last executing test programs:

1m37.286015534s ago: executing program 32 (id=94):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000400180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000380)='mm_page_alloc\x00', r0}, 0x18)
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f0000000000), 0x10)
sendmsg$can_bcm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0500000001ea2f3352c9a24cfb0fe8f3", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r1, @ANYBLOB="37eb290aca"], 0x20000600}}, 0x0)

1m32.126007235s ago: executing program 33 (id=177):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
move_mount(0xffffffffffffffff, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x0)

1m30.107384083s ago: executing program 34 (id=229):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000006000000fa0000009f00000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
quotactl$Q_QUOTAOFF(0xffffffff80000301, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)

1m24.569311996s ago: executing program 35 (id=281):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x3, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000cc0)={r2}, 0xc)

1m23.67775606s ago: executing program 36 (id=298):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

1m15.398155553s ago: executing program 37 (id=445):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001400010000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440))
r1 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0)
fallocate(r1, 0x0, 0x400000000000000, 0x7)

1m12.061636817s ago: executing program 38 (id=511):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x1a9a00, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000380)={"f9bef8d1aaeadafa287efdb9450ae3e2d260489591c42ab93a0c7bca18e9a19fa8e6cd61e9f62f91123f1311f81f85b4044554cb6e3ca1b6d1fc011bd71bdda82f37ccfa5b87dd5dcd311dbbb67f240dc02c53b7eabf3651660ce801e3878538da8bb24e1dbc480dae36207bf6b7b946c7a8ec08468f9a75ec797b8c11807655272833a7c70ccfc9a8259e7a148eca4d16b6ff519973a20b65f91a7261cdd2440a5a0566d843fa334b0280f0aacc3b417322b9b56098dd842c44139da4bd1e2212a40ba043bd72b995b172b26b71d434e9f3bf74b4ed480b264e0e9d6f628732534db36bfb92ee6419fb244db44abf0cd9357755ce9c4c9a584e5eb89ffd10c8a6c3c6115265f25f798570751917cd7cfc2ca71729e268c3b30c05b3dfdb18cbbfd3036a889f5fefb0f9d56bf970bdbf2524f8e435b721c809e73a5fdafbf1594088ad1974908bf5fc752d564c1a4989a7d1e59564567d9b437442c5c1cfec93526395d18b1ecb18dedd713ced403a00a2cd27b2dc857808287ea88157b3c19075eb33f7cc60a6161a88ad37fb04d0ce0fda24176406391a5ac521299143bdf59a474a17272105e55e9870cec2942a6705993e821e54441c877a64450e739b1321ad17e1ed552e65654bbfcc8ebd1d64fc4e888609a90410f780fe5031c27737f2de05a7ddf00129eb746a2e990438d9bf6a3211779707d615d79111b3fe71c26433482306ce7563c11cdf6f8da283ae147311465af80ba5350e6d65438cd5a20ec155d78227e5336d504f8f1145f4b942180f7ba6e5c9a070d4e31289d4845229780e53713090e782a75b32729c10da28c1f2702dad57a37416fc138040064347a0a290803f51a619402d88d0a4b2bef39bf92696b6d7052459a78a258edfe2e66f2e10a80b168b483c90a1a1dd67c6d6c9b7a2336d1678131ca38552d9acff05dcd57f9f4164064b7781d8a8b5507e21edfe35d65d726bf24799535648cd04f3b7e85c3f6762f353a8f65afdc7ba63bc0eb65d7188cb1adee1d8d14c0413458d2ff65093d972ac3696fa12defc0f8dedf2309e1b80fc672205e6ccfc6b494233c4d00b5471cb52d896c73cddee40e5e51ee8a9bbe453a1a7d5b9832cacc5965220145504ccb2a157a7c1d9d718c0bf96cd350ac5ca330c827bedbff299774707f5840a0d954ae39c9421975d48e05d87a1ceddefbecae936e15ffb308364b69eefd345d6200cd128e48c162a4ebd026fefb7cc73e80204b21ff30d63e8707292f60682c6f6a587fff9c5a0fae24e0406df5363c7c9d31f72829b6a9d9237a84e83e22c33bf6313ee4072f09f9c6254d0eb7239d51cdda77b8e3d42a89449a3e1b6be8953a27651486383879490486fd11b6ac4e1b86f8a71fc294e0ebf572f4ef00582be189ee5a38c18d4d51cd3221fb1475a56cdf3cc7258bf8c559bf1a9"})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000140)={0x2, 0x0, @ioapic={0x1000, 0x6, 0x6, 0x7fffffff, 0x0, [{0x99, 0x9, 0xa, '\x00', 0xb8}, {0x13, 0x7, 0x9, '\x00', 0x8}, {0x81, 0x5, 0x0, '\x00', 0x1}, {0xfa, 0x9, 0x40, '\x00', 0x7f}, {0x86, 0x7f, 0x2, '\x00', 0x74}, {0x9, 0x0, 0xc7, '\x00', 0x2}, {0x1, 0x2, 0x8, '\x00', 0xff}, {0xff, 0x8, 0x12, '\x00', 0x3}, {0x2, 0xff, 0x6, '\x00', 0x9}, {0x6, 0x48, 0xc5, '\x00', 0x3}, {0x2, 0xee, 0x2, '\x00', 0xe9}, {0x9c, 0x5, 0x3, '\x00', 0xa}, {0x2, 0x1, 0x4}, {0xf4, 0x7, 0x6, '\x00', 0xf5}, {0x3, 0x2, 0x59, '\x00', 0x3}, {0x0, 0x9, 0x0, '\x00', 0x2}, {0xfd, 0x7, 0x0, '\x00', 0xff}, {0x6, 0xf, 0xe, '\x00', 0x95}, {0x80, 0x5, 0x5}, {0x2, 0xb, 0x7c, '\x00', 0x9}, {0x9, 0x23, 0x6, '\x00', 0x3}, {0x7, 0xb4, 0x9, '\x00', 0xd}, {0x0, 0x8, 0x4, '\x00', 0x3}, {0xc, 0x2, 0x81, '\x00', 0x8}]}})

55.879004203s ago: executing program 39 (id=819):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0xa, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
sigaltstack(0x0, 0x0)

53.201857574s ago: executing program 40 (id=900):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000600)=@bpf_lsm={0x10, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0xdf52, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x80, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

46.80973429s ago: executing program 41 (id=1003):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x42, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0xfffffffffffffe8b, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$binfmt_register(0xffffff9c, &(0x7f0000001240), 0x1, 0x0)
write$binfmt_register(r2, &(0x7f0000001280)={0x3a, 'syz1', 0x3a, 'E', 0x3a, 0xf0, 0x3a, 'datacow', 0x3a, '\\-%#!\\\\\'', 0x3a, './file0', 0x3a, [0x46]}, 0x37)

46.165978942s ago: executing program 42 (id=1016):
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
recvmsg(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x40fd)

27.831854077s ago: executing program 43 (id=1302):
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="5300000007000046009d40edce82cd28e1e1edab5168510449b8a5"], 0x53)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})

22.895850657s ago: executing program 9 (id=1375):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2000000, &(0x7f0000000240), 0x21, 0x4a6, &(0x7f0000000a40)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r1, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r0}, 0x38)

22.602428088s ago: executing program 9 (id=1382):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='mm_page_alloc\x00', r0}, 0x10)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x20001400)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='mm_page_alloc\x00'}, 0x10)
ioctl$TUNSETOFFLOAD(r1, 0x40047451, 0x2000000c)

22.465723339s ago: executing program 9 (id=1388):
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000180)={{0x2, 0x0, @loopback}, {0x0, @remote}, 0x0, {0x2, 0x0, @multicast1}})
write$binfmt_script(r1, &(0x7f00000000c0), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r0, 0x40383d0c, &(0x7f00000000c0))

22.453275019s ago: executing program 9 (id=1389):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r2}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c)

22.442346019s ago: executing program 9 (id=1390):
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)={[{@subsystem='cpuset'}, {@subsystem='memory'}, {@subsystem='cpuacct'}]})
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000280)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f0000000140), 0x1e)
syz_clone(0x22080180, 0x0, 0x0, 0x0, 0x0, 0x0)

22.425732729s ago: executing program 9 (id=1391):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x19, 0x4, 0x8, 0x7fff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
syz_emit_ethernet(0x86, &(0x7f0000000700)=ANY=[@ANYBLOB="aaaaaaaaaaaa00010000000088a8"], 0x0)

21.385064323s ago: executing program 2 (id=1402):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f0000000040), 0x76, 0x141201)
ioctl$USBDEVFS_REAPURB(r2, 0x4008550c, &(0x7f0000000880))
ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000080)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000000), 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

20.488655397s ago: executing program 2 (id=1404):
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000001c0), 0xfe, 0x25e, &(0x7f0000001000)="$eJzs3T9o3FYcB/Cf7k9d16a47VIo/QOllNZg3KFQ6NIuLRhKMaUU2oJLKZ2CHXBssvkyZcmQzEnwlMWEbHEyhiwmSyCrk3hwlgwxGWIyJMMFne7C+Xwmjs93CtbnA7L09J70nkDfZ3mQHEBhjUXEDxFRjojxiKhGRNLe4LNsGWsWl4fXZiLq9d8eJ412WTnTOm4kImoR8V1EpVW3uPrX5tP1n788s1D94tLqn8ODur52W5sbv2xf/PX01alvFkvNfaPNdft1HKaky75KEvF+Pzp7QySVvEfAfkyfvHI3zf0HEfF5I//VKDUje3b+rZvV+PrCXseee3Tno0GOFTh89Xo1/R1YqwOFU2o8AyeliYjItkuliYnsGf5eOYljc/Mnxv+fW5j9L++ZCjgESS37u3fjp+tD10Y68v+wnOV/X77t80iBvkjz//v0yv10e7uc92iAgfg4W6X5H/9n6auQfygc+Yfikn8oLvmHI+CA2ZV/KC75h+KSfzjCqq2NWtdq+Yfikn8oro785/I+LpCP9vwDAMVSH8r7DWQgL3nPPwAAAAAAAAAAAAAAAAAAwG7Lw2szrWVQfd46H7H1Y0RUdvY/1KgtN/4fccTbjZ/vPEnSZi8l2WE9+fvTHk/Qo8s5v3397oN8+7/9SX/Oe2pncc9v2y3NRtTSxpOVyu77P2nefwf33ivqq//22MFrSjrK3/8x2P47PV/Jt/+p9Ygb6fwz2W3+K8WHjXX3+We0/RPLB3T8WY8nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYGBeBAAA//9hymrI")
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
creat(&(0x7f0000000f00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
link(&(0x7f0000000a40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
mkdir(&(0x7f0000000000)='.\x02\x00', 0x102)

20.464598477s ago: executing program 44 (id=1404):
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000001c0), 0xfe, 0x25e, &(0x7f0000001000)="$eJzs3T9o3FYcB/Cf7k9d16a47VIo/QOllNZg3KFQ6NIuLRhKMaUU2oJLKZ2CHXBssvkyZcmQzEnwlMWEbHEyhiwmSyCrk3hwlgwxGWIyJMMFne7C+Xwmjs93CtbnA7L09J70nkDfZ3mQHEBhjUXEDxFRjojxiKhGRNLe4LNsGWsWl4fXZiLq9d8eJ412WTnTOm4kImoR8V1EpVW3uPrX5tP1n788s1D94tLqn8ODur52W5sbv2xf/PX01alvFkvNfaPNdft1HKaky75KEvF+Pzp7QySVvEfAfkyfvHI3zf0HEfF5I//VKDUje3b+rZvV+PrCXseee3Tno0GOFTh89Xo1/R1YqwOFU2o8AyeliYjItkuliYnsGf5eOYljc/Mnxv+fW5j9L++ZCjgESS37u3fjp+tD10Y68v+wnOV/X77t80iBvkjz//v0yv10e7uc92iAgfg4W6X5H/9n6auQfygc+Yfikn8oLvmHI+CA2ZV/KC75h+KSfzjCqq2NWtdq+Yfikn8oro785/I+LpCP9vwDAMVSH8r7DWQgL3nPPwAAAAAAAAAAAAAAAAAAwG7Lw2szrWVQfd46H7H1Y0RUdvY/1KgtN/4fccTbjZ/vPEnSZi8l2WE9+fvTHk/Qo8s5v3397oN8+7/9SX/Oe2pncc9v2y3NRtTSxpOVyu77P2nefwf33ivqq//22MFrSjrK3/8x2P47PV/Jt/+p9Ygb6fwz2W3+K8WHjXX3+We0/RPLB3T8WY8nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYGBeBAAA//9hymrI")
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
creat(&(0x7f0000000f00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
link(&(0x7f0000000a40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
mkdir(&(0x7f0000000000)='.\x02\x00', 0x102)

15.585895087s ago: executing program 1 (id=1448):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400ffd9b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
pidfd_send_signal(0xffffffffffffffff, 0x3d, 0x0, 0x0)

15.573019487s ago: executing program 1 (id=1449):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000188500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000004c0)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000200)={[{@quota}, {@oldalloc}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@block_validity}, {@jqfmt_vfsv1}]}, 0x3, 0x434, &(0x7f0000000940)="$eJzs289vFFUcAPDvzLZFKNiK+IOCWkVj44+WFlQOXjSaeNDERA94rG0hlYUaWhMhjVZj8GhIvBuPJv4FnvRi1JOJV70bEmJ6AT2tmd2ZdrvdLW3ZdtH9fJKB92be5n2/O/N238zrBtC1hrN/koj9EfF7RAzUqmsbDNf+u7m8OPX38uJUEpXKW38l1XY3lheniqbF6/rzykgakX6WxJEm/c5funxuslyeuZjXxxbOvz82f+nys7PnJ8/OnJ25MHHq1MkT4y88P/FcW/LMYrox9NHc0cOvvXP1janTV9/9+dukyL8hjzYZ3ujgE5VKm7vrrAN15aSng4GwJaWIyE5Xb3X8D0QpVk/eQLz6aUeDA3ZUpVKp9Lc+vFQB/seS6HQEQGcUX/TZ/W+x7dLU445w/aXaDVCW9818qx3piTRv09twf9tOwxFxeumfr7ItduY5BADAGt9n859nms3/0ri/rt3d+drQYETcExEHI+LeiDgUEfdFVNs+EBEPbrH/xkWS9fOf9Nq2EtukbP73Yr62tXb+V8z+YrCU1w5U8+9NzsyWZ47n78lI9O7J6uMb9PHDK7990epY/fwv27L+i7lgHse1nj1rXzM9uTB5OznXu/5JxFBPs/yTlZWAJCIOR8TQNvuYfeqbo62O3Tr/DbRhnanydcSTtfO/FA35F5KN1yfH7oryzPGx4qpY75dfr7zZqv/byr8NsvO/r+n1v5L/YFK/Xju/9T6u/PF5y3ua7V7/fcnb1XJfvu/DyYWFi+MRfcnrtaDr90+svraoF+2z/EeONR//B2P1nTgSEdlF/FBEPBwRj+SxPxoRj0XEsQ3y/+nlx9/bfv47K8t/ekvnf7XQF417mhdK5378bk2ng1vJPzv/J6ulkXzPZj7/NhPX9q5mAAAA+O9JI2J/JOnoSjlNR0drfy9/KPal5bn5hafPzH1wYbr2G4HB6E2LJ10Ddc9Dx/Pb+qI+0VA/kT83/rK0t1ofnZorT3c6eehy/S3Gf+bPUqejA3ac32tB9zL+oXsZ/9C9jH/oXk3G/95OxAHsvmbf/x93IA5g9zWMf8t+0EXc/0P3Mv6hexn/0JXm98atfySvoLCuEOkdEYbCDhU6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHv8GAAD//5LX5s8=")
setxattr$trusted_overlay_upper(&(0x7f0000000200)='./file1\x00', &(0x7f0000000240), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
llistxattr(&(0x7f0000000080)='./file1\x00', 0x0, 0x0)

15.460429907s ago: executing program 1 (id=1450):
r0 = syz_usb_connect(0x5, 0x24, &(0x7f0000001900)={{0x12, 0x1, 0x200, 0x2, 0xcd, 0x77, 0x10, 0x403, 0xb8d8, 0x30bb, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0xde, 0x0, 0x0, 0x8, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xd0, 0x76, 0xd8, 0xe}}]}}]}}, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000003440)={0x14, 0x0, &(0x7f0000003400)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000004000)={0x24, 0x0, &(0x7f0000003f40)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0xc47}}, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, &(0x7f0000004ac0)={0x2c, 0x0, &(0x7f0000004840)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

12.833148568s ago: executing program 1 (id=1472):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000100)='./file1\x00', 0x101880a, &(0x7f0000000400)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c646973636172645f756e69743d7365676d656e742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c617467632c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303031343033302c00271d57a599b8b169a579679e220c689eaaec4fa6229021e75c68a687d319b615573b0b0ceefba8e2e2419434463974ef8174b66469344931de0ccad650792761"], 0x1, 0x550b, &(0x7f00000079c0)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x5a042, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000380)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
lsetxattr(&(0x7f0000000080)='./file1\x00', &(0x7f00000001c0)=@known='trusted.overlay.impure\x00', 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000002240)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000440)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './file0'}}]})

11.912135402s ago: executing program 1 (id=1501):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008180000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r1}, 0x10)
setitimer(0x0, 0x0, 0x0)

11.074211726s ago: executing program 5 (id=1508):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)

10.986141745s ago: executing program 5 (id=1510):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000001e80)={[{@inlinecrypt}]}, 0x1, 0x549, &(0x7f0000001800)="$eJzs3c9vI1cdAPDvTH65222zCz1ABewChQWt1t5421XVS8sFhKpKiIoD4rANiTcKseMQO6UJkUj/BpBA4gR/AgckDkg9ceDGEYkDQpQDUoEItEHiYDRjJ+smNmtqx+7Gn480O/Pmzcz3PWdn3vNz4hfA1LoeEQcRMR8Rb0TEYmd/0lnilfaSHffgcH/l6HB/JYlW6/W/J3l+ti+6zsk82blmISK+/pWIbydn4zZ29zaWq9XKdiddata2So3dvVvrteW1ylpls1y+u3T39ot3XiiPrK7Xar9478vrr37j17/65Lu/O/ji97NiXe7kdddjlNpVnzuJk5mNiFfPI9gEzHTW8xMuBx9MGhEfiYjP5Pf/Yszk/zsBgIus1VqM1mJ3GgC46NJ8DCxJixGRpp1OQLE9hvdMXEqr9Ubz5v36zuZqe6zsSsyl99erldtXF/7w3fzguSRLL+V5eX6eLp9K34mIqxHxo4Un8nRxpV5dnUyXBwCm3pPd7X9E/GshTYvFgU7t8akeAPDYKEy6AADA2Gn/AWD6aP8BYPoM0P53Puw/OPeyAADj4f0/AEwf7T8ATB/tPwBMla+99lq2tI4633+9+ubuzkb9zVurlcZGsbazUlypb28V1+r1tfw7e2qPul61Xt9aej523io1K41mqbG7d69W39ls3su/1/teZW4stQIA/per1975fRIRBy89kS/RNZeDthoutnSERwGPl5lhTtZBgMea2b5geg3UhOedhN+ee1mAyej5Zd6Fnpvv95P/I4jfM4IPlRsfH3z83xzPcLEY2Yfp9cHG/18eeTmA8TP+D9Or1UpOz/k/f5IFAFxIQ/wKX+sHo+qEABP1qMm8R/L5PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwwlyPiO5GkxXwu8DT7Ny0WI56KiCsxl9xfr1ZuR8TTcS0i5hay9NKkCw0ADCn9a9KZ/+vG4nOXT+fOJ/9eyNcR8b2fvv7jt5abze2lbP8/TvYvHE8fVn543hDzCgIAg/vzIAfl7Xe5s+56I//gcH/leDnHMp7x3pdOJh9dOTrcz5d2zmy0Wq1WRCHvS1z6ZxKznXMKEfFsRMyMIP7B2xHxsV71T/KxkSudmU+740cn9lNjjZ++L36a57XX2cv30RGUBabNO9nz55Ve918a1/N17/u/kD+hhpc//woRx8++o674s51IMz3iZ/f89UFjPP+br57Z2Vps570d8exsr/jJSfykT/znBoz/x0986ocv98lr/SziRvSO3x2r1KxtlRq7e7fWa8trlbXKZrl8d+nu7RfvvFAu5WPUpeOR6rP+9tLNp/uVLav/pT7xCz3rP39y7ucGrP/P//PGtz79MLlwOv4XPtv75/9Mz/htWZv4+QHjL1/6Zd/pu7P4q33q/6if/80B47/7l73VAQ8FAMagsbu3sVytVraH2sjehY7iOmc2siIOdvBxd3G4oH+KfGNEL0ufjawzNsjBc+f1qp77xuxJX3G0V/5mdsUxVycdeS2G2ngwrliTeyYB4/Hwpp90SQAAAAAAAAAAAAAAgH7G8adLk64jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF9d/AwAA//8+JMPM")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2029c1b, 0x0, 0x1, 0x0, &(0x7f0000000080))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./bus/file0\x00', 0x0)
rename(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

