136.616472][  T391] usb 5-1: SerialNumber: syz
[  136.621767][  T391] usb 5-1: config 0 descriptor??
[  136.631133][ T2702] bridge0: port 1(bridge_slave_0) entered blocking state
[  136.638320][ T2702] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.645823][ T2702] device bridge_slave_0 entered promiscuous mode
[  136.654432][ T2702] bridge0: port 2(bridge_slave_1) entered blocking state
[  136.661410][ T2702] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.662230][  T391] snd-usb-audio: probe of 5-1:0.0 failed with error -2
[  136.669418][ T2702] device bridge_slave_1 entered promiscuous mode
[  136.720735][ T2702] bridge0: port 2(bridge_slave_1) entered blocking state
[  136.727653][ T2702] bridge0: port 2(bridge_slave_1) entered forwarding state
[  136.734797][ T2702] bridge0: port 1(bridge_slave_0) entered blocking state
[  136.741652][ T2702] bridge0: port 1(bridge_slave_0) entered forwarding state
[  136.767023][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  136.776042][  T292] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.783369][  T292] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.803958][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  136.812563][  T312] bridge0: port 1(bridge_slave_0) entered blocking state
[  136.819434][  T312] bridge0: port 1(bridge_slave_0) entered forwarding state
[  136.826812][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  136.835061][  T312] bridge0: port 2(bridge_slave_1) entered blocking state
[  136.842196][  T312] bridge0: port 2(bridge_slave_1) entered forwarding state
[  136.849382][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  136.864660][  T392] usb 5-1: USB disconnect, device number 12
[  136.869311][ T2702] device veth0_vlan entered promiscuous mode
[  136.879921][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  136.888328][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  136.896437][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  136.903754][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  136.911004][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  136.923950][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  136.935078][ T2702] device veth1_macvtap entered promiscuous mode
[  136.945798][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  136.956308][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  137.021648][  T440] device bridge_slave_1 left promiscuous mode
[  137.027592][  T440] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.035375][  T440] device bridge_slave_0 left promiscuous mode
[  137.035549][ T2710] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[  137.041637][  T440] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.059240][  T440] device veth1_macvtap left promiscuous mode
[  137.065193][  T440] device veth0_vlan left promiscuous mode
[  137.120816][    T6] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  137.423476][ T2713] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  137.448211][   T30] audit: type=1326 audit(1720409678.147:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2715 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000
[  137.468193][ T2716] blk_update_request: I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  137.472293][   T30] audit: type=1326 audit(1720409678.167:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2715 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000
[  137.482660][    T6] usb 3-1: config 0 has an invalid interface number: 32 but max is 0
[  137.514080][ T2716] FAT-fs (loop9): unable to read boot sector
[  137.520065][   T30] audit: type=1326 audit(1720409678.167:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2715 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000
[  137.524763][    T6] usb 3-1: config 0 has no interface number 0
[  137.549974][    T6] usb 3-1: config 0 interface 32 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.562564][    T6] usb 3-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  137.572523][    T6] usb 3-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00
[  137.581432][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.587878][   T30] audit: type=1326 audit(1720409678.167:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2715 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000
[  137.591747][    T6] usb 3-1: config 0 descriptor??
[  137.622628][ T2721] loop4: detected capacity change from 0 to 2048
[  137.622724][   T30] audit: type=1326 audit(1720409678.167:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2715 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000
[  137.652387][   T30] audit: type=1326 audit(1720409678.167:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2715 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000
[  137.678882][   T30] audit: type=1326 audit(1720409678.217:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2715 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000
[  137.702113][   T30] audit: type=1326 audit(1720409678.217:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2715 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000
[  137.702851][ T2714] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.732409][ T2714] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.739835][ T2714] device bridge_slave_0 entered promiscuous mode
[  137.747412][ T2714] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.754533][ T2714] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.755915][ T2721] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  137.762002][ T2714] device bridge_slave_1 entered promiscuous mode
[  137.771964][ T2721] ext4 filesystem being mounted at /51/file0 supports timestamps until 2038 (0x7fffffff)
[  137.796756][ T2721] fs-verity (loop4, inode 13): fs-verity keyring is empty, rejecting signed file!
