last executing test programs:

2m21.454439289s ago: executing program 4 (id=1621):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

2m21.398388519s ago: executing program 4 (id=1622):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f00000006c0)=ANY=[@ANYBLOB="01000000000000000d000000000000000380377ec235ed26a300000c0000000b00000000000000"])

2m21.39248663s ago: executing program 4 (id=1623):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f00000000c0)=0x41)
pwritev(r0, &(0x7f0000000840)=[{&(0x7f0000000880)="80fd02000000", 0x6}], 0x1, 0xfffffffc, 0x0)

2m21.351507881s ago: executing program 32 (id=1623):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f00000000c0)=0x41)
pwritev(r0, &(0x7f0000000840)=[{&(0x7f0000000880)="80fd02000000", 0x6}], 0x1, 0xfffffffc, 0x0)

2m5.175973857s ago: executing program 33 (id=2198):
prlimit64(0x0, 0x9, &(0x7f0000000780)={0x8, 0x258}, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmmsg(0xffffffffffffffff, &(0x7f0000003e40)=[{{0x0, 0x0, &(0x7f0000000c40)=[{&(0x7f0000000700)="6c1afca3ddfa36bed5d697997b12ae9a972df95fe2", 0x15}], 0x1}}], 0x1, 0x404c000)
sendmsg$nl_xfrm(r0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="68020000210001000000000000000000ff0200000000000000000000000000017f00000100000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000a001000010000000000000008000b00000000002c001300e0000001000000000000000000000000fc0000000000000000000000000000000000000000000000cc0111"], 0x268}}, 0x0)

2m4.102329218s ago: executing program 34 (id=2233):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=@newlink={0x60, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, 0x0, 0x800, 0x55007}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x30, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERIER={0x5, 0x19, 0x2}, @IFLA_BR_MCAST_SNOOPING={0x5}, @IFLA_BR_AGEING_TIME={0x8, 0x4, 0x81}, @IFLA_BR_MCAST_ROUTER={0x5, 0x16, 0x1}, @IFLA_BR_GROUP_ADDR={0xa, 0x14, @link_local}]}}}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x0)

2m1.795514071s ago: executing program 35 (id=2330):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000680)={0x10000000})
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r0)

1m37.553988841s ago: executing program 36 (id=2989):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x8, 0x0, 0x7ffc0002}]})
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1b, &(0x7f0000002140)={0x1, &(0x7f00000000c0)=[{0x6}]})

1m15.94112411s ago: executing program 2 (id=3680):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x18)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000180)=ANY=[@ANYBLOB="e0"], 0x5000)

1m15.921885931s ago: executing program 2 (id=3681):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000cc0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0xffffffff, 0x0, {0x0, 0x0, 0x0, r2, {0x3, 0xffe0}, {0xffff, 0xffff}}}, 0x24}}, 0x0)

1m15.908535331s ago: executing program 2 (id=3682):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000c80)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
mount(&(0x7f00000001c0)=@filename='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000001200)='vfat\x00', 0x0, 0x0)

1m15.788154863s ago: executing program 2 (id=3689):
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f0000000000), 0x2, 0xbb8, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3kymaZv3nfTlRawbIyItiNOkkmKLYCsVNy4E3QoN6aSETD9IIjVpFhP9B0RdC24EtSgu7LobRbdutN0qLoQisVEQ0cidjyQ2mTS1M70x/f3gzD3nnpl5nmcuM/cemJkA7luD2U0asT8iTiURpeb+NCKK9V5fRK1xv6XF+bFfF+fHklhefumnJJKIuLk4P9Z6rqS53dsc9EXE188m8b831sednp2bHK1WK1PN8aGZsxcOTc/OPTFxdvRM5Uzl3PCRp0YOjxwZOjrSsVp/++74lV8eef6H2u8f/nH557ffT+J49Dfn1tbRKYMxuPKarFWIiNFOB8tJT7OetXUmhds8KO1yUgAAtJWuuYZ7IErRE6sXb6X4/JtckwMAAAA6YrknYhkAAADY4RLrfwAAANjhWt8DuLk4P9Zq+X4j4d66cSIiBhr1LzVbY6YQtfq2L3ojYs/NJNb+rDVpPOyuDUbE99ePfpK16NLvkDdTW4iIBzc6/km9/oH6r7jX159GxFAH4g/eMv431X+8A/Hzrh+A+9PVE40T2frzX7py/RMbnP8KG5y7/om8z3+t67+lddd/q/X3tLn+e3GLMS598O7FdnNZ/U9fee7jVsviZ9u7KuoO3FiIeKiwUf3JSv1Jm/pPbTFG6c+LlXZzede//F7Egdi4/pZk8/8nOjQ+Ua0MNW43jLHw1chH7eLnXX92/Pe0qb/1/0/tjv+FLcZ45eTJT9ftvL7a3bz+9Mdi8nK9V2zueW10ZmZqOKKYvLB+/+HNc2ndp/UcWf0HH938/b9R/dlnQq35OmRrgYXmNhu/fkvMZy5f+qxdPq31X57H/3Sb47+2/i8L64//m1uM8dgXbx1sN7d2/Zu1LH5rLQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALWlE9EeSllf6aVouR+yNiP/HnrR6fnrm8fHzr547nc1FDERvOj5RrQxFRKkxTrLxcL2/Oj58y/jJiNgXEe+UdtfH5bHz1dN5Fw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCKvRHRH0lajog0IpZKaVou550VAAAA0HEDeScAAAAAdJ31PwAAAOx81v8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB02b6Hr15LIqJ2bHe9ZYrNud5cMwO6Lc07ASA3PXknAOSmkHcCQG7ucI3vcgF2oOQ2831tZ3Z1PBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtq8D+69eSyKidmx3vWWKzbneXDMDui3NOwEgNz2bTRbuXR7AvectDvcva3wguc183+p9an+f2dW1nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYfvrrLUnLEVFs7iuXI/4TEQPRm4xPVCtDEfHfiPi21LsrGw/nnDMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdNz07NzlarVamsk4azc7KHp3VTtJ4xWrbJR+du+wUY1uksU07eX8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQh+nZucnRarUyNZ13JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDepmfnJker1cpUFzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+CgAA//9gfgp0")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x0)

1m15.538949988s ago: executing program 2 (id=3696):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x13d, 0x0, 0xd6e}})
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x300, 0x0, 0x101}})

1m14.806390062s ago: executing program 2 (id=3728):
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x481, 0x0)
syz_usb_connect$hid(0xf63067478e218e8, 0x36, &(0x7f00000000c0)=ANY=[], 0x0)
ioctl$SNAPSHOT_S2RAM(r0, 0x330b)
ioctl$SNAPSHOT_FREE_SWAP_PAGES(r0, 0x3309)

1m14.761930243s ago: executing program 37 (id=3728):
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x481, 0x0)
syz_usb_connect$hid(0xf63067478e218e8, 0x36, &(0x7f00000000c0)=ANY=[], 0x0)
ioctl$SNAPSHOT_S2RAM(r0, 0x330b)
ioctl$SNAPSHOT_FREE_SWAP_PAGES(r0, 0x3309)

1m13.451988648s ago: executing program 4 (id=3719):
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f0000000000), 0x2, 0xbb8, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3kymaZv3nfTlRawbIyItiNOkkmKLYCsVNy4E3QoN6aSETD9IIjVpFhP9B0RdC24EtSgu7LobRbdutN0qLoQisVEQ0cidjyQ2mTS1M70x/f3gzD3nnpl5nmcuM/cemJkA7luD2U0asT8iTiURpeb+NCKK9V5fRK1xv6XF+bFfF+fHklhefumnJJKIuLk4P9Z6rqS53dsc9EXE188m8b831sednp2bHK1WK1PN8aGZsxcOTc/OPTFxdvRM5Uzl3PCRp0YOjxwZOjrSsVp/++74lV8eef6H2u8f/nH557ffT+J49Dfn1tbRKYMxuPKarFWIiNFOB8tJT7OetXUmhds8KO1yUgAAtJWuuYZ7IErRE6sXb6X4/JtckwMAAAA6YrknYhkAAADY4RLrfwAAANjhWt8DuLk4P9Zq+X4j4d66cSIiBhr1LzVbY6YQtfq2L3ojYs/NJNb+rDVpPOyuDUbE99ePfpK16NLvkDdTW4iIBzc6/km9/oH6r7jX159GxFAH4g/eMv431X+8A/Hzrh+A+9PVE40T2frzX7py/RMbnP8KG5y7/om8z3+t67+lddd/q/X3tLn+e3GLMS598O7FdnNZ/U9fee7jVsviZ9u7KuoO3FiIeKiwUf3JSv1Jm/pPbTFG6c+LlXZzede//F7Egdi4/pZk8/8nOjQ+Ua0MNW43jLHw1chH7eLnXX92/Pe0qb/1/0/tjv+FLcZ45eTJT9ftvL7a3bz+9Mdi8nK9V2zueW10ZmZqOKKYvLB+/+HNc2ndp/UcWf0HH938/b9R/dlnQq35OmRrgYXmNhu/fkvMZy5f+qxdPq31X57H/3Sb47+2/i8L64//m1uM8dgXbx1sN7d2/Zu1LH5rLQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALWlE9EeSllf6aVouR+yNiP/HnrR6fnrm8fHzr547nc1FDERvOj5RrQxFRKkxTrLxcL2/Oj58y/jJiNgXEe+UdtfH5bHz1dN5Fw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCKvRHRH0lajog0IpZKaVou550VAAAA0HEDeScAAAAAdJ31PwAAAOx81v8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB02b6Hr15LIqJ2bHe9ZYrNud5cMwO6Lc07ASA3PXknAOSmkHcCQG7ucI3vcgF2oOQ2831tZ3Z1PBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtq8D+69eSyKidmx3vWWKzbneXDMDui3NOwEgNz2bTRbuXR7AvectDvcva3wguc183+p9an+f2dW1nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYfvrrLUnLEVFs7iuXI/4TEQPRm4xPVCtDEfHfiPi21LsrGw/nnDMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdNz07NzlarVamsk4azc7KHp3VTtJ4xWrbJR+du+wUY1uksU07eX8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQh+nZucnRarUyNZ13JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDepmfnJker1cpUFzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+CgAA//9gfgp0")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x0)

1m13.375967739s ago: executing program 4 (id=3758):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000002f9b0000000000000000b50000000f004083c5000000a0000a4095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000002c0)='io_uring_register\x00', r0}, 0x2a)
r1 = syz_io_uring_setup(0xff9, &(0x7f00000003c0)={0x0, 0xfd03, 0x1000, 0x0, 0x3b6}, &(0x7f0000000300), &(0x7f0000000100))
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r1, 0x13, &(0x7f0000000000)=[0x81], 0x2)

1m12.898192268s ago: executing program 4 (id=3764):
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r0}, 0x10)
pause()

1m12.897896978s ago: executing program 38 (id=3764):
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r0}, 0x10)
pause()

58.447862373s ago: executing program 9 (id=4212):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001, 0x40}, 0x8)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000040)=[{{0x0, 0x0, &(0x7f0000003840)=[{&(0x7f00000006c0)="4f657f07da674c79be900dd4b36b03ca3513a320ebab75751d7d7e40d6ede2dcec43dc605632fa0df345f1fe1fd7e8e5d0da647d921b0f102b0b2fa24e5cef12d89e0db21f0cb28f5588c4b231abad294f049cbfa56b7402fa06d644b298a4922e5a0b0f2de53fca098c15a02df417cf592b8bf00ac06d56a3a286048ba59dc0fd69debc9d0f024476d9345c2b008df031d796e5581b0318fe281599f8b39d447257422eb55f1c87406e20b2f16d946f0ab156903d46d6ab54d6656307a0de7b83d35e818d8d048f784a9c87076fa4c6e9cfe38f88a77e789c9d4bea96f7b072d754fd17da475552965113151882c6dd91d1394342b8b3e4e74a82c2412507b0793cdb9656150e8b1e134ab1dd7888f6039f8de7056990800d9b9eab54171ad9879ee00fd157b3e54527f2a2356008cf524e72cf74fe0c307a920dd67d12a0846e921a88aead6edd3a5bd3da023856de8338adfa26345f5403319d336dd45efe3e407cc35b0e022f3e81de786ea6a3917a07e2f6fbe73adfd975c2236b937fda47b6c89cd0f4f64f8b93d73ce3d32b5162c7a318ee6e9bc08b32743c7b9e66fe6a1014830826ed55cca4d679ec24321ea888e61de0bea104b0a8edfcb5d18df2190b8a9113118acda5bdfadf7f404df0fbd39dd3fec06c4449fbde4ea7ccde27c44c63633c06e4559857637d037cad122a9fda4509805092ca0350d9f73b061eb153026730bda9ecc461473230438f135091a521240b6b4273b230af2057bb27f56b7851e13fb4d9c27d757bff9d8281fc9990afc8861356998c77560850828d7c6537faf470ca94889c14e28e1e8c6c73b6756ae380f8c15dded00616cc66a5440240876173ae1ee41005519e709f9412e260686ed18320acbdc2b465508390d456683928f5f42e25cb73e1fb53794fb4ab345bb8df04225bba362598d3e603f06f7ac324a0fef1494fe4a5e829c8b50207cfbaef7d29e85ca3e9891291b66179b39713032089ab90c6481bf0cca0e61da5fc955280682e702bc186851d014a59d9903be30104e31d7d57094e34bd10fe5b31bb7f3f1fe37eaef05b31a1c1206a6cce8fa425089001eab642478caa11cf08e43fad0668fdc22ac54ed30fbf13e6af1232af289ae48c0f3a371ec41ea5f7d9fb01f860b751760d680c72af1059d5fab16bf61dd8aaa7ada290d8cf2d135eb5a879b3a754b1de0a5e550895ce05a84f4dcc80f10b16d5a78fad7f9ec36945d1e946f1f1f3bbb983bc5a68b94a2633f3f232bf22b6c9479f60f7146e20d5df4726dc3835266fc132a1f0f49bd8e8e1cf34e20826bc3e7e2e95385eeeb2693b9d69a0f884f50122e783517a462707f67fca2ac8f2ac68693a1b5730b52231685caa92fb3e00622052eab3af70a6e89de641cc8949cff3c14767a55ab06f6312fdf27eaa7ec28f1591bad3a7b433272013de3ae26c95eb885528dd7f64bf69a8508aaf4d4629b838efe76c13d47ec31c5a9af75138d40ebabd09448e20ffbae7848211f31b6ce4df6b5ee103fdece3f15a3c3708ddb550a8d98b6b8920c23af9af40baeb47b0a2adf78699cbdfeddf67611dd9365c941913263d8f9998a81f964d7071d7eb347ec90556af053ac6b9d5be23cb85a5cab6392fffbbf8ea3a47c0c3a2bab8d3785055bff6694897fb9d3a16421a4d02caae0bd5152f0e80074b9f573a176200e81a1c4e35ab05c493f66b7c25ca13a6a3da12283821c119db39e957e739fb4c1259252cef81a8b346f787d195d388f06d252e9433e50728bf5b94d141f9ac8e6b2aaef86d007940b45fd28cc0171fa8700bdff936a2fc706a352ff0ceceb70c54f18f71de3a6e36c5391d3f648dd0d6f1b97f810ad838b4bb9c6919f0ec78b96644397c448f628f6b589477bf6512f7fe8a623674ac16c00deb3e2316bb7727c034fe9935bc0d4a402ca7c83fe4dff3d7b18d6439cd2576f0bde84ba1cbdf9f5a5743d874119e59ab8fcfa9801f9972cfc18e033c757423dfbd92d1bf1b2b3cf741c4a13b726b08441041712f98d8917d20fef74fcf3876ab5953e38ff6c2a2b3a8b96a2b1ec4dd86b09aec23ba096d16bdc1acfcb44ac82ed8c855c217bc07625c5dce82a0db0b400e2cdb89a75bb2155af9862304efc989253eadadcd08ae5f2e58cf842880df11a12ac8b3492069ccea594430ccee2baaf0fc3b2db99c14aa93f2624ab0e9237760b5fa1a96c16474be2cabc90ff091672e95c8d25fccd039110c6934b948de9c5983aae57a3547ad288ca1219e3fd1f27d5687f66ae4d487141b1d091c6049e72eff1d5df8280c1248892677b520cdb4e97c31778c2b09ac10a174d04da2a43a0d178242f203b3ae14154d1d03319d14921352ba733b0656ae2cece53f736006d117cf08c7f9e18d9f1b500dc5922d423dbf822c1ae089332b1884901aae255612bb70bcc65257bbc6cef6f9c5b76dfd1dfd0b5dfba63eece0c2185c01ef11810497eb2047bc87be9b8b5c897b8a155200d2ce96427bd4036b19f0ef6c9cea67c43b80c8fbd0d25d6b046efe93a9872bb0f964e016490883e9388ef035908221166c2206415f3feebdbc2a830ccac55d61b79d3316e2d3be9aea1c2c72c23688efff2b9b5a4f39f667a5404e3ce2083a302bc4a49208a0725c20f9a19adff430c50a169f151355df660d52c0068cca7f171ecdec15047dfea2ba6861e5ece606d228e0bf47631cc32b91ab4c09015d40a326086ebaac6af8e79059dc7f929cf6a80ad3b8cd6b3a91b8e5a199fb00814b45f42e8b7feeb9158c39510c1a10d35aea06fe660b0eb73bc0905252b6919fe23e5d5c3c9c66adaefe9e4307981e63fdcdc67e2bf76d75ff7be4fe8dd025cece14d556074c84b3c8833dc7cff583ce25947101676fd3f8f4016368bf27e24744bba7cb768b9d837b16d5308dc3712f37c69d1d1ee98360c6449634433afebe5bea6b2e39c249c29c4c8c3fca5f180ad4893c41458fc9f82db8200e201b3c4b5cc69dadf9a409af684f372a68cf1cf3aa64f9de0ec5fcd58acca051c590c689e42d0037cf3b2abee9d2c85803a929032b35113963ad79793b2a4d8377517654149b9afb408b189d2ecf95c66594e79db6c34e0c82a30259938589b2f81c50851a4d30013d9da1f24eacd5efbdf945e8af4a625126b38c01029fb2b0062de8c4bcd61c7d8b9215bac8dc35609ff45acbadfac0a04e3f5014c1c34cbb46393633f6102080f266fec4242c67c93e01312ba0e6e3dd1e002d1253e4d34a8d6122c60ce5169d1c47f807230d86f4836e4c385aff2c6492c9e2584a4a0dcff544316f4c35d1fb19c4277041885df236324b80c3f2d58c76f64a075d27a916ba55746b0aa758d383c063cd6447a80f7abd06a310974765a8c977671a6dbe35be115747a4a3c9d9f558ce7fbfc35b91875612e89f505007792f7b197ba5fc4c65cd6f8765e2d2454f4681381325477af63a88fe4313c7365690c50f05d40fe302479d21cee188f29f8b4475b6b37e2a4dd710814a2463cf1650f281595cff95f549c4c4ffcd184e672b308aa4bc071395f214ee97e5b7dbc5efaed8e65a878169a0529b6ed4022e5bfaaa49fc521c283bd9d62ddc00e4d84d5da18f7c0acd00c53e827c7194146e5d0cb9439e8c35e0659d347cb012e47da92aff33c8b45fd9aa140d2f76b75c6800f8769057e88d156714a82e3d12b4fdf2863a27eb2587ebc25b011a949849dcd9faaa128b9bef780b3d239a007ca9c04256b858cfc7b068365c044a5eb863bdf0454cf37df09d4cf930408f0d41c1e8c278b994c455f89ecb85156ed20b7f89c9c2f1176508e4c7ab7ed74311a12317d4193eaef0333368963286e4c5e0c0c0db5f3f2d5e3cff77b21e3b4786c8c096b89b60cf41560544ba1361f4af4b5b330b410edc5421b5023f1f4df0f910067bfbe0a46cb5f1407f650c47288a31e0f767de8ddca77b20ed16513e095fbce085d25d543dce850515458c5ef07a0c012175ef50ef3c52f98afa0b2631c7d3e63b22e90ebce2513d3b0d4d62f153cc90700fbee5c80ffd14fece05e0ba293758aaa7510d3853a4a4d44e9e479e3f5d92a663f14b5f5452efc6ecf387a100787667dd060cfdf75ee57dda2e042f7f171ac5083a5ddc6656bb34d683955f4a8a1cf687d29e963d8abf93912aa08dc4df3cdaaceae9fa1d21472ed01705d861a798f57f14ca4f3f0e1e9f1c20e9e2eb6974a7d838e7a2f69943ad259cd6967c0c46698952c65a9a1d72be890a66dfea4fa1b5ee861b1f929ce78c9bcdfb0145ff52d462865a8a81506e1bd0afa6b2d3cc5556c17c19b891fc6c36b9ed0b8b3c516836872ced92b1b65e2334b3730deae7af801016d30af14daf53ec550da914dedc18726871a94c3ce8efd4bfcf25ffdf224d665374b279ea65d32e213bfad60aa8555fbe97cb22977f7e9f20a04e8e2c65b3a5519a098b70cce0ad25cb239e2335e0040481c86a2153b5056e70f83515e7d3739749ab8a2c3e4a1b0faab4426495c4f0076d2590c52f6548e3b20b17a6f21deefe63f67fcba027a83959dd9f79dc2f61e712d41fa50c0a89d1329a70aa8471f02a2755ea2f872adc3fbaea5e942ab7fd9191b669a6017a0a2ae7344ee0ca36afd646444a38696ceeca997321ab37642ea71be0758b3bb311b13cce0cc5881c97549ebf9366171a99a8f3b754f6e42970002b09ebc56402693fd2d06bfc114396c75a4bcfb02e114170fafad5ab7e671b70e51461f6916a674d4abcf47011e8598144c5cb013f280e21afc936055b1d2e0bbf29a4b969cadf754ac62bb6020f33ed9b3e46428496d0de29ff0b6fb13710f98f688e9185126c0b154530a045abcf54f4be1a63ac4ec02ba038cb1b510abd82532cfcc7684c977e00fe81d2d4a483d5cf7d23a5c4fd6a299edb436f519a6efc37b79b249feec6f0d7983a321f4021ac4766270f6bf9fe10733313e6116178fd271eb4d0ac6158e16f3a01795932f15b6df70c25dad7fd9f8932bf6bd651094d6c83cf0accfa978f575e535e86e44f17a23802bdba0bcb17899d76a5bb083061a4ddceb105333a828ade21c99dbc6257a322a22f73899f3fd64eddb1669b965d21f468416eb81ca750e54976616ced379078b149822d38634f90bb4644746eb40cc6153a1c0fd7b4d482958c5c1d9a47c3512510f022b8eb00861794ed8a3c207f4cf5a565b94a44eb14e6baefc24ee30380b53ee4726779b429240cb8b71340fd41fa0352810d90519f18ee69b85d3134cc16619a966ed378d608292834631aa1f215a324641d0b772d08a822f6ec0905c22768044c13911476bc70122345a274b1887ac471676f09a849faba85f9c2a8b24af21ac7700395b29f963d493a5f81febc3b8a23bbafaba0d9b288c5506c44ec4f6f327433f06cf6d72f8de7cc61ecc1de0fc743ddfeb2fa47fa17ab3257b68e0c56dce273f56de9724b809b4df30d0dc8a4a97db38674242ea7e81571dda16c2dd2ae5d82b51b719181db901409170504ecfd94de74315c554462dbc90d749f2d2d54b6b7ca6c287979b5cc1ec651af17891359628abc6c8329d88351966c4ffd23b7a729453ec0c064210b3234f8657747a84bc0b236a89a35f412395805c942392b61a2bd5a88a5740b97c31d5bd8857f2b7a0cb999a48d0b395c21ff58e7349939f542470a829db9e033ef7b719453ad7a705829d74416011ce17839618f1534c9859c08a8d5c49a0478074ceea47ab23fb24570011684733bc01f0adca5a48139f54c598bee0f2a", 0xfe7c}, {&(0x7f0000000000)="87", 0x1}, {&(0x7f0000003300)="9a", 0x1}], 0x3}}], 0x4000000000002e4, 0x4000000)