10.985920395s ago: executing program 1 (id=1511):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f00000001c0), 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000180)=0x2, 0x4)
shutdown(r0, 0x1)
sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x240088d6)

10.983347446s ago: executing program 45 (id=1511):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f00000001c0), 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000180)=0x2, 0x4)
shutdown(r0, 0x1)
sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x240088d6)

10.977815446s ago: executing program 5 (id=1513):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000d8ffffffb703000008000000b70400000000925e850000000800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
timer_create(0x0, 0x0, &(0x7f0000000000))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000500)='hrtimer_start\x00', r1}, 0x10)
timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)

10.937836926s ago: executing program 5 (id=1514):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000300)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x9101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000480)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
close(0x3)

10.918784156s ago: executing program 5 (id=1515):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r2, 0x400, 0x0)

10.772005817s ago: executing program 5 (id=1516):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a1c000000000a0500000000000000000007000000080002400000000050000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000000b0c00104000000000000000020800034000000008ec0500000c0a0101000000000000000007000000a0050380940400800900090073797a3100000000a0010a8014000280080003400000000408000180fffffffb180002800900020073797a300000000008000180fffffffb85000100bbdad43eb83e21bf3229d4c844fd3fd9dc7d5cee13b64981d7a60d25fd6cd1c090ed1a86ab86a45dba8d8ecd269fba6bbfc5d474fde1398789981b161b9dfb87a5d08c4093cf3806a469352fb2db019d7393ff8da56242e50e5be273977f1165671be5"], 0x680}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x0, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
unshare(0x20040600)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x5, 0x6, 0x200, 0x40, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200), &(0x7f00000003c0), 0x7fff, r0}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f00000001c0)={r0, &(0x7f0000000080), &(0x7f0000000180)=""/29}, 0x20)

10.771821777s ago: executing program 46 (id=1516):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a1c000000000a0500000000000000000007000000080002400000000050000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000000b0c00104000000000000000020800034000000008ec0500000c0a0101000000000000000007000000a0050380940400800900090073797a3100000000a0010a8014000280080003400000000408000180fffffffb180002800900020073797a300000000008000180fffffffb85000100bbdad43eb83e21bf3229d4c844fd3fd9dc7d5cee13b64981d7a60d25fd6cd1c090ed1a86ab86a45dba8d8ecd269fba6bbfc5d474fde1398789981b161b9dfb87a5d08c4093cf3806a469352fb2db019d7393ff8da56242e50e5be273977f1165671be5"], 0x680}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x0, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
unshare(0x20040600)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x5, 0x6, 0x200, 0x40, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200), &(0x7f00000003c0), 0x7fff, r0}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f00000001c0)={r0, &(0x7f0000000080), &(0x7f0000000180)=""/29}, 0x20)

9.91340583s ago: executing program 0 (id=1518):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
llistxattr(&(0x7f00000000c0)='./file1\x00', 0x0, 0x0)

9.784394031s ago: executing program 0 (id=1519):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f00000000c0)=0x1, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0xffffffff}, 0x1c)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_batadv\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f00000001c0)="29ead32bec", 0x5, 0x0, &(0x7f0000000300)={0x2f, 0x8100, r2, 0x1, 0x0, 0x6, @remote}, 0x14)

9.756717951s ago: executing program 0 (id=1520):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=@base={0xb, 0x7, 0x6, 0x2, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000006000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@loopback, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffffffffffffffff}}, {{@in=@private=0xa010100, 0x0, 0x6c}, 0x0, @in6=@dev, 0x0, 0x4, 0x0, 0x0, 0xb7b0}}, 0xe8)
syz_emit_ethernet(0x3e, &(0x7f0000000200)={@broadcast, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x4, 0x0, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @dev}}}}}}, 0x0)

9.663596611s ago: executing program 0 (id=1521):
mkdir(&(0x7f0000000000)='./file0\x00', 0x111)
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0)
r1 = openat$incfs(r0, &(0x7f00000001c0)='.pending_reads\x00', 0x42000, 0x20)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000000c0)={0xe000001a})

9.619451161s ago: executing program 0 (id=1522):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r2}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))

9.592696822s ago: executing program 0 (id=1523):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)
bind$bt_hci(r0, &(0x7f0000000140), 0x6)
ioctl$sock_bt_hci(r0, 0x800448d7, 0x0)

9.495877002s ago: executing program 8 (id=1524):
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x1c0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f00000006c0)=@v2={0x2, @aes256, 0x0, '\x00', @a})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f00000006c0)=@v2={0x2, @aes256, 0x0, '\x00', @a})

9.342087092s ago: executing program 8 (id=1526):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
r1 = dup(r0)
write$uinput_user_dev(r1, &(0x7f0000000c80)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5be, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9], [], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd]}, 0x45c)
ioctl$UI_DEV_CREATE(r1, 0x5501)
write$FUSE_BMAP(r1, &(0x7f0000000300)={0x18, 0x0, 0x0, {0x800003}}, 0x18)

9.321615032s ago: executing program 8 (id=1527):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b"])

9.288949423s ago: executing program 8 (id=1528):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1000e, &(0x7f0000000300), 0x1, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==")
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x30000, 0x0, 0x41, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
chdir(&(0x7f0000000000)='./file0\x00')
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x7a000}], 0x1, 0x33000, 0x0, 0x3)

9.163187493s ago: executing program 8 (id=1529):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
recvmmsg(r1, &(0x7f0000001680)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)=""/130, 0x82}], 0x1}}], 0x1, 0x10042, 0x0)

9.043090774s ago: executing program 8 (id=1532):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000006208500000070000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r0, @ANYRES64=0x0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)

9.019419614s ago: executing program 47 (id=1532):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000006208500000070000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r0, @ANYRES64=0x0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)

7.245118051s ago: executing program 48 (id=1391):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x19, 0x4, 0x8, 0x7fff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
syz_emit_ethernet(0x86, &(0x7f0000000700)=ANY=[@ANYBLOB="aaaaaaaaaaaa00010000000088a8"], 0x0)

2.948364298s ago: executing program 7 (id=1607):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000840)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000060000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0)
fstat(r2, &(0x7f00000003c0))

2.798002199s ago: executing program 7 (id=1609):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = gettid()
time(0x0)
rt_tgsigqueueinfo(0x0, r1, 0x5, 0x0)

2.797847329s ago: executing program 7 (id=1610):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000001e40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a505000000007751e841cca555077e3a159110193dd2ff1fa7c3205bfedbe9d8f3bd23cd78a07e32fe0231368b2264f9c504b2f1f65515b2e1a38d522be18bd10a48b043ccc42673d06d7535f7866925d86751dfced1fd8accae669e173a659c1cfd6587d47578f4c35235138d5521f9453559c35da860e8efbcbfb42c30d294a55e1c46680bee88956f2b3599f455c7a3a49a01010000009f2f0517e4ca0e1803a20000000013d4e21b3336f1ae0796f23526ec0fd97f7325eac34c4dfafe7cc03b0864009d2e7d7ff6ff72ba8972b122b09789d99b3d0524f39d5ae913b2d22eb2c09244ba5dbe9180950f76f7049db5cb19d7962fed44e00f39ed8c13a11fa798de504e2865cd81f2b77fdd76c677f812d249c8130b018d4300000020000000db3947c85c3a9027ce9e856fa8b7fb05000000000000593d60abc9b3e67d127e56f3d3759dcfeb820634fd4d419efaefc74305b2bea2000600000051fcf5d62205561b6efaad206335a309f7b9e01446a6285f4665a7fe3cda2349f8bf400100000000000000f435f28fbeda75cf971f54a9698cf3270f420ee83f2d9babe7b922401639ce3c4ff0850a8e078374909413f3fbd3ced3285252dc81a46ef7ce29484dc6b6adfd7a4db730fc594609654d97836f171b766ffd7526847a6bfda9c648e8aa5c558aa6d463ec9d840f3914909187b6b0776952be71b0417d33d3ab25493418ba0fbacf768e07c1a939d31f606085b9e3efc93b0f58d5ec37494d9d10d76e603129e9a726579ac7d672cacd581b7ca77b3610b7403930fd42051d4b7443e5b49c000000000000007d6173050027791c9c1e04ad3711a66da2254a6f911b1469c62a6e1e3f9c1715c009a58e6eadac8f61b45853673df72dc813f7454ae22d79ac48034282f03040889500000000179dcf66d93907cedd49e0c5752f755849953957143a0335d2f62acbf18b251ce63b29fe177745448ccc925770fac12cf9e291200df6bb669d5a57dd74df817ef2f8698f710c359afe73947afebdf5536e4db8b0231d0cbc798766ec60586f14b44775bc9d250e4515cb83275d3b495fa90000e69a68b47ac4595463e1442d88e0606a060000cc914fae896ab129ccdf8792a8435972c8391d132a2fcbd40e865d62cc7c4200000000000000000000000000000800002a77fbbccfdb1ab3d8434905f09726b8145ea99c7640faab578dc98a6134df0a10a54ce7e7ddbb709a27d977d1f91ab9ee940700009594c9a50961b7fcc56d82584dc8254df7c411fa61353a6897c4f3b9f6f2ab47adb29aefecce96c94f360e129c9f2af569c794b68b2ead404bcdd4aa9cb6a128e1ad45fd4030e1e69adf4986b7860f3122d59c079f0f9a1732f691590f45512aec4ed2413f66cac7dd022301741c576dea82005b166d6c3b9ed0c297ac197a92188a618745e78dca0b3c62f1601243089d9c687563382b0b88a7d80fd7bf7fae8a690f52db1464d29b1b926414cd35705c89662c585e32c881d917b74f027674dbc017499ba15a2e2900000000000000000000000000007b593ecbdd162fee9f239a3c615b3e9a3fb0af254bdd247a5a5abdbc0123c950eec0f1800b295be71418dd65de15e11beef9630499c70fce74135a7c7c8e818b79b85ff65d59d89492d7a663d3f25651e252ab49d358eac853ffe182ee37a5db085a072647719cb8604ba2e0b80af3f1867bd8fb6afca671437e0a5a9d5a088436739262d894986882ec0fb419a377ef47f4920a5de6d8de0d3090b4cb6b773e825442d351f980eed0d997a4d98a51220c41b145e2186546c646128a3e69f52fcad83a026def90b9eb55f4a0a2251bbae428c6c017b5a47f1580831a7ce232857e6aa9e777e99da1a3ad03fdc93fa7ed96228deac5e3bce983971041297a6ba18783a2edc7e3901cc891035872c61e7ea375b0902be0c5cc7fdef968ba1ca17ce5e11f2f384cd28c1194f56d3cf074e8ba4e60e84dc2f352c3cd170581aee0c93ca8ceff84cda40325d340759e79e5c4bcec227e37f7ec2193c78877fb319ec1f2d4dcf1d46a15cde1d6cecce6ecdb0c0a3413394d51341a7b3606ad8c29b6dbf6be3265b528c3208de35161bfe19678df43a45b314e5a0f8754cfaf4f9d3fdf9c8f7b7c296bf2e632d25ba8ee6369b362a8e4c9dff176d482d32249c93680a04f6464f184acfd0376662fee9e1031e569248db9bc724cdd97976a4d7c5c5172d1383fa1e442f68a14b747a9f2597bf115dd0111fe8ba3584a43176f33bd39a408f8648b19839bba9cc47624ea19e46dbbdf0faf591bcdc8613828a0c5a40c04ae34bbf4a0e27828b0c7cb9d7a7455db030425a4bd69cf6dcb4b1d066f8ef4ea1c710e05819df82d5cc94ace6b41c2de37a2eaf24f24b3d9a7dd4d197d51407be3e90000000000000000dbc0b0d6e11ccb71437ebea7ad01d5b93a7a0561e4a1b3fa1aa9c75f3aaec4ace1b6201a3e007b657be62df59133b4d8f0f145d9fc954cc7792077268bf0977e2a699722ce3dbb97248b8a8a771dd0f7d9c97e6587524a44fd6d49330ccbc39ca277b84f7f0a39759ef0b42388bd69fe341a925e8cdc5d7b2d6ddb7331a081bd0672bf4d02255de095a179e51bf5492d4e89c3cbad59db725c0dd7e35cbd9887175286a37d7621a361eb830cc5b842b11b5d040ccceb254d6a0c9c43718d0816bb2465928e236101b8cd46b5ef9cb930378a9249cbb41bcde9bb78d71c512153d2f1d765b56d2e5ef3e3d34975787646630051074c9706747fda873ccfdb394fc269c8cfadc0a52c3402f392a38052f859ab5600000000000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000240)='kmem_cache_free\x00', r2}, 0x10)
setns(r1, 0x24020000)

2.794501049s ago: executing program 7 (id=1611):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f0000000400)=@framed, &(0x7f0000000340)='syzkaller\x00', 0x1, 0xc5, &(0x7f0000000180)=""/197, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2600, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r0}, 0x10)

2.771758059s ago: executing program 7 (id=1612):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xa00008, &(0x7f0000000100), 0x1, 0x7ad, &(0x7f00000007c0)="$eJzs3c9rG1ceAPDvyD/jZNdeWNjNngwLu4YQeZ31JruwsFn2sBQaCLTnJEZWTGrZCpYcYmNIQin00kNLD4XmknPTprdc++PaXvo39FAS0tYJTemhuIw0SmRbcpzEklL8+cBY782M9N533sybZ82gCWDfGk//5CIORwykydFsfhLZjOiPOFlf7+H6WiGdktjYeOW7pLbOg/W1QjS9J3Uwy/wxIj57I+JIbnu5lZXV+ZlSqbiU5SerCxcnKyurRy8szMwV54qLx6emp4+d+MeJ43sX6w9frh66+/b///rRyZ9e/8Ottz5P4mQcypY1x7FXxmM82yYD6Sbc5H97XViPJb2uAM8kPTT76kd5HI7R6NuhJf/T1ZoBAJ1yJSI2AIB9JnH+B4B9pvE9wIP1tUJjivr1nKs9/WKiS+79NyKG6/E3rm/Wl/TXr9l9NVy7DjryIKldI2lIImJsD8ofj4jrt8/cTKfo0HVIgFauXouIc2PjW/v/tIfbes/C0/rbLtYZ35LX/0H3fJKOf/65ffwXkcuO/+Ha363jn6EWx+6zePLxn7uzKTuwB4U2Scd//266t+1hU/yZsb4s95vamG8gOX+hVEz7tt9GxEQMDKX5qR3KmLj/8/12y5rHf9+/89oHafnp6+M1cnf6hza/Z3amOvM8MTe7dy3iT/2t4k8etX/SZvx7epdlvPSvN99vtyyNP423MW2Pv7M2bkT8pWX7P74PKtnx/sTJ2u4w2dgpWvj46/dG2pXf3P7Xb6clrRUa/wt0Q9r+IzvHP5Y0369Zefoyvrgx+mm7ZZvjP3MzLX9z/K33/8Hk1Vp6MJt3eaZaXZqKGExe3j7/2OP3NvKN9dP4J/7c+vjfaf9Pu6FzWXrjCTc/9t/99sNnj7+z0vhn0/ZPsiCe2P5Pn7j1cL6vXfm7a//pWmoim7O9/+vf9rm7reBzbTwAAAAAAAAAAAAAAAAAAAAAAAAA2KVcRByKJJd/lM7l8vn6M7x/HyO5UrlSPXK+vLw4G7VnZY/FQK7xU5ejTb+HOpX9Hn4jf2xL/u8R8buIeHfoQC2fL5RLs70OHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyB9s8/z/1zVCvawcAdMxwrysAAHSd8z8A7D9tzv+DrWcf6GhdAIDuqJ3/k/5eVwMA6CLf/wPA/uP8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQIedPnUqnTZ+XF8rpPnZSyvL8+VLR2eLlfn8wnIhXygvXczPlctzpWK+UF5o+0FX6y+lcvnidCwuX56sFivVycrK6tmF8vJi9eyFhZm54tniQNciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDdq6yszs+USsUliZ0TV16IalzLmq3XW0PihUgMRUSnimjuJQ70pnMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+BX4JQAA//9qsh/Y")
openat(0xffffffffffffff9c, 0x0, 0x143042, 0x0)
shutdown(0xffffffffffffffff, 0x1)
io_setup(0x1, &(0x7f00000004c0)=<r0=>0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
io_submit(r0, 0x1, &(0x7f0000000200)=[&(0x7f0000000280)={0xffffff7f00000000, 0x0, 0x0, 0x1, 0xfffd, r1, &(0x7f00000000c0)='k', 0x1, 0x400a00}])

2.53234892s ago: executing program 7 (id=1613):
r0 = syz_usb_connect$cdc_ncm(0x2, 0x15f, &(0x7f0000000880)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109024d0102010000000904000001020d00000524060001052400fcff0d240f0100000000000006000006241a0000001524120900a317a88b045e4f01a607c0ffcb7e392a08241c0600000700c42413005da99c25dd0add3dc099d058f718dfc160010f5229796cf899ef665687a1a97cfe38a553c73c928f19b2fea1b6e9918f3ea47b7ec2fbde01223197b550070766d000eb598c8425b61acfe497b3c935a95de366e950376757ed6ccbbbcc68ba8eb8519076ab9690a08e4f6e63c406b50dcaf86bd07f44b5b90c347cb930107ac77ec6ed6c0d86139fea8cbc9e67c7c87659958507c2f5fd23036cb4a7532ebfec106d5cd65eadc955ed98ab1ea63951efc1693672329e73834ddd68d3c2c528fb04240208052415040007240a074000080905810320000000000904010000020d00000904010102020d00000905820200020005000905030210"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000600)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x20, 0x80, 0x1c, {0x5, 0x401, 0x3, 0x1, 0x63bf, 0x8000, 0x7b00, 0x1000, 0x8, 0x6, 0x401, 0xffff}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000040)={0x14, 0x0, &(0x7f0000000000)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)

1.859493353s ago: executing program 3 (id=1618):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x1c)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
fstatfs(r2, &(0x7f00000019c0)=""/4096)

1.773966563s ago: executing program 3 (id=1619):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x6, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
setfsgid(0x0)

1.609757054s ago: executing program 3 (id=1620):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f00000002c0)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f0000001b80)={@multicast, @dev, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @empty=0x2, @multicast2}}}}}, 0x0)

1.570054034s ago: executing program 3 (id=1621):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x3000010, &(0x7f0000000080), 0x1, 0x513, &(0x7f00000010c0)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOt7rW1aSpOmNOk6LYt28T8QQcEnn3wR/AOEZR78A2RgQF/EB1FRRGf0QVDnSpIbp5Mmbd1pm07z+cBpzrn35n7PuSEn98fpvQGMrRci4o2ImIiIlyOimE9P87TYLux3l7t/753ldkoiy976axJJPq23rnZ5MiKud98SUxHxtS9HfDM5HLe5u7exVKtVt/NypVXfqjR3926u15fWqmvVzfn5udcWXl94dWE2yz1WO0u9zE++9Pn3Pv2t3y3++ca329X63EeiEH3tOE3dphc626KnvY22zyLYCEzk7SmMuiIAAJxIex//gxHxic7+fzEmOntzfSZGUTMAAADgtGRfmI5/JxEZAAAAcGmlETEdSVrOxwJMR5peyc8NfDiupbVGs/Wp1cbO5kp7XkQpCunqeq06m48VLkUhaZfn8jG2vfIrfeX5iHgmIr5fvNopl5cbtZURn/sAAACAcXG97/j/H8W0kz/egP8TAAAAAC6u0tACAAAAcFk45AcAAIDLr//4/70R1QMAAAA4E1958812ynrPv155e3dno/H2zZVqc6Nc31kuLze2t8prjcZa55599ePWV2s0tj4Tmzu3Kq1qs1Vp7u4t1hs7m63F9UcegQ0AAACco2c+fvvXSUTsf/ZqJ0V+H0CAR/xh1BUATtPEqCsAjIy7eMP4Koy6AsDIJcfMN3gHAACefDMfPXz9v/f8f+cG4HIz1gcAxo/r/zC+CkYAwlhLI+ID3exTw5YZev3/lyeNkmURd4oHpzi/CAAA52u6k5K0nB8HTEealssRT0ekpSgkq+u16mx+fPCrYuGpdnmu887k2DHDAAAAAAAAAAAAAAAAAAAAAAAAAEBXliWRAQAAAJdaRPqnpHM3/4iZ4kvT/ecHriT/LMYf88KP3vrBraVWa3uuPf1vnWd5XYmI1g/z6a8MfXwYAAAAcNqS/aGzusfp+evcudYKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDFw/947y710nnH/8sWIKA2KPxlTndepKETEtb8nMXngfUlETJxC/P13I+LZQfGTeJBlWSmvxaD4V884fqmzaQbHTyPi+inEh3F2u93/vDHo+5fGC53Xwd+/yTw9ruH9X5pHfrbTzw3qf54+tLb6wBjP3f1ZZWj8dyOemxzc//T632RI/BcPre1fWZYdjvGNr+/tDYuf/ThiZuDvT/JIrEqrvlVp7u7dXK8vrVXXqpvz83OvLby+8OrCbGV1vVbN/w6M8b2P/fzBUe2/NiD+b3/T7X+Pav9Lw1ba5z93b937UDdbGBT/xosDf3+nYkj8NP/t+2Seb8+f6eX3u/mDnv/pneePav/KkO1/3Od/44Ttf/mr3/39CRcFAM5Bc3dvY6lWq24fkZk6wTJPYuYXUxeiGv9nJvtO95O7KPV5v5n23urDKb1WXYCKHchk5xZrIi5Ik/+XGWm3BAAAnIGHO/2jrgkAAAAAAAAAAAAAAAAAAACMr/O4nVh/zP3RNBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Ej/DQAA///M/t/r")
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000031800000000000000000000850000000e00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