[  137.849727][ T2728] loop0: detected capacity change from 0 to 2048
[  137.867091][ T2730] loop4: detected capacity change from 0 to 1024
[  137.885726][ T2707] loop2: detected capacity change from 0 to 2048
[  137.899204][ T2714] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.902268][ T2728] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  137.906135][ T2714] bridge0: port 2(bridge_slave_1) entered forwarding state
[  137.923530][ T2714] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.930388][ T2714] bridge0: port 1(bridge_slave_0) entered forwarding state
[  137.933687][ T2728] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038 (0x7fffffff)
[  137.953639][ T2730] EXT4-fs error (device loop4): ext4_fill_super:4831: inode #2: comm syz.4.657: casefold flag without casefold feature
[  137.961804][ T2707] Alternate GPT is invalid, using primary GPT.
[  137.970596][  T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  137.972723][ T2730] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  137.979863][ T2707]  loop2: p1 p2 p3
[  137.992955][  T392] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.000604][  T392] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.018830][ T2730] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  138.043548][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  138.052111][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.058966][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.070727][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  138.079043][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.085915][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[  138.096265][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  138.104182][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  138.111891][    T6] usbhid 3-1:0.32: can't add hid device: -71
[  138.117880][    T6] usbhid: probe of 3-1:0.32 failed with error -71
[  138.125688][    T6] usb 3-1: USB disconnect, device number 13
[  138.140719][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  138.149316][ T2743] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  138.157807][ T2714] device veth0_vlan entered promiscuous mode
[  138.165106][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  138.176204][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  138.184869][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  138.200562][ T2714] device veth1_macvtap entered promiscuous mode
[  138.212875][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  138.229796][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  138.241883][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  138.282886][ T2745] loop3: detected capacity change from 0 to 2048
[  138.323805][ T2742] loop0: detected capacity change from 0 to 40427
[  138.352171][ T2742] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  138.360056][ T2742] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  138.362432][ T2745] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  138.369570][ T2742] F2FS-fs (loop0): invalid crc value
[  138.386013][ T2742] F2FS-fs (loop0): Found nat_bits in checkpoint
[  138.411755][ T2742] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  138.418670][ T2742] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  138.485247][  T312] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  138.512182][   T10] device bridge_slave_1 left promiscuous mode
[  138.518245][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.525689][   T10] device bridge_slave_0 left promiscuous mode
[  138.531780][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.539650][   T10] device veth1_macvtap left promiscuous mode
[  138.545688][   T10] device veth0_vlan left promiscuous mode
[  139.476265][ T2764] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  139.504405][ T2767] loop2: detected capacity change from 0 to 2048
[  139.580895][  T312] usb 5-1: Using ep0 maxpacket: 32
[  139.606231][ T2767] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  139.622464][   T30] audit: type=1326 audit(1720409680.327:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2772 comm="syz.0.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b69426bd9 code=0x7ffc0000
[  139.627966][ T2767] ext4 filesystem being mounted at /17/file0 supports timestamps until 2038 (0x7fffffff)
[  139.647496][ T2773] blk_update_request: I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  139.667076][ T2773] FAT-fs (loop1): unable to read boot sector
[  139.686709][ T2767] fs-verity (loop2, inode 13): fs-verity keyring is empty, rejecting signed file!
[  139.701298][  T312] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  139.711697][  T312] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  139.722848][  T312] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  139.735789][  T312] usb 5-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[  139.744862][  T312] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.745128][ T2759] netlink: 12 bytes leftover after parsing attributes in process `syz.3.663'.
[  139.753410][ T2776] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[  139.771895][ T2762] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 !
[  139.797142][  T312] usb 5-1: config 0 descriptor??