58.406101363s ago: executing program 9 (id=4224):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000006000000000084e27fa40000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10)
r1 = io_uring_setup(0x3b4a, &(0x7f00000001c0)={0x0, 0x0, 0x400, 0x0, 0x4000000})
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r1, 0x18, &(0x7f0000000140)={0x6, 0xffffffffffffffff, 0x2, {0x401, 0x3}}, 0x1)

58.362643344s ago: executing program 9 (id=4217):
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f0000000a80)=ANY=[@ANYBLOB="180000000000002000000000ff000000850000000f000000850000000500000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r1}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x14, 0x1e, 0xa01, 0x2, 0x0, {0xa}}, 0x14}}, 0x0)

58.345384774s ago: executing program 9 (id=4218):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x2, 0x51a, &(0x7f0000001200)="$eJzs3U9sI1cZAPBvJsnam6ZNCj0AKnQphQWt1k68bVT1QjlVCFVC9MhhGxInimLHUeyUJuwhe+SORCVOcOLMAYkDUk/ckTjAjUs5IBVYgRokJFx5bGedP06sbGJv499PGvnNvLG/93Y071mfN/MCGFu3ImI/Im5ExLsRMds5nnS2eLO9tc775NGD5YNHD5aTaDbf+WeS1beORc97Wp7pfGY+In7wVsSPkmNB/xRR393bWKpUytudQ8VGdatY3927u15dWiuvlTdLpcWFxfnX771WurS+vlT9zcc3I+L3v/vyR3/c/9ZPWs2a6dT19uMytbs+dRinZTIivncVwUZgotOfGxd584XexGVKI+JzEfFydv/PxkR2NY86epm+PcTWAQBXodmcjeZs7z4AcN2lWQ4sSQudXMBMpGmh0M7hvRDTaaVWb9xZre1srrRzZXMxla6uV8rznVzhXEwlq+uT5YWs3N2vlEvH9u9FxPMR8bPczWy/sFyrrIzyiw8AjLFnjs3//8m1538A4JrLPy7mRtkOAGB48qNuAAAwdOZ/ABg/5n8AGD/mfwAYP+Z/ABg/5n8AGCvff/vt1tY86Dz/euW93Z2N2nt3V8r1jUJ1Z7mwXNveKqzVamvZM3uq531epVbbWng1dt4vNsr1RrG+u3e/WtvZbNzPnut9vzw1lF4BAGd5/qUP/5JExP4bN7Mtep73f+5c/eJVtw64SumoGwCMzMSoGwCMzMnVvoBxIR8P4+v/zWYzetbujYiHh6Weh4H2/S9CHwwUJrVuKDx9bn/xCfL/wGea/D+Mr4vl/32Xh+tA/h/GV7OZWPMfAMaMHD+QnFPf+/v/fLNnZ7Df/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBamsm2JC101gKfiTQtFCKejYi5mEpW1yvl+Yh4LiL+nJvKtfYXIsK6QQDwWZb+Pems/3V79pWZ47U3cv/NZa8R8eNfvPPz95caje2FiBvJvw6PNz7oHC+Nov0AwHm683R3Hu/65NGD5e42zPZ8/J324qKtuAedrV0zGZPZaz7LNUz/O+nst7W+r0xcQvz9hxHxhdP6n2S5kbnOyqfH47diPzvU+OmR+GlW135t/Vt8/hLaAuPmw9b48+Zp918at7LX0+//fDZCPbnu+HdwYvxLD8e/iT7j361BY7z6h++eONicbdc9jPjSZMRB98N7xp9u/KRP/FcGjP/XF7/ycr+65i8jbsdp/U+OxCo2qlvF+u7e3fXq0lp5rbxZKi0uLM6/fu+1UjHLURe7meqT/vHGnef6xW/1f7pP/Pw5/f/6gP3/1f/e/eFXz4j/za+dfv1fOCN+a078xoDxl6Z/m+9X14q/0qf/513/OwPG/+hveysDngoADEF9d29jqVIpbz95IX/mOellhBigkETsX3GIx4Xcr3/61vkn54bWngsWol/VxNPSwmtTyD0dzRigMOqRCbhqj2/6UbcEAAAAAAAAAAAAAADoZxh/TjTqPgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9fRoAAP//j4/W2A==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x0)
lsetxattr$trusted_overlay_origin(0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c})

58.182795087s ago: executing program 9 (id=4219):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r0}, 0x10)
setfsuid(0x0)

57.937317182s ago: executing program 9 (id=4225):
syz_mount_image$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
r0 = open_tree(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x80001)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
close(r0)

57.839010754s ago: executing program 39 (id=4225):
syz_mount_image$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
r0 = open_tree(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x80001)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
close(r0)

51.776326069s ago: executing program 1 (id=4427):
r0 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
write$selinux_access(r0, &(0x7f0000000740)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a6c645f736f5f7420704a122f7362696e2f6468636c69656e742030"], 0x41)

51.70745686s ago: executing program 1 (id=4430):
mmap$KVM_VCPU(&(0x7f0000ffa000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000080)={{&(0x7f0000ffb000/0x1000)=nil, 0x1000}})

51.67551713s ago: executing program 1 (id=4432):
r0 = getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000005f00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=[@cred={{0x1c, 0x1, 0x2, {r0, 0xee01}}}], 0x20, 0x40804}}], 0x1, 0x2000c000)

51.625955101s ago: executing program 1 (id=4435):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000280)={[{@jqfmt_vfsv1}, {}, {@quota}, {@noauto_da_alloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x5}}, {@orlov}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
chdir(&(0x7f0000000240)='./file0\x00')
symlink(&(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

51.322952488s ago: executing program 1 (id=4443):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)

50.466364634s ago: executing program 1 (id=4457):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
setuid(0xee00)
fchdir(r0)

50.436455104s ago: executing program 40 (id=4457):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
setuid(0xee00)
fchdir(r0)

45.637424235s ago: executing program 0 (id=4648):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000240)={[{@grpquota}, {@auto_da_alloc}, {@minixdf}]}, 0x1, 0x51e, &(0x7f0000000440)="$eJzs3c9vI1cdAPCvnThxsmmTlh4AQbu0hQWt1km8bVT1AOWIUCVEjyBtQ+KNothxFDulCXtIz1yRqMSJHvkDOPfEgRsXBDcu5YDEjwjUIPVgNONx6s3aibWJ4xB/PtJo5s2b+Pt9cfxe/BLPC2Bs3Y6Iw4iYioh3I2I+O5/LtnirvSXXfXr0aO346NFaLlqtd/6ZS+uTc9H1NYlb2WMWI+KHH0X8JPdk3Mb+wdZqtVrZzcqLzdrOYmP/4N5mbXWjslHZLpdXlleW3rj/evmymlp8qTaVHX71kz8cfutnSVpz2ZnudlymdtMLJ3ESkxHx/WEEG4GJrD1To06Ep5KPiOcj4uX09T8fE+mzCQDcZK3WfLTmu8sAwE2XT+fAcvlSNhcwF/l8qdSew3shZvPVeqN592F9b3u9PVe2EIX8w81qZSmbK1yIQi4pL6fHn5fLp8r3I+K5iPjF9ExaLq3Vq+uj/MUHAMbYrVPj/3+m2+P/+T4bfnIAwPAUR50AAHDl+oz/h2d9TY//6QUA/o94/w8A48f4DwDjpz3+z4w6DQDgCnn/DwDjx/gPAGPlB2+/nWyt4+z+1+vv7e9t1d+7t15pbJVqe2ultfruTmmjXt9I79lTO+/xqvX6zvJrsff+wrd3Gs3Fxv7Bg1p9b7v5IL2v94NKIb3qzE8WAABD9txLH/85l4zIb86kW3St5VAYaWbAsOVHnQAwMhOjTgAYGat9wfi6wHt80wNwQ5x3O69irw8ItVqt1vBSAobszpfM/8O46pr/91/AMGbM/8P4Mv8P46vVyg265n8MeiEAcL2Z4wf6/P3/+Wz/m+yPAz9eP33Fh8PMCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK63zvq/pWwt8LnI50uliGciYiEKuYeb1cpSRDwbEX+aLkwn5eUR5wwAXFT+b7ls/a8786/OPVb14q2Tw6mI+Omv3vnl+6vN5u4fI6Zy/5runG9+mJ0vX332AMD5OuN0uu96I//p0aO1znaV+fz9uxFRbMc/PpqK45P4kzGZ7otRiIjZf+eycluua+7iIg4/iIgv9mp/LubSOZD2yqen4yexn7nS+PnH4ufTuvY++V584RJygXHzcdL/vNXr9ZeP2+m+9+u/mPZQF5f1f8lDrR2nfeDn8Tv930Sf/u/2oDFe+9332kczT9Z9EPHlyYhO7OOu/qcTP/d4/Dud+K8OGP8vX3nx5X51rV+3H7BX/O62LjZrO4uN/YN7m7XVjcpGZbtcXlleWXrj/uvlxXSOerH/aPCPN+8+268uaf9sn/jF3u0/yenrA7b/o8/e/dHXzoj/zVd6xc/HC2fET8bEbwwYf3X2t8V+dUn89T7t7/P8Z7URdweM/8lfD55YNhwAGJ3G/sHWarVa2R3Lgxjs4t9n36xrkfNYHyTPwjVIo+fBd64q1lT0rvr5K+0f0+mI7h/sVuupYvXrMS5j1g24Dk5e9BHx31EnAwAAAAAAAAAAAAAA9HQVn1gadRsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uf4XAAD//8PWzCg=")
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x802053, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
renameat2(r0, &(0x7f0000005780)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f00000016c0)='./file0\x00', 0x2)

45.331843741s ago: executing program 0 (id=4655):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)

44.961659028s ago: executing program 0 (id=4675):
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000540)={[{@test_dummy_encryption}]}, 0x1, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
r0 = open(&(0x7f0000000100)='./bus\x00', 0x143142, 0xa2)
write$FUSE_INIT(r0, &(0x7f0000000140)={0x50}, 0xffd3)

44.901257889s ago: executing program 0 (id=4680):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x1)

44.8341905s ago: executing program 0 (id=4686):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB='F'])

44.714393382s ago: executing program 0 (id=4693):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xf, 0x4, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0xc, &(0x7f0000000100)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x5, 0xfeb, &(0x7f0000001e00)=""/4075, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

44.699711673s ago: executing program 41 (id=4693):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xf, 0x4, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0xc, &(0x7f0000000100)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x5, 0xfeb, &(0x7f0000001e00)=""/4075, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2.169800409s ago: executing program 3 (id=5777):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
pipe(&(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
readv(r1, &(0x7f0000000080)=[{&(0x7f00000078c0)=""/110, 0x94}], 0x1)
close(r2)

2.106627081s ago: executing program 3 (id=5780):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x3c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_IE={0x7, 0x2a, [@challenge={0x10, 0x1, 0x88}]}]}, 0x3c}}, 0x20004040)

2.059809181s ago: executing program 3 (id=5781):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r1}, 0x10)
setitimer(0x2, 0x0, 0x0)

2.059604591s ago: executing program 3 (id=5782):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4048800}, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6040080}, 0x4)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
syz_usb_connect$uac1(0x3, 0xa4, &(0x7f0000000040)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2405000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r1, @ANYBLOB="05", @ANYRES16=r1], 0x0)

1.950215063s ago: executing program 8 (id=5789):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2008, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xf, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r0}, 0x10)

1.950076163s ago: executing program 8 (id=5790):
r0 = fsopen(&(0x7f0000000180)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x18)
symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f0000000140)='./file0\x00')
openat2(r1, &(0x7f00000003c0)='./file0/../file0\x00', &(0x7f0000000380)={0x100, 0x0, 0x8}, 0x18)

1.948431493s ago: executing program 8 (id=5791):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz1\x00', {0x7, 0x4, 0x4, 0xfffa}, 0x3d, [0x6, 0xc95a, 0xfffffff3, 0x8, 0x80, 0x6, 0x1, 0x7f, 0x6, 0x4d, 0xfffffff2, 0x5f, 0xa, 0x0, 0xffff2d37, 0x1dd2, 0x6, 0x7, 0x0, 0x80000001, 0x7, 0x7, 0x3, 0x3c5b, 0x1, 0x24, 0xffffffff, 0xfffffffe, 0xff, 0x10000, 0xe661, 0x4, 0x1000007, 0x3, 0x8001, 0x4c74, 0x8f00, 0x642, 0x3, 0xa, 0x0, 0x71, 0x7, 0x1000007, 0x103, 0x2, 0x5, 0x3d, 0x8f, 0x6, 0x1, 0x4, 0x5, 0x5, 0x5, 0x0, 0x80, 0x0, 0x5, 0x6, 0x8, 0x1, 0x1, 0x40], [0x10000007, 0x80010002, 0x12b, 0x8000, 0x10, 0xfffffff3, 0x129432e6, 0x3, 0xf9, 0xd, 0x2bf, 0x6c9, 0x1ff, 0xfffffffe, 0x3, 0x0, 0x7, 0x10000005, 0x2f, 0xe, 0x313, 0x78, 0xea4, 0x6, 0x4, 0x4, 0x8000, 0x5, 0x400, 0x1, 0x6, 0x400001, 0xff, 0x1005, 0x7ff, 0x5f31, 0x4, 0xffffffff, 0x6, 0x1000004, 0x9, 0x4, 0x9, 0x8, 0x8, 0xf, 0x5, 0x0, 0x3, 0x8000, 0xffff, 0x2, 0x7f, 0x9, 0x8, 0x3, 0x4, 0x1, 0x7, 0x6, 0x9, 0x48c93690, 0x2, 0xfc], [0x5, 0x1, 0x0, 0x64e, 0xfffffdfe, 0x7fffffff, 0x8d2, 0x9, 0x5, 0x7fff, 0x8, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x1, 0x3, 0x10000009, 0x3e7, 0xb, 0x5, 0x2, 0x40002, 0xf, 0x8, 0x84, 0x6d01, 0x5, 0x3b, 0x3, 0x200, 0x80, 0x5, 0x4, 0x2, 0x8004, 0xa2, 0x7, 0x53cf697b, 0x5, 0x4, 0x54fe12da, 0xbf, 0x5, 0x3, 0x400000, 0xfffffff9, 0x0, 0x1, 0x5, 0x0, 0x6, 0xfffffffb, 0x120000, 0x3, 0x2, 0x9, 0x4, 0x3], [0x9, 0xbb31, 0x3, 0xfffffffc, 0x5, 0x938, 0x6, 0x6, 0x10000000, 0x5b, 0xce7, 0x1ff, 0x6, 0x7, 0x5, 0x3, 0x104, 0x80000000, 0x5, 0x7fff, 0x8ffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x8000014c, 0x60a7, 0x6, 0x6, 0xffffffff, 0x80000003, 0x5, 0x8, 0xffffffff, 0x3, 0x3, 0xffff, 0x3, 0x8, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x6, 0x1, 0x10000, 0x5, 0x8, 0x2b91, 0xa1f, 0x8, 0x9, 0x1, 0x6c0b, 0x0, 0x2, 0x5, 0xb1c, 0x1, 0x200, 0xfff, 0x9]}, 0x45c)
unshare(0x400)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)

1.937881383s ago: executing program 8 (id=5792):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r1, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000440)={r1, &(0x7f00000003c0), &(0x7f0000000400)=@tcp6=r0, 0x1}, 0x20)

1.927558584s ago: executing program 8 (id=5793):
syz_mount_image$f2fs(&(0x7f00000004c0), &(0x7f0000000040)='./bus\x00', 0x2008410, &(0x7f0000000500)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c8426803000000005c000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd9701404", @ANYRES16], 0x1, 0x553b, &(0x7f000000ac00)="$eJzs3EtvG1UUAOA7TtPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKI9WduKk/T5pfGbujM+cO7ISnRnLAXhiLaS//pyES+FsCGEuhHAhCfl6Uiy51RieCyFcDiGU/rIkxfifA6dDCOdCCJdGyWPOpNj1+dXhlZWf3vjlm+/OnDr/xdffz27WwKw9H0LobsX13W6MWSvGu8V4bdjOY/fGsIhxR/desZ3FuNvcyDPs1sbH1fJ4vRWPz7Z2+qO42anVR7HV3szHt3rxhP1ha5wnf8Pd2na+3Whu5LHdz/LY2o917e3Hv237/UHM0yjyfZinD4PBOMbx5l4zzmfrXh7rvUExHvNmjebeKA6LWJwu1LNOI69jY5Irfby92e7t7KXD5na/nfXSlUr1hUr1Zrm6nTWag+aNcq3buHkjXWx1RoeVB81ad7WVZa1Os1LPukvpYqteL1er6eKt5ka71kur1cr1yrXyylKxdjV99c67aaeRLo7iy+3ezul2p59uZttpfMdSuly5/uJSeqWavr22nq6/dfv22vo77996785La6+/Uhz0QFnp4vK15eVy9Vp5ubp0DOY/+r/7kPMfTDL/T4qiH2H+yWSXB/6bDxjAI3ug/w/6f+DwnfT+P0yz/x+1VPr//+9/S5P3/xP1v8e1/z/B84eJ6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5YP8x/+Vq+shC3zxfjF4uhZ4rtJIRQCiH8/g/mwukDOeeKPPP/cvz832r4Ngl5htE5zhTLuRDCarH89vRhXwUAAAB4fH310eXPYrceXxZmXRBHKd60KV34YEr5khDC/MKPU8pWGr08O6Vk+ef7VNibUrb8BtZTU0oWb7mdmla2hzI3Dh9fvD+YTyiJoXSk5QAAAEdi7kA42i4EAACAo/TprAtgNpIwfpQ5fhacf/P+/qPNswf2AQAAACdQMusCAAAAgEOX9/9+/w8AAAAeb/H3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4g537uU0ciOIA/GwwsP+0aLX3bWVvUEZKyDHHQAFpghJIC2mAGsgtJUQQYY+QHIEUiXGsoO+TPM7Y0W9mgMsbSwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJztZ4/3v97uDRnt79MntUAAAAAp2yr9bz+Y9r0f6Trv9KlP6lfREQZEadq90GMWpmDlFOd+f/q3RyeIuqEwxjjdHyPiP/peP3d9acAAAAA12uzXM2aar1ppn1PiM/UbNqUP28y5RURUU1fMqWVh+ZvprD69z2Mu0xp9QbWJFNYs+U2PH1vlGuQtkHrlFYyWdRfYt0ruxkXAADoU7sSOFOFAAAAcAVu+54A/SiOzfE547g5pQeC31o9AAAA4Asq+p4AAAAA0Lm6/vf+PwAAALhuzfv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NK2Ws83y9Xs3P3FB3N2+8vkWxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBv7844CIRAGYbB3fWcy9z+sNGhobFIFwsffGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzPSwqEQBBEwZzxv5O+/2ElQc8gQgQ0PKqoRQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzcP28cRRQA8Hd7t5c/gDAGuTCgIFFAQ+xLSEgJBcii4CMgWc45GC4EEhckskBuoEKu0yAoEUICmS7fIXUspQldChdGogbt3u5lkxhyiszuEv9+0uy8Pa9m3uydLD/P2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAafedeCkp4m52mBnH5Wu39jZWsn7ngT5zY+v2fNayuPOoib55++CTb7eXqycn5ionX9WfDAAAAIdDt6zvI+JOur2U9clMXv+n5TVZzf/9M+O4rOcfrPt39jaOFl+aL+v/3369+8JkopnxPNmgq2uj4eLDqfT+oyW23rOPvKKX3/n8dy/d/A1J3t98fjfN72fn25s33+3n4ZE6sgUAHsfJsi+C8uehrB80mRgAh0avUniX9X93ptmcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqwuxlPlXEnIuZ79+LMzt7Gyn79ja3b82U7e/36VnXMbIg0IlbXRsO0xrW03ZWr1z5ZHo2Gl+sPTkREc7MXwYdTXBPx79cUH89obhX/HHTakUajQVK8P23J5yCD8rN38CM39A0JAIAnVlq0rK6/k24vZa91ZiP++uH++v+1ShxT1v93Pzp7qzpXtf4f1LbC9ltYv/jZwpWr195Yu7h8YXhh+OmbpwZvDU6fO3Pm3EJ2rxYXViMZLjadJgAAAP9j/aJV6/9k9uH9/+OVOKas/z//bvBlda6u+n9f9zb9ms4EAADgMOpPoude+fOPzj5XdPr9+GJ5ff3yYHycnJ8aH2tN9zEdKVq1/u/ONp0VAAAAUIfdzc59+//nK3FMuf//9I8v/lwdsxsRxyIuRcTw5Mql0fn6ltNqdfyhcj5Rv+mVAgAA0JRjRavu/6f58//J5JGHJCJef3Ucl//rapr6v/ve1z9V56o+/3+6viW2UjI3vh95PxfRm2s6IwAAAJ5kR4uWFfu/p9tLH/9y/IO+5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6vZ3AAAA//+pzDYD")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x147842, 0x0)
preadv2(r0, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x7)