1.248222166s ago: executing program 3 (id=1625):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000050000f58b04"])

1.122018126s ago: executing program 3 (id=1627):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0xfffffffffffffe8b, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
mkdir(0x0, 0x0)
link(0x0, 0x0)

1.121866726s ago: executing program 49 (id=1627):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0xfffffffffffffe8b, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
mkdir(0x0, 0x0)
link(0x0, 0x0)

660.564488ms ago: executing program 2 (id=1628):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xa00008, &(0x7f0000000100), 0x1, 0x7ad, &(0x7f00000007c0)="$eJzs3c9rG1ceAPDvyD/jZNdeWNjNngwLu4YQeZ31JruwsFn2sBQaCLTnJEZWTGrZCpYcYmNIQin00kNLD4XmknPTprdc++PaXvo39FAS0tYJTemhuIw0SmRbcpzEklL8+cBY782M9N533sybZ82gCWDfGk//5CIORwykydFsfhLZjOiPOFlf7+H6WiGdktjYeOW7pLbOg/W1QjS9J3Uwy/wxIj57I+JIbnu5lZXV+ZlSqbiU5SerCxcnKyurRy8szMwV54qLx6emp4+d+MeJ43sX6w9frh66+/b///rRyZ9e/8Ottz5P4mQcypY1x7FXxmM82yYD6Sbc5H97XViPJb2uAM8kPTT76kd5HI7R6NuhJf/T1ZoBAJ1yJSI2AIB9JnH+B4B9pvE9wIP1tUJjivr1nKs9/WKiS+79NyKG6/E3rm/Wl/TXr9l9NVy7DjryIKldI2lIImJsD8ofj4jrt8/cTKfo0HVIgFauXouIc2PjW/v/tIfbes/C0/rbLtYZ35LX/0H3fJKOf/65ffwXkcuO/+Ha363jn6EWx+6zePLxn7uzKTuwB4U2Scd//266t+1hU/yZsb4s95vamG8gOX+hVEz7tt9GxEQMDKX5qR3KmLj/8/12y5rHf9+/89oHafnp6+M1cnf6hza/Z3amOvM8MTe7dy3iT/2t4k8etX/SZvx7epdlvPSvN99vtyyNP423MW2Pv7M2bkT8pWX7P74PKtnx/sTJ2u4w2dgpWvj46/dG2pXf3P7Xb6clrRUa/wt0Q9r+IzvHP5Y0369Zefoyvrgx+mm7ZZvjP3MzLX9z/K33/8Hk1Vp6MJt3eaZaXZqKGExe3j7/2OP3NvKN9dP4J/7c+vjfaf9Pu6FzWXrjCTc/9t/99sNnj7+z0vhn0/ZPsiCe2P5Pn7j1cL6vXfm7a//pWmoim7O9/+vf9rm7reBzbTwAAAAAAAAAAAAAAAAAAAAAAAAA2KVcRByKJJd/lM7l8vn6M7x/HyO5UrlSPXK+vLw4G7VnZY/FQK7xU5ejTb+HOpX9Hn4jf2xL/u8R8buIeHfoQC2fL5RLs70OHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyB9s8/z/1zVCvawcAdMxwrysAAHSd8z8A7D9tzv+DrWcf6GhdAIDuqJ3/k/5eVwMA6CLf/wPA/uP8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQIedPnUqnTZ+XF8rpPnZSyvL8+VLR2eLlfn8wnIhXygvXczPlctzpWK+UF5o+0FX6y+lcvnidCwuX56sFivVycrK6tmF8vJi9eyFhZm54tniQNciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDdq6yszs+USsUliZ0TV16IalzLmq3XW0PihUgMRUSnimjuJQ70pnMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+BX4JQAA//9qsh/Y")
openat(0xffffffffffffff9c, 0x0, 0x143042, 0x0)
shutdown(0xffffffffffffffff, 0x1)
io_setup(0x1, &(0x7f00000004c0)=<r0=>0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
io_submit(r0, 0x1, &(0x7f0000000200)=[&(0x7f0000000280)={0xffffff7f00000000, 0x0, 0x0, 0x1, 0xfffd, r1, &(0x7f00000000c0)='k', 0x1, 0x400a00}])

383.496439ms ago: executing program 2 (id=1638):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
capset(&(0x7f0000000100)={0x20071026}, 0x0)
bind$bt_hci(r1, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r1, &(0x7f0000000100), 0x6)

382.972879ms ago: executing program 6 (id=1648):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000006000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
utime(&(0x7f0000000200)='./file0\x00', 0x0)

321.238499ms ago: executing program 4 (id=1639):
r0 = socket$inet6(0xa, 0x3, 0x88)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, 0x0, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000600)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff430486dd601b8b97004d88c19e9ace00000000000000002100000002ff020000000000000000000000000001"], 0x0)
ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000400))

319.723629ms ago: executing program 6 (id=1640):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0100000004000000007f000021"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000a496000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
r3 = dup(r2)
sendmsg$netlink(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{0x0}, {0x0, 0xffffff83}], 0x2}, 0x0)

306.324689ms ago: executing program 4 (id=1641):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000ffff00208500000070000000850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000300)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000040)='virtio_transport_alloc_pkt\x00', r0}, 0x10)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r1, 0x28, 0x1, &(0x7f0000000100)=0xfffffffffffffffe, 0x112)

296.934439ms ago: executing program 6 (id=1642):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000f3ff0000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$tipc(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="fb6bba8839fe8bc048c0cdafd1428437b3c8026bdfeb6db4ee9bcb25b1811d40a203bf40b3a7da5a8a64db04ed6dd26eea2a37229c339b1f91201c2796", 0x3d}], 0x1}, 0x0)
recvmsg(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x40fd)
close(r1)

260.371479ms ago: executing program 6 (id=1643):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000000)=@framed={{}, [@printk={@s, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}, @call={0x85, 0x0, 0x0, 0x8}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000000)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
getrandom(0x0, 0x0, 0x0)

241.535219ms ago: executing program 2 (id=1644):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = socket$inet6(0xa, 0x80002, 0x0)
sendmmsg$inet(r2, &(0x7f00000003c0)=[{{&(0x7f0000000180)={0x2, 0x4e24}, 0x10, 0x0, 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000007"], 0x18}}], 0x1, 0x8000)

241.069569ms ago: executing program 4 (id=1645):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000600000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1f, 0xffff}, 0x6)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r1, &(0x7f0000000100), 0x6)

222.915339ms ago: executing program 6 (id=1646):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000000180)=[{0x6, 0x8, 0x0, 0xf77}]}, 0x10)
close(r1)

221.5975ms ago: executing program 4 (id=1647):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x5, 0x1, 0x9, 0xae, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0xd, 0x2, 0x4, 0x4002, 0x85, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

180.81649ms ago: executing program 2 (id=1649):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000100060000000077f2ab26850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x45)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='kfree\x00', r0}, 0x10)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r1, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f00000000c0)=""/43, 0x2b}}, 0x120)
write$UHID_DESTROY(r1, &(0x7f0000000080), 0x4)

176.83024ms ago: executing program 6 (id=1650):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./bus\x00', 0x400e, &(0x7f0000000180)={[{@data_journal}, {@jqfmt_vfsv0}, {@errors_continue}, {@nodelalloc}, {@init_itable_val={'init_itable', 0x3d, 0x4}}, {@acl}]}, 0x1, 0x42f, &(0x7f0000000280)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_misc(r0, &(0x7f00000001c0), 0xed)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r1, 0x29, 0x8, 0x0, &(0x7f0000000000))

171.038879ms ago: executing program 4 (id=1651):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000007f1600850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sigaltstack(0x0, 0x0)

0s ago: executing program 4 (id=1652):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r1 = dup(r0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001dc0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000005c0)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$netlink(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{0x0, 0x1b8}], 0x1}, 0x0)

kernel console output (not intermixed with test programs):