[  139.808035][ T2778] loop2: detected capacity change from 0 to 2048
[  139.855921][ T2785] loop3: detected capacity change from 0 to 2048
[  139.867546][ T2765] bridge0: port 1(bridge_slave_0) entered blocking state
[  139.872399][ T2778] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  139.874747][ T2765] bridge0: port 1(bridge_slave_0) entered disabled state
[  139.885133][ T2778] ext4 filesystem being mounted at /18/file0 supports timestamps until 2038 (0x7fffffff)
[  139.892349][ T2765] device bridge_slave_0 entered promiscuous mode
[  139.909401][ T2765] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.916314][ T2765] bridge0: port 2(bridge_slave_1) entered disabled state
[  139.923855][ T2765] device bridge_slave_1 entered promiscuous mode
[  139.966310][ T2785] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  140.025647][ T2765] bridge0: port 2(bridge_slave_1) entered blocking state
[  140.026134][ T2793] loop2: detected capacity change from 0 to 256
[  140.032696][ T2765] bridge0: port 2(bridge_slave_1) entered forwarding state
[  140.032798][ T2765] bridge0: port 1(bridge_slave_0) entered blocking state
[  140.043322][ T2793] exfat: Deprecated parameter 'namecase'
[  140.045864][ T2765] bridge0: port 1(bridge_slave_0) entered forwarding state
[  140.053012][ T2793] exfat: Deprecated parameter 'utf8'
[  140.084503][   T45] Bluetooth: hci0: Frame reassembly failed (-84)
[  140.084689][ T2793] exfat: Deprecated parameter 'namecase'
[  140.098980][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  140.108602][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[  140.116587][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[  140.125362][ T2793] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d)
[  140.144441][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  140.152770][    T6] bridge0: port 1(bridge_slave_0) entered blocking state
[  140.159712][    T6] bridge0: port 1(bridge_slave_0) entered forwarding state
[  140.167990][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  140.176063][    T6] bridge0: port 2(bridge_slave_1) entered blocking state
[  140.182932][    T6] bridge0: port 2(bridge_slave_1) entered forwarding state
[  140.209176][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  140.217989][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  140.226573][ T2798] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  140.247828][ T2765] device veth0_vlan entered promiscuous mode
[  140.256249][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  140.264960][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  140.273414][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  140.275211][ T2802] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  140.281622][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  140.292646][ T2802] FAT-fs (loop7): unable to read boot sector
[  140.306253][  T312] ntrig 0003:1B96:000A.000B: unknown main item tag 0x0
[  140.318444][  T312] ntrig 0003:1B96:000A.000B: unknown main item tag 0x0
[  140.336619][ T2765] device veth1_macvtap entered promiscuous mode
[  140.342867][  T312] ntrig 0003:1B96:000A.000B: unknown main item tag 0x0
[  140.349503][  T312] ntrig 0003:1B96:000A.000B: unknown main item tag 0x0
[  140.385336][  T312] ntrig 0003:1B96:000A.000B: unknown main item tag 0x0
[  140.393077][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  140.405086][  T312] ntrig 0003:1B96:000A.000B: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.4-1/input0
[  140.417145][ T2806] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  140.417420][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  140.436084][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  140.504450][ T2804] loop3: detected capacity change from 0 to 40427
[  140.551614][ T2804] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  140.566672][ T2804] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  140.577234][ T2804] F2FS-fs (loop3): invalid crc value
[  140.584301][ T2804] F2FS-fs (loop3): Found nat_bits in checkpoint
[  140.591175][   T26] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  140.627684][  T312] usb 5-1: USB disconnect, device number 13
[  140.696544][ T2815] netlink: 12 bytes leftover after parsing attributes in process `syz.0.679'.
[  140.770675][ T2804] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  140.778905][ T2804] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  140.817180][ T2816] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 !
[  140.890893][   T20] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  141.011633][   T10] device bridge_slave_1 left promiscuous mode
[  141.018775][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.027268][   T10] device bridge_slave_0 left promiscuous mode
[  141.033885][   T26] usb 3-1: config 0 has an invalid interface number: 32 but max is 0
[  141.033982][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.042488][   T26] usb 3-1: config 0 has no interface number 0
[  141.056958][   T26] usb 3-1: config 0 interface 32 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  141.068728][   T26] usb 3-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  141.069028][   T10] device veth1_macvtap left promiscuous mode
[  141.078767][   T26] usb 3-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00
[  141.085256][   T10] device veth0_vlan left promiscuous mode
[  141.093895][   T26] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.109182][   T26] usb 3-1: config 0 descriptor??
[  141.151165][   T20] usb 2-1: Using ep0 maxpacket: 32
[  141.274800][ T2828] loop4: detected capacity change from 0 to 2048
[  141.352719][ T2828] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  141.361855][ T2800] loop2: detected capacity change from 0 to 2048
[  141.364145][ T2828] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038 (0x7fffffff)
[  141.406961][ T2800] Alternate GPT is invalid, using primary GPT.