1.522601331s ago: executing program 8 (id=5794):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902240001000000000904000001030100000921000000012201000905810308"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000080)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000002"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_connect$cdc_ecm(0x0, 0x0, 0x0, &(0x7f00000006c0)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x250, 0x0, 0xfe, 0x81, 0x10, 0xd}, 0x22, &(0x7f00000001c0)={0x5, 0xf, 0x22, 0x3, [@ss_cap={0xa, 0x10, 0x3, 0x0, 0xd, 0x7f, 0x3, 0xf46}, @ext_cap={0x7, 0x10, 0x2, 0xe, 0x4, 0xd, 0x3}, @ssp_cap={0xc, 0x10, 0xa, 0x3, 0x0, 0x8, 0xff08, 0x6}]}, 0x5, [{0x2, &(0x7f00000003c0)=@string={0x2}}, {0xc0, &(0x7f00000005c0)=@string={0xc0, 0x3, "51fa6f272e7cf96745caaa57b47b5bba520906fb3a2e1c50ec863f98a2ebb815d344f1839b2edb54080cd89c8a74a93b6bafe73d363ac518f5c1f6476b09efd5b56b7d076835a7fca2c001479a4c82f483ffb90bdcbebe9be7e45520d90765ae246a393737070f0fd3bf8c26eb29d865431759d46bf5ec0ddb9e806b760ca9181f5bac3bc40e508f8317102309b4d7b8b3c646ef37861b637b7d0e5fea548e8b680b1039b0758badafb22858146e005f7547e59184186a148e53e9e2e781"}}, {0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x407}}, {0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x81a}}, {0x0, 0x0}]})
syz_usb_ep_write(r0, 0x81, 0xffffff75, &(0x7f00000002c0)="b9425b44651dd23241963599000000110000004a16941ff5f4b4f1f0add7fcf2b877fceafffffffffff1ffdf4cd9f5d3969890522c77157d88010000003a5bd5531d459dffff03000000000091ff000000e8f5b3371da3635b8b4fa637135800001f65e4b436aa9e50bc0f19b7d3372ff9ebcede1fb5e9428f54d5d1f0cc752cf246a5d2da34a5aa97dc14a469c3dd3e26b41c356484e46fd66e3f2c7807e8773eed7b94fa099ab84feadec2ea95f65bba452eae5b0900f98a979a88c517a2dc360a00237723e2f467af706ea17226296b3a10a351cb47aba2c6b836c90679b4dd859ddc9e4800448aab0000000000000d75f34bb50d8d7084")

1.389414504s ago: executing program 7 (id=5796):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r1, 0x0, 0x0}, 0x10)

1.362682484s ago: executing program 7 (id=5797):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='veth1_virt_wifi\x00', 0x10)
r1 = dup(r0)
sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f0000000000)="be39", 0xffeb}], 0x1, &(0x7f0000000c80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @private}}}], 0xf}, 0x0)
recvmmsg(r0, &(0x7f0000001e00)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x62, 0x0)

1.348066925s ago: executing program 7 (id=5798):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r0}, &(0x7f0000000040), &(0x7f0000000200)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x26e1, 0x0)

1.332535755s ago: executing program 7 (id=5799):
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000180)="2000000012005f0214f9f4070000fbe40a0000000000", 0x41d)
recvmmsg(r0, &(0x7f0000001500)=[{{0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000001740)=""/4101, 0x1005}], 0x1}}], 0x1, 0x22, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001040)=ANY=[@ANYBLOB="020300031a0200000000000000000000040019000000000004000000000000000000000000000000000000000000000005000600000000000a00000000000000fe8000080000000000000000000000bb000000000000000001020900008000009f457827197cdf3f602dac49322300ba3a95ecddbba9806cccbdcaa927c38329dce7a6b21a355716b1ef3ae34753706cfc27e219340d14d9cd7c2ea97920234bb8641295893bd10ed893cbbc5660c7b3b20dc71b503d4dd0f997ea68c66748745594be5bdb66f4002169ec18ec3c46c24fe043089a929aa428fa585bea30ff1fc5672a5d0f4954fbe336d8fd0a87e1bffe963a5d4b5c9d7ba36d67f1ca65567b448f8fd18608cdb1d690fede396adcd625fd54d423c1eee3fedeeca5f46599817a0bbc9ba2ef7dbfb1fcbb759649168913d5b5653051f574f798c4418635e6e4cdabdf86aa55c3911644a8c3192afd567ff13f0206e9b5c7d6e6468139d6aa3732845d08a0140f0e46c72ccb3a02f308276ffc0bd83f08cefa080dff064830f3d39b3f0a83b5241e758255b41c0911c5f79c8d52fbdbda32c762530adab8b21ad97cf328dbc1ff5713779b95a9101266fdd1a124dfeaa8f267b374a3b178c08a55c571611575c86fd808c63975d46f83de246a1c5ad4d69a722123cbd0d098be3bc354f4e88170adada25552ca65ddf8f37bcbda47b90a79f1b2b4b5253a978dc49487e50373a06d88ed3c1cf5214783a29b6aef9a2ab17b8d8465a482790d3e2b98fb5ef27bedb1ec5d4d8ce4e90c56f8c65ea28a47838456b74f6ca5f89cfad6efd0c0d93ade021edf89ddec19d669d43eb8cd25a1e503d3877c633682e1062d6777f266ab58cffc6998d0d84183b4b4b55b6456d4d98826088f3dc830bba9d4ffea46bd7cfbbcb16fcdd294732e7f4f5e9c504aee38c7d9127f093870371c84fb0029ff14f8c181367029f15fe74f7340027e24afc2729e682d5664d838b1ab75f8baa0bf29082014fca6c7b132fb2042a22c0a95e1952ca3b1eefdf8fe4c6b84d78552b2eb8789ad046b1f413d95e51edc8901fd5b3e2adc4ccf72eeb1955c0611551518c8e30cbc6e0b16ecee4a9a8cafd82351439a04735502833e969d1860f746568f2bd2e4799d51e0c83b5d1f6fa095f08d1f15ac44b838bce309d1bd23236eebdf4367ba2eb559f486b79b91104d1b1d76b5816f85d1544342941af9640f3ed5f352bb94d166b5ce13590704813c9bb4548f57ade90e8d3572c3fdbf7150fd54d4948b85e27e2687debace7f8a651a98b2f0f35476b053077b57fb2a2ee547a50d804e0c81d5983336c7b70ec4fe0613b4dccfa8c7b7a9009c9719d3d048a29334be093acb34685957e16021a881d1faa88e24112d1303eff7a505975f4d26e12fb457178157cef70ebef6e8f9d7d2602ce5b2e9ddb7df23d25c1612d847b84a00556fb5c571f5df8554ae66fd2af13fbd0b2f9681601f83d677440f0cedc44debc01ba2caaccad7f3c275c1837d521b2c299df408456e227987772074638917613acdb80197839e9adbfc4d89fd6b27f55834196fe4db948b147b2f18f6518ebde33e6eaca1c7768ac636b66454aa68876edf40f975e82edb51849fffe02e16a1067cb4fb76f27642c8bbc41e13db45d758ea43d44f231e23d991be4f4b3e5476b40fd2de549c6cdee52c3ae2fc0ae88a1153d688e40c1b153df41e86b665b16b83d838409890eb83514cce2e359f776cbce511ca09fc991401b55f0bef3e4ef6654094de00a8761e76f46433af97141af68d6a978b903f2f2b43f2e822d6e659ee66e95907a83f0a21cf5614576b670c73f4d7e31cd5ce183700245fb8cab169c62b43922827d1b6d29786b138f85a2f81edbe53b9a9c3d63f2df99808cf0406b3b34bf87364af5f0e6c95fcfd648773a064a905d10a714f2f38025ede1384f0d865f1887afac783d5af07dff119a2d257e8b1c4ae25050c27df96adabaa39945a5359de4b55b1693871f34095d0bb36b6b2c16d3333d67f1386dfe88cfeba883f1219f82e43aad5be6aa20b6b68b40af82494a33298df01f9de914a21d1fe3a46a6243c3eb31f741c41765b216ab941c231c247cece02af8111bd1f2c8a740bf842c78ff090da53e38040c42688f03feab9b744320723cd19a0234a7b54a49569020f3f2fbfc706e63907f0ee368bc329962da0030845d624f5a09fb7eaa02615aec00c4c752daf7858a9a531b3733f8ed7595796171e76bc69f6d3d71a270f87986f1521b0b882cc2827d16a69fce9b99c9102d896360b762045dcb44765dde2562a1afab08fc6fe96362c4f1dd08f1f6fe651a8fed13ec7e5bbf5a43f0563edf9b35d8f8619c881e96213ffc6d763314e5c9e4c6ece38e158e557c9ac32f6036fb458f0d1cdb27b600fdc53b3f412bd5982fed4c2cfbe51ed83985cfa26984867d0366ba822a537af43e5f48a596c1a87a099256c8e71f9bb40568a380cc0bd772c383a4410ca6b452fd0fa7262ccf63b1617b30fb3b4e5a1d08b037bfea54ebc970ce19fe609f954831f5463dfb5e8408bf44b4bd404fb05bfbd55a0a10f9b61d7c530ee8c9622f224d53e2e575c0b2778c908e5892e65d86498e380aad97f22b659ff0c35946b209da56aec351e9cf130faa661e0e3c5be114aa751c3eb4fa2f698ab17a157dbcd359d481c54d9d1ba3a46f0c9c9c7c622f6eff7008797bb63010e7879b4a3d54e97f3edfe6f8650ab4d6c07535c58f67b816ae304cd8a167c47cf03fccddda57655e2bc5020d35bac7486626221fcea7ebfeeefd8a3cd77aee1fcf89b46a56d59cd74b1ffcc7d81f92c7f5b70b44a85ce5dee902e1eb3c07465ebefd6d6c7e2edfbd527456ec3737ee45f6b10c323504a2dbbcfb4fba1df0f34455a5de4721e87ac3bf3b885f7c9e260caa4c1a0dfe78a9ea4f1539e265c0c7dc9a76bbff0457161e1280fe164405ea9a594339e0da7df125060b2394f9ed3b6695ae3396cafa59d8a20d4bf94923766e86123da4f358e6b18fa0f829e21ac3060ba6d68c71dcdafff803214ec817d43f9a1f0edc54c7b6cec87e8436a8891c786bb1e78411f6fc728a26b40156e15ba972597f0700ccc226e0d150ef61fc0c16f1dbfd529811d4cecd4e0ee8727a87f1f66390843fdea530a2a222d022985c76f37f2281f9320ab0f0cc068c33c5d008afbc9da0e8a294e71b3b662b9773457bb0574383633e7e25cb5679250011c13b259bd0fb71fc844c5825a3c723228d6d53139c23f846026816ec4c7b8fa610d0808291c3660a21f09351951ce5f9a19cb72c667d88f2b70932f4abfb8adfca6a23635dcb8ac85c8eb1934cf9edc6c96e3e9a4fd0953d6b00cc3c27f2f8bb5ea69780d981e0d7f30a0061f790d512a434888482cd4a4b9aebf7bdac56adfaca07cab8e7163ccdd8b049f2242b04e594374e82d8710b87051ab1bdf454e91005bd06c454cdd1a8308aba84d44c037246fbaa45b2b5b91a9728d5b4333abe74fbb67d0fda39be79267f43d97cb3e291d412a370791e31132879c277ffcffbd63cbb83800b9ef428a0fa30f935723273e6c7803b06db05c211c3c70223db365c5a15f0e62cd2eb2b451c66182f2a9cd49ec16ae279ab42e75ab0016a22d971fa6ae39375336acbd444e165912913e67dc5e06a44ece8a902d16d0080197d2c88b1a743c2711eca6ec1900c24dfd802d13e795780dfcbfa5a85bef3188f7421cc0cc02f3adc84e53809280c1be645f3fbffa45c75d7fb6a5babb24598c1743f0b2f5e7092828145f425ea013190021775c7647e86a7fb6d42dbfb4148187820ef7fed7a7863b2fefcac1b15d542fe4214869b5b3a5b2fc82b70e287f67e1d7f79e0dd0dd7eab61eafcc26d9cdde1545718af75d538c4c1689692e72752834dbc6c17e21b24cddd5f7d1f0f856ae9849184ea87d6b042d95f0ab2b20e50a9c639e2d69210f420797d7e902a527e195c732634be1ee48b4e4cfea126a74f091a514c69524fb76b989f827fd52244a5571ce716e52c6072c9cd69535bd7c1d6cd9c676659d07e5c59b3de9fca876abb0f0720471fe9755e44d38949ce68549dff9d40c5415387c51c87ea6ede496dfa2a6af396fe3bb5ec4daf7a02014488775ec04dc8036fe493df58c4c3f03eaa5a76de097d67ae7001b73fcfd68debd2d2ae1d1dfeac7dc5232c3c9c18d8e9e31f63efa5dae87ca5908e05a0d68574dd84ba9a0cb2e1c34bc4bf7cb3581548f97533023ae6951809534f1a99bc3d476248c101f7955a03479c919ff49b320a6902d1a6ffe0ff0fa335854eb0283aefcbb97b85ed5456cd238d5c5d67b55aff5310e0eba89c7aed3b4fb223ef0cec6d852a00ab2e8e05bcc27f73e1b3f3debd728d33389277a05ae09a7ccb271fa7551f4362bae89f4ee5e64fb553dd0c63ee2fe5fe0c09e06a093d2fb97ad01b0fedc41e20d4a97f5582b7a410f9254faa515bfd6a4889567469ee3cf49232ea8481770419d1182dcd517162aa91fe915b13d5c7de3b1f536c513e6f230d6f95ccf2d67d2301f87eba8fbf5ca8a458d098dae953ffc205b377ba7a84c9d4988c4960e0263c24bba7cd9544f4e30e98209844d83cc47a95517a3f43026a7a37d7b1a15f3d66e5f722f0be401eb292783acf574883bf1d773f7ec583fd71bf5ea8afb391eb11c9a5d788864ad2244f1062868f1fb0dbc3eea208fc7f1f10146b9035c2e12b087ef97879f9989d39afe55ca8c94fda81195ba4643e8083e80a739b1a3041c0499f4f7492c527befaf9ea37a4113fa3d5e6a57075ff27bfaebf058f1bb397f51ee0e29bf05e2ab7ac370afa6d8e0621914709679e390d06f00f9a4bf6f95a754eb7b1dca62cd486db7611080dc826ce2101e7fe5a2dc43b3013e459681deaa36446a17924ebad972202ac3a1d37aee5844349186730ed042f31ed2739ed78e9f03f884706ff7f960bb34276d6b75b0b9030babae3838291a35e11996420bb37fd114398c15ed3235b2f3e27165cfcd51b70635fd060bff85d82680625a229f7a1dc1b24bc43e9af3a0ed7369193d2f5dbb6a38d532d16d8d8c52695d66414d94be775d06654c03f9bc36d81d82e37142d43658e91834ce8b7d36c23a30a1210db79afb6a8abda1222dda5a5a68433136749804f8436faad0daa22252670caba28c23bfb3d988d841c1675608f6ec478e1c67c5d882caedddb9b44f668f3b807ccc0d60e2460b980e7a402790869878dade02e523686c650520395b95d2c0b898909a036e3407d798f0d2047489802e8af6d260c83621b6611f31ebc27e255cfba2ec39e9a1ed4fefe5580977894eae2327a96fcb0f53b73283e9ec6f84dbc75dca95e870b55e62d22a1f06cac3ae79a721c65afeaffcdf630cac40a1aecd91fd714ee1def90bd679cb65201e00ff629b9a79092de36c7b283d39a219772b90f19965e71239821fae770e5bed9afa1d854e039f00fa9562bb9d29b1f22376b9ef92565554cd2a2fe7a300d3c7aec8ed12d53b92d7b2ba94bd180855558376f44dc0c2109d6ce081ffc1d0ca9b44520a57e176443f8bcb79d9888a6aa22709accf7da3ff65621c9e78dc1f8ecc0b8cd3a2128643b4ca5e3a28a5a401daa4a29d12dfd55c1175e45c04a3c3a3aca9cd0e0702e7a15360b002c39959d3bfae08d20c89208176aad19c79e1cee8c4a2e03e617c39661d8a824c50d99a07791d30a399ae4563c28857c17ea3a46ac8f1e1bdd76c3a7b8b5cf90164006fb598a97dd4ce014968a9b9896f0f9dc04e241c9d25e63202c564ddd94ed9889dd8cef59f8e66841ee97925ecdd366c64a70d9f37d4a3fd35141f5a529c559f8094adf95e69eea9779fa4ee3ccb25af8fab17b1e0d870e5c8535b60cca0080e33632dfa4e330ae4977787064dae459a9b70200010000000000000000000000000005000500000000000a00000000000000fe880000000000000000000000000001000000000000000005000700000000000a00000000000000fc0100000000000000000000000000000000000000000000020013"], 0x10d0}}, 0x2000c004)

1.314550335s ago: executing program 7 (id=5801):
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x822b01)
io_setup(0x3, &(0x7f0000000180)=<r1=>0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000340)=0x3)
io_submit(r1, 0x2, &(0x7f0000000440)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x10000}])
write$char_usb(r0, &(0x7f0000000040)="e2", 0x2778)

1.218414557s ago: executing program 7 (id=5802):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0xf, {[@main=@item_4={0x3, 0x0, 0x8, '\t\x00'}, @local=@item_4={0x3, 0x2, 0x0, "93bf0280"}, @main=@item_4={0x3, 0x0, 0xb, "7488dffc"}]}}, 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$HIDIOCGREPORTINFO(r1, 0xc00c4809, &(0x7f00000000c0)={0x3, 0x0, 0x101})

854.553764ms ago: executing program 3 (id=5807):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000280)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0)
sendfile(r1, r1, 0x0, 0xcb3e)

844.652124ms ago: executing program 3 (id=5808):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000dc0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1d34, 0xa, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x3}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83c6e613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038d0100a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b17680100969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06de269e97fbb0776bf56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105cfdf8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f01000080000000004febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60133641a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2e9a20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1015ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846899c6b23c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33694f40000000000005d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b95bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca86f750189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc681b6c9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8504611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c01446234437b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c64cd14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e87973d574ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7430100bf3825a1996c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb150963b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b16500"/4081], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

321.574694ms ago: executing program 6 (id=5826):
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000340)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @empty, 0x4}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x3, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x2, @loopback}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x4e20, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0xa4ffffff, @rand_addr=' \x01\x00'}}}, 0x108)
close(0x3)

305.466974ms ago: executing program 6 (id=5827):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000080)={0x20})
close_range(r1, r1, 0x0)

223.835776ms ago: executing program 6 (id=5829):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x310})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

145.056578ms ago: executing program 5 (id=5832):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_opts(r1, 0x29, 0x40, &(0x7f0000000600)=ANY=[@ANYBLOB="000a0000000000000730000000000a000002000000000100000000000080000001000000000000000000000000000000000000000000000000000720000000000600000000000000000000000000000000000000fe"], 0x60)

90.361479ms ago: executing program 5 (id=5833):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
get_robust_list(0x0, &(0x7f0000000100)=0x0, &(0x7f0000000140))

75.101559ms ago: executing program 5 (id=5834):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000680)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
lsetxattr$security_selinux(&(0x7f00000001c0)='.\x00', &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x1001, 0x0)

56.030139ms ago: executing program 5 (id=5835):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))

45.394989ms ago: executing program 6 (id=5836):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffea4, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
symlink(&(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

34.285809ms ago: executing program 5 (id=5837):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[], 0x0, 0xffffff40, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r1=>0x0}, &(0x7f0000000280)=0x5)
setuid(r1)
setpriority(0x2, 0xff, 0x0)

14.976ms ago: executing program 6 (id=5838):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001200)=@base={0xb, 0x7, 0x8008, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000017b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000bc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
r2 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$selinux_access(r2, &(0x7f00000002c0)={'system_u:object_r:systemd_systemctl_exec_t:s0', 0x20, '/usr/sbin/cupsd', 0x20, 0x4}, 0x53)

9.40535ms ago: executing program 5 (id=5839):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x2000, 0x2000, &(0x7f0000000000/0x2000)=nil})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x200000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil})

0s ago: executing program 6 (id=5840):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000a000000850000000600000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={r2, r1, 0x25, 0x0, @val=@kprobe_multi=@syms={0x1, 0x0, 0x0, 0x0, 0x8}}, 0x30)
syz_emit_ethernet(0xfdef, &(0x7f0000000180)=ANY=[], 0x0)

kernel console output (not intermixed with test programs):