 T424] konepure 0003:1E7D:2DB4.0028: parse failed
[   93.533245][  T424] konepure: probe of 0003:1E7D:2DB4.0028 failed with error -22
[   93.548275][  T572] usb 8-1: new full-speed USB device number 17 using dummy_hcd
[   93.568351][  T358] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[   93.731554][  T424] usb 3-1: USB disconnect, device number 8
[   93.811793][   T30] audit: type=1326 audit(1731372523.836:1688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3275 comm="syz.5.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3436484719 code=0x7ffc0000
[   93.835274][   T30] audit: type=1326 audit(1731372523.836:1689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3275 comm="syz.5.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3436484719 code=0x7ffc0000
[   93.858848][   T30] audit: type=1326 audit(1731372523.836:1690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3275 comm="syz.5.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f3436484719 code=0x7ffc0000
[   93.938330][  T358] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   93.949102][  T358] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 16
[   93.968331][  T572] usb 8-1: config 0 has an invalid interface number: 39 but max is 0
[   93.976321][  T572] usb 8-1: config 0 has no interface number 0
[   93.982174][  T572] usb 8-1: config 0 interface 39 altsetting 0 endpoint 0xB has invalid maxpacket 2047, setting to 64
[   94.089859][ T3285] bridge0: port 3(syz_tun) entered blocking state
[   94.096385][ T3285] bridge0: port 3(syz_tun) entered disabled state
[   94.103225][ T3285] device syz_tun entered promiscuous mode
[   94.108965][ T3285] bridge0: port 3(syz_tun) entered blocking state
[   94.115196][ T3285] bridge0: port 3(syz_tun) entered forwarding state
[   94.118457][  T358] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   94.130682][  T358] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   94.138533][  T358] usb 4-1: Product: syz
[   94.142547][  T358] usb 4-1: Manufacturer: syz
[   94.146930][  T358] usb 4-1: SerialNumber: syz
[   94.158327][  T572] usb 8-1: New USB device found, idVendor=0499, idProduct=4d3f, bcdDevice=d2.2a
[   94.170709][  T572] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   94.179533][  T572] usb 8-1: Product: syz
[   94.183590][  T572] usb 8-1: Manufacturer: syz
[   94.187984][  T572] usb 8-1: SerialNumber: syz
[   94.202830][  T572] usb 8-1: config 0 descriptor??
[   94.229491][ T3271] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[   94.317683][ T3301] loop2: detected capacity change from 0 to 512
[   94.399544][ T3274] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[   94.408897][ T3301] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #15: comm syz.2.1220: casefold flag without casefold feature
[   94.421797][ T3301] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.1220: couldn't read orphan inode 15 (err -117)
[   94.433876][ T3301] EXT4-fs (loop2): mounted filesystem without journal. Opts: resgid=0x0000000000000000,,errors=continue. Quota mode: writeback.
[   94.447140][  T424] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[   94.467137][ T3301] EXT4-fs error (device loop2): ext4_check_dx_root:2264: inode #2: comm syz.2.1220: Corrupt dir, invalid name_len for '.', running e2fsck is recommended
[   94.468160][ T3307] binder: 3306:3307 ioctl c0306201 200001c0 returned -22
[   94.542883][ T3319] loop2: detected capacity change from 0 to 256
[   94.570369][  T572] usb 8-1: USB disconnect, device number 17
[   94.581972][ T3319] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[   94.604035][ T3319] exFAT-fs (loop2): hint_cluster is invalid (17)
[   94.623126][ T3324] loop9: detected capacity change from 0 to 2048
[   94.659365][ T3324] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev ?, type ?) errno=-22
[   94.701279][ T3324] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   94.712253][ T3324] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev loop9, type ext4) errno=-22
[   94.818341][  T424] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   94.833426][  T424] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   94.843938][  T424] usb 6-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[   94.853209][  T424] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   94.866193][  T424] usb 6-1: config 0 descriptor??
[   94.910292][   T39] hid-generic 0000:0000:0000.0029: unknown main item tag 0x0
[   94.918116][   T39] hid-generic 0000:0000:0000.0029: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   94.945090][ T3344] loop9: detected capacity change from 0 to 256
[   94.960995][ T3344] exFAT-fs (loop9): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[   95.039964][ T3356] loop9: detected capacity change from 0 to 2048
[   95.061429][ T3274] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[   95.139629][ T3356] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   95.152962][ T3356] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   95.167833][ T3356] EXT4-fs (loop9): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[   95.180345][ T3356] EXT4-fs (loop9): This should not happen!! Data will be lost
[   95.180345][ T3356] 
[   95.190035][ T3356] EXT4-fs (loop9): Total free blocks count 0
[   95.195848][ T3356] EXT4-fs (loop9): Free/Dirty block details
[   95.201631][ T3356] EXT4-fs (loop9): free_blocks=2415919104
[   95.207139][ T3356] EXT4-fs (loop9): dirty_blocks=16
[   95.212139][ T3356] EXT4-fs (loop9): Block reservation details
[   95.217881][ T3356] EXT4-fs (loop9): i_reserved_data_blocks=1
[   95.259856][  T370] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[   95.298529][  T358] cdc_ncm 4-1:1.0: MAC-Address: 42:42:42:42:42:42
[   95.304862][  T358] cdc_ncm 4-1:1.0: setting rx_max = 16384
[   95.323830][ T3365] loop9: detected capacity change from 0 to 512
[   95.339663][  T424] hid-steam 0003:28DE:1142.002A: unknown main item tag 0x0
[   95.346856][  T424] hid-steam 0003:28DE:1142.002A: unknown main item tag 0x0
[   95.353839][  T424] hid-steam 0003:28DE:1142.002A: item fetching failed at offset 2/5
[   95.361745][  T424] hid-steam 0003:28DE:1142.002A: steam_probe:parse of hid interface failed
[   95.370176][  T424] hid-steam: probe of 0003:28DE:1142.002A failed with error -22
[   95.418702][ T3365] EXT4-fs (loop9): Ignoring removed orlov option
[   95.425284][ T3365] EXT4-fs (loop9): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   95.438668][ T3365] EXT4-fs error (device loop9): ext4_orphan_get:1397: inode #15: comm syz.9.1246: casefold flag without casefold feature
[   95.451319][ T3365] EXT4-fs (loop9): Remounting filesystem read-only
[   95.457661][ T3365] EXT4-fs error (device loop9): ext4_orphan_get:1402: comm syz.9.1246: couldn't read orphan inode 15 (err -117)
[   95.469612][ T3365] EXT4-fs (loop9): mounted filesystem without journal. Opts: orlov,nodelalloc,errors=remount-ro,grpquota,auto_da_alloc,dioread_nolock,quota,grpjquota=,inode_readahead_blks=0x0000000004000000,. Quota mode: writeback.
[   95.508317][  T358] cdc_ncm 4-1:1.0: setting tx_max = 88
[   95.515120][  T358] cdc_ncm 4-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.3-1, CDC NCM, 42:42:42:42:42:42
[   95.526810][  T358] usb 4-1: USB disconnect, device number 11
[   95.538356][  T370] usb 3-1: Using ep0 maxpacket: 16
[   95.547781][  T572] usb 6-1: USB disconnect, device number 17
[   95.560029][  T358] cdc_ncm 4-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.3-1, CDC NCM
[   95.669883][  T370] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   95.682577][  T370] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   95.698787][  T370] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   95.712433][  T370] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   95.722896][  T370] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.733444][  T370] usb 3-1: config 0 descriptor??
[   95.767995][ T3409] loop9: detected capacity change from 0 to 128
[   95.841213][ T3413] loop9: detected capacity change from 0 to 128
[   95.865534][ T3417] loop7: detected capacity change from 0 to 512
[   95.879295][ T3413] EXT4-fs (loop9): Ignoring removed nobh option
[   95.886289][ T3413] EXT4-fs (loop9): mounted filesystem without journal. Opts: nobh,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[   95.892790][ T3417] EXT4-fs error (device loop7): ext4_orphan_get:1397: inode #15: comm syz.7.1258: casefold flag without casefold feature
[   95.905440][ T3413] ext4 filesystem being mounted at /75/mnt supports timestamps until 2038 (0x7fffffff)
[   95.916131][ T3417] EXT4-fs error (device loop7): ext4_orphan_get:1402: comm syz.7.1258: couldn't read orphan inode 15 (err -117)
[   95.934729][ T3417] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   96.045498][ T3432] loop3: detected capacity change from 0 to 1024
[   96.079217][ T3432] EXT4-fs (loop3): Ignoring removed nobh option
[   96.101798][ T3432] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   96.121391][ T3432] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobh,noauto_da_alloc,jqfmt=vfsold,data_err=ignore,resuid=0x0000000000000000,dioread_nolock,usrjquota=,noload,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[   96.213884][  T370] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.002B/input/input19
[   96.304406][  T370] microsoft 0003:045E:07DA.002B: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[   96.331048][ T3455] loop7: detected capacity change from 0 to 40427
[   96.338308][  T572] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[   96.408298][ T1213] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[   96.417134][ T3455] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[   96.424841][ T3455] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[   96.428995][ T3455] F2FS-fs (loop7): Found nat_bits in checkpoint
[   96.439472][  T358] usb 3-1: USB disconnect, device number 9
[   96.461193][ T3455] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[   96.468120][ T3455] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[   96.501141][  T927] F2FS-fs (loop7): invalid namelen(0), ino:0, run fsck to fix.
[   96.501165][  T927] F2FS-fs (loop7): invalid namelen(0), ino:0, run fsck to fix.
[   96.508898][  T927] F2FS-fs (loop7): invalid namelen(0), ino:0, run fsck to fix.
[   96.516432][  T927] F2FS-fs (loop7): invalid namelen(0), ino:0, run fsck to fix.
[   96.523793][  T927] F2FS-fs (loop7): invalid namelen(0), ino:0, run fsck to fix.
[   96.531184][  T927] F2FS-fs (loop7): invalid namelen(0), ino:0, run fsck to fix.
[   96.538499][  T927] F2FS-fs (loop7): invalid namelen(0), ino:0, run fsck to fix.
[   96.598359][  T572] usb 6-1: Using ep0 maxpacket: 16
[   96.703157][ T3467] syz.7.1277[3467] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   96.703206][ T3467] syz.7.1277[3467] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   96.728355][  T572] usb 6-1: config index 0 descriptor too short (expected 6162, got 18)
[   96.778350][ T1213] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   96.788610][ T1213] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[   96.868461][ T1213] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   96.883584][ T1213] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   96.891629][ T1213] usb 4-1: SerialNumber: syz
[   96.908346][  T572] usb 6-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[   96.927466][  T572] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   96.937568][  T572] usb 6-1: Product: syz
[   96.945509][  T572] usb 6-1: Manufacturer: syz
[   96.959719][  T572] usb 6-1: SerialNumber: syz
[   96.989601][  T572] usb 6-1: config 0 descriptor??
[   97.029948][  T572] ftdi_sio 6-1:0.0: FTDI USB Serial Device converter detected
[   97.037646][  T572] usb 6-1: Detected FT232H
[   97.178886][ T1213] usb 4-1: 0:2 : does not exist
[   97.184182][ T1213] usb 4-1: USB disconnect, device number 12
[   97.248311][  T572] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[   97.258307][  T370] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[   97.348892][ T3487] loop9: detected capacity change from 0 to 40427
[   97.399035][ T3487] F2FS-fs (loop9): Invalid log_blocksize (268), supports only 12
[   97.406670][ T3487] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[   97.417615][ T3487] F2FS-fs (loop9): Found nat_bits in checkpoint
[   97.454541][ T3487] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[   97.461553][ T3487] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[   97.498240][  T370] usb 3-1: Using ep0 maxpacket: 16
[   97.508329][  T572] ftdi_sio 6-1:0.0: GPIO initialisation failed: -71
[   97.515292][  T572] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0
[   97.524958][  T572] usb 6-1: USB disconnect, device number 18
[   97.549749][  T572] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[   97.567651][ T2826] F2FS-fs (loop9): invalid namelen(0), ino:0, run fsck to fix.
[   97.567674][ T2826] F2FS-fs (loop9): invalid namelen(0), ino:0, run fsck to fix.
[   97.577270][  T572] ftdi_sio 6-1:0.0: device disconnected
[   97.590884][ T2826] F2FS-fs (loop9): invalid namelen(0), ino:0, run fsck to fix.
[   97.628736][  T370] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   97.682762][  T370] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   97.692650][  T370] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   97.709676][  T370] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[   97.720154][  T370] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.736212][  T370] usb 3-1: config 0 descriptor??
[   97.767160][ T3495] 9pnet: p9_errstr2errno: server reported unknown error �@í΂Í(ááí«QhQI¸¥
[   97.803733][ T3499] loop3: detected capacity change from 0 to 512
[   97.851592][ T3499] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   97.863157][ T3499] EXT4-fs (loop3): 1 truncate cleaned up
[   97.865841][ T3508] loop7: detected capacity change from 0 to 256
[   97.868717][ T3499] EXT4-fs (loop3): mounted filesystem without journal. Opts: nogrpid,resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,jqfmt=vfsv0,nombcache,quota,,errors=continue. Quota mode: writeback.
[   97.887698][ T2808] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /49/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   97.916468][ T2808] EXT4-fs error (device loop3): ext4_empty_dir:3175: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   97.939136][ T2808] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /49/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   97.965750][ T2808] EXT4-fs error (device loop3): ext4_empty_dir:3175: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   97.972075][ T3508] exFAT-fs (loop7): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[   97.987618][ T2808] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /49/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   98.027616][ T2808] EXT4-fs error (device loop3): ext4_empty_dir:3175: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   98.034366][ T3508] exFAT-fs (loop7): hint_cluster is invalid (17)
[   98.047511][ T2808] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /49/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   98.085857][ T2808] EXT4-fs error (device loop3): ext4_empty_dir:3175: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   98.105713][ T2808] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /49/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   98.127801][ T2808] EXT4-fs error (device loop3): ext4_empty_dir:3175: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   98.219008][   T30] kauditd_printk_skb: 30 callbacks suppressed
[   98.219021][   T30] audit: type=1326 audit(1731372528.246:1721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3525 comm="syz.7.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f160fe83719 code=0x7ffc0000
[   98.249157][  T370] koneplus 0003:1E7D:2E22.002C: item fetching failed at offset 0/2
[   98.257342][  T370] koneplus 0003:1E7D:2E22.002C: parse failed
[   98.263408][  T370] koneplus: probe of 0003:1E7D:2E22.002C failed with error -22
[   98.291791][   T30] audit: type=1326 audit(1731372528.246:1722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3525 comm="syz.7.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7f160fe83719 code=0x7ffc0000
[   98.315190][   T30] audit: type=1326 audit(1731372528.246:1723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3525 comm="syz.7.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f160fe83719 code=0x7ffc0000
[   98.375580][ T3530] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.382564][ T3530] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.389989][ T3530] device bridge_slave_0 entered promiscuous mode
[   98.396790][ T3530] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.403723][ T3530] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.411074][ T3530] device bridge_slave_1 entered promiscuous mode
[   98.455227][  T358] usb 3-1: USB disconnect, device number 10
[   98.490006][ T3530] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.496908][ T3530] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.504043][ T3530] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.510898][ T3530] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.532536][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   98.539997][  T420] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.547133][  T420] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.556598][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   98.564867][  T420] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.571734][  T420] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.582200][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   98.590267][  T420] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.597107][  T420] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.610538][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   98.620137][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   98.636505][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   98.647743][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   98.655824][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   98.663328][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   98.671810][ T3530] device veth0_vlan entered promiscuous mode
[   98.684987][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   98.694144][ T3530] device veth1_macvtap entered promiscuous mode
[   98.703871][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   98.715905][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   98.731238][   T30] audit: type=1400 audit(1731372528.756:1724): avc:  denied  { mount } for  pid=3530 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   98.731378][    T8] device bridge_slave_1 left promiscuous mode
[   98.763330][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.780499][    T8] device bridge_slave_0 left promiscuous mode
[   98.786458][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.795149][    T8] device veth1_macvtap left promiscuous mode
[   98.801107][    T8] device veth0_vlan left promiscuous mode
[   98.931395][ T3548] loop1: detected capacity change from 0 to 256
[   98.961549][ T3548] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[   98.989175][ T3548] exFAT-fs (loop1): hint_cluster is invalid (17)
[   99.045556][ T3554] loop1: detected capacity change from 0 to 256
[   99.111387][ T3554] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe90d73fa, utbl_chksum : 0xe619d30d)
[   99.123838][ T3554] exFAT-fs (loop1): error, invalid access to FAT (entry 0x00000005) bogus content (0xffff0005)
[   99.134652][ T3554] exFAT-fs (loop1): Filesystem has been set read-only
[   99.142098][ T3554] exFAT-fs (loop1): failed to initialize root inode
[   99.258450][  T572] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[   99.299076][   T30] audit: type=1326 audit(1731372529.326:1725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3558 comm="syz.9.1314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feab250e719 code=0x7ffc0000
[   99.326516][   T30] audit: type=1326 audit(1731372529.326:1726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3558 comm="syz.9.1314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feab250e719 code=0x7ffc0000
[   99.356657][   T30] audit: type=1326 audit(1731372529.326:1727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3558 comm="syz.9.1314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7feab250e719 code=0x7ffc0000
[   99.390337][   T30] audit: type=1326 audit(1731372529.326:1728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3558 comm="syz.9.1314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feab250e719 code=0x7ffc0000
[   99.414291][   T30] audit: type=1326 audit(1731372529.326:1729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3558 comm="syz.9.1314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feab250e719 code=0x7ffc0000
[   99.438928][   T30] audit: type=1400 audit(1731372529.376:1730): avc:  denied  { nlmsg_write } for  pid=3560 comm="syz.9.1315" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  101.092467][ T3574] loop1: detected capacity change from 0 to 128
[  101.108358][  T572] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  101.119444][  T572] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  101.129213][  T572] usb 3-1: New USB device found, idVendor=056a, idProduct=00d0, bcdDevice= 0.00
[  101.138888][  T572] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  101.150310][  T572] usb 3-1: config 0 descriptor??
[  101.175826][ T3574] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  101.186340][ T3574] ext4 filesystem being mounted at /8/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  101.233639][ T3574] EXT4-fs error (device loop1): dx_make_map:1328: inode #2: block 20: comm syz.1.1320: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1
[  101.254516][ T3574] EXT4-fs error (device loop1) in do_split:2093: Corrupt filesystem
[  101.416209][ T3604] SELinux: security_context_str_to_sid(Eá…) failed for (dev ?, type ?) errno=-22
[  101.425594][ T3604] SELinux: security_context_str_to_sid(Eá…) failed for (dev proc, type proc) errno=-22
[  101.532905][ T3626] loop1: detected capacity change from 0 to 512
[  101.561606][ T3632] netlink: 'syz.9.1342': attribute type 1 has an invalid length.
[  101.640102][  T572] wacom 0003:056A:00D0.002D: Unknown device_type for 'HID 056a:00d0'. Assuming pen.
[  101.664911][  T572] wacom 0003:056A:00D0.002D: hidraw0: USB HID v0.00 Device [HID 056a:00d0] on usb-dummy_hcd.2-1/input0
[  101.685374][  T572] input: Wacom Bamboo 2FG Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:056A:00D0.002D/input/input20
[  101.843358][  T572] usb 3-1: USB disconnect, device number 11
[  102.385939][ T3661] loop7: detected capacity change from 0 to 512
[  102.432059][ T3661] EXT4-fs (loop7): Ignoring removed oldalloc option
[  102.447938][ T3661] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  102.459770][ T3661] EXT4-fs (loop7): 1 truncate cleaned up
[  102.469679][ T3661] EXT4-fs (loop7): mounted filesystem without journal. Opts: quota,oldalloc,barrier=0x0000000000000003,debug_want_extra_isize=0x0000000000000080,block_validity,jqfmt=vfsv1,,errors=continue. Quota mode: writeback.
[  102.828291][ T1213] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[  103.078299][ T1213] usb 8-1: Using ep0 maxpacket: 32
[  103.198373][ T1213] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  103.209704][ T1213] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  103.222420][ T1213] usb 8-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  103.231741][   T30] kauditd_printk_skb: 95 callbacks suppressed
[  103.231756][   T30] audit: type=1400 audit(1731372533.246:1826): avc:  denied  { read } for  pid=3705 comm="syz.1.1374" name="ptp0" dev="devtmpfs" ino=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  103.261967][ T1213] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.264588][ T3710] loop9: detected capacity change from 0 to 512
[  103.270459][ T1213] usb 8-1: config 0 descriptor??
[  103.285802][   T30] audit: type=1400 audit(1731372533.246:1827): avc:  denied  { open } for  pid=3705 comm="syz.1.1374" path="/dev/ptp0" dev="devtmpfs" ino=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  103.309277][   T30] audit: type=1400 audit(1731372533.256:1828): avc:  denied  { ioctl } for  pid=3705 comm="syz.1.1374" path="/dev/ptp0" dev="devtmpfs" ino=256 ioctlcmd=0x3d07 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  103.335225][ T3712] syz.2.1377[3712] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  103.335295][ T3712] syz.2.1377[3712] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  103.346487][ T3679] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  103.346704][   T30] audit: type=1400 audit(1731372533.366:1829): avc:  denied  { integrity } for  pid=3711 comm="syz.2.1377" lockdown_reason="use of bpf to write user RAM" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1
[  103.388876][ T1213] hub 8-1:0.0: USB hub found