[  141.413135][ T2800]  loop2: p1 p2 p3
[  141.423077][ T2834] loop0: detected capacity change from 0 to 2048
[  141.461904][ T2836] loop4: detected capacity change from 0 to 512
[  141.463014][ T2834] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  141.479944][ T2836] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  141.494543][ T2836] EXT4-fs error (device loop4): ext4_orphan_get:1397: inode #15: comm syz.4.685: casefold flag without casefold feature
[  141.507153][   T20] usb 2-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  141.518577][ T2836] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #12: comm syz.4.685: missing EA_INODE flag
[  141.531312][   T26] usbhid 3-1:0.32: can't add hid device: -71
[  141.537392][   T26] usbhid: probe of 3-1:0.32 failed with error -71
[  141.542717][   T20] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.553474][ T2836] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.685: error while reading EA inode 12 err=-117
[  141.558459][   T26] usb 3-1: USB disconnect, device number 14
[  141.568874][   T20] usb 2-1: Product: syz
[  141.574888][ T2836] EXT4-fs (loop4): 1 orphan inode deleted
[  141.577399][   T20] usb 2-1: Manufacturer: syz
[  141.582990][ T2836] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,journal_dev=0x0000000000000006,quota,noinit_itable,errors=continue,errors=continue,errors=remount-ro,delalloc,auto_da_alloc,norecovery,errors=continue,journal_ioprio=0x0000000000000001,. Quota mode: writeback.
[  141.589336][   T20] usb 2-1: SerialNumber: syz
[  141.629555][   T20] usb 2-1: config 0 descriptor??
[  141.687959][   T20] snd-usb-audio: probe of 2-1:0.0 failed with error -2
[  141.701450][  T318] Bluetooth: hci0: Frame reassembly failed (-84)
[  141.729524][ T2844] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  141.750189][ T2846] FAULT_INJECTION: forcing a failure.
[  141.750189][ T2846] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  141.763641][ T2846] CPU: 0 PID: 2846 Comm: syz.4.688 Tainted: G        W         5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[  141.774965][ T2846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  141.784881][ T2846] Call Trace:
[  141.787972][ T2846]  <TASK>
[  141.790760][ T2846]  dump_stack_lvl+0x151/0x1b7
[  141.795329][ T2846]  ? io_uring_drop_tctx_refs+0x190/0x190
[  141.800742][ T2846]  dump_stack+0x15/0x17
[  141.804746][ T2846]  should_fail+0x3c6/0x510
[  141.808978][ T2846]  should_fail_usercopy+0x1a/0x20
[  141.813836][ T2846]  strncpy_from_user+0x24/0x2d0
[  141.818881][ T2846]  ? kmem_cache_alloc+0xf5/0x200
[  141.823643][ T2846]  getname_flags+0xf2/0x520
[  141.827983][ T2846]  ? mutex_unlock+0xb2/0x260
[  141.832407][ T2846]  user_path_at_empty+0x2d/0x1a0
[  141.837177][ T2846]  __se_sys_utimes+0x128/0x380
[  141.841775][ T2846]  ? __x64_sys_utimes+0x70/0x70
[  141.846464][ T2846]  ? ksys_write+0x260/0x2c0
[  141.850943][ T2846]  ? debug_smp_processor_id+0x17/0x20
[  141.856150][ T2846]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  141.862047][ T2846]  __x64_sys_utimes+0x5b/0x70
[  141.866652][ T2846]  do_syscall_64+0x3d/0xb0
[  141.871199][ T2846]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  141.876927][ T2846] RIP: 0033:0x7f36d52edbd9
[  141.880895][   T26] usb 2-1: USB disconnect, device number 18
[  141.881290][ T2846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.906544][ T2846] RSP: 002b:00007f36d456f048 EFLAGS: 00000246 ORIG_RAX: 00000000000000eb
[  141.914777][ T2846] RAX: ffffffffffffffda RBX: 00007f36d547bf60 RCX: 00007f36d52edbd9
[  141.922675][ T2846] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000540
[  141.930600][ T2846] RBP: 00007f36d456f0a0 R08: 0000000000000000 R09: 0000000000000000
[  141.938431][ T2846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  141.946227][ T2846] R13: 000000000000000b R14: 00007f36d547bf60 R15: 00007ffda1589d48
[  141.954035][ T2846]  </TASK>
[  141.992147][ T2851] loop0: detected capacity change from 0 to 1024
[  142.069378][ T2851] EXT4-fs error (device loop0): ext4_fill_super:4831: inode #2: comm syz.0.691: casefold flag without casefold feature
[  142.082633][ T2851] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  142.093637][ T2851] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  142.163564][   T30] kauditd_printk_skb: 11 callbacks suppressed