"/dev/usbmon0" dev="devtmpfs" ino=155 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  161.776021][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  161.807437][T10979] loop0: detected capacity change from 0 to 512
[  161.827475][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  161.841251][T10910] device veth0_vlan entered promiscuous mode
[  161.848239][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  161.856332][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  161.874029][T10979] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  161.880904][T10910] device veth1_macvtap entered promiscuous mode
[  161.899117][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  161.925510][T10992] loop8: detected capacity change from 0 to 256
[  161.926165][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  161.940487][T10992] exFAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  161.957895][  T294] EXT4-fs (loop0): unmounting filesystem.
[  161.968577][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  161.971712][T10992] exFAT-fs (loop8): Medium has reported failures. Some data may be lost.
[  161.986797][T10992] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[  162.006782][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  162.018713][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  162.030055][T11000] loop0: detected capacity change from 0 to 512
[  162.037921][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  162.048201][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  162.093629][T11016] netlink: 'syz.5.4458': attribute type 15 has an invalid length.
[  162.102988][T11000] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  162.121664][T11000] EXT4-fs warning (device loop0): ext4_group_add:1723: Can't resize non-sparse filesystem further
[  162.152471][  T294] EXT4-fs (loop0): unmounting filesystem.
[  162.173552][T11027] netlink: 48 bytes leftover after parsing attributes in process `syz.8.4515'.
[  162.238662][T11036] loop8: detected capacity change from 0 to 1024
[  162.245128][T11036] EXT4-fs: Ignoring removed mblk_io_submit option
[  162.254053][T11042] loop0: detected capacity change from 0 to 128
[  162.262740][T11042] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  162.282472][T11036] EXT4-fs error (device loop8): ext4_ext_check_inode:520: inode #11: comm syz.8.4519: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  162.312528][T11036] EXT4-fs error (device loop8): ext4_orphan_get:1405: comm syz.8.4519: couldn't read orphan inode 11 (err -117)
[  162.324577][T11036] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  162.335898][T11042] fscrypt (loop0, inode 12): Can't use IV_INO_LBLK_64 policy with contents mode other than AES-256-XTS
[  162.368847][T11036] EXT4-fs error (device loop8): ext4_read_block_bitmap_nowait:477: comm syz.8.4519: Invalid block bitmap block 0 in block_group 0
[  162.384656][  T294] EXT4-fs (loop0): unmounting filesystem.
[  162.395845][T11036] EXT4-fs error (device loop8): ext4_acquire_dquot:6782: comm syz.8.4519: Failed to acquire dquot type 0
[  162.414582][T11036] EXT4-fs error (device loop8): ext4_read_inode_bitmap:140: comm syz.8.4519: Invalid inode bitmap blk 137438953472 in block_group 0
[  162.438313][T11063] loop0: detected capacity change from 0 to 256
[  162.487637][  T552] EXT4-fs error (device loop8): __ext4_get_inode_loc:4508: comm kworker/u4:5: Invalid inode table block 8589934593 in block_group 0
[  162.505007][ T5829] EXT4-fs (loop8): unmounting filesystem.
[  162.572173][T11049] loop5: detected capacity change from 0 to 40427
[  162.576097][T11081] device vlan2 entered promiscuous mode
[  162.600873][T11049] F2FS-fs (loop5): heap/no_heap options were deprecated
[  162.611550][T11049] F2FS-fs (loop5): invalid crc value
[  162.620023][T11091] x_tables: duplicate underflow at hook 1
[  162.630102][T11049] F2FS-fs (loop5): Found nat_bits in checkpoint
[  162.682145][T11049] F2FS-fs (loop5): Start checkpoint disabled!
[  162.688798][T11049] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  162.743139][T11108] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4548'.
[  162.797050][  T552] kworker/u4:5: attempt to access beyond end of device
[  162.797050][  T552] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  162.928600][T11136] bridge0: port 3(vlan3) entered blocking state
[  162.934718][T11136] bridge0: port 3(vlan3) entered disabled state
[  162.945712][T11136] device vlan3 entered promiscuous mode
[  162.965605][T11136] device 
30ªX¹¦D entered promiscuous mode
[  163.025928][T11153] loop0: detected capacity change from 0 to 256
[  163.047652][T11153] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  163.219707][T11190] loop3: detected capacity change from 0 to 256
[  163.246408][T11190] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  163.343797][T11211] loop3: detected capacity change from 0 to 512
[  163.363752][T11213] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.370659][T11213] bridge0: port 1(bridge_slave_0) entered forwarding state
[  163.377823][T11211] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  163.400618][T11211] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  163.414486][T11211] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  163.422508][T11211] System zones: 0-2, 18-18, 34-34
[  163.429743][T11211] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1087: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  163.444476][T11211] EXT4-fs (loop3): 1 truncate cleaned up
[  163.450141][T11211] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  163.473626][T10355] EXT4-fs (loop3): unmounting filesystem.
[  163.485906][T11229] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4605'.
[  163.506529][T11231] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4606'.
[  163.524225][T11231] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4606'.
[  163.561084][T11238] loop6: detected capacity change from 0 to 512
[  163.568580][T11238] EXT4-fs: Ignoring removed i_version option
[  163.574981][T11238] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  163.587430][T11238] EXT4-fs (loop6): 1 truncate cleaned up
[  163.593317][T11238] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  163.619987][ T5519] EXT4-fs (loop6): unmounting filesystem.
[  163.658812][T11250] loop3: detected capacity change from 0 to 512
[  163.674714][T11250] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  163.700872][T11260] loop6: detected capacity change from 0 to 1024
[  163.707687][T10355] EXT4-fs (loop3): unmounting filesystem.
[  163.707862][T11260] EXT4-fs: Ignoring removed bh option
[  163.718963][T11260] EXT4-fs: Ignoring removed bh option
[  163.729145][   T19] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  163.741319][T11260] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  163.754291][T11260] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.4618: bg 0: block 273: padding at end of block bitmap is not set
[  163.768630][T11260] EXT4-fs (loop6): Remounting filesystem read-only
[  163.782101][ T5519] EXT4-fs (loop6): unmounting filesystem.
[  163.812455][T11269] loop6: detected capacity change from 0 to 1024
[  163.819875][T11269] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  163.831058][T11269] EXT4-fs (loop6): invalid journal inode
[  163.836600][T11269] EXT4-fs (loop6): can't get journal size
[  163.843113][T11269] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  163.855252][T11269] EXT4-fs error (device loop6): ext4_readdir:260: inode #2: block 64: comm syz.6.4622: path /497/file0: bad entry in directory: rec_len is too small for name_len - offset=0, inode=11, rec_len=12, size=1024 fake=0
[  163.876402][T11269] EXT4-fs error (device loop6): ext4_readdir:260: inode #2: block 73: comm syz.6.4622: path /497/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=83886080, rec_len=0, size=1024 fake=0
[  163.905213][ T5519] EXT4-fs (loop6): unmounting filesystem.
[  163.925516][   T19] usb 6-1: Using ep0 maxpacket: 16
[  163.933193][   T19] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  163.934480][T11283] loop6: detected capacity change from 0 to 256
[  163.944597][   T19] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  163.964367][T11283] FAT-fs (loop6): Directory bread(block 64) failed
[  163.966815][   T19] usb 6-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00
[  163.970844][T11283] FAT-fs (loop6): Directory bread(block 65) failed
[  163.984730][   T19] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.988073][T11283] FAT-fs (loop6): Directory bread(block 66) failed
[  163.995455][   T19] usb 6-1: config 0 descriptor??
[  164.000590][T11283] FAT-fs (loop6): Directory bread(block 67) failed
[  164.011429][T11283] FAT-fs (loop6): Directory bread(block 68) failed
[  164.017824][T11283] FAT-fs (loop6): Directory bread(block 69) failed
[  164.024242][T11283] FAT-fs (loop6): Directory bread(block 70) failed
[  164.030690][T11283] FAT-fs (loop6): Directory bread(block 71) failed
[  164.037086][T11283] FAT-fs (loop6): Directory bread(block 72) failed
[  164.043318][T11283] FAT-fs (loop6): Directory bread(block 73) failed
[  164.169501][T11292] loop6: detected capacity change from 0 to 1024
[  164.178182][T11292] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  164.192459][T11292] EXT4-fs warning (device loop6): empty_inline_dir:1866: bad inline directory (dir #12) - no `..'
[  164.211318][ T5519] EXT4-fs (loop6): unmounting filesystem.
[  164.260361][    T6] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  164.391362][   T19] ntrig 0003:1B96:0008.0020: hidraw0: USB HID v0.00 Device [HID 1b96:0008] on usb-dummy_hcd.5-1/input0
[  164.437580][    T6] usb 9-1: Using ep0 maxpacket: 32
[  164.443524][    T6] usb 9-1: config 0 has an invalid interface number: 1 but max is 0
[  164.451498][    T6] usb 9-1: config 0 has no interface number 0
[  164.457420][    T6] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  164.468190][    T6] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  164.477760][    T6] usb 9-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[  164.486588][    T6] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.494940][    T6] usb 9-1: config 0 descriptor??
[  164.579051][   T19] usb 6-1: USB disconnect, device number 3
[  165.068261][T11301] loop3: detected capacity change from 0 to 1024
[  165.080236][T11301] EXT4-fs: Ignoring removed nobh option
[  165.099268][T11301] EXT4-fs: Ignoring removed bh option
[  165.105076][T11301] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  165.134254][    T6] input: HID 28bd:0094 Pen as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.1/0003:28BD:0094.0021/input/input44
[  165.156232][T11301] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  165.169552][T11301] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3841: comm syz.3.4635: Allocating blocks 385-513 which overlap fs metadata
[  165.180870][    T6] uclogic 0003:28BD:0094.0021: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 28bd:0094] on usb-dummy_hcd.8-1/input1
[  165.186543][T11301] EXT4-fs (loop3): pa ffff888118d402a0: logic 16, phys. 129, len 24
[  165.203626][T11301] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 8
[  165.226444][T10355] EXT4-fs (loop3): unmounting filesystem.
[  165.252553][T11313] incfs: Backing dir is not set, filesystem can't be mounted.
[  165.276566][T11313] incfs: mount failed -2
[  165.299622][T11320] device vlan3 entered promiscuous mode
[  165.313695][T11320] device vlan0 entered promiscuous mode
[  165.326330][    T6] usb 9-1: USB disconnect, device number 9
[  165.344409][T11320] device vlan0 left promiscuous mode
[  165.483579][T11327] binder: binder_mmap: 11326 200000000000-200000b36000 bad vm_flags failed -1
[  165.550363][T11335] loop0: detected capacity change from 0 to 512
[  165.565536][T11333] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4647'.
[  165.584320][T11335] EXT4-fs error (device loop0): ext4_orphan_get:1426: comm syz.0.4648: bad orphan inode 134217728
[  165.611533][   T28] kauditd_printk_skb: 32 callbacks suppressed
[  165.611550][   T28] audit: type=1400 audit(166.538:1875): avc:  denied  { create } for  pid=11337 comm="syz.3.4649" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  165.644931][T11335] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  165.656847][   T28] audit: type=1400 audit(166.570:1876): avc:  denied  { read } for  pid=11337 comm="syz.3.4649" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  165.695191][T11335] EXT4-fs error (device loop0): ext4_get_first_dir_block:3591: inode #12: block 32: comm syz.0.4648: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  165.736148][   T28] audit: type=1400 audit(166.613:1877): avc:  denied  { write } for  pid=11337 comm="syz.3.4649" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  165.757073][T11345] loop3: detected capacity change from 0 to 512
[  165.769387][T11335] EXT4-fs error (device loop0): ext4_get_first_dir_block:3594: inode #12: comm syz.0.4648: directory missing '.'
[  165.785533][T11347] loop6: detected capacity change from 0 to 1024
[  165.792052][T11345] ext3: Unknown parameter 'noacl'
[  165.797031][   T28] audit: type=1400 audit(166.624:1878): avc:  denied  { rename } for  pid=11334 comm="syz.0.4648" name="file0" dev="loop0" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  165.819502][T11347] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  165.842054][   T28] audit: type=1400 audit(166.624:1879): avc:  denied  { rmdir } for  pid=11334 comm="syz.0.4648" name=131377C5FC35D41454D5D41D29AD1A6029598146E6BE166E41AD0DBD4054033C9F33BBDA8224A2F3D772E7636E48B33CBF708372E8F1B9933EC5127743BE2206209EF02DF9CBF2F6E880D338 dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  165.843809][  T294] EXT4-fs (loop0): unmounting filesystem.
[  165.900347][T11347] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  165.934315][T11347] tmpfs: Unknown parameter 'grpquota'
[  165.941039][   T28] audit: type=1400 audit(166.882:1880): avc:  denied  { mounton } for  pid=11346 comm="syz.6.4653" path="/512/file0/file0" dev="loop6" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  165.992108][T11362] loop3: detected capacity change from 0 to 128
[  165.999337][ T5519] EXT4-fs (loop6): unmounting filesystem.
[  166.006302][T11362] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  166.046065][T11367] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4661'.
[  166.088939][T10355] EXT4-fs (loop3): unmounting filesystem.
[  166.173014][T11388] IPv6: ADDRCONF(NETDEV_CHANGE): vcan1: link becomes ready
[  166.218551][T11397] loop0: detected capacity change from 0 to 128
[  166.225423][T11397] EXT4-fs (loop0): Test dummy encryption mode enabled
[  166.235403][T11397] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  166.274135][  T294] EXT4-fs (loop0): unmounting filesystem.
[  166.297183][   T28] audit: type=1400 audit(167.278:1881): avc:  denied  { unmount } for  pid=11407 comm="syz.0.4680" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  166.326136][T11412] loop3: detected capacity change from 0 to 512
[  166.416300][    T8] tipc: Disabling bearer <udp:syz2>
[  166.421622][    T8] tipc: Left network mode
[  166.672997][T11444] bridge0: port 1(bridge_slave_0) entered blocking state
[  166.685496][T11444] bridge0: port 1(bridge_slave_0) entered disabled state
[  166.703224][T11444] device bridge_slave_0 entered promiscuous mode
[  166.727582][T11444] bridge0: port 2(bridge_slave_1) entered blocking state
[  166.742203][T11444] bridge0: port 2(bridge_slave_1) entered disabled state
[  166.754247][T11444] device bridge_slave_1 entered promiscuous mode
[  166.879500][T11461] loop6: detected capacity change from 0 to 512
[  166.908504][T11444] bridge0: port 2(bridge_slave_1) entered blocking state
[  166.915371][T11444] bridge0: port 2(bridge_slave_1) entered forwarding state
[  166.922503][T11444] bridge0: port 1(bridge_slave_0) entered blocking state
[  166.929271][T11444] bridge0: port 1(bridge_slave_0) entered forwarding state
[  166.977465][  T552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  166.988253][  T552] bridge0: port 1(bridge_slave_0) entered disabled state
[  166.996305][  T552] bridge0: port 2(bridge_slave_1) entered disabled state
[  167.023259][T11467] loop6: detected capacity change from 0 to 1024
[  167.040286][T11467] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  167.065391][ T5519] EXT4-fs (loop6): unmounting filesystem.
[  167.072123][  T552] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  167.081648][  T552] bridge0: port 1(bridge_slave_0) entered blocking state
[  167.088532][  T552] bridge0: port 1(bridge_slave_0) entered forwarding state
[  167.097000][  T552] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  167.107125][  T552] bridge0: port 2(bridge_slave_1) entered blocking state
[  167.114018][  T552] bridge0: port 2(bridge_slave_1) entered forwarding state
[  167.123582][T11469] device vlan2 entered promiscuous mode
[  167.129224][T11469] device vlan0 entered promiscuous mode
[  167.141349][T11469] device vlan0 left promiscuous mode
[  167.153739][  T552] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  167.161758][  T552] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  167.179665][  T552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  167.192967][T11444] device veth0_vlan entered promiscuous mode
[  167.199847][  T552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  167.216582][  T552] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  167.234745][  T552] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  167.257364][  T552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  167.275289][T11444] device veth1_macvtap entered promiscuous mode
[  167.306301][  T552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  168.307186][    T6] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  178.785597][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  178.819275][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  178.862875][   T28] audit: type=1400 audit(180.754:1882): avc:  denied  { wake_alarm } for  pid=11509 comm="syz.7.4694" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  178.999160][T11527] bond0: tun_chr_ioctl cmd 2147767521
[  179.026525][   T28] audit: type=1400 audit(180.937:1883): avc:  denied  { map } for  pid=11535 comm="syz.6.4736" path="socket:[68622]" dev="sockfs" ino=68622 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  179.059656][   T28] audit: type=1400 audit(180.937:1884): avc:  denied  { read } for  pid=11535 comm="syz.6.4736" path="socket:[68622]" dev="sockfs" ino=68622 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  179.093331][   T28] audit: type=1400 audit(180.969:1885): avc:  denied  { ioctl } for  pid=11544 comm="syz.5.4740" path="socket:[68645]" dev="sockfs" ino=68645 ioctlcmd=0x48d5 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  179.108211][T11549] loop5: detected capacity change from 0 to 1024
[  179.148708][T11549] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  179.159777][   T28] audit: type=1400 audit(181.076:1886): avc:  denied  { getopt } for  pid=11547 comm="syz.5.4741" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  179.180788][T10910] EXT4-fs (loop5): unmounting filesystem.
[  179.221930][   T28] audit: type=1400 audit(181.140:1887): avc:  denied  { create } for  pid=11569 comm="syz.3.4749" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  179.269854][T11573] Invalid ELF header magic: != ELF
[  179.274943][   T28] audit: type=1400 audit(181.194:1888): avc:  denied  { sys_module } for  pid=11571 comm="syz.3.4750" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  179.303337][T11580] loop8: detected capacity change from 0 to 128
[  179.328320][   T28] audit: type=1400 audit(181.194:1889): avc:  denied  { module_load } for  pid=11571 comm="syz.3.4750" path="/sys/kernel/notes" dev="sysfs" ino=1141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[  179.372520][   T28] audit: type=1400 audit(181.301:1890): avc:  denied  { unmount } for  pid=5519 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  179.377881][T11590] loop7: detected capacity change from 0 to 512
[  179.395521][T11592] input: syz1 as /devices/virtual/input/input45
[  179.399283][T11590] EXT4-fs (loop7): Test dummy encryption mode enabled
[  179.422672][T11594] netlink: 196 bytes leftover after parsing attributes in process `syz.6.4760'.
[  179.435652][T11590] EXT4-fs error (device loop7): ext4_find_inline_data_nolock:164: inode #12: comm syz.7.4759: inline data xattr refers to an external xattr inode
[  179.452440][T11590] EXT4-fs (loop7): Remounting filesystem read-only
[  179.462400][T11590] EXT4-fs error (device loop7): ext4_orphan_get:1405: comm syz.7.4759: couldn't read orphan inode 12 (err -117)
[  179.481463][T11605] loop3: detected capacity change from 0 to 512
[  179.488792][T11590] EXT4-fs (loop7): Remounting filesystem read-only
[  179.495869][T11590] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  179.510995][T11605] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.4766: inode #1: comm syz.3.4766: iget: illegal inode #
[  179.524147][T11610] loop6: detected capacity change from 0 to 1024
[  179.536031][T11605] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.4766: error while reading EA inode 1 err=-117
[  179.548815][T11590] EXT4-fs error (device loop7): ext4_add_entry:2486: inode #2: comm syz.7.4759: Directory hole found for htree leaf block 0
[  179.562534][T11605] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.4766: inode #1: comm syz.3.4766: iget: illegal inode #
[  179.577030][T11610] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  179.586119][T11590] EXT4-fs (loop7): Remounting filesystem read-only
[  179.602773][T11605] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.4766: error while reading EA inode 1 err=-117
[  179.614886][   T19] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  179.631391][T11444] EXT4-fs (loop7): unmounting filesystem.
[  179.638687][ T5519] EXT4-fs (loop6): unmounting filesystem.
[  179.644799][T11605] EXT4-fs (loop3): 1 orphan inode deleted
[  179.657191][T11605] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  179.725923][T10355] EXT4-fs (loop3): unmounting filesystem.
[  179.731502][   T28] audit: type=1400 audit(181.688:1891): avc:  denied  { read } for  pid=11625 comm="syz.8.4774" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  179.789801][   T19] usb 6-1: config 0 has no interfaces?
[  179.802528][   T19] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  179.835561][   T19] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.850099][   T19] usb 6-1: Product: syz
[  179.854632][   T19] usb 6-1: Manufacturer: syz
[  179.859048][   T19] usb 6-1: SerialNumber: syz
[  179.864478][   T19] usb 6-1: config 0 descriptor??
[  179.899788][T11647] loop3: detected capacity change from 0 to 512
[  179.930117][T11647] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  179.967038][T10355] EXT4-fs (loop3): unmounting filesystem.
[  180.010296][T11638] loop6: detected capacity change from 0 to 40427
[  180.017301][T11638] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  180.025393][T11638] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  180.034320][T11638] F2FS-fs (loop6): invalid crc value
[  180.041580][T11638] F2FS-fs (loop6): Found nat_bits in checkpoint
[  180.067175][   T19] usb 6-1: USB disconnect, device number 4
[  180.091018][T11638] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  180.098317][T11638] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  180.116432][T11671] loop3: detected capacity change from 0 to 512
[  180.125722][T11671] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  180.145372][  T340] F2FS-fs (loop6): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  180.155018][  T340] F2FS-fs (loop6): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  180.155353][T10355] EXT4-fs (loop3): unmounting filesystem.
[  180.256815][T11679] device veth2 entered promiscuous mode
[  180.280592][T11683] random: crng reseeded on system resumption
[  180.283019][T11682] loop6: detected capacity change from 0 to 512
[  180.293311][T11682] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  180.303519][T11682] EXT4-fs (loop6): orphan cleanup on readonly fs