[  103.399680][   T30] audit: type=1400 audit(1731372533.426:1830): avc:  denied  { connect } for  pid=3714 comm="syz.1.1378" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  103.440338][ T3710] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  103.452691][ T3710] ext4 filesystem being mounted at /106/file0 supports timestamps until 2038 (0x7fffffff)
[  103.470536][   T30] audit: type=1400 audit(1731372533.496:1831): avc:  denied  { write } for  pid=3707 comm="syz.9.1375" name="/" dev="loop9" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  103.492456][   T30] audit: type=1400 audit(1731372533.496:1832): avc:  denied  { add_name } for  pid=3707 comm="syz.9.1375" name="hugetlb.2MB.usage_in_bytes" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  103.515137][   T30] audit: type=1400 audit(1731372533.496:1833): avc:  denied  { create } for  pid=3707 comm="syz.9.1375" name="hugetlb.2MB.usage_in_bytes" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  103.537334][   T30] audit: type=1400 audit(1731372533.496:1834): avc:  denied  { read append open } for  pid=3707 comm="syz.9.1375" path="/106/file0/hugetlb.2MB.usage_in_bytes" dev="loop9" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  103.563595][   T30] audit: type=1400 audit(1731372533.516:1835): avc:  denied  { map } for  pid=3707 comm="syz.9.1375" path="/106/file0/hugetlb.2MB.usage_in_bytes" dev="loop9" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  103.658987][ T1213] hub 8-1:0.0: 1 port detected
[  103.878391][ T1213] hub 8-1:0.0: hub_hub_status failed (err = -71)
[  103.884741][ T1213] hub 8-1:0.0: config failed, can't get hub status (err -71)
[  103.988348][ T1213] usbhid 8-1:0.0: can't add hid device: -71
[  103.994360][ T1213] usbhid: probe of 8-1:0.0 failed with error -71
[  104.038820][ T1213] usb 8-1: USB disconnect, device number 18
[  104.622635][ T3747] loop2: detected capacity change from 0 to 40427
[  104.635596][ T3747] F2FS-fs (loop2): fault_injection options not supported
[  104.657080][ T3747] F2FS-fs (loop2): invalid crc value
[  104.663746][ T3747] F2FS-fs (loop2): Found nat_bits in checkpoint
[  104.701051][ T3747] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  104.732312][ T2562] F2FS-fs (loop2): access invalid blkaddr:2816
[  104.738634][ T2562] CPU: 1 PID: 2562 Comm: syz-executor Not tainted 5.15.167-syzkaller-00002-g3bfe08931bff #0
[  104.748604][ T2562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  104.758499][ T2562] Call Trace:
[  104.761621][ T2562]  <TASK>
[  104.764398][ T2562]  dump_stack_lvl+0x151/0x1c0
[  104.768913][ T2562]  ? io_uring_drop_tctx_refs+0x190/0x190
[  104.774379][ T2562]  ? arch_stack_walk+0xf3/0x140
[  104.779067][ T2562]  dump_stack+0x15/0x20
[  104.783059][ T2562]  f2fs_is_valid_blkaddr+0xcc3/0x12d0
[  104.788266][ T2562]  f2fs_map_blocks+0x1622/0x3ab0
[  104.793038][ T2562]  ? __stack_depot_save+0x34/0x470
[  104.797995][ T2562]  ? f2fs_do_map_lock+0x70/0x70
[  104.798378][ T1213] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  104.802673][ T2562]  ? debug_smp_processor_id+0x17/0x20
[  104.802697][ T2562]  ? try_charge_memcg+0x213/0x1550
[  104.802714][ T2562]  f2fs_mpage_readpages+0xc9a/0x21a0
[  104.802735][ T2562]  ? dquot_release_reservation_block+0xa0/0xa0
[  104.802748][ T2562]  ? workingset_activation+0x3f0/0x3f0
[  104.802769][ T2562]  f2fs_readahead+0xfd/0x250
[  104.802783][ T2562]  ? blk_start_plug+0x5a/0x170
[  104.845555][ T2562]  read_pages+0x15e/0xb00
[  104.849718][ T2562]  ? lru_cache_add+0x279/0x540
[  104.854315][ T2562]  ? page_cache_ra_unbounded+0xa50/0xa50
[  104.859780][ T2562]  ? add_to_page_cache_lru+0x225/0x2c0
[  104.865075][ T2562]  ? add_to_page_cache_locked+0x40/0x40
[  104.870457][ T2562]  ? __stack_depot_save+0x34/0x470
[  104.875406][ T2562]  page_cache_ra_unbounded+0x7ed/0xa50
[  104.880701][ T2562]  ? read_cache_pages_invalidate_pages+0x1c0/0x1c0
[  104.887035][ T2562]  ? _raw_spin_unlock+0x4d/0x70
[  104.891723][ T2562]  ? wp_page_reuse+0xff/0x120
[  104.896237][ T2562]  ondemand_readahead+0x9c8/0xfa0
[  104.901098][ T2562]  ? page_cache_sync_ra+0x4d0/0x4d0
[  104.906238][ T2562]  ? debug_smp_processor_id+0x17/0x20
[  104.911448][ T2562]  ? kasan_quarantine_put+0x34/0x1a0
[  104.916563][ T2562]  ? selinux_inode_getattr+0x11f/0x3f0
[  104.921857][ T2562]  ? fault_around_bytes_set+0xc0/0xc0
[  104.927066][ T2562]  page_cache_sync_ra+0x2e9/0x4d0
[  104.931930][ T2562]  ? force_page_cache_ra+0x420/0x420
[  104.937189][ T2562]  ? do_handle_mm_fault+0x1807/0x2400
[  104.942398][ T2562]  f2fs_readdir+0x52d/0xba0
[  104.946736][ T2562]  ? f2fs_fill_dentries+0xd60/0xd60
[  104.951771][ T2562]  ? avc_policy_seqno+0x1b/0x70
[  104.956453][ T2562]  ? __kasan_check_read+0x11/0x20
[  104.961316][ T2562]  ? security_file_permission+0x86/0xb0
[  104.966700][ T2562]  iterate_dir+0x265/0x600
[  104.970953][ T2562]  ? f2fs_fill_dentries+0xd60/0xd60
[  104.975987][ T2562]  __se_sys_getdents64+0x1c1/0x460
[  104.980936][ T2562]  ? __x64_sys_getdents64+0x90/0x90
[  104.985965][ T2562]  ? filldir+0x680/0x680
[  104.990223][ T2562]  __x64_sys_getdents64+0x7b/0x90
[  104.995079][ T2562]  x64_sys_call+0x5ae/0x9a0
[  104.999415][ T2562]  do_syscall_64+0x3b/0xb0
[  105.003671][ T2562]  ? clear_bhb_loop+0x35/0x90
[  105.008181][ T2562]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  105.013911][ T2562] RIP: 0033:0x7fad790a88b3
[  105.018163][ T2562] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 62 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  105.037609][ T2562] RSP: 002b:00007ffd19f336f8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  105.045855][ T2562] RAX: ffffffffffffffda RBX: 00005555756c04e0 RCX: 00007fad790a88b3
[  105.053662][ T2562] RDX: 0000000000008000 RSI: 00005555756c04e0 RDI: 0000000000000005
[  105.061471][ T2562] RBP: 00005555756c04b4 R08: 0000000000000000 R09: 0000000000000000
[  105.069285][ T2562] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  105.077097][ T2562] R13: 0000000000000010 R14: 00005555756c04b0 R15: 00007ffd19f359a0
[  105.084908][ T2562]  </TASK>
[  105.114779][ T2562] F2FS-fs (loop2): access invalid blkaddr:2816
[  105.120798][ T2562] CPU: 1 PID: 2562 Comm: syz-executor Not tainted 5.15.167-syzkaller-00002-g3bfe08931bff #0
[  105.130653][ T2562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  105.140546][ T2562] Call Trace:
[  105.143669][ T2562]  <TASK>
[  105.146448][ T2562]  dump_stack_lvl+0x151/0x1c0
[  105.150962][ T2562]  ? io_uring_drop_tctx_refs+0x190/0x190
[  105.156430][ T2562]  dump_stack+0x15/0x20
[  105.160438][ T2562]  f2fs_is_valid_blkaddr+0xcc3/0x12d0
[  105.165631][ T2562]  f2fs_map_blocks+0x1622/0x3ab0
[  105.170401][ T2562]  ? __stack_depot_save+0x34/0x470
[  105.175359][ T2562]  ? f2fs_do_map_lock+0x70/0x70
[  105.180039][ T2562]  f2fs_mpage_readpages+0xc9a/0x21a0
[  105.185161][ T2562]  ? dquot_release_reservation_block+0xa0/0xa0
[  105.191144][ T2562]  ? workingset_activation+0x3f0/0x3f0
[  105.196445][ T2562]  f2fs_readahead+0xfd/0x250
[  105.200866][ T2562]  ? blk_start_plug+0x5a/0x170
[  105.205468][ T2562]  read_pages+0x15e/0xb00
[  105.209631][ T2562]  ? lru_cache_add+0x279/0x540
[  105.214234][ T2562]  ? page_cache_ra_unbounded+0xa50/0xa50
[  105.219702][ T2562]  ? add_to_page_cache_lru+0x225/0x2c0
[  105.224994][ T2562]  ? add_to_page_cache_locked+0x40/0x40
[  105.230376][ T2562]  ? __stack_depot_save+0x34/0x470
[  105.235322][ T2562]  page_cache_ra_unbounded+0x7ed/0xa50
[  105.240620][ T2562]  ? read_cache_pages_invalidate_pages+0x1c0/0x1c0
[  105.246953][ T2562]  ? _raw_spin_unlock+0x4d/0x70
[  105.251640][ T2562]  ? wp_page_reuse+0xff/0x120
[  105.256156][ T2562]  ondemand_readahead+0x9c8/0xfa0
[  105.261013][ T2562]  ? page_cache_sync_ra+0x4d0/0x4d0
[  105.266044][ T2562]  ? debug_smp_processor_id+0x17/0x20
[  105.271260][ T2562]  ? kasan_quarantine_put+0x34/0x1a0
[  105.276379][ T2562]  ? selinux_inode_getattr+0x11f/0x3f0
[  105.281671][ T2562]  ? fault_around_bytes_set+0xc0/0xc0
[  105.286879][ T2562]  page_cache_sync_ra+0x2e9/0x4d0
[  105.291739][ T2562]  ? force_page_cache_ra+0x420/0x420
[  105.296858][ T2562]  ? do_handle_mm_fault+0x1807/0x2400
[  105.302071][ T2562]  f2fs_readdir+0x52d/0xba0
[  105.306407][ T2562]  ? f2fs_fill_dentries+0xd60/0xd60
[  105.311439][ T2562]  ? avc_policy_seqno+0x1b/0x70
[  105.316128][ T2562]  ? __kasan_check_read+0x11/0x20
[  105.320993][ T2562]  ? security_file_permission+0x86/0xb0
[  105.326372][ T2562]  iterate_dir+0x265/0x600
[  105.330621][ T2562]  ? f2fs_fill_dentries+0xd60/0xd60
[  105.335653][ T2562]  __se_sys_getdents64+0x1c1/0x460
[  105.340774][ T2562]  ? __x64_sys_getdents64+0x90/0x90
[  105.345805][ T2562]  ? filldir+0x680/0x680
[  105.349891][ T2562]  __x64_sys_getdents64+0x7b/0x90
[  105.354749][ T2562]  x64_sys_call+0x5ae/0x9a0
[  105.359085][ T2562]  do_syscall_64+0x3b/0xb0
[  105.363339][ T2562]  ? clear_bhb_loop+0x35/0x90
[  105.367851][ T2562]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  105.373583][ T2562] RIP: 0033:0x7fad790a88b3
[  105.377836][ T2562] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 62 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  105.397284][ T2562] RSP: 002b:00007ffd19f336f8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  105.405518][ T2562] RAX: ffffffffffffffda RBX: 00005555756c04e0 RCX: 00007fad790a88b3
[  105.413334][ T2562] RDX: 0000000000008000 RSI: 00005555756c04e0 RDI: 0000000000000005
[  105.421234][ T2562] RBP: 00005555756c04b4 R08: 0000000000000000 R09: 0000000000000000
[  105.429039][ T2562] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  105.436850][ T2562] R13: 0000000000000010 R14: 00005555756c04b0 R15: 00007ffd19f359a0
[  105.444669][ T2562]  </TASK>
[  105.468415][ T2562] attempt to access beyond end of device
[  105.468415][ T2562] loop2: rw=0, want=45072, limit=40427
[  105.500481][  T310] attempt to access beyond end of device
[  105.500481][  T310] loop2: rw=2049, want=40992, limit=40427
[  105.608432][ T1213] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  105.640065][ T1213] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 16
[  105.730650][ T3776] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.737505][ T3776] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.745705][ T3776] device bridge_slave_0 entered promiscuous mode
[  105.752043][   T39] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[  105.761415][ T3776] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.768644][ T3776] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.775969][ T3776] device bridge_slave_1 entered promiscuous mode
[  105.808338][ T1213] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  105.817280][ T1213] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.825066][ T1213] usb 2-1: Product: syz
[  105.829243][ T1213] usb 2-1: Manufacturer: syz
[  105.833669][ T1213] usb 2-1: SerialNumber: syz
[  105.866119][ T3776] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.873022][ T3776] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.880113][ T3776] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.886864][ T3776] bridge0: port 1(bridge_slave_0) entered forwarding state
[  105.913779][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  105.921423][  T420] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.930176][  T420] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.958657][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  105.966975][  T420] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.973861][  T420] bridge0: port 1(bridge_slave_0) entered forwarding state
[  105.982696][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  105.991001][  T420] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.997881][  T420] bridge0: port 2(bridge_slave_1) entered forwarding state
[  106.005740][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  106.013352][   T39] usb 8-1: Using ep0 maxpacket: 16
[  106.018646][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  106.040346][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  106.054205][ T3776] device veth0_vlan entered promiscuous mode
[  106.061211][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  106.070261][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  106.077653][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  106.089984][ T3755] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  106.094892][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  106.106383][ T3776] device veth1_macvtap entered promiscuous mode
[  106.117249][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  106.132552][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  106.143858][   T39] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  106.156326][   T39] usb 8-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  106.165495][   T39] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  106.180805][   T39] usb 8-1: config 0 descriptor??
[  106.501203][ T3790] loop4: detected capacity change from 0 to 512
[  106.530267][ T3790] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  106.543522][ T3790] ext4 filesystem being mounted at /3/file0 supports timestamps until 2038 (0x7fffffff)
[  106.599034][    T8] device bridge_slave_1 left promiscuous mode
[  106.607997][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.621087][    T8] device bridge_slave_0 left promiscuous mode
[  106.627094][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.628729][ T3774] UDC core: couldn't find an available UDC or it's busy: -16
[  106.641263][ T3774] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  106.648731][    T8] device veth1_macvtap left promiscuous mode
[  106.654551][    T8] device veth0_vlan left promiscuous mode
[  106.671262][   T39] hid (null): unknown global tag 0x83
[  106.681978][   T39] hid (null): unknown global tag 0xc
[  106.699125][   T39] hid-generic 0003:0158:0100.002E: unknown main item tag 0x1
[  106.706358][   T39] hid-generic 0003:0158:0100.002E: unexpected long global item
[  106.738617][   T39] hid-generic: probe of 0003:0158:0100.002E failed with error -22
[  106.753841][ T3755] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  106.876611][  T572] usb 8-1: USB disconnect, device number 19
[  106.948254][  T597] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  106.998345][ T1213] cdc_ncm 2-1:1.0: MAC-Address: 42:42:42:42:42:42
[  107.004679][ T1213] cdc_ncm 2-1:1.0: setting rx_max = 16384
[  107.208404][ T1213] cdc_ncm 2-1:1.0: setting tx_max = 88
[  107.216797][ T1213] cdc_ncm 2-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.1-1, CDC NCM, 42:42:42:42:42:42
[  107.239546][ T1213] usb 2-1: USB disconnect, device number 3
[  107.246379][ T1213] cdc_ncm 2-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.1-1, CDC NCM
[  107.309340][  T597] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  107.339124][  T597] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  107.357381][  T597] usb 5-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  107.376482][  T597] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.412551][  T597] usb 5-1: config 0 descriptor??
[  107.889599][  T597] hid-led 0003:1D34:000A.002F: unknown main item tag 0x0
[  108.058270][   T39] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  108.110827][  T597] hid-led 0003:1D34:000A.002F: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.4-1/input0
[  108.130106][  T597] hid-led 0003:1D34:000A.002F: Dream Cheeky Webmail Notifier initialized
[  108.259038][   T30] kauditd_printk_skb: 101 callbacks suppressed
[  108.259054][   T30] audit: type=1326 audit(1731372538.286:1937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3839 comm="syz.5.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3436484719 code=0x7ffc0000
[  108.308340][   T30] audit: type=1326 audit(1731372538.316:1938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3839 comm="syz.5.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7f3436484719 code=0x7ffc0000
[  108.332784][   T30] audit: type=1326 audit(1731372538.316:1939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3839 comm="syz.5.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3436484719 code=0x7ffc0000
[  108.359341][  T424] usb 5-1: USB disconnect, device number 8
[  108.388623][   T30] audit: type=1400 audit(1731372538.406:1940): avc:  denied  { create } for  pid=3843 comm="syz.5.1417" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  108.409525][   T30] audit: type=1400 audit(1731372538.406:1941): avc:  denied  { setopt } for  pid=3843 comm="syz.5.1417" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  108.448339][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  108.462751][   T30] audit: type=1400 audit(1731372538.416:1942): avc:  denied  { name_bind } for  pid=3845 comm="syz.7.1419" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  108.487776][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  108.497656][   T39] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  108.502840][ T3850] input: syz0 as /devices/virtual/input/input23
[  108.512996][   T30] audit: type=1400 audit(1731372538.416:1943): avc:  denied  { node_bind } for  pid=3845 comm="syz.7.1419" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  108.541631][   T39] usb 2-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[  108.551292][   T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  108.564291][   T39] usb 2-1: config 0 descriptor??
[  108.571829][   T30] audit: type=1400 audit(1731372538.486:1944): avc:  denied  { create } for  pid=3847 comm="syz.5.1420" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  108.592513][   T30] audit: type=1400 audit(1731372538.486:1945): avc:  denied  { bind } for  pid=3847 comm="syz.5.1420" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  108.614767][   T30] audit: type=1400 audit(1731372538.486:1946): avc:  denied  { create } for  pid=3847 comm="syz.5.1420" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  108.652802][ T3854] loop7: detected capacity change from 0 to 512
[  108.878247][  T424] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  108.943506][ T3866] xt_CT: You must specify a L4 protocol and not use inversions on it
[  108.953232][ T3868] netlink: 'syz.7.1429': attribute type 4 has an invalid length.
[  108.971534][ T3868] netlink: 3657 bytes leftover after parsing attributes in process `syz.7.1429'.
[  109.051917][ T3876] loop4: detected capacity change from 0 to 512
[  109.118924][  T424] usb 6-1: Using ep0 maxpacket: 16
[  109.128408][   T39] usbhid 2-1:0.0: can't add hid device: -71
[  109.134667][ T3876] EXT4-fs (loop4): Ignoring removed oldalloc option
[  109.141867][   T39] usbhid: probe of 2-1:0.0 failed with error -71
[  109.148166][ T3876] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  109.159503][   T39] usb 2-1: USB disconnect, device number 4
[  109.170340][ T3876] EXT4-fs (loop4): 1 truncate cleaned up
[  109.175807][ T3876] EXT4-fs (loop4): mounted filesystem without journal. Opts: quota,oldalloc,barrier=0x0000000000000003,debug_want_extra_isize=0x0000000000000080,block_validity,jqfmt=vfsv1,,errors=continue. Quota mode: writeback.
[  109.268337][  T424] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  109.281175][  T424] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  109.294966][  T424] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  109.308012][  T424] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  109.317411][  T424] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.331402][  T424] usb 6-1: config 0 descriptor??
[  109.378265][   T26] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[  109.499602][ T3896] loop4: detected capacity change from 0 to 40427
[  109.542131][ T3896] F2FS-fs (loop4): fault_injection options not supported
[  109.551239][ T3896] F2FS-fs (loop4): invalid crc value
[  109.569300][ T3896] F2FS-fs (loop4): Found nat_bits in checkpoint
[  109.628290][   T26] usb 8-1: Using ep0 maxpacket: 16
[  109.644949][ T3906] loop1: detected capacity change from 0 to 256
[  109.656699][ T3896] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  109.707712][ T3776] F2FS-fs (loop4): access invalid blkaddr:2816
[  109.714283][ T3776] CPU: 0 PID: 3776 Comm: syz-executor Not tainted 5.15.167-syzkaller-00002-g3bfe08931bff #0
[  109.724170][ T3776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  109.734063][ T3776] Call Trace:
[  109.737186][ T3776]  <TASK>
[  109.739966][ T3776]  dump_stack_lvl+0x151/0x1c0
[  109.744476][ T3776]  ? io_uring_drop_tctx_refs+0x190/0x190
[  109.749944][ T3776]  ? arch_stack_walk+0xf3/0x140
[  109.754633][ T3776]  dump_stack+0x15/0x20
[  109.758625][ T3776]  f2fs_is_valid_blkaddr+0xcc3/0x12d0
[  109.763832][ T3776]  f2fs_map_blocks+0x1622/0x3ab0
[  109.768605][ T3776]  ? __stack_depot_save+0x34/0x470
[  109.773559][ T3776]  ? f2fs_do_map_lock+0x70/0x70
[  109.778240][ T3776]  ? debug_smp_processor_id+0x17/0x20
[  109.783449][ T3776]  ? try_charge_memcg+0x213/0x1550
[  109.788395][ T3776]  f2fs_mpage_readpages+0xc9a/0x21a0
[  109.793521][ T3776]  ? dquot_release_reservation_block+0xa0/0xa0
[  109.799502][ T3776]  ? workingset_activation+0x3f0/0x3f0
[  109.804806][ T3776]  f2fs_readahead+0xfd/0x250
[  109.809225][ T3776]  ? blk_start_plug+0x5a/0x170
[  109.813999][ T3776]  read_pages+0x15e/0xb00
[  109.818169][ T3776]  ? lru_cache_add+0x279/0x540
[  109.822767][ T3776]  ? page_cache_ra_unbounded+0xa50/0xa50
[  109.823178][  T424] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:045E:07DA.0030/input/input24
[  109.828226][ T3776]  ? add_to_page_cache_lru+0x225/0x2c0
[  109.828250][ T3776]  ? add_to_page_cache_locked+0x40/0x40
[  109.828265][ T3776]  ? __stack_depot_save+0x34/0x470
[  109.828280][ T3776]  page_cache_ra_unbounded+0x7ed/0xa50
[  109.839557][   T26] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  109.844725][ T3776]  ? read_cache_pages_invalidate_pages+0x1c0/0x1c0
[  109.860475][   T26] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  109.871025][ T3776]  ? _raw_spin_unlock+0x4d/0x70
[  109.871055][ T3776]  ? wp_page_reuse+0xff/0x120
[  109.871071][ T3776]  ondemand_readahead+0x9c8/0xfa0
[  109.871091][ T3776]  ? page_cache_sync_ra+0x4d0/0x4d0
[  109.871104][ T3776]  ? debug_smp_processor_id+0x17/0x20
[  109.871119][ T3776]  ? kasan_quarantine_put+0x34/0x1a0
[  109.897712][   T26] usb 8-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  109.900965][ T3776]  ? selinux_inode_getattr+0x11f/0x3f0
[  109.900993][ T3776]  ? fault_around_bytes_set+0xc0/0xc0
[  109.901013][ T3776]  page_cache_sync_ra+0x2e9/0x4d0
[  109.906347][   T26] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.911204][ T3776]  ? force_page_cache_ra+0x420/0x420
[  109.911231][ T3776]  ? do_handle_mm_fault+0x1807/0x2400
[  109.911249][ T3776]  f2fs_readdir+0x52d/0xba0
[  109.927401][   T26] usb 8-1: config 0 descriptor??
[  109.930474][ T3776]  ? f2fs_fill_dentries+0xd60/0xd60
[  109.930501][ T3776]  ? avc_policy_seqno+0x1b/0x70
[  109.930519][ T3776]  ? __kasan_check_read+0x11/0x20
[  109.974804][  T424] microsoft 0003:045E:07DA.0030: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0
[  109.977512][ T3776]  ? security_file_permission+0x86/0xb0
[  109.999474][ T3776]  iterate_dir+0x265/0x600
[  110.003728][ T3776]  ? f2fs_fill_dentries+0xd60/0xd60
[  110.008761][ T3776]  __se_sys_getdents64+0x1c1/0x460
[  110.013705][ T3776]  ? __x64_sys_getdents64+0x90/0x90
[  110.018738][ T3776]  ? filldir+0x680/0x680
[  110.022818][ T3776]  __x64_sys_getdents64+0x7b/0x90
[  110.027682][ T3776]  x64_sys_call+0x5ae/0x9a0
[  110.032021][ T3776]  do_syscall_64+0x3b/0xb0
[  110.036272][ T3776]  ? clear_bhb_loop+0x35/0x90
[  110.040782][ T3776]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  110.046514][ T3776] RIP: 0033:0x7ff66331e8b3
[  110.050767][ T3776] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 62 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  110.070220][ T3776] RSP: 002b:00007ffc32bc9b48 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  110.078472][ T3776] RAX: ffffffffffffffda RBX: 000055555b1714e0 RCX: 00007ff66331e8b3
[  110.078493][ T3776] RDX: 0000000000008000 RSI: 000055555b1714e0 RDI: 0000000000000005
[  110.078507][ T3776] RBP: 000055555b1714b4 R08: 0000000000000000 R09: 0000000000000000
[  110.078519][ T3776] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  110.078532][ T3776] R13: 0000000000000010 R14: 000055555b1714b0 R15: 00007ffc32bcbdf0
[  110.078550][ T3776]  </TASK>
[  110.123492][  T370] usb 6-1: USB disconnect, device number 19
[  110.136495][ T3910] device veth2 entered promiscuous mode
[  110.143079][ T3776] F2FS-fs (loop4): access invalid blkaddr:2816
[  110.151519][ T3776] CPU: 0 PID: 3776 Comm: syz-executor Not tainted 5.15.167-syzkaller-00002-g3bfe08931bff #0
[  110.161406][ T3776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  110.171293][ T3776] Call Trace:
[  110.174417][ T3776]  <TASK>
[  110.177197][ T3776]  dump_stack_lvl+0x151/0x1c0
[  110.181709][ T3776]  ? io_uring_drop_tctx_refs+0x190/0x190
[  110.187183][ T3776]  ? __this_cpu_preempt_check+0x13/0x20
[  110.192557][ T3776]  dump_stack+0x15/0x20
[  110.196549][ T3776]  f2fs_is_valid_blkaddr+0xcc3/0x12d0
[  110.202254][ T3776]  f2fs_map_blocks+0x1622/0x3ab0