[  142.163581][   T30] audit: type=1326 audit(1720409682.867:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2862 comm="syz.3.694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa96a658bd9 code=0x7ffc0000
[  142.196558][ T2864] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  142.197236][ T2863] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  142.218041][ T2863] FAT-fs (loop7): unable to read boot sector
[  142.224056][   T30] audit: type=1326 audit(1720409682.897:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2862 comm="syz.3.694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fa96a658bd9 code=0x7ffc0000
[  142.273002][ T2856] loop2: detected capacity change from 0 to 40427
[  142.279567][   T30] audit: type=1326 audit(1720409682.897:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2862 comm="syz.3.694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa96a658bd9 code=0x7ffc0000
[  142.304684][   T30] audit: type=1326 audit(1720409682.897:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2862 comm="syz.3.694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fa96a658bd9 code=0x7ffc0000
[  142.329350][   T30] audit: type=1326 audit(1720409682.947:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2862 comm="syz.3.694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa96a658bd9 code=0x7ffc0000
[  142.353963][ T2866] loop3: detected capacity change from 0 to 2048
[  142.372559][ T2856] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  142.380268][ T2856] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  142.390405][ T2856] F2FS-fs (loop2): invalid crc value
[  142.397969][ T2866] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  142.398204][ T2856] F2FS-fs (loop2): Found nat_bits in checkpoint
[  142.409165][ T2866] ext4 filesystem being mounted at /13/file0 supports timestamps until 2038 (0x7fffffff)
[  142.446771][ T2856] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  142.453801][ T2856] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  142.487697][ T2874] loop3: detected capacity change from 0 to 2048
[  142.526403][  T292] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  142.544653][ T2874] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  143.568291][ T2881] netlink: 12 bytes leftover after parsing attributes in process `syz.1.697'.
[  143.577403][ T2881] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 !
[  143.599139][ T2887] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  143.611615][ T2884] FAULT_INJECTION: forcing a failure.
[  143.611615][ T2884] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  143.624455][ T2884] CPU: 0 PID: 2884 Comm: syz.3.698 Tainted: G        W         5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[  143.635908][ T2884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  143.645806][ T2884] Call Trace:
[  143.648926][ T2884]  <TASK>
[  143.651708][ T2884]  dump_stack_lvl+0x151/0x1b7
[  143.656215][ T2884]  ? io_uring_drop_tctx_refs+0x190/0x190
[  143.661685][ T2884]  ? __update_load_avg_cfs_rq+0xb1/0x2f0
[  143.667159][ T2884]  dump_stack+0x15/0x17
[  143.671170][ T2884]  should_fail+0x3c6/0x510
[  143.676094][ T2884]  should_fail_usercopy+0x1a/0x20
[  143.680952][ T2884]  strncpy_from_user+0x24/0x2d0
[  143.685638][ T2884]  ? update_load_avg+0x43a/0x1150
[  143.690511][ T2884]  strncpy_from_user_nofault+0x73/0x150
[  143.695887][ T2884]  bpf_probe_read_compat_str+0xec/0x180
[  143.701264][ T2884]  bpf_prog_e42f6260c1b72fb3+0x35/0xc5c
[  143.706649][ T2884]  bpf_trace_run3+0x11e/0x250
[  143.711235][ T2884]  ? bpf_trace_run2+0x210/0x210
[  143.715848][ T2884]  ? __this_cpu_preempt_check+0x13/0x20
[  143.721225][ T2884]  ? tracing_record_taskinfo_sched_switch+0x84/0x390
[  143.727735][ T2884]  ? __bpf_trace_sched_wakeup_template+0x10/0x10
[  143.733895][ T2884]  __bpf_trace_sched_switch+0xb/0x10
[  143.739043][ T2884]  __traceiter_sched_switch+0x85/0xc0
[  143.744226][ T2884]  __schedule+0x134b/0x1590
[  143.748571][ T2884]  ? __sched_text_start+0x8/0x8
[  143.753253][ T2884]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  143.758896][ T2884]  ? prepare_to_wait_event+0x3e6/0x420
[  143.764189][ T2884]  schedule+0x11f/0x1e0
[  143.768185][ T2884]  wb_wait_for_completion+0x151/0x270
[  143.773389][ T2884]  ? __bpf_trace_writeback_inode_template+0x30/0x30
[  143.779811][ T2884]  ? io_schedule+0x120/0x120
[  143.784248][ T2884]  ? avc_has_perm_noaudit+0x2dd/0x430
[  143.789560][ T2884]  __writeback_inodes_sb_nr+0x2ce/0x370