[  180.310195][T11682] EXT4-fs warning (device loop6): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  180.324994][T11682] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  180.331830][T11682] EXT4-fs (loop6): 1 truncate cleaned up
[  180.337385][T11682] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  180.357517][T11682] EXT4-fs warning (device loop6): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  180.378263][ T5519] EXT4-fs (loop6): unmounting filesystem.
[  180.616879][T11706] loop8: detected capacity change from 0 to 512
[  180.625890][T11706] EXT4-fs error (device loop8): ext4_get_branch:178: inode #13: block 2: comm syz.8.4808: invalid block
[  180.637562][T11706] EXT4-fs error (device loop8): ext4_free_branches:1030: inode #13: comm syz.8.4808: invalid indirect mapped block 10 (level 1)
[  180.651073][T11706] EXT4-fs error (device loop8): ext4_free_branches:1030: inode #13: comm syz.8.4808: invalid indirect mapped block 8 (level 1)
[  180.664807][T11706] EXT4-fs (loop8): 1 truncate cleaned up
[  180.670337][T11706] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  180.693666][ T5829] EXT4-fs (loop8): unmounting filesystem.
[  180.861234][T11730] loop5: detected capacity change from 0 to 128
[  180.883863][T11728] loop3: detected capacity change from 0 to 8192
[  180.909489][T11718] loop8: detected capacity change from 0 to 40427
[  180.935445][  T323] hid-generic 0000:0000:0000.0022: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  180.952803][T11718] F2FS-fs (loop8): Found nat_bits in checkpoint
[  180.997117][T11718] F2FS-fs (loop8): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  181.010647][T11718] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  181.047369][ T5829] syz-executor: attempt to access beyond end of device
[  181.047369][ T5829] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  181.258702][T11769] loop6: detected capacity change from 0 to 256
[  181.265109][T11769] exfat: Deprecated parameter 'utf8'
[  181.270412][T11769] exfat: Deprecated parameter 'namecase'
[  181.276549][T11769] exfat: Deprecated parameter 'utf8'
[  181.284260][T11769] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  181.353850][T11777] SELinux:  Context system_u:object_r:tty_device_t:s0 is not valid (left unmapped).
[  181.416981][T11781] SELinux: failed to load policy
[  181.577859][T11803] loop6: detected capacity change from 0 to 256
[  181.620470][T11810] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  181.674457][T11818] loop6: detected capacity change from 0 to 1024
[  181.681614][T11818] EXT4-fs: Ignoring removed nobh option
[  181.688084][T11818] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  181.717316][T11825] loop7: detected capacity change from 0 to 16
[  181.724150][T11825] erofs: (device loop7): mounted with root inode @ nid 36.
[  181.732119][T11825] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop7 ino=86
[  181.741126][T11825] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop7 ino=86
[  181.750507][T11825] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop7 ino=86
[  181.759508][T11825] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop7 ino=86
[  181.768591][T11825] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop7 ino=86
[  181.812941][T11831] loop7: detected capacity change from 0 to 256
[  181.842303][T11831] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[  181.880541][T11845] netlink: 36 bytes leftover after parsing attributes in process `syz.6.4871'.
[  181.957382][T11858] netlink: 'syz.8.4875': attribute type 1 has an invalid length.
[  182.043923][T11871] loop8: detected capacity change from 0 to 128
[  182.109486][T11885] rtc_cmos 00:00: Alarms can be up to one day in the future
[  182.197409][T11902] loop8: detected capacity change from 0 to 1024
[  182.213556][T11902] EXT4-fs: Ignoring removed mblk_io_submit option
[  182.222884][T11902] EXT4-fs error (device loop8): ext4_ext_check_inode:520: inode #11: comm syz.8.4899: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  182.241524][T11902] EXT4-fs error (device loop8): ext4_orphan_get:1405: comm syz.8.4899: couldn't read orphan inode 11 (err -117)
[  182.265503][T11915] usb usb8: usbfs: process 11915 (syz.3.4902) did not claim interface 0 before use
[  182.271759][T11902] EXT4-fs error (device loop8): ext4_read_block_bitmap_nowait:477: comm syz.8.4899: Invalid block bitmap block 0 in block_group 0
[  182.288333][T11902] EXT4-fs error (device loop8): ext4_acquire_dquot:6782: comm syz.8.4899: Failed to acquire dquot type 0
[  182.375770][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  182.387753][T11938] loop3: detected capacity change from 0 to 128
[  182.388751][T11935] Bluetooth: hci0: Frame reassembly failed (-84)
[  182.399367][T11938] EXT4-fs (loop3): Test dummy encryption mode enabled
[  182.406846][T11940] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4915'.
[  182.416953][T11940] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  182.621224][T11953] loop5: detected capacity change from 0 to 40427
[  182.628312][T11953] F2FS-fs (loop5): fault_injection options not supported
[  182.635913][T11953] F2FS-fs (loop5): invalid crc value
[  182.643475][T11953] F2FS-fs (loop5): Found nat_bits in checkpoint
[  182.677815][  T323] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  182.691390][T11953] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  182.716128][T10910] syz-executor: attempt to access beyond end of device
[  182.716128][T10910] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  182.768654][T11972] loop3: detected capacity change from 0 to 2048
[  182.775474][T11972] EXT4-fs: Ignoring removed mblk_io_submit option
[  182.851226][T11978] loop3: detected capacity change from 0 to 8192
[  182.857506][  T323] usb 9-1: Using ep0 maxpacket: 32
[  182.863501][  T323] usb 9-1: config 0 has an invalid interface number: 1 but max is 0
[  182.881678][  T323] usb 9-1: config 0 has no interface number 0
[  182.899684][  T323] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  182.910476][  T323] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  182.920044][  T323] usb 9-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[  182.929629][  T323] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.938401][  T323] usb 9-1: config 0 descriptor??
[  183.512222][  T323] input: HID 28bd:0094 Pen as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.1/0003:28BD:0094.0023/input/input48
[  183.525957][  T323] uclogic 0003:28BD:0094.0023: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 28bd:0094] on usb-dummy_hcd.8-1/input1
[  183.591241][   T39] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  183.698930][ T4487] usb 9-1: USB disconnect, device number 10
[  183.704733][T12003] loop5: detected capacity change from 0 to 131072
[  183.713471][T12003] F2FS-fs (loop5): Found nat_bits in checkpoint
[  183.747885][T12003] F2FS-fs (loop5): Mounted with checkpoint version = 1b41e955
[  183.768766][   T39] usb 4-1: Using ep0 maxpacket: 8
[  183.771817][T12003] F2FS-fs (loop5): Inconsistent error blkaddr:5633, sit bitmap:0
[  183.774863][   T39] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  183.781291][T12003] CPU: 0 PID: 12003 Comm: syz.5.4941 Not tainted 6.1.129-syzkaller-00054-g3e6e324f5b47 #0
[  183.791186][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  183.800775][T12003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  183.800794][T12003] Call Trace:
[  183.800802][T12003]  <TASK>
[  183.800811][T12003]  dump_stack_lvl+0x151/0x1b7
[  183.811574][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0
[  183.821352][T12003]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  183.821395][T12003]  ? f2fs_get_next_page_offset+0x770/0x770
[  183.824638][   T39] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  183.827248][T12003]  dump_stack+0x15/0x18
[  183.831832][   T39] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  183.841313][T12003]  __f2fs_is_valid_blkaddr+0xce2/0x1450
[  183.841352][T12003]  f2fs_is_valid_blkaddr+0x25/0x30
[  183.846705][   T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.852248][T12003]  f2fs_get_read_data_page+0x571/0x970
[  183.852287][T12003]  ? f2fs_put_dnode+0x160/0x160
[  183.865863][   T39] usb 4-1: config 0 descriptor??
[  183.868912][T12003]  ? pagecache_get_page+0xbc/0x110
[  183.915607][T12003]  f2fs_find_data_page+0x1b3/0x3c0
[  183.920555][T12003]  __f2fs_find_entry+0x6d3/0xef0
[  183.925331][T12003]  ? f2fs_prepare_lookup+0x1ca/0x270
[  183.930445][T12003]  ? f2fs_find_target_dentry+0x1020/0x1020
[  183.936087][T12003]  ? __f2fs_setup_filename+0x280/0x280
[  183.941385][T12003]  ? generic_set_encrypted_ci_d_ops+0x91/0xf0
[  183.947286][T12003]  f2fs_lookup+0x1bb/0xb50
[  183.951563][T12003]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  183.957445][T12003]  ? d_hash_and_lookup+0x1e0/0x1e0
[  183.962389][T12003]  ? lockref_mark_dead+0xb0/0xb0
[  183.967156][T12003]  __lookup_slow+0x2b9/0x3e0
[  183.971584][T12003]  ? lookup_one_len+0x2c0/0x2c0
[  183.976275][T12003]  lookup_slow+0x5a/0x80
[  183.980364][T12003]  walk_component+0x2e7/0x410
[  183.984864][T12003]  path_lookupat+0x16d/0x450
[  183.989291][T12003]  filename_lookup+0x251/0x600
[  183.993893][T12003]  ? hashlen_string+0x120/0x120
[  183.998579][T12003]  ? strncpy_from_user+0x169/0x2b0
[  184.003524][T12003]  ? getname_flags+0x1fd/0x520
[  184.008122][T12003]  ? _copy_from_user+0x90/0xc0
[  184.012723][T12003]  user_path_at_empty+0x43/0x1a0
[  184.017495][T12003]  __se_sys_mount+0x285/0x3b0
[  184.022009][T12003]  ? __this_cpu_preempt_check+0x13/0x20
[  184.027390][T12003]  ? __x64_sys_mount+0xd0/0xd0
[  184.031989][T12003]  ? fpregs_restore_userregs+0x130/0x290
[  184.037456][T12003]  __x64_sys_mount+0xbf/0xd0
[  184.041885][T12003]  x64_sys_call+0x49d/0x9a0
[  184.046222][T12003]  do_syscall_64+0x3b/0xb0
[  184.050478][T12003]  ? clear_bhb_loop+0x55/0xb0
[  184.054991][T12003]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  184.060717][T12003] RIP: 0033:0x7f67dfb8d169
[  184.064970][T12003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.084514][T12003] RSP: 002b:00007f67e09dd038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  184.092754][T12003] RAX: ffffffffffffffda RBX: 00007f67dfda5fa0 RCX: 00007f67dfb8d169
[  184.100570][T12003] RDX: 0000200000000200 RSI: 0000200000000000 RDI: 0000000000000000
[  184.108377][T12003] RBP: 00007f67dfc0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  184.116186][T12003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  184.123998][T12003] R13: 0000000000000000 R14: 00007f67dfda5fa0 R15: 00007ffce88b6f88
[  184.131816][T12003]  </TASK>
[  184.155128][T12003] F2FS-fs (loop5): Inconsistent error blkaddr:5633, sit bitmap:0
[  184.162832][T12003] CPU: 1 PID: 12003 Comm: syz.5.4941 Not tainted 6.1.129-syzkaller-00054-g3e6e324f5b47 #0
[  184.172555][T12003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  184.182447][T12003] Call Trace:
[  184.183766][    T6] usb 4-1: USB disconnect, device number 9
[  184.185566][T12003]  <TASK>
[  184.185577][T12003]  dump_stack_lvl+0x151/0x1b7
[  184.198507][T12003]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  184.203804][T12003]  ? f2fs_get_next_page_offset+0x770/0x770
[  184.209438][T12003]  dump_stack+0x15/0x18
[  184.213427][T12003]  __f2fs_is_valid_blkaddr+0xce2/0x1450
[  184.218812][T12003]  f2fs_is_valid_blkaddr+0x25/0x30
[  184.223757][T12003]  f2fs_get_read_data_page+0x571/0x970
[  184.229152][T12003]  ? f2fs_put_dnode+0x160/0x160
[  184.233840][T12003]  ? __kasan_check_read+0x11/0x20
[  184.238696][T12003]  f2fs_find_data_page+0x1b3/0x3c0
[  184.243647][T12003]  __f2fs_find_entry+0x6d3/0xef0
[  184.248427][T12003]  ? f2fs_prepare_lookup+0x1ca/0x270
[  184.253535][T12003]  ? f2fs_find_target_dentry+0x1020/0x1020
[  184.259177][T12003]  ? __f2fs_setup_filename+0x280/0x280
[  184.264479][T12003]  ? generic_set_encrypted_ci_d_ops+0x91/0xf0
[  184.270375][T12003]  f2fs_lookup+0x1bb/0xb50
[  184.274626][T12003]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  184.280528][T12003]  ? d_hash_and_lookup+0x1e0/0x1e0
[  184.280872][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[  184.285475][T12003]  ? lockref_mark_dead+0xb0/0xb0
[  184.291365][ T5443] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  184.296061][T12003]  __lookup_slow+0x2b9/0x3e0
[  184.306398][T12003]  ? lookup_one_len+0x2c0/0x2c0
[  184.311086][T12003]  lookup_slow+0x5a/0x80
[  184.315158][T12003]  walk_component+0x2e7/0x410
[  184.319675][T12003]  path_lookupat+0x16d/0x450
[  184.324100][T12003]  filename_lookup+0x251/0x600
[  184.328701][T12003]  ? hashlen_string+0x120/0x120
[  184.333402][T12003]  ? strncpy_from_user+0x169/0x2b0
[  184.338422][T12003]  ? getname_flags+0x1fd/0x520
[  184.343022][T12003]  user_path_at_empty+0x43/0x1a0
[  184.347796][T12003]  __se_sys_chdir+0xbb/0x220
[  184.352219][T12003]  ? __x64_sys_chdir+0x40/0x40
[  184.356822][T12003]  ? fpregs_restore_userregs+0x130/0x290
[  184.362295][T12003]  ? switch_fpu_return+0xe/0x10
[  184.366972][T12003]  __x64_sys_chdir+0x38/0x40
[  184.371395][T12003]  x64_sys_call+0x258/0x9a0
[  184.375738][T12003]  do_syscall_64+0x3b/0xb0
[  184.379986][T12003]  ? clear_bhb_loop+0x55/0xb0
[  184.384509][T12003]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  184.390232][T12003] RIP: 0033:0x7f67dfb8d169
[  184.394499][T12003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.413924][T12003] RSP: 002b:00007f67e09dd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000050
[  184.422170][T12003] RAX: ffffffffffffffda RBX: 00007f67dfda5fa0 RCX: 00007f67dfb8d169
[  184.429982][T12003] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[  184.437802][T12003] RBP: 00007f67dfc0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  184.445694][T12003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  184.453501][T12003] R13: 0000000000000000 R14: 00007f67dfda5fa0 R15: 00007ffce88b6f88
[  184.461319][T12003]  </TASK>
[  184.489560][T12012] loop7: detected capacity change from 0 to 2048
[  184.527835][T12012] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.4944: bg 0: block 345: padding at end of block bitmap is not set
[  184.553570][   T28] kauditd_printk_skb: 71 callbacks suppressed
[  184.553587][   T28] audit: type=1400 audit(186.870:1959): avc:  denied  { write } for  pid=12011 comm="syz.7.4944" name="random" dev="devtmpfs" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  184.707075][   T28] audit: type=1400 audit(187.020:1960): avc:  denied  { connect } for  pid=12032 comm="syz.5.4945" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  184.729865][   T28] audit: type=1400 audit(187.052:1961): avc:  denied  { listen } for  pid=12032 comm="syz.5.4945" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  184.791354][   T28] audit: type=1400 audit(187.116:1962): avc:  denied  { setcurrent } for  pid=12037 comm="syz.3.4955" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  184.839030][T12040] SELinux:  Context : is not valid (left unmapped).
[  184.840887][   T28] audit: type=1401 audit(187.116:1963): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[  184.869666][T12042] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4957'.
[  184.887131][   T28] audit: type=1400 audit(187.192:1964): avc:  denied  { relabelto } for  pid=12039 comm="syz.5.4956" name="rdma.current" dev="tmpfs" ino=422 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=":"
[  184.913900][T12046] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4959'.
[  184.930292][T12046] sch_fq: defrate 0 ignored.
[  184.941910][T12046] netlink: 100 bytes leftover after parsing attributes in process `syz.5.4959'.
[  184.952006][   T19] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  184.952927][   T28] audit: type=1400 audit(187.192:1965): avc:  denied  { associate } for  pid=12039 comm="syz.5.4956" name="rdma.current" dev="tmpfs" ino=422 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon=":"
[  185.033307][   T28] audit: type=1400 audit(187.224:1966): avc:  denied  { unlink } for  pid=10910 comm="syz-executor" name="rdma.current" dev="tmpfs" ino=422 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=":"
[  185.138398][   T19] usb 8-1: Using ep0 maxpacket: 32
[  185.144468][   T19] usb 8-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  185.165118][   T19] usb 8-1: config 0 interface 0 altsetting 16 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  185.176401][   T19] usb 8-1: config 0 interface 0 altsetting 16 endpoint 0x2 has invalid wMaxPacketSize 0
[  185.191192][   T19] usb 8-1: config 0 interface 0 altsetting 16 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  185.205174][   T19] usb 8-1: config 0 interface 0 has no altsetting 0
[  185.211709][   T19] usb 8-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  185.220697][   T19] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.229462][   T19] usb 8-1: config 0 descriptor??
[  185.271565][T12045] loop6: detected capacity change from 0 to 40427
[  185.511154][    T6] usb 4-1: new full-speed USB device number 10 using dummy_hcd
[  185.663998][   T19] hid-thrustmaster 0003:044F:B65D.0024: unknown main item tag 0x0
[  185.681367][   T19] hid-thrustmaster 0003:044F:B65D.0024: unknown main item tag 0x0
[  185.690273][    T6] usb 4-1: config 0 interface 0 altsetting 14 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  185.716285][    T6] usb 4-1: config 0 interface 0 altsetting 14 endpoint 0x81 has invalid wMaxPacketSize 0
[  185.726101][   T19] hid-thrustmaster 0003:044F:B65D.0024: unknown main item tag 0x0
[  185.733899][   T19] hid-thrustmaster 0003:044F:B65D.0024: unknown main item tag 0x0
[  185.761539][    T6] usb 4-1: config 0 interface 0 altsetting 14 has 1 endpoint descriptor, different from the interface descriptor's value: 18
[  185.791266][   T19] hid-thrustmaster 0003:044F:B65D.0024: unknown main item tag 0x0
[  185.819154][    T6] usb 4-1: config 0 interface 0 has no altsetting 0
[  185.825631][    T6] usb 4-1: New USB device found, idVendor=056a, idProduct=030a, bcdDevice= 0.00
[  185.835470][   T19] hid-thrustmaster 0003:044F:B65D.0024: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.7-1/input0
[  185.856522][    T6] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.877762][T12092] loop8: detected capacity change from 0 to 131072
[  185.884689][T12092] F2FS-fs (loop8): Wrong CP boundary, start(512) end(1536) blocks(0)
[  185.884816][   T19] hid-thrustmaster 0003:044F:B65D.0024: setup data couldn't be sent
[  185.892589][T12092] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  185.901716][    T6] usb 4-1: config 0 descriptor??
[  185.913971][T12092] F2FS-fs (loop8): invalid crc value
[  185.940782][    C0] hid-thrustmaster 0003:044F:B65D.0024: URB to get model id failed with error -71
[  185.952424][   T19] usb 8-1: USB disconnect, device number 5
[  185.964871][T12092] F2FS-fs (loop8): Found nat_bits in checkpoint
[  186.009516][T12092] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  186.016427][T12092] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e4
[  186.328702][    T6] wacom 0003:056A:030A.0025: hidraw0: USB HID vff.fe Device [HID 056a:030a] on usb-dummy_hcd.3-1/input0
[  186.359438][T12116] loop7: detected capacity change from 0 to 512
[  186.388038][   T28] audit: type=1400 audit(188.833:1967): avc:  denied  { read write } for  pid=12120 comm="syz.8.4992" name="ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  186.419726][T12104] loop5: detected capacity change from 0 to 131072
[  186.426940][   T28] audit: type=1400 audit(188.833:1968): avc:  denied  { open } for  pid=12120 comm="syz.8.4992" path="/dev/ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  186.428245][T12116] EXT4-fs mount: 12 callbacks suppressed
[  186.428266][T12116] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  186.463819][T12104] F2FS-fs (loop5): invalid crc value
[  186.494109][T11444] EXT4-fs (loop7): unmounting filesystem.
[  186.501678][T12104] F2FS-fs (loop5): Found nat_bits in checkpoint
[  186.521039][    T6] usb 4-1: USB disconnect, device number 10
[  186.556335][T12141] netlink: 'syz.6.4999': attribute type 34 has an invalid length.
[  186.573339][T12104] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  186.798141][  T323] usb 8-1: new full-speed USB device number 6 using dummy_hcd
[  186.818095][   T39] usb 9-1: new full-speed USB device number 11 using dummy_hcd
[  187.007332][  T323] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  187.018953][   T39] usb 9-1: unable to get BOS descriptor or descriptor too short
[  187.034939][   T39] usb 9-1: not running at top speed; connect to a high speed hub
[  187.042663][  T323] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  187.054687][  T323] usb 8-1: New USB device found, idVendor=056a, idProduct=0033, bcdDevice= 0.00
[  187.064808][   T39] usb 9-1: config 14 has an invalid interface number: 29 but max is 0
[  187.073047][   T39] usb 9-1: config 14 has no interface number 0
[  187.079279][   T39] usb 9-1: config 14 interface 29 altsetting 8 has an invalid endpoint with address 0x0, skipping
[  187.095873][  T323] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.108696][   T39] usb 9-1: config 14 interface 29 has no altsetting 0
[  187.115562][  T323] usb 8-1: config 0 descriptor??
[  187.120710][T12135] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  187.125742][T12178] netlink: 'syz.3.5014': attribute type 4 has an invalid length.
[  187.135423][T12178] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.5014'.
[  187.145572][   T39] usb 9-1: language id specifier not provided by device, defaulting to English
[  187.159274][   T39] usb 9-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=c1.97
[  187.173321][   T39] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  187.181284][   T39] usb 9-1: Product: syz
[  187.185379][   T39] usb 9-1: Manufacturer: syz
[  187.189777][   T39] usb 9-1: SerialNumber: syz
[  187.396691][   T39] asix 9-1:14.29 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  187.407108][   T39] asix: probe of 9-1:14.29 failed with error -71
[  187.414157][   T39] usb 9-1: USB disconnect, device number 11
[  187.505810][ T4488] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  187.513307][  T323] wacom 0003:056A:0033.0026: hidraw0: USB HID v0.00 Device [HID 056a:0033] on usb-dummy_hcd.7-1/input0
[  187.684217][ T4488] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  187.699248][   T39] usb 8-1: USB disconnect, device number 6
[  187.704946][ T4488] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  187.720808][ T4488] usb 6-1: New USB device found, idVendor=0416, idProduct=c168, bcdDevice= 0.00
[  187.730035][ T4488] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.740112][ T4488] usb 6-1: config 0 descriptor??
[  187.776961][T12242] loop3: detected capacity change from 0 to 512
[  187.788841][T12242] EXT4-fs (loop3): 1 orphan inode deleted
[  187.794507][T12242] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  187.814134][   T10] EXT4-fs error (device loop3): ext4_release_dquot:6805: comm kworker/u4:1: Failed to release dquot type 1
[  187.831111][T10355] EXT4-fs (loop3): unmounting filesystem.
[  187.893762][T12256] 9p: Unknown uid 00000000004294967295
[  188.004283][T12269] loop6: detected capacity change from 0 to 512
[  188.011227][T12269] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  188.021399][T12269] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  188.031772][T12269] EXT4-fs (loop6): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  188.041936][T12269] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  188.049711][T12269] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=e040e01c, mo2=0000]
[  188.057378][T12269] EXT4-fs (loop6): failed to initialize system zone (-117)
[  188.064438][T12269] EXT4-fs (loop6): mount failed
[  188.121829][ T4488] hid (null): nested delimiters
[  188.127788][ T4488] hid-generic 0003:0416:C168.0027: nested delimiters
[  188.144707][ T4488] hid-generic 0003:0416:C168.0027: item 0 1 2 10 parsing failed
[  188.148092][T12283] loop6: detected capacity change from 0 to 16
[  188.152712][ T4488] hid-generic: probe of 0003:0416:C168.0027 failed with error -22
[  188.159867][T12283] erofs: (device loop6): mounted with root inode @ nid 36.
[  188.173535][   T39] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  188.316615][ T4488] usb 6-1: USB disconnect, device number 5
[  188.364960][   T39] usb 9-1: config 0 has an invalid interface number: 156 but max is 0