[  110.207040][ T3776]  ? f2fs_do_map_lock+0x70/0x70
[  110.211721][ T3776]  f2fs_mpage_readpages+0xc9a/0x21a0
[  110.216838][ T3776]  ? dquot_release_reservation_block+0xa0/0xa0
[  110.222828][ T3776]  ? workingset_activation+0x3f0/0x3f0
[  110.228121][ T3776]  f2fs_readahead+0xfd/0x250
[  110.232551][ T3776]  ? blk_start_plug+0x5a/0x170
[  110.237142][ T3776]  read_pages+0x15e/0xb00
[  110.241306][ T3776]  ? lru_cache_add+0x279/0x540
[  110.245905][ T3776]  ? page_cache_ra_unbounded+0xa50/0xa50
[  110.251380][ T3776]  ? add_to_page_cache_lru+0x225/0x2c0
[  110.256677][ T3776]  ? add_to_page_cache_locked+0x40/0x40
[  110.262049][ T3776]  ? __stack_depot_save+0x34/0x470
[  110.266996][ T3776]  page_cache_ra_unbounded+0x7ed/0xa50
[  110.272293][ T3776]  ? read_cache_pages_invalidate_pages+0x1c0/0x1c0
[  110.278627][ T3776]  ? _raw_spin_unlock+0x4d/0x70
[  110.283311][ T3776]  ? wp_page_reuse+0xff/0x120
[  110.287825][ T3776]  ondemand_readahead+0x9c8/0xfa0
[  110.292689][ T3776]  ? page_cache_sync_ra+0x4d0/0x4d0
[  110.297718][ T3776]  ? debug_smp_processor_id+0x17/0x20
[  110.302926][ T3776]  ? kasan_quarantine_put+0x34/0x1a0
[  110.308051][ T3776]  ? selinux_inode_getattr+0x11f/0x3f0
[  110.313343][ T3776]  ? fault_around_bytes_set+0xc0/0xc0
[  110.318549][ T3776]  page_cache_sync_ra+0x2e9/0x4d0
[  110.323408][ T3776]  ? force_page_cache_ra+0x420/0x420
[  110.328530][ T3776]  ? do_handle_mm_fault+0x1807/0x2400
[  110.333742][ T3776]  f2fs_readdir+0x52d/0xba0
[  110.338080][ T3776]  ? f2fs_fill_dentries+0xd60/0xd60
[  110.343113][ T3776]  ? avc_policy_seqno+0x1b/0x70
[  110.347889][ T3776]  ? __kasan_check_read+0x11/0x20
[  110.352746][ T3776]  ? security_file_permission+0x86/0xb0
[  110.358127][ T3776]  iterate_dir+0x265/0x600
[  110.362380][ T3776]  ? f2fs_fill_dentries+0xd60/0xd60
[  110.367502][ T3776]  __se_sys_getdents64+0x1c1/0x460
[  110.372883][ T3776]  ? __x64_sys_getdents64+0x90/0x90
[  110.377935][ T3776]  ? filldir+0x680/0x680
[  110.381998][ T3776]  __x64_sys_getdents64+0x7b/0x90
[  110.386855][ T3776]  x64_sys_call+0x5ae/0x9a0
[  110.391193][ T3776]  do_syscall_64+0x3b/0xb0
[  110.395445][ T3776]  ? clear_bhb_loop+0x35/0x90
[  110.399961][ T3776]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  110.405688][ T3776] RIP: 0033:0x7ff66331e8b3
[  110.409958][ T3776] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 62 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  110.429470][ T3776] RSP: 002b:00007ffc32bc9b48 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  110.437715][ T3776] RAX: ffffffffffffffda RBX: 000055555b1714e0 RCX: 00007ff66331e8b3
[  110.445526][ T3776] RDX: 0000000000008000 RSI: 000055555b1714e0 RDI: 0000000000000005
[  110.453427][ T3776] RBP: 000055555b1714b4 R08: 0000000000000000 R09: 0000000000000000
[  110.461234][ T3776] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  110.469044][ T3776] R13: 0000000000000010 R14: 000055555b1714b0 R15: 00007ffc32bcbdf0
[  110.476864][ T3776]  </TASK>
[  110.490775][ T3776] attempt to access beyond end of device
[  110.490775][ T3776] loop4: rw=0, want=45072, limit=40427
[  110.520127][    T8] attempt to access beyond end of device
[  110.520127][    T8] loop4: rw=2049, want=40992, limit=40427
[  110.556249][ T3914] loop1: detected capacity change from 0 to 512
[  110.578875][ T3914] EXT4-fs (loop1): Ignoring removed oldalloc option
[  110.585817][ T3914] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  110.609185][ T3914] EXT4-fs (loop1): 1 truncate cleaned up
[  110.614654][ T3914] EXT4-fs (loop1): mounted filesystem without journal. Opts: quota,oldalloc,barrier=0x0000000000000003,debug_want_extra_isize=0x0000000000000080,block_validity,jqfmt=vfsv1,,errors=continue. Quota mode: writeback.
[  110.689663][ T3885] UDC core: couldn't find an available UDC or it's busy: -16
[  110.696883][ T3885] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  110.738852][   T26] hid (null): bogus close delimiter
[  110.743915][   T26] hid (null): bogus close delimiter
[  110.768378][   T26] hid (null): bogus close delimiter
[  110.773444][   T26] hid (null): invalid report_size 29797
[  110.784701][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  110.796527][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  110.803823][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  110.811295][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  110.818559][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  110.825843][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  110.833234][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  110.840582][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  110.847798][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  110.855038][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  110.862479][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  110.869752][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  110.876995][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  110.884308][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  110.902042][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  110.918307][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  110.937654][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  110.945510][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  110.968313][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  110.975547][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  110.978386][  T370] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  110.990537][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  110.999428][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.010290][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.017586][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.025102][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.032861][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.047120][ T3925] IPv6: NLM_F_REPLACE set, but no existing node found!
[  111.054125][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.067937][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.076850][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.084157][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.091351][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.098808][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.106028][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.113558][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.125403][  T310] device bridge_slave_1 left promiscuous mode
[  111.133276][  T310] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.143048][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.150757][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x1
[  111.158050][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.166043][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.173504][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.181105][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.188555][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.195786][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.203277][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.210742][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.218021][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x1
[  111.225426][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.232652][  T370] usb 2-1: Using ep0 maxpacket: 16
[  111.232948][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.245029][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.252446][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x7
[  111.260041][   T26] hid-generic 0003:0158:0100.0031: unknown main item tag 0x0
[  111.267417][   T26] hid-generic 0003:0158:0100.0031: bogus close delimiter
[  111.274629][   T26] hid-generic 0003:0158:0100.0031: item 0 0 2 10 parsing failed
[  111.283947][   T26] hid-generic: probe of 0003:0158:0100.0031 failed with error -22
[  111.294542][   T26] usb 8-1: USB disconnect, device number 20
[  111.302652][  T310] device bridge_slave_0 left promiscuous mode
[  111.308812][  T310] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.316741][  T310] device veth1_macvtap left promiscuous mode
[  111.322840][  T310] device veth0_vlan left promiscuous mode
[  111.474374][ T3923] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.488240][ T3923] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.495537][ T3923] device bridge_slave_0 entered promiscuous mode
[  111.508378][  T370] usb 2-1: New USB device found, idVendor=0403, idProduct=b8d8, bcdDevice=30.bb
[  111.519497][ T3923] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.527592][  T370] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  111.538239][ T3923] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.545506][ T3923] device bridge_slave_1 entered promiscuous mode
[  111.551911][  T370] usb 2-1: Product: syz
[  111.556042][  T370] usb 2-1: Manufacturer: syz
[  111.568454][  T370] usb 2-1: SerialNumber: syz
[  111.673621][ T3943] syz.7.1460[3943] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  111.673698][ T3943] syz.7.1460[3943] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  111.760942][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  111.793791][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  111.809395][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  111.826167][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  111.840404][  T310] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.847280][  T310] bridge0: port 1(bridge_slave_0) entered forwarding state
[  111.860326][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  111.869622][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  111.877657][  T310] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.884544][  T310] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.901858][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  111.909569][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  111.917414][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  111.932876][ T3923] device veth0_vlan entered promiscuous mode
[  111.940012][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  111.949059][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  111.957964][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  111.965807][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  111.980689][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  111.989228][ T3923] device veth1_macvtap entered promiscuous mode
[  112.000183][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  112.016662][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  112.084085][ T3954] tipc: Started in network mode
[  112.097545][ T3954] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711
[  112.106260][  T424] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[  112.114816][ T3954] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  112.348325][  T424] usb 8-1: Using ep0 maxpacket: 16
[  112.468315][  T424] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  112.489186][  T424] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  112.508249][  T424] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  112.538295][  T424] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  112.543485][  T370] snd-usb-audio: probe of 2-1:222.0 failed with error -2
[  112.557312][  T424] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.589271][  T424] usb 8-1: config 0 descriptor??
[  112.741709][   T26] usb 2-1: USB disconnect, device number 5
[  113.027855][ T3962] loop4: detected capacity change from 0 to 131072
[  113.063527][  T424] input: HID 045e:07da as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/0003:045E:07DA.0032/input/input25
[  113.078684][ T3962] F2FS-fs (loop4): Zoned block device path is missing
[  113.092646][ T3962] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  113.114008][ T3962] F2FS-fs (loop4): Found nat_bits in checkpoint
[  113.149582][ T3962] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  113.156535][ T3962] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  113.175716][  T424] microsoft 0003:045E:07DA.0032: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.7-1/input0
[  113.308585][   T39] usb 8-1: USB disconnect, device number 21
[  113.336959][   T30] kauditd_printk_skb: 104 callbacks suppressed
[  113.336975][   T30] audit: type=1326 audit(1731372543.356:2051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3980 comm="syz.5.1474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3436484719 code=0x7ffc0000
[  113.407512][   T30] audit: type=1326 audit(1731372543.396:2052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3980 comm="syz.5.1474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3436484719 code=0x7ffc0000
[  113.451330][   T30] audit: type=1326 audit(1731372543.396:2053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3980 comm="syz.5.1474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=255 compat=0 ip=0x7f3436484719 code=0x7ffc0000
[  113.506440][   T30] audit: type=1326 audit(1731372543.396:2054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3980 comm="syz.5.1474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3436484719 code=0x7ffc0000
[  113.558259][   T30] audit: type=1326 audit(1731372543.396:2055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3980 comm="syz.5.1474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3436484719 code=0x7ffc0000
[  113.603892][   T30] audit: type=1400 audit(1731372543.626:2056): avc:  denied  { execute } for  pid=3986 comm="syz.5.1477" name="file1" dev="tmpfs" ino=1325 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  113.636265][   T30] audit: type=1400 audit(1731372543.626:2057): avc:  denied  { execute_no_trans } for  pid=3986 comm="syz.5.1477" path="/245/file1" dev="tmpfs" ino=1325 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  113.673648][   T30] audit: type=1400 audit(1731372543.656:2058): avc:  denied  { read write } for  pid=3988 comm="syz.4.1482" name="ppp" dev="devtmpfs" ino=150 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  113.698390][   T30] audit: type=1400 audit(1731372543.656:2059): avc:  denied  { open } for  pid=3988 comm="syz.4.1482" path="/dev/ppp" dev="devtmpfs" ino=150 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  113.732100][   T30] audit: type=1400 audit(1731372543.656:2060): avc:  denied  { ioctl } for  pid=3988 comm="syz.4.1482" path="/dev/ppp" dev="devtmpfs" ino=150 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  113.835647][ T3979] loop1: detected capacity change from 0 to 40427
[  113.883064][ T4003] netlink: 68 bytes leftover after parsing attributes in process `syz.7.1485'.
[  113.921898][ T3979] F2FS-fs (loop1): fault_injection options not supported
[  113.948904][ T3979] F2FS-fs (loop1): invalid crc value
[  113.980622][ T3979] F2FS-fs (loop1): Found nat_bits in checkpoint
[  114.089224][ T3979] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  114.197675][ T3530] F2FS-fs (loop1): access invalid blkaddr:2816
[  114.214044][ T3530] CPU: 0 PID: 3530 Comm: syz-executor Not tainted 5.15.167-syzkaller-00002-g3bfe08931bff #0
[  114.223944][ T3530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  114.233850][ T3530] Call Trace:
[  114.236958][ T3530]  <TASK>
[  114.239740][ T3530]  dump_stack_lvl+0x151/0x1c0
[  114.244251][ T3530]  ? io_uring_drop_tctx_refs+0x190/0x190
[  114.249720][ T3530]  ? arch_stack_walk+0xf3/0x140
[  114.254406][ T3530]  dump_stack+0x15/0x20
[  114.258398][ T3530]  f2fs_is_valid_blkaddr+0xcc3/0x12d0
[  114.263604][ T3530]  f2fs_map_blocks+0x1622/0x3ab0
[  114.268378][ T3530]  ? __stack_depot_save+0x34/0x470
[  114.273334][ T3530]  ? f2fs_do_map_lock+0x70/0x70
[  114.278012][ T3530]  ? debug_smp_processor_id+0x17/0x20
[  114.283220][ T3530]  ? try_charge_memcg+0x213/0x1550
[  114.288168][ T3530]  f2fs_mpage_readpages+0xc9a/0x21a0
[  114.293294][ T3530]  ? dquot_release_reservation_block+0xa0/0xa0
[  114.299277][ T3530]  ? workingset_activation+0x3f0/0x3f0
[  114.304632][ T3530]  f2fs_readahead+0xfd/0x250
[  114.308993][ T3530]  ? blk_start_plug+0x5a/0x170
[  114.313592][ T3530]  read_pages+0x15e/0xb00
[  114.317761][ T3530]  ? lru_cache_add+0x279/0x540
[  114.322360][ T3530]  ? page_cache_ra_unbounded+0xa50/0xa50
[  114.327825][ T3530]  ? add_to_page_cache_lru+0x225/0x2c0
[  114.333123][ T3530]  ? add_to_page_cache_locked+0x40/0x40
[  114.338504][ T3530]  ? __stack_depot_save+0x34/0x470
[  114.343452][ T3530]  page_cache_ra_unbounded+0x7ed/0xa50
[  114.348747][ T3530]  ? read_cache_pages_invalidate_pages+0x1c0/0x1c0
[  114.355081][ T3530]  ? _raw_spin_unlock+0x4d/0x70
[  114.359766][ T3530]  ? wp_page_reuse+0xff/0x120
[  114.364279][ T3530]  ondemand_readahead+0x9c8/0xfa0
[  114.369142][ T3530]  ? page_cache_sync_ra+0x4d0/0x4d0
[  114.374171][ T3530]  ? debug_smp_processor_id+0x17/0x20
[  114.379380][ T3530]  ? kasan_quarantine_put+0x34/0x1a0
[  114.384499][ T3530]  ? selinux_inode_getattr+0x11f/0x3f0
[  114.389794][ T3530]  ? fault_around_bytes_set+0xc0/0xc0
[  114.395004][ T3530]  page_cache_sync_ra+0x2e9/0x4d0
[  114.399863][ T3530]  ? force_page_cache_ra+0x420/0x420
[  114.404982][ T3530]  ? do_handle_mm_fault+0x1807/0x2400
[  114.410192][ T3530]  f2fs_readdir+0x52d/0xba0
[  114.414533][ T3530]  ? f2fs_fill_dentries+0xd60/0xd60
[  114.419597][ T3530]  ? avc_policy_seqno+0x1b/0x70
[  114.424254][ T3530]  ? __kasan_check_read+0x11/0x20
[  114.429115][ T3530]  ? security_file_permission+0x86/0xb0
[  114.434495][ T3530]  iterate_dir+0x265/0x600
[  114.438746][ T3530]  ? f2fs_fill_dentries+0xd60/0xd60
[  114.443779][ T3530]  __se_sys_getdents64+0x1c1/0x460
[  114.448728][ T3530]  ? __x64_sys_getdents64+0x90/0x90
[  114.453763][ T3530]  ? filldir+0x680/0x680
[  114.457841][ T3530]  __x64_sys_getdents64+0x7b/0x90
[  114.462700][ T3530]  x64_sys_call+0x5ae/0x9a0
[  114.467045][ T3530]  do_syscall_64+0x3b/0xb0
[  114.471291][ T3530]  ? clear_bhb_loop+0x35/0x90
[  114.475804][ T3530]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  114.481534][ T3530] RIP: 0033:0x7ff611a9c8b3
[  114.485788][ T3530] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 62 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  114.505229][ T3530] RSP: 002b:00007ffccd780958 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  114.513471][ T3530] RAX: ffffffffffffffda RBX: 000055555c40a4e0 RCX: 00007ff611a9c8b3
[  114.521284][ T3530] RDX: 0000000000008000 RSI: 000055555c40a4e0 RDI: 0000000000000005
[  114.529096][ T3530] RBP: 000055555c40a4b4 R08: 0000000000000000 R09: 0000000000000000
[  114.536905][ T3530] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  114.544715][ T3530] R13: 0000000000000010 R14: 000055555c40a4b0 R15: 00007ffccd782c00
[  114.552538][ T3530]  </TASK>
[  114.558789][ T3530] F2FS-fs (loop1): access invalid blkaddr:2816
[  114.565863][ T3530] CPU: 0 PID: 3530 Comm: syz-executor Not tainted 5.15.167-syzkaller-00002-g3bfe08931bff #0
[  114.575739][ T3530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  114.585637][ T3530] Call Trace:
[  114.588764][ T3530]  <TASK>
[  114.591542][ T3530]  dump_stack_lvl+0x151/0x1c0
[  114.596053][ T3530]  ? io_uring_drop_tctx_refs+0x190/0x190
[  114.601524][ T3530]  dump_stack+0x15/0x20
[  114.605508][ T3530]  f2fs_is_valid_blkaddr+0xcc3/0x12d0
[  114.610720][ T3530]  f2fs_map_blocks+0x1622/0x3ab0
[  114.615492][ T3530]  ? __stack_depot_save+0x34/0x470
[  114.620446][ T3530]  ? f2fs_do_map_lock+0x70/0x70
[  114.625127][ T3530]  f2fs_mpage_readpages+0xc9a/0x21a0
[  114.630253][ T3530]  ? dquot_release_reservation_block+0xa0/0xa0
[  114.636237][ T3530]  ? workingset_activation+0x3f0/0x3f0
[  114.641539][ T3530]  f2fs_readahead+0xfd/0x250
[  114.645954][ T3530]  ? blk_start_plug+0x5a/0x170
[  114.650554][ T3530]  read_pages+0x15e/0xb00
[  114.654721][ T3530]  ? lru_cache_add+0x279/0x540
[  114.659322][ T3530]  ? page_cache_ra_unbounded+0xa50/0xa50
[  114.664787][ T3530]  ? add_to_page_cache_lru+0x225/0x2c0
[  114.670083][ T3530]  ? add_to_page_cache_locked+0x40/0x40
[  114.675468][ T3530]  ? __stack_depot_save+0x34/0x470
[  114.680410][ T3530]  page_cache_ra_unbounded+0x7ed/0xa50
[  114.685721][ T3530]  ? read_cache_pages_invalidate_pages+0x1c0/0x1c0
[  114.692042][ T3530]  ? _raw_spin_unlock+0x4d/0x70
[  114.696727][ T3530]  ? wp_page_reuse+0xff/0x120
[  114.701241][ T3530]  ondemand_readahead+0x9c8/0xfa0
[  114.706106][ T3530]  ? page_cache_sync_ra+0x4d0/0x4d0
[  114.711138][ T3530]  ? debug_smp_processor_id+0x17/0x20
[  114.716357][ T3530]  ? kasan_quarantine_put+0x34/0x1a0
[  114.721465][ T3530]  ? selinux_inode_getattr+0x11f/0x3f0
[  114.726758][ T3530]  ? fault_around_bytes_set+0xc0/0xc0
[  114.731970][ T3530]  page_cache_sync_ra+0x2e9/0x4d0
[  114.736825][ T3530]  ? force_page_cache_ra+0x420/0x420
[  114.741947][ T3530]  ? do_handle_mm_fault+0x1807/0x2400
[  114.747156][ T3530]  f2fs_readdir+0x52d/0xba0
[  114.751499][ T3530]  ? f2fs_fill_dentries+0xd60/0xd60
[  114.756528][ T3530]  ? avc_policy_seqno+0x1b/0x70
[  114.761225][ T3530]  ? __kasan_check_read+0x11/0x20
[  114.766075][ T3530]  ? security_file_permission+0x86/0xb0
[  114.771454][ T3530]  iterate_dir+0x265/0x600
[  114.775707][ T3530]  ? f2fs_fill_dentries+0xd60/0xd60
[  114.780744][ T3530]  __se_sys_getdents64+0x1c1/0x460
[  114.785691][ T3530]  ? __x64_sys_getdents64+0x90/0x90
[  114.790723][ T3530]  ? filldir+0x680/0x680
[  114.794804][ T3530]  __x64_sys_getdents64+0x7b/0x90
[  114.799663][ T3530]  x64_sys_call+0x5ae/0x9a0
[  114.804002][ T3530]  do_syscall_64+0x3b/0xb0
[  114.808252][ T3530]  ? clear_bhb_loop+0x35/0x90
[  114.812765][ T3530]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  114.818493][ T3530] RIP: 0033:0x7ff611a9c8b3
[  114.822745][ T3530] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 62 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  114.842188][ T3530] RSP: 002b:00007ffccd780958 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  114.850441][ T3530] RAX: ffffffffffffffda RBX: 000055555c40a4e0 RCX: 00007ff611a9c8b3
[  114.858242][ T3530] RDX: 0000000000008000 RSI: 000055555c40a4e0 RDI: 0000000000000005
[  114.866063][ T3530] RBP: 000055555c40a4b4 R08: 0000000000000000 R09: 0000000000000000
[  114.873867][ T3530] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  114.881675][ T3530] R13: 0000000000000010 R14: 000055555c40a4b0 R15: 00007ffccd782c00
[  114.889491][ T3530]  </TASK>
[  114.895184][  T597] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  114.905498][ T3530] attempt to access beyond end of device
[  114.905498][ T3530] loop1: rw=0, want=45072, limit=40427
[  114.945546][  T345] attempt to access beyond end of device
[  114.945546][  T345] loop1: rw=2049, want=40992, limit=40427
[  114.989198][ T4048] syz.7.1505[4048] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  114.989273][ T4048] syz.7.1505[4048] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  115.219408][  T593] bridge0: port 3(syz_tun) entered disabled state
[  115.240335][  T593] device syz_tun left promiscuous mode
[  115.245624][  T593] bridge0: port 3(syz_tun) entered disabled state
[  115.258337][  T597] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  115.277933][  T597] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 16
[  115.308349][  T370] usb 8-1: new high-speed USB device number 22 using dummy_hcd
[  115.337478][ T4064] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.345747][ T4064] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.363146][ T4064] device bridge_slave_0 entered promiscuous mode
[  115.380614][ T4064] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.387460][ T4064] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.395901][ T4064] device bridge_slave_1 entered promiscuous mode
[  115.458401][  T597] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  115.475929][  T597] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.489763][  T597] usb 5-1: Product: syz
[  115.493753][  T597] usb 5-1: Manufacturer: syz
[  115.506593][  T597] usb 5-1: SerialNumber: syz
[  115.540924][ T4071] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.548163][ T4071] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.557455][ T4071] device bridge_slave_0 entered promiscuous mode
[  115.568227][ T4064] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.575106][ T4064] bridge0: port 2(bridge_slave_1) entered forwarding state
[  115.582234][ T4064] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.589107][ T4064] bridge0: port 1(bridge_slave_0) entered forwarding state
[  115.597855][ T4071] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.605047][ T4071] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.612797][ T4071] device bridge_slave_1 entered promiscuous mode
[  115.628970][  T420] device bridge_slave_1 left promiscuous mode
[  115.635116][  T420] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.642818][  T420] device bridge_slave_0 left promiscuous mode
[  115.649032][  T420] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.656986][  T420] device veth1_macvtap left promiscuous mode
[  115.663581][  T420] device veth0_vlan left promiscuous mode