[  143.794951][ T2884]  ? writeback_inodes_sb_nr+0x30/0x30
[  143.800148][ T2884]  ? avc_has_perm+0x16f/0x260
[  143.804671][ T2884]  ? cpumask_next+0x8a/0xb0
[  143.809004][ T2884]  ? get_nr_dirty_inodes+0x278/0x300
[  143.814127][ T2884]  writeback_inodes_sb+0x74/0x80
[  143.818901][ T2884]  sync_filesystem+0xa8/0x250
[  143.823409][ T2884]  ? cap_capable+0x1d2/0x270
[  143.827850][ T2884]  ext4_quota_off+0xd5/0x3f0
[  143.832261][ T2884]  ? ext4_quota_on+0x680/0x680
[  143.836883][ T2884]  quota_quotaoff+0x102/0x150
[  143.841375][ T2884]  do_quotactl+0x403/0x620
[  143.845629][ T2884]  __se_sys_quotactl_fd+0x271/0x3c0
[  143.850767][ T2884]  __x64_sys_quotactl_fd+0x9b/0xb0
[  143.855701][ T2884]  do_syscall_64+0x3d/0xb0
[  143.859951][ T2884]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  143.865679][ T2884] RIP: 0033:0x7fa96a658bd9
[  143.869932][ T2884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  143.889372][ T2884] RSP: 002b:00007fa9698da048 EFLAGS: 00000246 ORIG_RAX: 00000000000001bb
[  143.897616][ T2884] RAX: ffffffffffffffda RBX: 00007fa96a7e6f60 RCX: 00007fa96a658bd9
[  143.905429][ T2884] RDX: 0000000000000000 RSI: ffffffff80000302 RDI: 0000000000000008
[  143.913241][ T2884] RBP: 00007fa9698da0a0 R08: 0000000000000000 R09: 0000000000000000
[  143.921050][ T2884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  143.928862][ T2884] R13: 000000000000000b R14: 00007fa96a7e6f60 R15: 00007fff6d9a4ef8
[  143.936678][ T2884]  </TASK>
[  144.020816][  T292] usb 1-1: Using ep0 maxpacket: 32
[  144.137155][   T45] Bluetooth: hci0: Frame reassembly failed (-84)
[  144.143596][  T292] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  144.162150][  T292] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.173420][  T292] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
SYZFAIL: bad allocate request
allocated=0 size=18446744073709551130/18446744073709551136 (errno 11: Resource temporarily unavailable)
[  144.186570][  T292] usb 1-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[  144.187072][ T2906] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[  144.195829][  T292] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.218675][  T292] usb 1-1: config 0 descriptor??
[  144.271634][   T60] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  144.480874][  T292] usbhid 1-1:0.0: can't add hid device: -71
[  144.486616][  T292] usbhid: probe of 1-1:0.0 failed with error -71
[  144.496375][  T292] usb 1-1: USB disconnect, device number 21
[  145.351926][   T10] device bridge_slave_1 left promiscuous mode
[  145.358018][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  145.365350][   T10] device bridge_slave_0 left promiscuous mode
[  145.371299][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.378966][   T10] device bridge_slave_1 left promiscuous mode
[  145.384967][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  145.392288][   T10] device bridge_slave_0 left promiscuous mode
[  145.398201][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.405844][   T10] device bridge_slave_1 left promiscuous mode
[  145.411805][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  145.418937][   T10] device bridge_slave_0 left promiscuous mode
[  145.424951][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.432787][   T10] device veth1_macvtap left promiscuous mode
[  145.438580][   T10] device veth0_vlan left promiscuous mode
[  145.444459][   T10] device veth1_macvtap left promiscuous mode
[  145.450264][   T10] device veth0_vlan left promiscuous mode
[  145.456071][   T10] device veth1_macvtap left promiscuous mode
[  145.461907][   T10] device veth0_vlan left promiscuous mode
[  147.671554][   T10] device bridge_slave_1 left promiscuous mode
[  147.677502][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.684856][   T10] device bridge_slave_0 left promiscuous mode
[  147.690847][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.698561][   T10] device bridge_slave_1 left promiscuous mode
[  147.704606][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.712066][   T10] device bridge_slave_0 left promiscuous mode
[  147.717985][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.725662][   T10] device veth1_macvtap left promiscuous mode
[  147.731481][   T10] device veth0_vlan left promiscuous mode
[  147.737127][   T10] device veth1_macvtap left promiscuous mode
[  147.742879][   T10] device veth0_vlan left promiscuous mode