[  188.372972][   T39] usb 9-1: config 0 has no interface number 0
[  188.388399][   T39] usb 9-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  188.399285][   T39] usb 9-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  188.457625][   T39] usb 9-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  188.466631][   T39] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.475110][   T39] usb 9-1: config 0 descriptor??
[  188.484667][   T39] usb 9-1: MIDIStreaming interface descriptor not found
[  188.495654][   T39] snd-usb-audio: probe of 9-1:0.156 failed with error -12
[  188.657795][T12349] loop7: detected capacity change from 0 to 40427
[  188.664695][T12349] F2FS-fs (loop7): Invalid SB checksum offset: 0
[  188.670880][T12349] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock
[  188.676197][ T4488] usb 9-1: USB disconnect, device number 12
[  188.685109][T12349] F2FS-fs (loop7): invalid crc value
[  188.691804][T12349] F2FS-fs (loop7): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  188.717678][T12349] F2FS-fs (loop7): Try to recover 2th superblock, ret: 0
[  188.724582][T12349] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  188.743857][T11444] syz-executor: attempt to access beyond end of device
[  188.743857][T11444] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  188.925376][T12365] netlink: 92 bytes leftover after parsing attributes in process `syz.7.5098'.
[  188.945675][T12367] loop7: detected capacity change from 0 to 16
[  188.952022][T12367] erofs: Unexpected value for 'acl'
[  188.999563][T12371] netlink: 32 bytes leftover after parsing attributes in process `syz.7.5101'.
[  189.008778][T12371] netlink: 32 bytes leftover after parsing attributes in process `syz.7.5101'.
[  189.077464][T12380] loop6: detected capacity change from 0 to 2048
[  189.119177][T12380] Alternate GPT is invalid, using primary GPT.
[  189.125233][T12380]  loop6: p1 p2 p3
[  189.174930][   T24] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  189.334370][T12405] netlink: 24 bytes leftover after parsing attributes in process `syz.6.5115'.
[  189.357161][   T28] kauditd_printk_skb: 15 callbacks suppressed
[  189.357179][   T28] audit: type=1400 audit(192.020:1983): avc:  denied  { setopt } for  pid=12406 comm="syz.6.5116" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  189.369914][   T24] usb 6-1: Using ep0 maxpacket: 32
[  189.399183][T12409] netem: change failed
[  189.399422][   T24] usb 6-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  189.429104][   T24] usb 6-1: config 0 interface 0 altsetting 16 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  189.440587][   T24] usb 6-1: config 0 interface 0 altsetting 16 endpoint 0x2 has invalid wMaxPacketSize 0
[  189.450552][   T24] usb 6-1: config 0 interface 0 altsetting 16 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  189.467103][T12413] input: syz1 as /devices/virtual/input/input55
[  189.473538][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  189.480826][   T24] usb 6-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  189.497086][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.512518][   T24] usb 6-1: config 0 descriptor??
[  189.530948][   T28] audit: type=1400 audit(192.202:1984): avc:  denied  { setopt } for  pid=12422 comm="syz.3.5124" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  189.606302][T12433] loop3: detected capacity change from 0 to 2048
[  189.660018][T12433] Alternate GPT is invalid, using primary GPT.
[  189.666091][T12433]  loop3: p1 p2 p3
[  189.807384][   T28] audit: type=1326 audit(192.492:1985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12374 comm="syz.7.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2421129359 code=0x7fc00000
[  189.831237][   T39] usb 9-1: new low-speed USB device number 13 using dummy_hcd
[  189.897967][   T24] hid-thrustmaster 0003:044F:B65D.0028: unknown main item tag 0x0
[  189.908517][   T24] hid-thrustmaster 0003:044F:B65D.0028: unknown main item tag 0x0
[  189.931373][   T24] hid-thrustmaster 0003:044F:B65D.0028: unknown main item tag 0x0
[  189.942455][   T24] hid-thrustmaster 0003:044F:B65D.0028: unknown main item tag 0x0
[  189.952603][   T24] hid-thrustmaster 0003:044F:B65D.0028: unknown main item tag 0x0
[  189.963431][T12444] loop3: detected capacity change from 0 to 512
[  189.970412][   T24] hid-thrustmaster 0003:044F:B65D.0028: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.5-1/input0
[  189.983326][   T24] hid-thrustmaster 0003:044F:B65D.0028: setup data couldn't be sent
[  189.992537][T12444] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  190.004542][T12444] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  190.015422][T12444] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  190.027249][T12444] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  190.032095][   T39] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  190.035180][T12444] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=e040e01c, mo2=0000]
[  190.052647][T12444] EXT4-fs (loop3): failed to initialize system zone (-117)
[  190.054559][   T39] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[  190.059712][T12444] EXT4-fs (loop3): mount failed
[  190.073235][   T39] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[  190.084012][   T39] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  190.092823][   T39] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.102896][    C1] hid-thrustmaster 0003:044F:B65D.0028: URB to get model id failed with error -71
[  190.111011][T12425] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[  190.112418][   T24] usb 6-1: USB disconnect, device number 6
[  190.125730][   T39] hub 9-1:1.0: bad descriptor, ignoring hub
[  190.131455][   T39] hub: probe of 9-1:1.0 failed with error -5
[  190.138853][   T39] cdc_wdm 9-1:1.0: skipping garbage
[  190.143942][   T39] cdc_wdm 9-1:1.0: skipping garbage
[  190.156121][   T39] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  190.199474][ T4488] usb 7-1: new full-speed USB device number 12 using dummy_hcd
[  190.370590][ T4488] usb 7-1: config 0 interface 0 altsetting 14 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  190.381815][ T4488] usb 7-1: config 0 interface 0 altsetting 14 endpoint 0x81 has invalid wMaxPacketSize 0
[  190.391904][ T4488] usb 7-1: config 0 interface 0 altsetting 14 has 1 endpoint descriptor, different from the interface descriptor's value: 18
[  190.409476][ T4488] usb 7-1: config 0 interface 0 has no altsetting 0
[  190.428434][ T4488] usb 7-1: New USB device found, idVendor=056a, idProduct=030a, bcdDevice= 0.00
[  190.437420][ T4488] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.445758][ T4488] usb 7-1: config 0 descriptor??
[  190.721805][   T39] usb 9-1: USB disconnect, device number 13
[  190.827569][ T4488] wacom 0003:056A:030A.0029: hidraw0: USB HID vff.fe Device [HID 056a:030a] on usb-dummy_hcd.6-1/input0
[  191.016353][ T4488] usb 7-1: USB disconnect, device number 12
[  191.056991][   T39] usb 9-1: new full-speed USB device number 14 using dummy_hcd
[  191.244839][   T39] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  191.254820][   T39] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[  191.263519][   T39] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 64
[  191.274294][   T39] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  191.283149][   T39] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.291825][T12425] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  191.299398][   T39] hub 9-1:1.0: bad descriptor, ignoring hub
[  191.305120][   T39] hub: probe of 9-1:1.0 failed with error -5
[  191.311056][   T39] cdc_wdm 9-1:1.0: skipping garbage
[  191.316072][   T39] cdc_wdm 9-1:1.0: skipping garbage
[  191.321738][   T39] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  191.479376][T12492] syzkaller0: tun_chr_ioctl cmd 35092
[  191.539443][T12499] loop6: detected capacity change from 0 to 512
[  191.545873][T12499] /dev/loop6: Can't open blockdev
[  191.597776][   T19] usb 9-1: USB disconnect, device number 14
[  191.653438][ T4488] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  191.662837][   T39] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  191.821635][    T6] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  191.829194][ T4488] usb 8-1: Using ep0 maxpacket: 16
[  191.835281][ T4488] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  191.845251][ T4488] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  191.849181][   T39] usb 4-1: Using ep0 maxpacket: 32
[  191.855525][ T4488] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  191.860155][   T39] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  191.867753][ T4488] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.875600][   T39] usb 4-1: config 0 has no interface number 0
[  191.883377][ T4488] usb 8-1: Product: syz
[  191.889297][  T323] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  191.893230][ T4488] usb 8-1: Manufacturer: syz
[  191.900588][   T39] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  191.904962][ T4488] usb 8-1: SerialNumber: syz
[  191.915708][   T39] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  191.929730][   T39] usb 4-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[  191.939152][   T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.947809][   T39] usb 4-1: config 0 descriptor??
[  192.007609][    T6] usb 7-1: Using ep0 maxpacket: 32
[  192.013715][    T6] usb 7-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  192.024152][    T6] usb 7-1: config 0 interface 0 altsetting 16 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  192.035125][    T6] usb 7-1: config 0 interface 0 altsetting 16 endpoint 0x2 has invalid wMaxPacketSize 0
[  192.044891][    T6] usb 7-1: config 0 interface 0 altsetting 16 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  192.057878][    T6] usb 7-1: config 0 interface 0 has no altsetting 0
[  192.064363][    T6] usb 7-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  192.073518][    T6] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.082122][    T6] usb 7-1: config 0 descriptor??
[  192.091437][  T323] usb 6-1: Using ep0 maxpacket: 32
[  192.101589][  T323] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  192.109968][ T4488] usb 8-1: 0:2 : does not exist
[  192.112342][  T323] usb 6-1: config 0 interface 0 has no altsetting 0
[  192.123447][  T323] usb 6-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00
[  192.132304][  T323] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.142010][ T4488] usb 8-1: 5:0: failed to get current value for ch 0 (-22)
[  192.143142][  T323] usb 6-1: config 0 descriptor??
[  192.161064][ T4488] usb 8-1: USB disconnect, device number 7
[  192.337023][T12488] loop3: detected capacity change from 0 to 2048
[  192.344538][  T323] usbhid 6-1:0.0: can't add hid device: -71
[  192.350317][  T323] usbhid: probe of 6-1:0.0 failed with error -71
[  192.355203][T12488] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  192.357784][  T323] usb 6-1: USB disconnect, device number 7
[  192.458400][T12530] loop8: detected capacity change from 0 to 2048
[  192.466274][    T6] hid-thrustmaster 0003:044F:B65D.002B: unknown main item tag 0x0
[  192.473985][    T6] hid-thrustmaster 0003:044F:B65D.002B: unknown main item tag 0x0
[  192.481663][    T6] hid-thrustmaster 0003:044F:B65D.002B: unknown main item tag 0x0
[  192.485094][T12530] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  192.489655][    T6] hid-thrustmaster 0003:044F:B65D.002B: unknown main item tag 0x0
[  192.504367][T12530] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm syz.8.5170: bg 0: block 345: padding at end of block bitmap is not set
[  192.505368][    T6] hid-thrustmaster 0003:044F:B65D.002B: unknown main item tag 0x0
[  192.527623][    T6] hid-thrustmaster 0003:044F:B65D.002B: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.6-1/input0
[  192.539829][    T6] hid-thrustmaster 0003:044F:B65D.002B: setup data couldn't be sent
[  192.540882][ T5829] EXT4-fs (loop8): unmounting filesystem.
[  192.557399][   T39] uclogic 0003:28BD:0094.002A: failed retrieving string descriptor #100: -71
[  192.566399][   T39] uclogic 0003:28BD:0094.002A: failed retrieving pen parameters: -71
[  192.574808][   T39] uclogic 0003:28BD:0094.002A: pen probing failed: -71
[  192.581654][   T39] uclogic 0003:28BD:0094.002A: failed probing parameters: -71
[  192.589137][   T39] uclogic: probe of 0003:28BD:0094.002A failed with error -71
[  192.598528][   T39] usb 4-1: USB disconnect, device number 11
[  192.613810][T12536] loop8: detected capacity change from 0 to 128
[  192.622044][T12536] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  192.639017][T12536] EXT4-fs (loop8): unmounting filesystem.
[  192.683392][    C0] hid-thrustmaster 0003:044F:B65D.002B: URB to get model id failed with error -71
[  192.683427][  T323] usb 7-1: USB disconnect, device number 13
[  192.740739][   T28] audit: type=1400 audit(195.646:1986): avc:  denied  { nlmsg_write } for  pid=12547 comm="syz.8.5177" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  192.805029][T12539] loop7: detected capacity change from 0 to 40427
[  192.817527][T12539] F2FS-fs (loop7): Found nat_bits in checkpoint
[  192.880463][T12539] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  192.983658][T11444] syz-executor: attempt to access beyond end of device
[  192.983658][T11444] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  193.018495][T12555] loop5: detected capacity change from 0 to 40427
[  193.028748][T12555] F2FS-fs (loop5): Found nat_bits in checkpoint
[  193.067894][T12555] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  193.104609][T10355] EXT4-fs (loop3): unmounting filesystem.
[  193.111332][T10910] syz-executor: attempt to access beyond end of device
[  193.111332][T10910] loop5: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  193.148640][T12572] IPv6: sit1: Disabled Multicast RS
[  193.264117][T12588] xt_bpf: check failed: parse error
[  193.373441][T12603] loop7: detected capacity change from 0 to 8192
[  193.856641][T12649] netlink: 'syz.6.5220': attribute type 12 has an invalid length.
[  193.994536][T12667] device bridge2 entered promiscuous mode
[  194.164864][   T28] audit: type=1400 audit(197.169:1987): avc:  denied  { relabelfrom } for  pid=12694 comm="syz.8.5241" name="UDPv6" dev="sockfs" ino=73795 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  194.168204][T12697] loop6: detected capacity change from 0 to 512
[  194.197768][T12697] /dev/loop6: Can't open blockdev
[  194.202860][   T28] audit: type=1400 audit(197.202:1988): avc:  denied  { relabelto } for  pid=12694 comm="syz.8.5241" name="UDPv6" dev="sockfs" ino=73795 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=udp_socket permissive=1 trawcon="system_u:object_r:dhcp_state_t:s0"
[  194.250469][T12703] loop5: detected capacity change from 0 to 1024
[  194.257381][T12703] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[  194.272826][ T4488] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  194.398931][T12714] loop6: detected capacity change from 0 to 8192
[  194.450089][ T4488] usb 8-1: Using ep0 maxpacket: 16
[  194.458923][T12710] loop8: detected capacity change from 0 to 40427
[  194.466302][ T4488] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  194.482122][ T4488] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  194.497355][T12710] F2FS-fs (loop8): Insane cp_payload (553648128 >= 504)
[  194.511178][ T4488] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  194.511671][T12710] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  194.526779][ T4488] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  194.530870][T12710] F2FS-fs (loop8): invalid crc value
[  194.543277][ T4488] usb 8-1: New USB device found, idVendor=056a, idProduct=00f8, bcdDevice= 0.00
[  194.555525][   T28] audit: type=1400 audit(197.599:1989): avc:  denied  { remount } for  pid=12713 comm="syz.6.5250" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  194.555916][ T4488] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.598119][T12710] F2FS-fs (loop8): Found nat_bits in checkpoint
[  194.604593][ T4488] usb 8-1: config 0 descriptor??
[  194.666596][T12710] F2FS-fs (loop8): Start checkpoint disabled!
[  194.673166][T12734] netlink: 44 bytes leftover after parsing attributes in process `syz.6.5259'.
[  194.687196][T12710] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  194.696528][T12710] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[  194.798572][  T552] kworker/u4:5: attempt to access beyond end of device
[  194.798572][  T552] loop8: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  194.850917][T12736] loop5: detected capacity change from 0 to 40427
[  194.897485][T12736] F2FS-fs (loop5): Found nat_bits in checkpoint
[  194.956500][T12736] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  195.009082][ T4488] wacom 0003:056A:00F8.002C: unbalanced collection at end of report description
[  195.028362][ T4488] wacom 0003:056A:00F8.002C: parse failed
[  195.034724][ T4488] wacom: probe of 0003:056A:00F8.002C failed with error -22
[  195.068877][T10910] syz-executor: attempt to access beyond end of device
[  195.068877][T10910] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  195.106870][T12770] xt_bpf: check failed: parse error
[  195.220740][   T28] audit: type=1400 audit(198.307:1990): avc:  denied  { read } for  pid=12672 comm="syz.7.5230" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  195.239795][   T39] usb 8-1: USB disconnect, device number 8
[  195.358904][T12780] loop8: detected capacity change from 0 to 1024
[  195.410772][T12780] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  195.420863][   T28] audit: type=1400 audit(198.521:1991): avc:  denied  { connect } for  pid=12782 comm="syz.3.5279" lport=512 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  195.465785][T12780] EXT4-fs error (device loop8): __ext4_remount:6598: comm syz.8.5278: Abort forced by user
[  195.492932][T12780] EXT4-fs (loop8): re-mounted. Quota mode: writeback.
[  195.535556][ T5829] EXT4-fs (loop8): unmounting filesystem.
[  195.535685][T12776] loop5: detected capacity change from 0 to 40427
[  195.547932][T12776] F2FS-fs (loop5): Insane cp_payload (553648128 >= 504)
[  195.556497][T12776] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  195.576814][T12776] F2FS-fs (loop5): invalid crc value
[  195.598169][T12776] F2FS-fs (loop5): Found nat_bits in checkpoint
[  195.685667][T12764] loop6: detected capacity change from 0 to 131072
[  195.700316][T12776] F2FS-fs (loop5): Start checkpoint disabled!
[  195.705775][T12764] F2FS-fs (loop6): Found nat_bits in checkpoint
[  195.732583][T12776] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  195.742542][T12776] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  195.777357][T12764] F2FS-fs (loop6): write access unavailable, skipping recovery
[  195.785397][   T28] audit: type=1400 audit(198.918:1992): avc:  denied  { setopt } for  pid=12807 comm="syz.7.5289" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  195.801723][T12764] F2FS-fs (loop6): Mounted with checkpoint version = 1b41e955
[  195.854141][   T10] kworker/u4:1: attempt to access beyond end of device
[  195.854141][   T10] loop5: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  195.861229][T12816] loop3: detected capacity change from 0 to 2048
[  195.885016][T12764] F2FS-fs (loop6): Inconsistent error blkaddr:5633, sit bitmap:0
[  195.909995][T12764] CPU: 0 PID: 12764 Comm: syz.6.5270 Not tainted 6.1.129-syzkaller-00054-g3e6e324f5b47 #0
[  195.919749][T12764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  195.929638][T12764] Call Trace:
[  195.932758][T12764]  <TASK>
[  195.935536][T12764]  dump_stack_lvl+0x151/0x1b7
[  195.940050][T12764]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  195.945344][T12764]  ? f2fs_get_next_page_offset+0x770/0x770
[  195.950986][T12764]  dump_stack+0x15/0x18
[  195.954976][T12764]  __f2fs_is_valid_blkaddr+0xce2/0x1450
[  195.960363][T12764]  f2fs_is_valid_blkaddr+0x25/0x30
[  195.965304][T12764]  f2fs_get_read_data_page+0x571/0x970
[  195.970600][T12764]  ? f2fs_put_dnode+0x160/0x160
[  195.975293][T12764]  ? pagecache_get_page+0xbc/0x110
[  195.980237][T12764]  f2fs_find_data_page+0x1b3/0x3c0
[  195.985179][T12764]  __f2fs_find_entry+0x6d3/0xef0
[  195.989960][T12764]  ? f2fs_prepare_lookup+0x1ca/0x270
[  195.995070][T12764]  ? f2fs_find_target_dentry+0x1020/0x1020
[  196.000716][T12764]  ? __f2fs_setup_filename+0x280/0x280
[  196.006012][T12764]  ? generic_set_encrypted_ci_d_ops+0x91/0xf0
[  196.011915][T12764]  f2fs_lookup+0x1bb/0xb50
[  196.016162][T12764]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  196.022159][T12764]  ? d_hash_and_lookup+0x1e0/0x1e0
[  196.027109][T12764]  ? lockref_mark_dead+0xb0/0xb0
[  196.031892][T12764]  __lookup_slow+0x2b9/0x3e0
[  196.036401][T12764]  ? lookup_one_len+0x2c0/0x2c0
[  196.041083][T12764]  lookup_slow+0x5a/0x80
[  196.045165][T12764]  walk_component+0x2e7/0x410
[  196.049683][T12764]  path_lookupat+0x16d/0x450
[  196.054102][T12764]  filename_lookup+0x251/0x600
[  196.058699][T12764]  ? hashlen_string+0x120/0x120
[  196.063398][T12764]  ? strncpy_from_user+0x169/0x2b0
[  196.068332][T12764]  ? getname_flags+0x1fd/0x520
[  196.072933][T12764]  ? _copy_from_user+0x90/0xc0
[  196.077535][T12764]  user_path_at_empty+0x43/0x1a0
[  196.082304][T12764]  __se_sys_mount+0x285/0x3b0
[  196.086818][T12764]  ? __this_cpu_preempt_check+0x13/0x20
[  196.092202][T12764]  ? __x64_sys_mount+0xd0/0xd0
[  196.096837][T12764]  ? fpregs_restore_userregs+0x130/0x290
[  196.102268][T12764]  __x64_sys_mount+0xbf/0xd0
[  196.106695][T12764]  x64_sys_call+0x49d/0x9a0
[  196.111034][T12764]  do_syscall_64+0x3b/0xb0
[  196.115287][T12764]  ? clear_bhb_loop+0x55/0xb0
[  196.119799][T12764]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  196.125529][T12764] RIP: 0033:0x7fed2ef8d169
[  196.129780][T12764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.149488][T12764] RSP: 002b:00007fed2edff038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  196.157834][T12764] RAX: ffffffffffffffda RBX: 00007fed2f1a5fa0 RCX: 00007fed2ef8d169
[  196.165628][T12764] RDX: 0000200000000200 RSI: 0000200000000000 RDI: 0000000000000000
[  196.173456][T12764] RBP: 00007fed2f00e2a0 R08: 0000000000000000 R09: 0000000000000000
[  196.181246][T12764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  196.189057][T12764] R13: 0000000000000000 R14: 00007fed2f1a5fa0 R15: 00007ffc8635cba8
[  196.196874][T12764]  </TASK>
[  196.204447][T12764] F2FS-fs (loop6): f2fs_commit_super fails to record errors:2, err:-30
[  196.213925][T12816] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  196.281718][T10355] EXT4-fs (loop3): unmounting filesystem.
[  196.491732][T12858] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5310'.
[  196.534707][T12867] loop7: detected capacity change from 0 to 1024
[  196.547277][ T4488] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[  196.558058][T12867] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  196.578287][  T552] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  196.594927][  T552] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  196.607163][  T552] EXT4-fs (loop7): This should not happen!! Data will be lost
[  196.607163][  T552] 
[  196.616701][  T552] EXT4-fs (loop7): Total free blocks count 0
[  196.622470][  T552] EXT4-fs (loop7): Free/Dirty block details
[  196.628204][  T552] EXT4-fs (loop7): free_blocks=4293918720
[  196.634079][  T552] EXT4-fs (loop7): dirty_blocks=16
[  196.639007][  T552] EXT4-fs (loop7): Block reservation details
[  196.644839][  T552] EXT4-fs (loop7): i_reserved_data_blocks=1
[  196.651270][T11444] EXT4-fs (loop7): unmounting filesystem.
[  196.658565][   T39] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  196.714555][ T4488] usb 9-1: Using ep0 maxpacket: 16
[  196.721020][ T4488] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  196.731021][ T4488] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  196.741782][ T4488] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  196.751576][ T4488] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  196.764428][ T4488] usb 9-1: New USB device found, idVendor=056a, idProduct=00f8, bcdDevice= 0.00