[  115.688357][  T370] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  115.710407][  T370] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  115.728271][  T370] usb 8-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  115.747313][  T370] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.756496][ T4022] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  115.774438][  T370] usb 8-1: config 0 descriptor??
[  115.850325][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  115.857949][  T345] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.865777][  T345] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.885277][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  115.893319][  T345] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.900192][  T345] bridge0: port 1(bridge_slave_0) entered forwarding state
[  115.908830][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  115.916872][  T345] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.923745][  T345] bridge0: port 2(bridge_slave_1) entered forwarding state
[  115.941947][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  115.949875][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  115.973370][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  115.982109][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  115.991853][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  115.999429][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  116.012902][ T4064] device veth0_vlan entered promiscuous mode
[  116.033730][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  116.042389][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  116.051866][ T4064] device veth1_macvtap entered promiscuous mode
[  116.089018][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  116.096882][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  116.105701][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  116.114012][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  116.123218][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  116.181849][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  116.194047][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  116.218963][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  116.227692][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  116.236686][  T420] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.243573][  T420] bridge0: port 1(bridge_slave_0) entered forwarding state
[  116.253681][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  116.262389][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  116.271686][  T370] hid-steam 0003:28DE:1142.0033: unknown main item tag 0x3
[  116.280823][  T420] bridge0: port 2(bridge_slave_1) entered blocking state
[  116.287669][  T420] bridge0: port 2(bridge_slave_1) entered forwarding state
[  116.295385][  T370] hid-steam 0003:28DE:1142.0033: unknown main item tag 0x0
[  116.303273][  T370] hid-steam 0003:28DE:1142.0033: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.7-1/input0
[  116.314222][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  116.324822][  T370] hid-steam 0003:28DE:1142.0034: unknown main item tag 0x3
[  116.332715][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  116.340510][  T370] hid-steam 0003:28DE:1142.0034: unknown main item tag 0x0
[  116.347862][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  116.368085][ T4071] device veth0_vlan entered promiscuous mode
[  116.374757][  T370] hid-steam 0003:28DE:1142.0034: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.7-1/input0
[  116.392153][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  116.401438][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  116.409525][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  116.417162][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  116.424459][ T4022] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  116.432541][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  116.446784][ T4071] device veth1_macvtap entered promiscuous mode
[  116.455109][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  116.462890][  T370] hid-steam 0003:28DE:1142.0033: Steam wireless receiver connected
[  116.472854][  T370] usb 8-1: USB disconnect, device number 22
[  116.485320][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  116.498547][  T370] hid-steam 0003:28DE:1142.0033: Steam wireless receiver disconnected
[  116.507877][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  116.532327][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  116.542833][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  116.631866][ T4096] loop8: detected capacity change from 0 to 128
[  116.668352][  T597] cdc_ncm 5-1:1.0: MAC-Address: 42:42:42:42:42:42
[  116.678273][  T597] cdc_ncm 5-1:1.0: setting rx_max = 16384
[  116.685190][ T4096] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  116.697903][ T4096] ext4 filesystem being mounted at /1/mnt supports timestamps until 2038 (0x7fffffff)
[  116.774715][ T4100] input: syz0 as /devices/virtual/input/input26
[  116.845393][ T4105] loop8: detected capacity change from 0 to 512
[  116.880658][ T4105] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  116.892066][ T4105] EXT4-fs (loop8): 1 truncate cleaned up
[  116.897608][ T4105] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  116.898659][  T597] cdc_ncm 5-1:1.0: setting tx_max = 88
[  116.932097][  T597] cdc_ncm 5-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.4-1, CDC NCM, 42:42:42:42:42:42
[  116.962689][  T597] usb 5-1: USB disconnect, device number 9
[  117.002677][  T597] cdc_ncm 5-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.4-1, CDC NCM
[  117.228706][ T4142] input: syz0 as /devices/virtual/input/input27
[  117.305563][ T4131] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.314604][ T4131] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.327148][ T4131] device bridge_slave_0 entered promiscuous mode
[  117.336479][ T4131] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.343729][ T4131] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.351331][ T4131] device bridge_slave_1 entered promiscuous mode
[  117.485627][ T4131] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.492514][ T4131] bridge0: port 2(bridge_slave_1) entered forwarding state
[  117.499619][ T4131] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.506371][ T4131] bridge0: port 1(bridge_slave_0) entered forwarding state
[  117.566071][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  117.576151][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.583872][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.592368][  T424] usb 8-1: new high-speed USB device number 23 using dummy_hcd
[  117.603527][ T4165] loop4: detected capacity change from 0 to 512
[  117.614659][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  117.633002][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.639880][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  117.659958][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  117.667949][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.674819][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  117.688407][  T420] device bridge_slave_1 left promiscuous mode
[  117.694365][  T420] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.703367][  T420] device bridge_slave_0 left promiscuous mode
[  117.709773][  T420] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.717834][  T420] device veth1_macvtap left promiscuous mode
[  117.724441][  T420] device veth0_vlan left promiscuous mode
[  117.731565][ T4165] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  117.748480][ T4165] ext4 filesystem being mounted at /15/file0 supports timestamps until 2038 (0x7fffffff)
[  117.838792][  T424] usb 8-1: Using ep0 maxpacket: 16
[  117.885210][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  117.901122][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  117.915945][ T4131] device veth0_vlan entered promiscuous mode
[  117.923985][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  117.933083][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  117.941440][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  117.949182][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  117.958367][  T424] usb 8-1: config 0 has an invalid interface number: 2 but max is 0
[  117.964121][ T4131] device veth1_macvtap entered promiscuous mode
[  117.973335][  T424] usb 8-1: config 0 has no interface number 0
[  117.974585][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  117.987639][  T424] usb 8-1: config 0 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  117.992138][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  118.005105][  T424] usb 8-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  118.006000][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  118.032483][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  118.040793][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  118.138559][  T424] usb 8-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[  118.157767][  T424] usb 8-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  118.166735][  T424] usb 8-1: Product: syz
[  118.170834][  T424] usb 8-1: SerialNumber: syz
[  118.179432][  T424] usb 8-1: config 0 descriptor??
[  118.469148][  T424] snd-usb-audio: probe of 8-1:0.2 failed with error -12
[  118.481700][ T4190] loop4: detected capacity change from 0 to 40427
[  118.493885][  T424] usb 8-1: USB disconnect, device number 23
[  118.504125][ T4190] F2FS-fs (loop4): fault_injection options not supported
[  118.513943][ T4190] F2FS-fs (loop4): invalid crc value
[  118.520832][ T4190] F2FS-fs (loop4): Found nat_bits in checkpoint
[  118.556909][ T4190] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  118.575904][ T4190] attempt to access beyond end of device
[  118.575904][ T4190] loop4: rw=16812033, want=78672, limit=40427
[  118.578335][  T572] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  118.589359][   T30] kauditd_printk_skb: 78 callbacks suppressed
[  118.589375][   T30] audit: type=1400 audit(1731372548.606:2139): avc:  denied  { ioctl } for  pid=4189 comm="syz.4.1561" path="/21/file1/bus" dev="loop4" ino=15 ioctlcmd=0xf509 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  118.618455][   T63] Bluetooth: hci0: command 0x1003 tx timeout
[  118.630255][ T3517] Bluetooth: hci0: sending frame failed (-49)
[  118.631289][ T3923] attempt to access beyond end of device
[  118.631289][ T3923] loop4: rw=2049, want=45112, limit=40427
[  118.930878][ T4197] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.937857][ T4197] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.945388][ T4197] device bridge_slave_0 entered promiscuous mode
[  118.952765][ T4197] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.965725][ T4197] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.968389][  T572] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  118.973268][ T4197] device bridge_slave_1 entered promiscuous mode
[  118.991773][  T572] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 16
[  119.068735][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  119.076096][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  119.087160][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  119.095525][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  119.104041][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.110924][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  119.118576][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  119.128611][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  119.136792][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  119.144831][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.151672][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  119.158337][  T572] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  119.167639][  T572] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  119.175454][  T572] usb 7-1: Product: syz
[  119.179483][  T572] usb 7-1: Manufacturer: syz
[  119.183892][  T572] usb 7-1: SerialNumber: syz
[  119.190265][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  119.198299][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  119.212254][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  119.223752][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  119.231900][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  119.239490][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  119.250159][ T4197] device veth0_vlan entered promiscuous mode
[  119.260748][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  119.271693][ T4197] device veth1_macvtap entered promiscuous mode
[  119.282012][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  119.292105][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  119.300355][  T597] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  119.348458][ T1124] usb 8-1: new high-speed USB device number 24 using dummy_hcd
[  119.432373][ T4192] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  119.479201][  T310] device bridge_slave_1 left promiscuous mode
[  119.485253][  T310] bridge0: port 2(bridge_slave_1) entered disabled state
[  119.492574][  T310] device bridge_slave_0 left promiscuous mode
[  119.498652][  T310] bridge0: port 1(bridge_slave_0) entered disabled state
[  119.506174][  T310] device veth1_macvtap left promiscuous mode
[  119.512094][  T310] device veth0_vlan left promiscuous mode
[  119.538330][  T597] usb 5-1: Using ep0 maxpacket: 8
[  119.618366][  T424] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  119.658447][  T597] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  119.669782][  T597] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  119.679385][  T597] usb 5-1: New USB device found, idVendor=06a3, idProduct=0ccd, bcdDevice= 0.00
[  119.688380][  T597] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.697126][  T597] usb 5-1: config 0 descriptor??
[  119.728330][ T1124] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  119.740365][ T1124] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  119.750038][ T1124] usb 8-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  119.758952][ T1124] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.767403][ T1124] usb 8-1: config 0 descriptor??
[  119.978487][  T424] usb 4-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  119.989245][  T424] usb 4-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  119.998775][  T424] usb 4-1: config 0 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  120.011358][  T424] usb 4-1: config 0 interface 0 has no altsetting 0
[  120.017732][  T424] usb 4-1: New USB device found, idVendor=03eb, idProduct=2118, bcdDevice= 0.00
[  120.026734][  T424] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  120.035191][  T424] usb 4-1: config 0 descriptor??
[  120.088584][ T4192] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  120.179437][  T597] saitek 0003:06A3:0CCD.0035: unknown main item tag 0x0
[  120.186321][  T597] saitek 0003:06A3:0CCD.0035: unknown main item tag 0x0
[  120.193175][  T597] saitek 0003:06A3:0CCD.0035: item fetching failed at offset 2/11
[  120.200906][  T597] saitek 0003:06A3:0CCD.0035: parse failed
[  120.206524][  T597] saitek: probe of 0003:06A3:0CCD.0035 failed with error -22
[  120.249506][ T1124] hid-led 0003:1D34:000A.0036: unknown main item tag 0x0
[  120.328345][  T572] cdc_ncm 7-1:1.0: MAC-Address: 42:42:42:42:42:42
[  120.334594][  T572] cdc_ncm 7-1:1.0: setting rx_max = 16384
[  120.381503][   T39] usb 5-1: USB disconnect, device number 10
[  120.469936][ T1124] hid-led 0003:1D34:000A.0036: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.7-1/input0
[  120.481893][ T1124] hid-led 0003:1D34:000A.0036: Dream Cheeky Webmail Notifier initialized
[  120.509205][  T424] hid-generic 0003:03EB:2118.0037: unknown main item tag 0x0
[  120.516523][  T424] hid-generic 0003:03EB:2118.0037: unknown main item tag 0x0
[  120.523870][  T424] hid-generic 0003:03EB:2118.0037: unknown main item tag 0x0
[  120.531236][  T424] hid-generic 0003:03EB:2118.0037: unknown main item tag 0x0
[  120.538368][  T572] cdc_ncm 7-1:1.0: setting tx_max = 88
[  120.538723][  T424] hid-generic 0003:03EB:2118.0037: unknown main item tag 0x0
[  120.549860][  T572] cdc_ncm 7-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.6-1, CDC NCM, 42:42:42:42:42:42
[  120.552355][  T424] hid-generic 0003:03EB:2118.0037: hidraw1: USB HID v0.00 Device [HID 03eb:2118] on usb-dummy_hcd.3-1/input0
[  120.573943][  T572] usb 7-1: USB disconnect, device number 4
[  120.584464][  T572] cdc_ncm 7-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.6-1, CDC NCM
[  120.672878][   T39] usb 8-1: USB disconnect, device number 24
[  120.698612][  T597] Bluetooth: hci0: command 0x1001 tx timeout
[  120.704527][ T3517] Bluetooth: hci0: sending frame failed (-49)
[  120.714704][  T597] usb 4-1: USB disconnect, device number 13
[  121.072911][   T30] audit: type=1400 audit(1731372551.096:2140): avc:  denied  { setcurrent } for  pid=4247 comm="syz.4.1570" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  121.283198][ T4261] loop3: detected capacity change from 0 to 128
[  121.311177][ T4256] xt_CT: You must specify a L4 protocol and not use inversions on it
[  121.333052][ T4263] tipc: Started in network mode
[  121.337847][ T4263] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711
[  121.347242][ T4263] tipc: Enabled bearer <udp:syz0>, priority 10
[  121.347402][ T4261] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  121.369571][ T4261] ext4 filesystem being mounted at /3/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  121.410935][   T30] audit: type=1400 audit(1731372551.436:2141): avc:  denied  { create } for  pid=4265 comm="syz.7.1567" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  121.483455][   T30] audit: type=1400 audit(1731372551.466:2142): avc:  denied  { connect } for  pid=4265 comm="syz.7.1567" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  121.544135][   T30] audit: type=1400 audit(1731372551.466:2143): avc:  denied  { setopt } for  pid=4265 comm="syz.7.1567" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  121.579876][   T30] audit: type=1400 audit(1731372551.556:2144): avc:  denied  { ioctl } for  pid=4269 comm="syz.7.1571" path="socket:[36880]" dev="sockfs" ino=36880 ioctlcmd=0x8955 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  121.617199][ T4250] loop6: detected capacity change from 0 to 131072
[  121.640363][ T4250] F2FS-fs (loop6): Zoned block device path is missing
[  121.656555][ T4250] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  121.667533][ T4250] F2FS-fs (loop6): Found nat_bits in checkpoint
[  121.711678][ T4250] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  121.718882][ T4250] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  121.755300][   T30] audit: type=1326 audit(1731372551.776:2145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4287 comm="syz.7.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f160fe83719 code=0x7ffc0000
[  121.852627][   T30] audit: type=1326 audit(1731372551.776:2146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4287 comm="syz.7.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f160fe83719 code=0x7ffc0000
[  121.895207][ T4296] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[  121.911533][   T30] audit: type=1326 audit(1731372551.776:2147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4287 comm="syz.7.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f160fe83719 code=0x7ffc0000
[  121.937581][   T30] audit: type=1326 audit(1731372551.776:2148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4287 comm="syz.7.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f160fe83719 code=0x7ffc0000
[  122.246558][ T4324] loop7: detected capacity change from 0 to 16
[  122.329004][ T4324] erofs: (device loop7): mounted with root inode @ nid 36.
[  122.341566][  T572] tipc: Node number set to 4269801488
[  122.348852][ T4324] erofs: (device loop7): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  122.433494][ T4336] syz.6.1597[4336] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  122.433572][ T4336] syz.6.1597[4336] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  122.434113][ T4324] erofs: (device loop7): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[  122.483908][ T4338] loop4: detected capacity change from 0 to 512
[  122.539093][ T4338] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  122.546077][ T4338] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  122.555550][ T4338] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b002c118, mo2=0002]
[  122.563548][ T4338] System zones: 1-12
[  122.568044][ T4338] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.1598: corrupted in-inode xattr
[  122.582079][ T4338] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.1598: couldn't read orphan inode 15 (err -117)
[  122.594403][ T4338] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,data_err=abort,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,debug,,errors=continue. Quota mode: none.
[  122.631499][ T4338] EXT4-fs warning (device loop4): dx_probe:833: inode #2: comm syz.4.1598: Unrecognised inode hash code 4
[  122.658266][ T4338] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.1598: Corrupt directory, running e2fsck is recommended
[  122.678548][ T4338] EXT4-fs warning (device loop4): dx_probe:833: inode #2: comm syz.4.1598: Unrecognised inode hash code 4
[  122.689768][ T4338] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.1598: Corrupt directory, running e2fsck is recommended
[  122.702881][ T4338] EXT4-fs warning (device loop4): dx_probe:833: inode #2: comm syz.4.1598: Unrecognised inode hash code 4
[  122.714613][ T4338] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.1598: Corrupt directory, running e2fsck is recommended
[  122.778392][ T1213] Bluetooth: hci0: command 0x1009 tx timeout
[  123.014210][ T4348] loop7: detected capacity change from 0 to 40427
[  123.025073][ T4313] loop3: detected capacity change from 0 to 131072
[  123.031921][ T4348] F2FS-fs (loop7): Insane cp_payload (553648128 >= 504)
[  123.038728][ T4348] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  123.047547][ T4348] F2FS-fs (loop7): invalid crc value
[  123.054132][ T4348] F2FS-fs (loop7): Found nat_bits in checkpoint
[  123.075720][ T4348] F2FS-fs (loop7): Start checkpoint disabled!
[  123.082172][ T4313] F2FS-fs (loop3): Zoned block device path is missing
[  123.089076][ T4313] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  123.098138][ T4348] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  123.105276][ T4348] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  123.106994][ T4313] F2FS-fs (loop3): Found nat_bits in checkpoint
[  123.119715][ T4348] attempt to access beyond end of device
[  123.119715][ T4348] loop7: rw=2049, want=53256, limit=40427
[  123.143149][ T4313] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  123.150116][ T4313] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  123.183055][  T345] attempt to access beyond end of device
[  123.183055][  T345] loop7: rw=2049, want=40992, limit=40427
[  123.208460][ T1213] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  123.358394][ T4376] loop7: detected capacity change from 0 to 2048
[  123.389807][ T4376] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  123.403881][ T4376] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  123.418752][ T4376] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 2049 with max blocks 1 with error 28
[  123.431225][ T4376] EXT4-fs (loop7): This should not happen!! Data will be lost
[  123.431225][ T4376] 
[  123.441032][ T4376] EXT4-fs (loop7): Total free blocks count 0
[  123.446846][ T4376] EXT4-fs (loop7): Free/Dirty block details
[  123.452716][ T1213] usb 7-1: Using ep0 maxpacket: 16
[  123.452844][ T4376] EXT4-fs (loop7): free_blocks=66060288
[  123.463062][ T4376] EXT4-fs (loop7): dirty_blocks=32
[  123.467965][ T4376] EXT4-fs (loop7): Block reservation details
[  123.473820][ T4376] EXT4-fs (loop7): i_reserved_data_blocks=2
[  123.561258][  T345] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  123.573433][  T345] EXT4-fs (loop7): This should not happen!! Data will be lost
[  123.573433][  T345] 
[  123.573506][ T1213] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 11
[  123.592291][ T1213] usb 7-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[  123.601808][ T1213] usb 7-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[  123.611367][ T1213] usb 7-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[  123.620971][ T1213] usb 7-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[  123.630496][ T1213] usb 7-1: config 1 interface 0 has no altsetting 0
[  123.636876][ T1213] usb 7-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[  123.647064][ T1213] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.688749][ T1213] ums-sddr09 7-1:1.0: USB Mass Storage device detected
[  123.699181][   T30] kauditd_printk_skb: 107 callbacks suppressed