[  196.773694][ T4488] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.782592][ T4488] usb 9-1: config 0 descriptor??
[  196.782683][T12881] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  196.787361][   T28] audit: type=1400 audit(199.991:1993): avc:  denied  { remount } for  pid=12880 comm="syz.7.5319" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  196.831920][T12887] device bridge3 entered promiscuous mode
[  196.846404][   T39] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  196.857426][   T39] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  196.866496][   T39] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.875112][   T39] usb 7-1: config 0 descriptor??
[  197.163893][ T4488] wacom 0003:056A:00F8.002D: unbalanced collection at end of report description
[  197.172992][ T4488] wacom 0003:056A:00F8.002D: parse failed
[  197.178570][ T4488] wacom: probe of 0003:056A:00F8.002D failed with error -22
[  197.255450][   T39] keytouch 0003:0926:3333.002E: fixing up Keytouch IEC report descriptor
[  197.264910][   T39] input: HID 0926:3333 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:0926:3333.002E/input/input59
[  197.350169][   T39] keytouch 0003:0926:3333.002E: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.6-1/input0
[  197.354831][ T4488] usb 9-1: USB disconnect, device number 15
[  197.403495][T12900] loop7: detected capacity change from 0 to 512
[  197.410360][T12900] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  197.419444][T12900] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem
[  197.428527][T12900] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  197.436446][T12900] System zones: 0-2, 18-18, 34-34
[  197.442477][T12900] EXT4-fs warning (device loop7): ext4_update_dynamic_rev:1087: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  197.457581][T12900] EXT4-fs (loop7): 1 truncate cleaned up
[  197.463219][T12900] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  197.496160][T11444] EXT4-fs (loop7): unmounting filesystem.
[  197.571153][T12918] loop3: detected capacity change from 0 to 16
[  197.578387][T12918] erofs: (device loop3): mounted with root inode @ nid 36.
[  197.586480][T12918] syz.3.5332: attempt to access beyond end of device
[  197.586480][T12918] loop3: rw=524288, sector=525136, nr_sectors = 8 limit=16
[  197.600531][T12918] syz.3.5332: attempt to access beyond end of device
[  197.600531][T12918] loop3: rw=524288, sector=712, nr_sectors = 8 limit=16
[  197.613979][T12918] syz.3.5332: attempt to access beyond end of device
[  197.613979][T12918] loop3: rw=524288, sector=19320, nr_sectors = 8 limit=16
[  197.706040][T12931] loop5: detected capacity change from 0 to 1024
[  197.713436][T12931] EXT4-fs: Ignoring removed oldalloc option
[  197.719700][T12931] EXT4-fs: Ignoring removed bh option
[  197.734804][T12931] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  197.751975][T12542] usb 7-1: USB disconnect, device number 14
[  197.765628][T12937] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  197.799551][T12942] tmpfs: Unknown parameter 'nolazytimeÙþ'
[  197.803211][T12931] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  197.824774][T12931] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:3841: comm syz.5.5340: Allocating blocks 481-513 which overlap fs metadata
[  197.868646][T12931] EXT4-fs (loop5): pa ffff8881361cd690: logic 0, phys. 465, len 3
[  197.876376][T12931] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[  197.894799][T10910] EXT4-fs (loop5): unmounting filesystem.
[  197.902958][T12950] device bridge2 entered promiscuous mode
[  198.068808][T12969] incfs: Options parsing error. -22
[  198.073921][T12969] incfs: mount failed -22
[  198.096104][T12971] tmpfs: Unknown parameter 'iò'
[  198.131266][   T39] usb 4-1: new full-speed USB device number 12 using dummy_hcd
[  198.209800][T12993] tipc: Enabling of bearer <ib:wg2> rejected, media not registered
[  198.245839][T12997] device bridge3 entered promiscuous mode
[  198.336808][   T39] usb 4-1: no configurations
[  198.341270][   T39] usb 4-1: can't read configurations, error -22
[  198.426828][T13034] device bridge4 entered promiscuous mode
[  198.492785][T13041] netlink: 20 bytes leftover after parsing attributes in process `syz.7.5387'.
[  198.502226][   T39] usb 4-1: new full-speed USB device number 13 using dummy_hcd
[  198.542811][   T28] audit: type=1326 audit(201.869:1994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13027 comm="syz.5.5382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67dfb8d169 code=0x7fc00000
[  198.601530][T13056] loop7: detected capacity change from 0 to 256
[  198.611229][T13056] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  198.700244][   T39] usb 4-1: no configurations
[  198.704843][   T39] usb 4-1: can't read configurations, error -22
[  198.708758][T13064] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  198.711349][   T39] usb usb4-port1: attempt power cycle
[  198.831481][T13083] loop7: detected capacity change from 0 to 1024
[  198.837957][T13083] EXT4-fs: Ignoring removed oldalloc option
[  198.844176][T13083] EXT4-fs: Ignoring removed bh option
[  198.849904][T13083] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  198.868987][T13083] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  198.880741][T13083] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:3841: comm syz.7.5405: Allocating blocks 481-513 which overlap fs metadata
[  198.897421][T13083] EXT4-fs (loop7): pa ffff888118d83d20: logic 0, phys. 465, len 3
[  198.905128][T13083] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[  198.921042][T11444] EXT4-fs (loop7): unmounting filesystem.
[  199.100545][   T39] usb 4-1: new full-speed USB device number 14 using dummy_hcd
[  199.129291][   T39] usb 4-1: no configurations
[  199.133761][   T39] usb 4-1: can't read configurations, error -22
[  199.176474][   T28] audit: type=1326 audit(202.555:1995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13027 comm="syz.5.5382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f67dfb8d169 code=0x7fc00000
[  199.278137][   T39] usb 4-1: new full-speed USB device number 15 using dummy_hcd
[  199.316243][   T39] usb 4-1: no configurations
[  199.320693][   T39] usb 4-1: can't read configurations, error -22
[  199.327637][T13098] netlink: 'syz.8.5411': attribute type 4 has an invalid length.
[  199.337618][   T39] usb usb4-port1: unable to enumerate USB device
[  199.372655][T13104] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  199.382250][T13104] SELinux: failed to load policy
[  199.416015][   T28] audit: type=1400 audit(202.802:1996): avc:  denied  { mount } for  pid=13105 comm="syz.7.5415" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  199.438405][   T28] audit: type=1400 audit(202.824:1997): avc:  denied  { mounton } for  pid=13105 comm="syz.7.5415" path="/139/file0" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  199.460941][   T28] audit: type=1400 audit(202.824:1998): avc:  denied  { read } for  pid=13105 comm="syz.7.5415" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  199.482586][   T28] audit: type=1400 audit(202.824:1999): avc:  denied  { open } for  pid=13105 comm="syz.7.5415" path="/139/file0" dev="overlay" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  199.497971][T13112] loop7: detected capacity change from 0 to 256
[  199.506850][   T28] audit: type=1400 audit(202.877:2000): avc:  denied  { unmount } for  pid=11444 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  199.568658][   T28] audit: type=1400 audit(202.974:2001): avc:  denied  { relabelto } for  pid=13116 comm="syz.8.5423" name="" dev="pipefs" ino=74805 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1 trawcon="system_u:object_r:dhcp_state_t:s0"
[  199.692763][T13133] loop5: detected capacity change from 0 to 2048
[  199.707859][T13141] binder: 13140:13141 ioctl c0306201 200000000080 returned -14
[  199.712654][T13138] SELinux: failed to load policy
[  199.726529][T13133] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  199.737655][T13145] netlink: 24 bytes leftover after parsing attributes in process `syz.8.5433'.
[  199.738752][   T28] audit: type=1400 audit(203.156:2002): avc:  denied  { map } for  pid=13132 comm="syz.5.5429" path="/145/file2/pids.current" dev="loop5" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  199.791549][T13133] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  199.809134][T13133] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  199.822789][T13133] EXT4-fs (loop5): This should not happen!! Data will be lost
[  199.822789][T13133] 
[  199.832772][T13133] EXT4-fs (loop5): Total free blocks count 0
[  199.838654][T13133] EXT4-fs (loop5): Free/Dirty block details
[  199.844354][T13133] EXT4-fs (loop5): free_blocks=2415919104
[  199.850043][T13133] EXT4-fs (loop5): dirty_blocks=16
[  199.854981][T13133] EXT4-fs (loop5): Block reservation details
[  199.860986][T13133] EXT4-fs (loop5): i_reserved_data_blocks=1
[  199.881525][  T340] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  200.075816][T13184] loop8: detected capacity change from 0 to 1024
[  200.083086][T13184] EXT4-fs: Ignoring removed oldalloc option
[  200.089143][T13184] EXT4-fs: Ignoring removed bh option
[  200.094710][T13184] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  200.118248][T13184] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  200.121440][T13192] loop7: detected capacity change from 0 to 128
[  200.131203][T13184] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:3841: comm syz.8.5450: Allocating blocks 481-513 which overlap fs metadata
[  200.135197][T13192] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  200.150844][T13184] EXT4-fs (loop8): pa ffff888118d83a80: logic 0, phys. 465, len 3
[  200.162778][T13184] EXT4-fs error (device loop8): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[  200.173793][T11444] EXT4-fs (loop7): unmounting filesystem.
[  200.183717][ T5829] EXT4-fs (loop8): unmounting filesystem.
[  200.190816][T13195] loop7: detected capacity change from 0 to 512
[  200.197083][T13195] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[  200.231205][T13195] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5454'.
[  200.662646][T13198] loop8: detected capacity change from 0 to 1024
[  200.670828][T13198] EXT4-fs: Ignoring removed nomblk_io_submit option
[  200.682790][T13204] device bridge1 entered promiscuous mode
[  200.724080][T13198] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  200.769801][   T28] audit: type=1400 audit(204.261:2003): avc:  denied  { execute } for  pid=13197 comm="syz.8.5456" name="file0" dev="loop8" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  200.826736][ T5829] EXT4-fs (loop8): unmounting filesystem.
[  200.843560][   T28] audit: type=1400 audit(204.283:2004): avc:  denied  { execute_no_trans } for  pid=13197 comm="syz.8.5456" path="/609/file1/file0/file0" dev="loop8" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  200.910303][T13224] xt_bpf: check failed: parse error
[  201.164563][T13217] loop5: detected capacity change from 0 to 40427
[  201.176729][T13217] F2FS-fs (loop5): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  201.191675][T13217] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  201.200184][T13258] loop6: detected capacity change from 0 to 2048
[  201.206823][T13258] /dev/loop6: Can't open blockdev
[  201.216341][T13217] F2FS-fs (loop5): invalid crc value
[  201.223113][T13217] F2FS-fs (loop5): Found nat_bits in checkpoint
[  201.268817][T13217] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  201.275732][T13217] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  201.324631][T10910] syz-executor: attempt to access beyond end of device
[  201.324631][T10910] loop5: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  201.358889][T13274] loop7: detected capacity change from 0 to 1024
[  201.365490][T13274] EXT4-fs: Ignoring removed i_version option
[  201.371700][T13274] EXT4-fs (loop7): Test dummy encryption mode enabled
[  201.387887][T13274] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  201.412247][T11444] EXT4-fs (loop7): unmounting filesystem.
[  201.635235][T13312] loop6: detected capacity change from 0 to 16
[  201.647766][T13312] /dev/loop6: Can't open blockdev
[  201.672913][T13316] loop5: detected capacity change from 0 to 512
[  201.687223][T13316] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[  201.747980][T13316] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5505'.
[  202.248322][T13374] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5527'.
[  202.690636][T13341] loop7: detected capacity change from 0 to 131072
[  202.727325][T13341] F2FS-fs (loop7): Found nat_bits in checkpoint
[  202.837956][T13341] F2FS-fs (loop7): Mounted with checkpoint version = 1b41e955
[  202.913282][T13341] F2FS-fs (loop7): Inconsistent error blkaddr:5633, sit bitmap:0
[  202.922115][T13341] CPU: 0 PID: 13341 Comm: syz.7.5517 Not tainted 6.1.129-syzkaller-00054-g3e6e324f5b47 #0
[  202.931849][T13341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  202.941742][T13341] Call Trace:
[  202.944863][T13341]  <TASK>
[  202.947645][T13341]  dump_stack_lvl+0x151/0x1b7
[  202.952169][T13341]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  202.957448][T13341]  ? f2fs_get_next_page_offset+0x770/0x770
[  202.963092][T13341]  dump_stack+0x15/0x18
[  202.967083][T13341]  __f2fs_is_valid_blkaddr+0xce2/0x1450
[  202.972466][T13341]  f2fs_is_valid_blkaddr+0x25/0x30
[  202.977409][T13341]  f2fs_get_read_data_page+0x571/0x970
[  202.980485][T13408] loop6: detected capacity change from 0 to 40427
[  202.982703][T13341]  ? f2fs_put_dnode+0x160/0x160
[  202.993641][T13341]  ? pagecache_get_page+0xbc/0x110
[  202.998590][T13341]  f2fs_find_data_page+0x1b3/0x3c0
[  203.003530][T13341]  __f2fs_find_entry+0x6d3/0xef0
[  203.008308][T13341]  ? f2fs_prepare_lookup+0x1ca/0x270
[  203.013423][T13341]  ? f2fs_find_target_dentry+0x1020/0x1020
[  203.019068][T13341]  ? __f2fs_setup_filename+0x280/0x280
[  203.024367][T13341]  ? generic_set_encrypted_ci_d_ops+0x91/0xf0
[  203.030261][T13341]  f2fs_lookup+0x1bb/0xb50
[  203.034521][T13341]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  203.040418][T13341]  ? d_hash_and_lookup+0x1e0/0x1e0
[  203.045375][T13341]  ? lockref_mark_dead+0xb0/0xb0
[  203.050150][T13341]  __lookup_slow+0x2b9/0x3e0
[  203.054565][T13341]  ? lookup_one_len+0x2c0/0x2c0
[  203.059259][T13341]  lookup_slow+0x5a/0x80
[  203.063330][T13341]  walk_component+0x2e7/0x410
[  203.067847][T13341]  path_lookupat+0x16d/0x450
[  203.072270][T13341]  filename_lookup+0x251/0x600
[  203.076871][T13341]  ? hashlen_string+0x120/0x120
[  203.081561][T13341]  ? strncpy_from_user+0x169/0x2b0
[  203.086515][T13341]  ? getname_flags+0x1fd/0x520
[  203.091105][T13341]  ? _copy_from_user+0x90/0xc0
[  203.095705][T13341]  user_path_at_empty+0x43/0x1a0
[  203.100482][T13341]  __se_sys_mount+0x285/0x3b0
[  203.104991][T13341]  ? __this_cpu_preempt_check+0x13/0x20
[  203.110371][T13341]  ? __x64_sys_mount+0xd0/0xd0
[  203.114969][T13341]  ? fpregs_restore_userregs+0x130/0x290
[  203.120443][T13341]  __x64_sys_mount+0xbf/0xd0
[  203.124864][T13341]  x64_sys_call+0x49d/0x9a0
[  203.129202][T13341]  do_syscall_64+0x3b/0xb0
[  203.133503][T13341]  ? clear_bhb_loop+0x55/0xb0
[  203.137982][T13341]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  203.143699][T13341] RIP: 0033:0x7f242118d169
[  203.147949][T13341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.167484][T13341] RSP: 002b:00007f2421f1c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  203.175722][T13341] RAX: ffffffffffffffda RBX: 00007f24213a5fa0 RCX: 00007f242118d169
[  203.183537][T13341] RDX: 0000200000000200 RSI: 0000200000000000 RDI: 0000000000000000
[  203.191356][T13341] RBP: 00007f242120e2a0 R08: 0000000000000000 R09: 0000000000000000
[  203.199158][T13341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  203.206969][T13341] R13: 0000000000000000 R14: 00007f24213a5fa0 R15: 00007ffdd5563f68
[  203.214794][T13341]  </TASK>
[  203.219543][T13427] F2FS-fs (loop7): Inconsistent error blkaddr:5633, sit bitmap:0
[  203.222285][T13426] SELinux:  policydb version 0 does not match my version range 15-33
[  203.227280][T13427] CPU: 0 PID: 13427 Comm: syz.7.5517 Not tainted 6.1.129-syzkaller-00054-g3e6e324f5b47 #0
[  203.244912][T13427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  203.254809][T13427] Call Trace:
[  203.257923][T13427]  <TASK>
[  203.260701][T13427]  dump_stack_lvl+0x151/0x1b7
[  203.265217][T13427]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  203.270517][T13427]  ? f2fs_get_next_page_offset+0x770/0x770
[  203.276151][T13427]  dump_stack+0x15/0x18
[  203.280141][T13427]  __f2fs_is_valid_blkaddr+0xce2/0x1450
[  203.285543][T13427]  f2fs_is_valid_blkaddr+0x25/0x30
[  203.290473][T13427]  f2fs_get_read_data_page+0x571/0x970
[  203.295768][T13427]  ? f2fs_put_dnode+0x160/0x160
[  203.300451][T13427]  ? __kasan_check_read+0x11/0x20
[  203.305310][T13427]  ? __kasan_check_read+0x11/0x20
[  203.310176][T13427]  f2fs_find_data_page+0x1b3/0x3c0
[  203.315120][T13427]  __f2fs_find_entry+0x6d3/0xef0
[  203.319897][T13427]  ? f2fs_prepare_lookup+0x1ca/0x270
[  203.325011][T13427]  ? f2fs_find_target_dentry+0x1020/0x1020
[  203.330653][T13427]  ? __f2fs_setup_filename+0x280/0x280
[  203.335959][T13427]  ? generic_set_encrypted_ci_d_ops+0x91/0xf0
[  203.341849][T13427]  f2fs_lookup+0x1bb/0xb50
[  203.346105][T13427]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  203.352008][T13427]  ? d_hash_and_lookup+0x1e0/0x1e0
[  203.356962][T13427]  ? lockref_mark_dead+0xb0/0xb0
[  203.361730][T13427]  __lookup_slow+0x2b9/0x3e0
[  203.366166][T13427]  ? lookup_one_len+0x2c0/0x2c0
[  203.370846][T13427]  lookup_slow+0x5a/0x80
[  203.374928][T13427]  walk_component+0x2e7/0x410
[  203.379448][T13427]  path_lookupat+0x16d/0x450
[  203.383863][T13427]  filename_lookup+0x251/0x600
[  203.388461][T13427]  ? hashlen_string+0x120/0x120
[  203.393155][T13427]  ? strncpy_from_user+0x169/0x2b0
[  203.398094][T13427]  ? getname_flags+0x1fd/0x520
[  203.402693][T13427]  user_path_at_empty+0x43/0x1a0
[  203.407484][T13427]  __se_sys_chdir+0xbb/0x220
[  203.411893][T13427]  ? __x64_sys_chdir+0x40/0x40
[  203.416577][T13427]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  203.422497][T13427]  ? exit_to_user_mode_prepare+0x39/0xa0
[  203.427952][T13427]  __x64_sys_chdir+0x38/0x40
[  203.432373][T13427]  x64_sys_call+0x258/0x9a0
[  203.436714][T13427]  do_syscall_64+0x3b/0xb0
[  203.440972][T13427]  ? clear_bhb_loop+0x55/0xb0
[  203.445481][T13427]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  203.451209][T13427] RIP: 0033:0x7f242118d169
[  203.455460][T13427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.474902][T13427] RSP: 002b:00007f2420fff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000050
[  203.483149][T13427] RAX: ffffffffffffffda RBX: 00007f24213a6080 RCX: 00007f242118d169
[  203.490957][T13427] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[  203.498770][T13427] RBP: 00007f242120e2a0 R08: 0000000000000000 R09: 0000000000000000
[  203.506580][T13427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  203.514391][T13427] R13: 0000000000000001 R14: 00007f24213a6080 R15: 00007ffdd5563f68
[  203.522210][T13427]  </TASK>
[  203.526145][T13426] SELinux: failed to load policy
[  203.615837][T13441] loop3: detected capacity change from 0 to 512
[  203.633900][T13441] EXT4-fs: Ignoring removed orlov option
[  203.651360][T13441] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  203.709279][T13441] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.5560: casefold flag without casefold feature
[  203.746270][T13451] loop5: detected capacity change from 0 to 2048
[  203.757059][T13441] EXT4-fs (loop3): Remounting filesystem read-only
[  203.765070][T13441] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.5560: couldn't read orphan inode 15 (err -117)
[  203.787392][T13441] EXT4-fs (loop3): Remounting filesystem read-only
[  203.798586][T13451]  loop5: p1 < > p2 p3 < p5 p6 > p4
[  203.807072][T13441] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  203.807669][T13451] loop5: partition table partially beyond EOD, 
[  203.818437][T13461] loop6: detected capacity change from 0 to 512
[  203.830753][T13451] truncated
[  203.833726][T13451] loop5: p1 start 3405774849 is beyond EOD, truncated
[  203.840864][T13461] /dev/loop6: Can't open blockdev
[  203.845920][T13451] loop5: p2 size 5046285 extends beyond EOD, truncated
[  203.846430][   T28] kauditd_printk_skb: 9 callbacks suppressed
[  203.846448][   T28] audit: type=1400 audit(207.566:2014): avc:  denied  { link } for  pid=13440 comm="syz.3.5560" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop3" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  203.856317][T13451] loop5: p5 size 5046285 extends beyond EOD, 
[  203.907254][T13441] EXT4-fs error (device loop3): ext4_check_dx_root:2266: inode #2: comm syz.3.5560: Corrupt dir, invalid name_len for '.', running e2fsck is recommended
[  203.934763][T13451] truncated
[  203.945234][T13441] EXT4-fs (loop3): Remounting filesystem read-only
[  203.995237][T10355] EXT4-fs (loop3): unmounting filesystem.
[  204.054007][T13482] loop8: detected capacity change from 0 to 512
[  204.067503][T13482] EXT4-fs: Ignoring removed oldalloc option
[  204.075385][   T28] audit: type=1400 audit(207.813:2015): avc:  denied  { ioctl } for  pid=13486 comm="syz.6.5581" path="/705/file0/.pending_reads" dev="incremental-fs" ino=2 ioctlcmd=0x6723 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  204.075892][T13482] EXT4-fs error (device loop8): ext4_xattr_inode_iget:400: comm syz.8.5578: Parent and EA inode have the same ino 15
[  204.135356][T13482] EXT4-fs (loop8): Remounting filesystem read-only
[  204.141961][T13482] EXT4-fs error (device loop8): ext4_xattr_inode_iget:400: comm syz.8.5578: Parent and EA inode have the same ino 15
[  204.162061][T13482] EXT4-fs (loop8): Remounting filesystem read-only
[  204.168711][T13482] EXT4-fs (loop8): 1 orphan inode deleted
[  204.174525][T13482] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  204.198668][ T5829] EXT4-fs (loop8): unmounting filesystem.
[  204.324525][T13512] loop5: detected capacity change from 0 to 1024
[  204.336500][T13512] EXT4-fs: Ignoring removed nobh option
[  204.344330][T13514] loop6: detected capacity change from 0 to 512
[  204.350615][T13512] EXT4-fs: Ignoring removed bh option
[  204.356413][T13514] /dev/loop6: Can't open blockdev
[  204.361480][T13512] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  204.398085][T13512] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  204.438782][T10910] EXT4-fs (loop5): unmounting filesystem.
[  204.468513][T13526] loop3: detected capacity change from 0 to 256
[  204.518981][T13526] FAT-fs (loop3): Directory bread(block 64) failed
[  204.527849][T13526] FAT-fs (loop3): Directory bread(block 65) failed
[  204.544335][T13526] FAT-fs (loop3): Directory bread(block 66) failed
[  204.552196][T13526] FAT-fs (loop3): Directory bread(block 67) failed
[  204.558775][T13526] FAT-fs (loop3): Directory bread(block 68) failed
[  204.565271][T13526] FAT-fs (loop3): Directory bread(block 69) failed
[  204.572154][T13526] FAT-fs (loop3): Directory bread(block 70) failed
[  204.578762][T13526] FAT-fs (loop3): Directory bread(block 71) failed
[  204.593410][T13526] FAT-fs (loop3): Directory bread(block 72) failed
[  204.601784][T13526] FAT-fs (loop3): Directory bread(block 73) failed
[  204.764205][T13564] netlink: 64 bytes leftover after parsing attributes in process `syz.6.5614'.
[  204.888605][  T295] usb 6-1: new full-speed USB device number 8 using dummy_hcd
[  205.009820][T13568] loop3: detected capacity change from 0 to 40427
[  205.016988][T13568] F2FS-fs (loop3): Invalid log blocks per segment (4278190089)
[  205.024450][T13568] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  205.038863][T13568] F2FS-fs (loop3): invalid crc value
[  205.042433][T13574] loop8: detected capacity change from 0 to 2048
[  205.052713][T13568] F2FS-fs (loop3): Found nat_bits in checkpoint
[  205.069669][T13574] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  205.087794][  T295] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  205.106043][  T295] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  205.106267][T13574] EXT4-fs (loop8): shut down requested (0)
[  205.113558][T13568] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  205.122742][ T4487] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  205.129727][  T295] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  205.136979][T13568] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  205.159479][  T295] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  205.172887][ T5829] EXT4-fs (loop8): unmounting filesystem.
[  205.178564][  T295] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 253
[  205.191685][  T295] usb 6-1: New USB device found, idVendor=056e, idProduct=00fe, bcdDevice= 0.00
[  205.201346][T10355] syz-executor: attempt to access beyond end of device
[  205.201346][T10355] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  205.215302][  T295] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.223867][  T295] usb 6-1: config 0 descriptor??
[  205.317929][ T4487] usb 7-1: Using ep0 maxpacket: 8
[  205.323982][ T4487] usb 7-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  205.346270][ T4487] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.354837][ T4487] usb 7-1: config 0 descriptor??
[  205.603212][T13621] loop8: detected capacity change from 0 to 8192
[  205.609056][  T295] elecom 0003:056E:00FE.002F: unknown main item tag 0x0
[  205.611116][T13621] FAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  205.626647][  T295] elecom 0003:056E:00FE.002F: unknown main item tag 0x0
[  205.633400][  T295] elecom 0003:056E:00FE.002F: unknown main item tag 0x0
[  205.640313][  T295] elecom 0003:056E:00FE.002F: unknown main item tag 0x0
[  205.659688][  T295] elecom 0003:056E:00FE.002F: unknown main item tag 0x0
[  205.666543][   T39] usb 4-1: new full-speed USB device number 16 using dummy_hcd
[  205.677426][  T295] elecom 0003:056E:00FE.002F: hidraw0: USB HID v0.00 Device [HID 056e:00fe] on usb-dummy_hcd.5-1/input0
[  205.821985][ T4488] usb 6-1: USB disconnect, device number 8
[  205.859910][   T39] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  205.869920][   T39] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  205.880127][   T39] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  205.889081][   T39] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.896895][   T39] usb 4-1: Product: syz
[  205.900847][   T39] usb 4-1: Manufacturer: syz
[  205.905246][   T39] usb 4-1: SerialNumber: syz
[  206.099278][   T39] usb 4-1: 0:2 : does not exist
[  206.106207][   T39] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[  206.113684][ T4487] asix 7-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  206.123853][ T4487] asix 7-1:0.0 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x00b0: ffffffb9
[  206.131563][   T39] usb 4-1: USB disconnect, device number 16
[  206.165923][ T4487] asix: probe of 7-1:0.0 failed with error -71
[  206.173246][ T4487] usb 7-1: USB disconnect, device number 15
[  206.179928][T13637] netlink: 148 bytes leftover after parsing attributes in process `syz.7.5644'.
[  206.188967][T13637] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check.
[  206.344083][   T28] audit: type=1400 audit(210.248:2016): avc:  denied  { getopt } for  pid=13657 comm="syz.7.5654" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  206.381371][   T28] audit: type=1400 audit(210.280:2017): avc:  denied  { ioctl } for  pid=13663 comm="syz.5.5656" path="/dev/fuse" dev="devtmpfs" ino=93 ioctlcmd=0xf510 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  206.412205][T13666] netlink: 'syz.7.5657': attribute type 12 has an invalid length.
[  206.420268][T13666] netlink: 'syz.7.5657': attribute type 29 has an invalid length.
[  206.428332][T13666] netlink: 148 bytes leftover after parsing attributes in process `syz.7.5657'.
[  206.453908][T13671] loop7: detected capacity change from 0 to 1024
[  206.461598][T13671] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=f01cc01c, mo2=0002]
[  206.469659][T13671] System zones: 0-1, 3-36
[  206.474818][T13671] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  206.493810][T11444] EXT4-fs (loop7): unmounting filesystem.
[  206.506132][T13674] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13674 comm=syz.7.5660
[  206.626516][T13688] loop6: detected capacity change from 0 to 512
[  206.640368][T13688] EXT4-fs: Ignoring removed oldalloc option
[  206.646297][T13688] /dev/loop6: Can't open blockdev
[  206.704234][   T28] audit: type=1326 audit(210.624:2018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13698 comm="syz.3.5673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e5558d169 code=0x7ffc0000
[  206.757312][   T28] audit: type=1326 audit(210.656:2019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13698 comm="syz.3.5673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=440 compat=0 ip=0x7f4e5558d169 code=0x7ffc0000
[  206.782822][   T28] audit: type=1326 audit(210.656:2020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13698 comm="syz.3.5673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e5558d169 code=0x7ffc0000
[  206.920709][T13737] syz.8.5690[13737] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  206.920784][T13737] syz.8.5690[13737] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  207.003828][T13752] input: syz0 as /devices/virtual/input/input60
[  207.022496][T13755] netlink: 64 bytes leftover after parsing attributes in process `syz.7.5699'.
[  207.025326][T13748] tmpfs: Unknown parameter 'm'
[  207.102421][T13768] input: syz0 as /devices/virtual/input/input61
[  207.111227][T13770] netlink: 24 bytes leftover after parsing attributes in process `syz.7.5707'.
[  207.153851][   T39] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  207.192326][T13786] netlink: 64 bytes leftover after parsing attributes in process `syz.3.5713'.
[  207.257882][   T28] audit: type=1400 audit(211.224:2021): avc:  denied  { getopt } for  pid=13798 comm="syz.8.5719" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  207.302721][   T28] audit: type=1400 audit(211.246:2022): avc:  denied  { read } for  pid=13799 comm="syz.5.5721" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  207.361672][   T39] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  207.374515][T13812] netlink: 68 bytes leftover after parsing attributes in process `syz.8.5726'.
[  207.378202][   T39] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  207.405476][   T39] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  207.418377][   T39] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  207.427332][   T39] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.442656][   T39] usb 7-1: config 0 descriptor??
[  207.461158][   T28] audit: type=1400 audit(211.439:2023): avc:  denied  { ioctl } for  pid=13818 comm="syz.8.5729" path="socket:[77336]" dev="sockfs" ino=77336 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  207.579189][T13841] loop3: detected capacity change from 0 to 512
[  207.586186][T13841] EXT4-fs: Ignoring removed oldalloc option
[  207.594685][T13841] EXT4-fs error (device loop3): ext4_xattr_inode_iget:400: comm syz.3.5739: Parent and EA inode have the same ino 15
[  207.603455][T13847] syz.7.5741[13847] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  207.607065][T13847] syz.7.5741[13847] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  207.607727][T13841] EXT4-fs (loop3): Remounting filesystem read-only
[  207.635917][T13841] EXT4-fs error (device loop3): ext4_xattr_inode_iget:400: comm syz.3.5739: Parent and EA inode have the same ino 15
[  207.648341][T13841] EXT4-fs (loop3): Remounting filesystem read-only
[  207.654942][T13841] EXT4-fs (loop3): 1 orphan inode deleted
[  207.656854][ T4487] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  207.660546][T13841] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  207.680459][T13847] xt_hashlimit: max too large, truncated to 1048576
[  207.698127][T10355] EXT4-fs (loop3): unmounting filesystem.
[  207.732998][T13853] loop3: detected capacity change from 0 to 2048
[  207.761526][T13853] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  207.778675][T13859] I/O error, dev loop15, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  207.787877][T13859] FAT-fs (loop15): unable to read boot sector
[  207.798961][T10355] EXT4-fs (loop3): unmounting filesystem.
[  207.816457][T13861] loop7: detected capacity change from 0 to 2048
[  207.835322][ T4487] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 86, changing to 10
[  207.846621][ T4487] usb 6-1: New USB device found, idVendor=056a, idProduct=00ed, bcdDevice= 0.00
[  207.847294][T13861] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  207.855834][ T4487] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.856587][ T4487] usb 6-1: config 0 descriptor??
[  207.866831][   T39] plantronics 0003:047F:FFFF.0030: No inputs registered, leaving
[  207.882168][T13861] EXT4-fs (loop7): shut down requested (0)
[  207.886367][   T39] plantronics 0003:047F:FFFF.0030: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[  207.913749][T11444] EXT4-fs (loop7): unmounting filesystem.
[  208.023129][T13878] loop7: detected capacity change from 0 to 512
[  208.029761][T13878] EXT4-fs: Ignoring removed oldalloc option
[  208.037756][T13878] EXT4-fs error (device loop7): ext4_xattr_inode_iget:400: comm syz.7.5753: Parent and EA inode have the same ino 15
[  208.050193][T13878] EXT4-fs (loop7): Remounting filesystem read-only
[  208.056776][T13878] EXT4-fs error (device loop7): ext4_xattr_inode_iget:400: comm syz.7.5753: Parent and EA inode have the same ino 15
[  208.070168][T13878] EXT4-fs (loop7): Remounting filesystem read-only
[  208.076773][T13878] EXT4-fs (loop7): 1 orphan inode deleted
[  208.082413][T13878] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  208.099473][T11444] EXT4-fs (loop7): unmounting filesystem.
[  208.133839][T12542] usb 7-1: USB disconnect, device number 16
[  208.174275][T13888] netlink: 20 bytes leftover after parsing attributes in process `syz.7.5757'.
[  208.183207][   T39] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[  208.273263][ T4487] wacom 0003:056A:00ED.0031: ignoring exceeding usage max
[  208.284771][ T4487] wacom 0003:056A:00ED.0031: hidraw0: USB HID v0.00 Device [HID 056a:00ed] on usb-dummy_hcd.5-1/input0
[  208.366331][   T39] usb 9-1: config 255 has an invalid interface number: 20 but max is 0
[  208.374567][   T39] usb 9-1: config 255 has no interface number 0
[  208.380654][   T39] usb 9-1: config 255 interface 20 has no altsetting 0
[  208.388894][   T39] usb 9-1: New USB device found, idVendor=0f3d, idProduct=68aa, bcdDevice=8e.4f
[  208.397801][   T39] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.405625][   T39] usb 9-1: Product: syz
[  208.409574][   T39] usb 9-1: Manufacturer: syz
[  208.414053][   T39] usb 9-1: SerialNumber: syz
[  208.462599][ T4488] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  208.470364][ T4487] usb 6-1: USB disconnect, device number 9
[  208.606875][T13868] netlink: 277 bytes leftover after parsing attributes in process `syz.8.5749'.
[  208.625894][   T39] usb 9-1: USB disconnect, device number 16
[  208.635678][ T4488] usb 8-1: Using ep0 maxpacket: 16
[  208.642423][ T4488] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  208.653197][ T4488] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  208.665006][ T4488] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  208.677893][ T4488] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  208.687074][ T4488] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  208.701122][ T4488] usb 8-1: config 0 descriptor??
[  208.930338][T13910] loop6: detected capacity change from 0 to 40427
[  208.965097][   T28] kauditd_printk_skb: 4 callbacks suppressed
[  208.965117][   T28] audit: type=1326 audit(213.059:2028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13926 comm="syz.3.5775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e5558d169 code=0x7ffc0000
[  209.014761][T13929] loop5: detected capacity change from 0 to 4096
[  209.023266][T13929] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  209.081372][ T4488] koneplus 0003:1E7D:2E22.0032: item fetching failed at offset 0/2
[  209.089485][ T4488] koneplus 0003:1E7D:2E22.0032: parse failed
[  209.095400][ T4488] koneplus: probe of 0003:1E7D:2E22.0032 failed with error -22
[  209.271291][    T6] usb 8-1: USB disconnect, device number 9
[  209.278541][ T4487] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  209.352956][T13967] loop8: detected capacity change from 0 to 40427
[  209.359712][T13967] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12
[  209.362410][ T4488] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  209.367316][T13967] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  209.385001][T13967] F2FS-fs (loop8): Found nat_bits in checkpoint
[  209.421114][T13967] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  209.428075][T13967] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  209.446376][ T4487] usb 6-1: Using ep0 maxpacket: 32
[  209.453125][ T4487] usb 6-1: unable to get BOS descriptor or descriptor too short
[  209.454665][   T28] audit: type=1400 audit(213.574:2029): avc:  denied  { mounton } for  pid=13966 comm="syz.8.5793" path="/684/bus/bus" dev="loop8" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  209.469867][ T4487] usb 6-1: config 128 has an invalid interface number: 127 but max is 3
[  209.490773][ T4487] usb 6-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config
[  209.501003][ T4487] usb 6-1: config 128 has 1 interface, different from the descriptor's value: 4
[  209.509955][ T4487] usb 6-1: config 128 has no interface number 0
[  209.516161][ T4487] usb 6-1: config 128 interface 127 altsetting 14 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  209.527420][ T4487] usb 6-1: config 128 interface 127 altsetting 14 endpoint 0x5 has invalid wMaxPacketSize 0
[  209.537500][ T4487] usb 6-1: config 128 interface 127 has no altsetting 0
[  209.545915][ T4487] usb 6-1: New USB device found, idVendor=0582, idProduct=295c, bcdDevice=d4.55
[  209.555005][ T4487] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.562987][ T4487] usb 6-1: Product: syz
[  209.567259][ T4487] usb 6-1: Manufacturer: syz
[  209.571792][ T4487] usb 6-1: SerialNumber: syz
[  209.576663][ T4488] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  209.596268][ T4488] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  209.606118][ T4488] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  209.615054][ T4488] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  209.622842][ T4488] usb 4-1: SerialNumber: syz
[  209.646011][ T5829] F2FS-fs (loop8): invalid namelen(0), ino:0, run fsck to fix.
[  209.646036][ T5829] F2FS-fs (loop8): invalid namelen(0), ino:0, run fsck to fix.
[  209.653526][ T5829] F2FS-fs (loop8): invalid namelen(0), ino:0, run fsck to fix.
[  209.661138][ T5829] F2FS-fs (loop8): invalid namelen(0), ino:0, run fsck to fix.
[  209.668554][ T5829] F2FS-fs (loop8): invalid namelen(0), ino:0, run fsck to fix.
[  209.675927][ T5829] F2FS-fs (loop8): invalid namelen(0), ino:0, run fsck to fix.
[  209.683311][ T5829] F2FS-fs (loop8): invalid namelen(0), ino:0, run fsck to fix.
[  209.690910][   T28] audit: type=1400 audit(213.832:2030): avc:  denied  { unmount } for  pid=5829 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  209.798437][ T4487] usb 6-1: USB disconnect, device number 10
[  209.831137][ T4488] usb 4-1: 0:2 : does not exist
[  209.841037][ T4488] usb 4-1: USB disconnect, device number 17
[  209.933668][T13994] loop6: detected capacity change from 0 to 512
[  209.939936][T13994] /dev/loop6: Can't open blockdev
[  209.983255][   T28] audit: type=1326 audit(214.143:2031): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13995 comm="syz.6.5805" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fed2ef8d169 code=0x0
[  210.071370][  T295] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[  210.173783][   T39] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  210.249003][  T295] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  210.260001][  T295] usb 9-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  210.268867][  T295] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.277280][T10910] EXT4-fs (loop5): unmounting filesystem.
[  210.277523][  T295] usb 9-1: config 0 descriptor??
[  210.360796][   T39] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  210.371651][   T39] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  210.381320][   T39] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  210.394108][   T39] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  210.403246][   T39] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.411804][   T39] usb 8-1: config 0 descriptor??
[  210.412872][T14011] loop5: detected capacity change from 0 to 256
[  210.425761][T14011] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  210.592834][T12542] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  210.663910][  T295] keytouch 0003:0926:3333.0033: fixing up Keytouch IEC report descriptor
[  210.674555][  T295] input: HID 0926:3333 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:0926:3333.0033/input/input66
[  210.753529][  T295] keytouch 0003:0926:3333.0033: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.8-1/input0
[  210.770945][T12542] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  210.785020][T12542] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  210.794861][T12542] usb 4-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  210.805104][   T39] plantronics 0003:047F:FFFF.0034: No inputs registered, leaving
[  210.814017][   T39] plantronics 0003:047F:FFFF.0034: hiddev96,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0
[  210.826867][T12542] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.836408][T12542] usb 4-1: config 0 descriptor??
[  210.994423][   T28] audit: type=1400 audit(215.237:2032): avc:  denied  { mount } for  pid=14054 comm="syz.5.5831" name="/" dev="configfs" ino=6600 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  211.016964][   T28] audit: type=1400 audit(215.237:2033): avc:  denied  { search } for  pid=14054 comm="syz.5.5831" name="/" dev="configfs" ino=6600 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  211.039008][   T28] audit: type=1400 audit(215.237:2034): avc:  denied  { write } for  pid=14054 comm="syz.5.5831" name="/" dev="configfs" ino=6600 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  211.062570][   T39] usb 8-1: USB disconnect, device number 10
[  211.148514][ T4487] usb 9-1: USB disconnect, device number 17
[  211.180440][T14077] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  211.192008][T14077] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  211.200336][T14077] CPU: 1 PID: 14077 Comm: syz.6.5840 Not tainted 6.1.129-syzkaller-00054-g3e6e324f5b47 #0
[  211.210057][T14077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  211.219953][T14077] RIP: 0010:dev_map_generic_redirect+0x90/0x7d0
[  211.226025][T14077] Code: f1 f1 00 f2 f2 f2 4b 89 04 26 43 c7 44 26 0f f3 f3 f3 f3 43 c6 44 26 13 f3 e8 8c db dd ff 48 89 d8 48 c1 e8 03 48 89 44 24 48 <42> 80 3c 20 00 74 08 48 89 df e8 81 88 25 00 48 89 5c 24 18 4c 8b
[  211.245474][T14077] RSP: 0018:ffffc90002c4f6a0 EFLAGS: 00010246
[  211.251369][T14077] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000080000
[  211.259180][T14077] RDX: ffffc9000167a000 RSI: 0000000000000475 RDI: 0000000000000476
[  211.266992][T14077] RBP: ffffc90002c4f7f0 R08: ffffffff8415998d R09: ffffffff841598ab
[  211.274805][T14077] R10: 0000000000000004 R11: ffff88812c7b0000 R12: dffffc0000000000
[  211.282615][T14077] R13: ffff88812230b280 R14: 1ffff92000589ee0 R15: dffffc0000000000
[  211.290427][T14077] FS:  00007fed2edff6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  211.299192][T14077] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  211.305613][T14077] CR2: 000020000000f000 CR3: 0000000125b70000 CR4: 00000000003526a0
[  211.313427][T14077] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  211.321238][T14077] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  211.329047][T14077] Call Trace:
[  211.332172][T14077]  <TASK>
[  211.334955][T14077]  ? __die_body+0x62/0xb0
[  211.339115][T14077]  ? die_addr+0x9f/0xd0
[  211.343107][T14077]  ? exc_general_protection+0x317/0x4c0
[  211.348493][T14077]  ? asm_exc_general_protection+0x27/0x30
[  211.354043][T14077]  ? xdp_do_generic_redirect+0x32b/0xb40
[  211.359513][T14077]  ? xdp_do_generic_redirect+0x40d/0xb40
[  211.364982][T14077]  ? dev_map_generic_redirect+0x90/0x7d0
[  211.370448][T14077]  ? __free_pages_core+0x180/0x180
[  211.375397][T14077]  ? __this_cpu_preempt_check+0x13/0x20
[  211.380783][T14077]  ? bq_enqueue+0x3e0/0x3e0
[  211.385115][T14077]  ? bpf_prog_run_generic_xdp+0xa35/0x1200
[  211.390759][T14077]  xdp_do_generic_redirect+0x42e/0xb40
[  211.396057][T14077]  do_xdp_generic+0x53e/0x800
[  211.400563][T14077]  ? generic_xdp_tx+0x560/0x560
[  211.405253][T14077]  ? tun_get_user+0x2340/0x3a90
[  211.409936][T14077]  tun_get_user+0x238a/0x3a90
[  211.414453][T14077]  ? avc_has_perm_noaudit+0x430/0x430
[  211.419660][T14077]  ? tun_do_read+0x2000/0x2000
[  211.424256][T14077]  ? ref_tracker_alloc+0x31d/0x450
[  211.429204][T14077]  ? file_has_perm+0x508/0x6c0
[  211.433802][T14077]  ? ref_tracker_dir_print+0x160/0x160
[  211.439114][T14077]  ? futex_wait_setup+0x330/0x330
[  211.444065][T14077]  ? tun_get+0xe9/0x120
[  211.448053][T14077]  tun_chr_write_iter+0x129/0x210
[  211.452918][T14077]  vfs_write+0xaf6/0xed0
[  211.456994][T14077]  ? file_end_write+0x1c0/0x1c0
[  211.461685][T14077]  ? do_futex+0x55a/0x9a0
[  211.465846][T14077]  ? __fget_files+0x2cb/0x330
[  211.470359][T14077]  ? __fdget_pos+0x204/0x390
[  211.474781][T14077]  ? ksys_write+0x77/0x2c0
[  211.479040][T14077]  ksys_write+0x199/0x2c0
[  211.483203][T14077]  ? __this_cpu_preempt_check+0x13/0x20
[  211.488583][T14077]  ? xfd_validate_state+0x6f/0x170
[  211.493531][T14077]  ? __ia32_sys_read+0x90/0x90
[  211.498130][T14077]  ? fpregs_restore_userregs+0x130/0x290
[  211.503599][T14077]  __x64_sys_write+0x7b/0x90
[  211.508114][T14077]  x64_sys_call+0x2f/0x9a0
[  211.512368][T14077]  do_syscall_64+0x3b/0xb0
[  211.516618][T14077]  ? clear_bhb_loop+0x55/0xb0
[  211.521131][T14077]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  211.526856][T14077] RIP: 0033:0x7fed2ef8bc1f
[  211.531111][T14077] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  211.550552][T14077] RSP: 002b:00007fed2edff000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  211.558799][T14077] RAX: ffffffffffffffda RBX: 00007fed2f1a5fa0 RCX: 00007fed2ef8bc1f
[  211.566698][T14077] RDX: 000000000000fdef RSI: 0000200000000180 RDI: 00000000000000c8
[  211.574503][T14077] RBP: 00007fed2f00e2a0 R08: 0000000000000000 R09: 0000000000000000
[  211.582321][T14077] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[  211.590131][T14077] R13: 0000000000000000 R14: 00007fed2f1a5fa0 R15: 00007ffc8635cba8
[  211.598121][T14077]  </TASK>
[  211.600976][T14077] Modules linked in:
[  211.604774][T14077] ---[ end trace 0000000000000000 ]---
[  211.610044][T14077] RIP: 0010:dev_map_generic_redirect+0x90/0x7d0
[  211.616086][T14077] Code: f1 f1 00 f2 f2 f2 4b 89 04 26 43 c7 44 26 0f f3 f3 f3 f3 43 c6 44 26 13 f3 e8 8c db dd ff 48 89 d8 48 c1 e8 03 48 89 44 24 48 <42> 80 3c 20 00 74 08 48 89 df e8 81 88 25 00 48 89 5c 24 18 4c 8b
[  211.635670][T14077] RSP: 0018:ffffc90002c4f6a0 EFLAGS: 00010246
[  211.641557][T14077] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000080000
[  211.649384][T14077] RDX: ffffc9000167a000 RSI: 0000000000000475 RDI: 0000000000000476
[  211.657171][T14077] RBP: ffffc90002c4f7f0 R08: ffffffff8415998d R09: ffffffff841598ab
[  211.664960][T14077] R10: 0000000000000004 R11: ffff88812c7b0000 R12: dffffc0000000000
[  211.672789][T14077] R13: ffff88812230b280 R14: 1ffff92000589ee0 R15: dffffc0000000000
[  211.680608][T14077] FS:  00007fed2edff6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  211.689370][T14077] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  211.695789][T14077] CR2: 000020000000f000 CR3: 0000000125b70000 CR4: 00000000003526a0
[  211.703602][T14077] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  211.711479][T14077] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  211.719319][T14077] Kernel panic - not syncing: Fatal exception in interrupt
[  211.726613][T14077] Kernel Offset: disabled
[  211.730742][T14077] Rebooting in 86400 seconds..