[  123.699196][   T30] audit: type=1400 audit(1731372553.726:2256): avc:  denied  { setopt } for  pid=4386 comm="syz.4.1615" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  123.908811][ T1213] scsi host1: usb-storage 7-1:1.0
[  123.928292][ T1124] usb 8-1: new full-speed USB device number 25 using dummy_hcd
[  124.008286][   T39] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  124.111540][ T1213] usb 7-1: USB disconnect, device number 5
[  124.259892][   T30] audit: type=1326 audit(1731372554.286:2257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.3.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd69f11719 code=0x7ffc0000
[  124.283531][   T30] audit: type=1326 audit(1731372554.296:2258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.3.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd69f11719 code=0x7ffc0000
[  124.307286][   T30] audit: type=1326 audit(1731372554.296:2259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.3.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd69f11719 code=0x7ffc0000
[  124.332483][   T30] audit: type=1326 audit(1731372554.296:2260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.3.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd69f11719 code=0x7ffc0000
[  124.355896][ T1124] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  124.366848][   T30] audit: type=1326 audit(1731372554.296:2261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.3.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd69f11719 code=0x7ffc0000
[  124.390269][   T30] audit: type=1326 audit(1731372554.306:2262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.3.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd69f11719 code=0x7ffc0000
[  124.390854][ T1124] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  124.425018][   T30] audit: type=1326 audit(1731372554.316:2263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.3.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd69f11719 code=0x7ffc0000
[  124.448521][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  124.459549][   T30] audit: type=1326 audit(1731372554.326:2264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.3.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd69f11719 code=0x7ffc0000
[  124.483154][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  124.492951][   T39] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  124.502097][   T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.510111][   T30] audit: type=1326 audit(1731372554.326:2265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.3.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd69f11719 code=0x7ffc0000
[  124.537311][   T39] usb 5-1: config 0 descriptor??
[  124.551954][ T4403] loop3: detected capacity change from 0 to 512
[  124.608388][ T1124] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  124.617435][ T1124] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.625540][ T1124] usb 8-1: Product: syz
[  124.629722][ T1124] usb 8-1: Manufacturer: syz
[  124.630529][ T4403] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #3: comm syz.3.1621: corrupted inode contents
[  124.634258][ T1124] usb 8-1: SerialNumber: syz
[  124.650501][ T4403] EXT4-fs error (device loop3): ext4_dirty_inode:6038: inode #3: comm syz.3.1621: mark_inode_dirty error
[  124.662808][ T4408] loop6: detected capacity change from 0 to 128
[  124.662918][ T4403] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #3: comm syz.3.1621: corrupted inode contents
[  124.680869][ T4403] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #3: comm syz.3.1621: mark_inode_dirty error
[  124.692538][ T4403] EXT4-fs error (device loop3): ext4_acquire_dquot:6187: comm syz.3.1621: Failed to acquire dquot type 0
[  124.704308][ T4403] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #16: comm syz.3.1621: corrupted inode contents
[  124.716263][ T4403] EXT4-fs error (device loop3): ext4_dirty_inode:6038: inode #16: comm syz.3.1621: mark_inode_dirty error
[  124.727826][ T4403] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #16: comm syz.3.1621: corrupted inode contents
[  124.739723][ T4403] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #16: comm syz.3.1621: mark_inode_dirty error
[  124.751274][ T4403] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #16: comm syz.3.1621: corrupted inode contents
[  124.756007][ T4408] 9pnet: p9_errstr2errno: server reported unknown error œæçæŒÎsŧ‘̼§6
[  124.765343][ T4403] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  124.785697][ T4403] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #16: comm syz.3.1621: corrupted inode contents
[  124.797825][ T4403] EXT4-fs error (device loop3): ext4_truncate:4303: inode #16: comm syz.3.1621: mark_inode_dirty error
[  124.809027][ T4403] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  124.818091][ T4403] EXT4-fs (loop3): 1 truncate cleaned up
[  124.823940][ T4403] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  124.835406][ T4403] ext4 filesystem being mounted at /19/file1 supports timestamps until 2038 (0x7fffffff)
[  124.871307][ T4383] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  124.892298][ T4414] loop6: detected capacity change from 0 to 2048
[  124.969803][ T4414] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  124.980300][ T4414] ext4 filesystem being mounted at /22/file0 supports timestamps until 2038 (0x7fffffff)
[  124.996833][ T4414] fs-verity: sha256 using implementation "sha256-avx2"
[  125.012320][ T4414] syz.6.1626 (4414) used greatest stack depth: 19848 bytes left
[  125.038792][ T4418] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.045648][ T4418] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.053253][ T4418] device bridge_slave_0 entered promiscuous mode
[  125.070094][ T4418] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.077066][ T4418] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.084460][ T4418] device bridge_slave_1 entered promiscuous mode
[  125.160748][ T4418] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.167638][ T4418] bridge0: port 2(bridge_slave_1) entered forwarding state
[  125.174794][ T4418] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.181665][ T4418] bridge0: port 1(bridge_slave_0) entered forwarding state
[  125.268317][   T39] hid-led: probe of 0003:27B8:01ED.0038 failed with error -71
[  125.274387][ T4418] device veth0_vlan entered promiscuous mode
[  125.282421][   T39] usb 5-1: USB disconnect, device number 11
[  125.290165][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  125.298762][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  125.307046][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  125.316556][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  125.324962][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  125.334551][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  125.343420][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  125.353988][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  125.361826][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  125.379053][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  125.389783][ T4418] device veth1_macvtap entered promiscuous mode
[  125.401537][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  125.420332][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  125.467596][ T4444] loop2: detected capacity change from 0 to 2048
[  125.515771][ T4383] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  125.549618][ T4444] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  125.561007][  T345] device bridge_slave_1 left promiscuous mode
[  125.567067][  T345] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.568507][ T4444] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  125.588982][ T4444] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 2049 with max blocks 1 with error 28
[  125.589954][  T345] device bridge_slave_0 left promiscuous mode
[  125.601463][ T4444] EXT4-fs (loop2): This should not happen!! Data will be lost
[  125.601463][ T4444] 
[  125.607564][  T345] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.617155][ T4444] EXT4-fs (loop2): Total free blocks count 0
[  125.629676][ T4444] EXT4-fs (loop2): Free/Dirty block details
[  125.635391][ T4444] EXT4-fs (loop2): free_blocks=66060288
[  125.635489][  T345] device veth1_macvtap left promiscuous mode
[  125.641465][ T4444] EXT4-fs (loop2): dirty_blocks=32
[  125.646764][  T345] device veth0_vlan left promiscuous mode
[  125.651790][ T4444] EXT4-fs (loop2): Block reservation details
[  125.662946][ T4444] EXT4-fs (loop2): i_reserved_data_blocks=2
[  125.731814][  T420] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  125.737081][ T4448] syz.6.1648[4448] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.743902][ T1124] cdc_ncm 8-1:1.0: MAC-Address: 42:42:42:42:42:42
[  125.743942][ T1124] cdc_ncm 8-1:1.0: dwNtbInMaxSize=3 is too small. Using 2048
[  125.743960][ T1124] cdc_ncm 8-1:1.0: setting rx_max = 2048
[  125.745945][  T420] EXT4-fs (loop2): This should not happen!! Data will be lost
[  125.745945][  T420] 
[  125.757161][ T4448] syz.6.1648[4448] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.828521][ T4457] syz.2.1638[4457] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.840008][ T4457] syz.2.1638[4457] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.950989][ T4472] loop6: detected capacity change from 0 to 512
[  125.972848][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x1
[  125.984962][ T1124] cdc_ncm 8-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.7-1, CDC NCM, 42:42:42:42:42:42
[  125.995482][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.009562][ T1124] usb 8-1: USB disconnect, device number 25
[  126.020319][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.028626][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.035833][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.043443][ T1124] cdc_ncm 8-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.7-1, CDC NCM
[  126.053658][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.062084][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.069377][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x2
[  126.076816][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.084103][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.091335][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.100445][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.111716][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.120565][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.134324][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.141767][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.150011][ T4472] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  126.161938][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.169444][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.177044][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.180406][ T4472] EXT4-fs (loop6): 1 truncate cleaned up
[  126.188650][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.190245][ T4472] EXT4-fs (loop6): mounted filesystem without journal. Opts: data=journal,jqfmt=vfsv0,errors=continue,nodelalloc,init_itable=0x0000000000000004,acl,,errors=continue. Quota mode: none.
[  126.200747][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.233684][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.241681][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.248943][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.256104][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.265659][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.273003][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.287103][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.296856][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.304143][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.311307][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.320502][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.327724][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.335120][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.342722][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.350018][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.357136][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.364493][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.372048][  T424] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  126.382230][  T424] hid-generic 0000:0000:0000.0039: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  126.394487][  T424] ==================================================================
[  126.402400][  T424] BUG: KASAN: use-after-free in __list_del_entry_valid+0xa6/0x120
[  126.410005][  T424] Read of size 8 at addr ffff88810ccfec70 by task kworker/1:5/424
[  126.417643][  T424] 
[  126.419821][  T424] CPU: 1 PID: 424 Comm: kworker/1:5 Not tainted 5.15.167-syzkaller-00002-g3bfe08931bff #0
[  126.429535][  T424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  126.439431][  T424] Workqueue: ipv6_addrconf addrconf_dad_work
[  126.445243][  T424] Call Trace:
[  126.448370][  T424]  <TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  126.451151][  T424]  dump_stack_lvl+0x151/0x1c0
[  126.455666][  T424]  ? io_uring_drop_tctx_refs+0x190/0x190
[  126.461130][  T424]  ? panic+0x760/0x760
[  126.465036][  T424]  print_address_description+0x87/0x3b0
[  126.470419][  T424]  kasan_report+0x179/0x1c0
[  126.474755][  T424]  ? __kasan_check_write+0x14/0x20
[  126.479706][  T424]  ? __list_del_entry_valid+0xa6/0x120
[  126.484998][  T424]  ? __list_del_entry_valid+0xa6/0x120
[  126.490290][  T424]  __asan_report_load8_noabort+0x14/0x20
[  126.495759][  T424]  __list_del_entry_valid+0xa6/0x120
[  126.500884][  T424]  process_one_work+0x458/0xc10
[  126.505569][  T424]  worker_thread+0xad5/0x12a0
[  126.510081][  T424]  ? _raw_spin_lock+0x1b0/0x1b0
[  126.514770][  T424]  kthread+0x421/0x510
[  126.518759][  T424]  ? worker_clr_flags+0x180/0x180
[  126.523620][  T424]  ? kthread_blkcg+0xd0/0xd0
[  126.528049][  T424]  ret_from_fork+0x1f/0x30
[  126.532304][  T424]  </TASK>
[  126.535178][  T424] 
[  126.537418][  T424] Allocated by task 1124:
[  126.541585][  T424]  ____kasan_kmalloc+0xdb/0x110
[  126.546270][  T424]  __kasan_kmalloc+0x9/0x10
[  126.550620][  T424]  __kmalloc+0x13a/0x270
[  126.554690][  T424]  kvmalloc_node+0x1f0/0x4d0
[  126.559119][  T424]  alloc_netdev_mqs+0x8c/0xc90
[  126.563716][  T424]  alloc_etherdev_mqs+0x33/0x40
[  126.568403][  T424]  usbnet_probe+0x1fc/0x2840
[  126.572828][  T424]  usb_probe_interface+0x5b6/0xa90
[  126.577772][  T424]  really_probe+0x28d/0x970
[  126.582112][  T424]  __driver_probe_device+0x1a0/0x310
[  126.587232][  T424]  driver_probe_device+0x54/0x3d0
[  126.592097][  T424]  __device_attach_driver+0x2c5/0x470
[  126.597300][  T424]  bus_for_each_drv+0x183/0x200
[  126.601987][  T424]  __device_attach+0x312/0x510
[  126.606593][  T424]  device_initial_probe+0x1a/0x20
[  126.611447][  T424]  bus_probe_device+0xbe/0x1e0
[  126.616047][  T424]  device_add+0xb60/0xf10
[  126.620214][  T424]  usb_set_configuration+0x190f/0x1e80
[  126.625509][  T424]  usb_generic_driver_probe+0x8b/0x150
[  126.630802][  T424]  usb_probe_device+0x144/0x260
[  126.635489][  T424]  really_probe+0x28d/0x970
[  126.639826][  T424]  __driver_probe_device+0x1a0/0x310
[  126.644947][  T424]  driver_probe_device+0x54/0x3d0
[  126.649816][  T424]  __device_attach_driver+0x2c5/0x470
[  126.655015][  T424]  bus_for_each_drv+0x183/0x200
[  126.659703][  T424]  __device_attach+0x312/0x510
[  126.664301][  T424]  device_initial_probe+0x1a/0x20
[  126.669162][  T424]  bus_probe_device+0xbe/0x1e0
[  126.673761][  T424]  device_add+0xb60/0xf10
[  126.677928][  T424]  usb_new_device+0x1038/0x1c00
[  126.682624][  T424]  hub_event+0x2def/0x4770
[  126.686870][  T424]  process_one_work+0x6bb/0xc10
[  126.691555][  T424]  worker_thread+0xad5/0x12a0
[  126.696068][  T424]  kthread+0x421/0x510
[  126.699974][  T424]  ret_from_fork+0x1f/0x30
[  126.704231][  T424] 
[  126.706402][  T424] Freed by task 1124:
[  126.710223][  T424]  kasan_set_track+0x4b/0x70
[  126.714642][  T424]  kasan_set_free_info+0x23/0x40
[  126.719414][  T424]  ____kasan_slab_free+0x126/0x160
[  126.724366][  T424]  __kasan_slab_free+0x11/0x20
[  126.728961][  T424]  slab_free_freelist_hook+0xbd/0x190
[  126.734172][  T424]  kfree+0xc8/0x220
[  126.737817][  T424]  kvfree+0x35/0x40
[  126.741463][  T424]  netdev_freemem+0x3f/0x60
[  126.745800][  T424]  netdev_release+0x7f/0xb0
[  126.750140][  T424]  device_release+0x95/0x1c0
[  126.754565][  T424]  kobject_put+0x178/0x260
[  126.758817][  T424]  put_device+0x1f/0x30
[  126.762810][  T424]  free_netdev+0x34f/0x440
[  126.767065][  T424]  usbnet_disconnect+0x245/0x390
[  126.771837][  T424]  usb_unbind_interface+0x1fa/0x8c0
[  126.776870][  T424]  device_release_driver_internal+0x50b/0x7d0
[  126.782777][  T424]  device_release_driver+0x19/0x20
[  126.787721][  T424]  bus_remove_device+0x2f8/0x360
[  126.792496][  T424]  device_del+0x663/0xe90
[  126.796663][  T424]  usb_disable_device+0x380/0x720
[  126.801520][  T424]  usb_disconnect+0x32a/0x890
[  126.806034][  T424]  hub_event+0x1d42/0x4770
[  126.810285][  T424]  process_one_work+0x6bb/0xc10
[  126.814973][  T424]  worker_thread+0xe02/0x12a0
[  126.819485][  T424]  kthread+0x421/0x510
[  126.823398][  T424]  ret_from_fork+0x1f/0x30
[  126.827643][  T424] 
[  126.829814][  T424] Last potentially related work creation:
[  126.835375][  T424]  kasan_save_stack+0x3b/0x60
[  126.839882][  T424]  __kasan_record_aux_stack+0xd3/0xf0
[  126.845120][  T424]  kasan_record_aux_stack_noalloc+0xb/0x10
[  126.850731][  T424]  insert_work+0x56/0x320
[  126.854898][  T424]  __queue_work+0x92a/0xcd0
[  126.859238][  T424]  queue_work_on+0x105/0x170
[  126.863662][  T424]  usbnet_link_change+0xeb/0x100
[  126.868436][  T424]  usbnet_probe+0x1dcb/0x2840
[  126.872949][  T424]  usb_probe_interface+0x5b6/0xa90
[  126.877895][  T424]  really_probe+0x28d/0x970
[  126.882235][  T424]  __driver_probe_device+0x1a0/0x310
[  126.887360][  T424]  driver_probe_device+0x54/0x3d0
[  126.892216][  T424]  __device_attach_driver+0x2c5/0x470
[  126.897426][  T424]  bus_for_each_drv+0x183/0x200
[  126.902112][  T424]  __device_attach+0x312/0x510
[  126.906711][  T424]  device_initial_probe+0x1a/0x20
[  126.911571][  T424]  bus_probe_device+0xbe/0x1e0
[  126.916171][  T424]  device_add+0xb60/0xf10
[  126.920337][  T424]  usb_set_configuration+0x190f/0x1e80
[  126.925632][  T424]  usb_generic_driver_probe+0x8b/0x150
[  126.930926][  T424]  usb_probe_device+0x144/0x260
[  126.935613][  T424]  really_probe+0x28d/0x970
[  126.939951][  T424]  __driver_probe_device+0x1a0/0x310
[  126.945073][  T424]  driver_probe_device+0x54/0x3d0
[  126.949935][  T424]  __device_attach_driver+0x2c5/0x470
[  126.955139][  T424]  bus_for_each_drv+0x183/0x200
[  126.959829][  T424]  __device_attach+0x312/0x510
[  126.964429][  T424]  device_initial_probe+0x1a/0x20
[  126.969288][  T424]  bus_probe_device+0xbe/0x1e0
[  126.973889][  T424]  device_add+0xb60/0xf10
[  126.978056][  T424]  usb_new_device+0x1038/0x1c00
[  126.982741][  T424]  hub_event+0x2def/0x4770
[  126.986994][  T424]  process_one_work+0x6bb/0xc10
[  126.991681][  T424]  worker_thread+0xad5/0x12a0
[  126.996195][  T424]  kthread+0x421/0x510
[  127.000099][  T424]  ret_from_fork+0x1f/0x30
[  127.004352][  T424] 
[  127.006520][  T424] The buggy address belongs to the object at ffff88810ccfe000
[  127.006520][  T424]  which belongs to the cache kmalloc-4k of size 4096
[  127.020407][  T424] The buggy address is located 3184 bytes inside of
[  127.020407][  T424]  4096-byte region [ffff88810ccfe000, ffff88810ccff000)
[  127.033686][  T424] The buggy address belongs to the page:
[  127.039178][  T424] page:ffffea0004333e00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10ccf8
[  127.049226][  T424] head:ffffea0004333e00 order:3 compound_mapcount:0 compound_pincount:0
[  127.057382][  T424] flags: 0x4000000000010200(slab|head|zone=1)
[  127.063290][  T424] raw: 4000000000010200 0000000000000000 dead000000000122 ffff888100043380
[  127.071707][  T424] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000
[  127.080120][  T424] page dumped because: kasan: bad access detected
[  127.086378][  T424] page_owner tracks the page as allocated
[  127.091924][  T424] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 101, ts 124656196529, free_ts 124655551492
[  127.112325][  T424]  post_alloc_hook+0x1a3/0x1b0
[  127.116920][  T424]  prep_new_page+0x1b/0x110
[  127.121258][  T424]  get_page_from_freelist+0x3550/0x35d0
[  127.126639][  T424]  __alloc_pages+0x27e/0x8f0
[  127.131068][  T424]  new_slab+0x9a/0x4e0
[  127.134972][  T424]  ___slab_alloc+0x39e/0x830
[  127.139397][  T424]  __slab_alloc+0x4a/0x90
[  127.143564][  T424]  __kmalloc+0x16d/0x270
[  127.147644][  T424]  kvmalloc_node+0x1f0/0x4d0
[  127.152069][  T424]  seq_read_iter+0x1ff/0xd00
[  127.156496][  T424]  kernfs_fop_read_iter+0x145/0x470
[  127.161532][  T424]  vfs_read+0xa81/0xd40
[  127.165523][  T424]  ksys_read+0x199/0x2c0
[  127.169602][  T424]  __x64_sys_read+0x7b/0x90
[  127.173943][  T424]  x64_sys_call+0x28/0x9a0
[  127.178195][  T424]  do_syscall_64+0x3b/0xb0
[  127.182448][  T424] page last free stack trace:
[  127.186960][  T424]  free_unref_page_prepare+0x7c8/0x7d0
[  127.192254][  T424]  free_unref_page+0xe8/0x750
[  127.196768][  T424]  __free_pages+0x61/0xf0
[  127.200932][  T424]  __free_slab+0xec/0x1d0
[  127.205101][  T424]  __unfreeze_partials+0x165/0x1a0
[  127.210048][  T424]  put_cpu_partial+0xc4/0x120
[  127.214559][  T424]  __slab_free+0x1c8/0x290
[  127.218811][  T424]  ___cache_free+0x109/0x120
[  127.223249][  T424]  qlink_free+0x4d/0x90
[  127.227232][  T424]  qlist_free_all+0x44/0xb0
[  127.231569][  T424]  kasan_quarantine_reduce+0x15a/0x180
[  127.236865][  T424]  __kasan_slab_alloc+0x2f/0xe0
[  127.241552][  T424]  slab_post_alloc_hook+0x53/0x2c0
[  127.246499][  T424]  kmem_cache_alloc+0xf5/0x200
[  127.251099][  T424]  getname_flags+0xba/0x520
[  127.255438][  T424]  user_path_at_empty+0x2d/0x1a0
[  127.260216][  T424] 
[  127.262380][  T424] Memory state around the buggy address:
[  127.267852][  T424]  ffff88810ccfeb00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  127.275751][  T424]  ffff88810ccfeb80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  127.283649][  T424] >ffff88810ccfec00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  127.291544][  T424]                                                              ^
[  127.299097][  T424]  ffff88810ccfec80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  127.307159][  T424]  ffff88810ccfed00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  127.315013][  T424] ==================================================================
[  127.322908][  T424] Disabling lock debugging due to kernel taint
[  128.338982][  T345] device bridge_slave_1 left promiscuous mode
[  128.344958][  T345] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.352411][  T345] device bridge_slave_0 left promiscuous mode
[  128.358426][  T345] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.366086][  T345] device veth1_macvtap left promiscuous mode
[  128.371979][  T345] device veth0_vlan left promiscuous mode
[  128.889747][  T345] tipc: Left network mode
[  128.894208][  T345] tipc: Disabling bearer <udp:syz0>
[  128.899510][  T345] tipc: Left network mode
[  129.739243][  T345] device bridge_slave_1 left promiscuous mode
[  129.745207][  T345] bridge0: port 2(bridge_slave_1) entered disabled state
[  129.752569][  T345] device bridge_slave_0 left promiscuous mode
[  129.758583][  T345] bridge0: port 1(bridge_slave_0) entered disabled state
[  129.766336][  T345] device bridge_slave_1 left promiscuous mode
[  129.772359][  T345] bridge0: port 2(bridge_slave_1) entered disabled state
[  129.779724][  T345] device bridge_slave_0 left promiscuous mode
[  129.785638][  T345] bridge0: port 1(bridge_slave_0) entered disabled state
[  129.793500][  T345] device bridge_slave_1 left promiscuous mode
[  129.799513][  T345] bridge0: port 2(bridge_slave_1) entered disabled state
[  129.806929][  T345] device bridge_slave_0 left promiscuous mode
[  129.812982][  T345] bridge0: port 1(bridge_slave_0) entered disabled state
[  129.820764][  T345] device bridge_slave_1 left promiscuous mode
[  129.826663][  T345] bridge0: port 2(bridge_slave_1) entered disabled state
[  129.834055][  T345] device bridge_slave_0 left promiscuous mode
[  129.840230][  T345] bridge0: port 1(bridge_slave_0) entered disabled state
[  129.848596][  T345] device veth1_macvtap left promiscuous mode
[  129.854400][  T345] device veth0_vlan left promiscuous mode
[  129.860264][  T345] device veth1_macvtap left promiscuous mode
[  129.866082][  T345] device veth0_vlan left promiscuous mode
[  129.871833][  T345] device veth1_macvtap left promiscuous mode
[  129.877655][  T345] device veth0_vlan left promiscuous mode
[  129.883565][  T345] device veth1_macvtap left promiscuous mode
[  129.889524][  T345] device veth0_vlan left promiscuous mode