last executing test programs:

5.321808238s ago: executing program 3 (id=1149):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000800000000000000000001801000020bd342100000000002020207b1af8ff00000000bfa1", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
socket(0x10, 0x3, 0x0)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000)=@unlock_all, 0xb)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x89f1, &(0x7f0000000040)={'ip6tnl0\x00', @random='\a\x00\x00 \x00'})

5.172964722s ago: executing program 4 (id=1150):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
socket(0x10, 0x3, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
futex(&(0x7f0000004000), 0x5, 0x0, 0x0, &(0x7f0000004000), 0x82020000)
mount$incfs(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x180)
truncate(&(0x7f00000001c0)='./file1/file4\x00', 0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)

5.038234473s ago: executing program 4 (id=1151):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000140)='mm_page_alloc\x00', r0}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)
sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x24040880}, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r2, 0x800448d2, &(0x7f0000000100))

4.395916932s ago: executing program 3 (id=1156):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000f1000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="19000000040000000800000008000000000000", @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000280), 0x4)
r7 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000300)={0x0, r0}, 0x8)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@bloom_filter={0x1e, 0x4000, 0x2, 0x10005089, 0x180a0, r1, 0x0, '\x00', 0x0, r1, 0x3, 0x1, 0x205, 0xd, @value=r6, @void, @value=r7}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00'}, 0x10)
removexattr(0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r9 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r9, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="0203000910000000000000000000000005000600000000000a00000000000000000000000000000000000000000000000000000000000000020001000000000000000702000000ff05000500000000000a00000000000000ff01000000000000000000000000000100000000000000000200080008"], 0x80}}, 0x0)

3.463770476s ago: executing program 3 (id=1162):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000140)='mm_page_alloc\x00', r0}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)
sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x24040880}, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r2, 0x800448d2, &(0x7f0000000100))

3.319281009s ago: executing program 3 (id=1164):
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000002c00)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="b8"], 0xb8)
getresuid(&(0x7f0000000140), &(0x7f0000000480), &(0x7f00000004c0)=<r3=>0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',privport,access=', @ANYRESDEC=r3])
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001940)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
stat(&(0x7f00000000c0)='./file0\x00', &(0x7f00000002c0))

3.303147251s ago: executing program 3 (id=1165):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x2, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
dup3(r0, r1, 0x0)

3.272117804s ago: executing program 3 (id=1166):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00'})
r1 = socket(0x10, 0x3, 0x0)
r2 = syz_usb_connect$printer(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="0d01000009000008250592d20700006a3b010902241700fa0074980904e4ff11070103000905010200ffe0000009058202"], 0x0)
syz_usb_control_io(r2, 0x0, &(0x7f0000000200)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r2)
syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[], 0x0)
syz_usb_disconnect(r2)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000000c0))
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000580)={0x18, 0x56, 0x601, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @str='\x00\x00\x00'}]}, 0x18}], 0x1}, 0x0)

3.038073065s ago: executing program 4 (id=1152):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = dup2(r0, r0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000007000000020000000400000005"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000380), &(0x7f0000000580)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10000001}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x60, &(0x7f0000000080)={'filter\x00', 0x4, [{0x11}, {0x0, 0x100000000000000}]}, 0x68)

3.009634268s ago: executing program 1 (id=1169):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x7, 0x3, 0x48, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x75, 0x1a1281)
ioctl$USBDEVFS_FREE_STREAMS(r1, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303100007006000000002000020d3"])

2.948848373s ago: executing program 4 (id=1170):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000a40)={[{@stripe={'stripe', 0x3d, 0x3}}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@data_err_ignore}, {@noauto_da_alloc}, {@delalloc}, {@resuid}, {@oldalloc}, {@jqfmt_vfsv1}]}, 0xfc, 0x550, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec89Nzz0593t6bk5CAhhaE9mPQsSrEfFtEnG4rWw08sKJteNWH16fzbYkGo3P/koiyfe1jk/y3wfzzCsR8dvXEScLG+utLa8slMrldDHPT9YrVyZryyunLlVK8+l8enl6ZubMOzPT77/3bt/a+ub5f3749O5HZ745vvr9L/eP3E7ibBzKy9rbsQM32jMTMZE/J2Nx9okDp/pQ2SBJdvsE2JaRPM7HIhsDDsdIHvXA/99XEdEAhlQi/mFIteYBrXv7Pt0HvzAefLh2A7Sx/aNrr43Evua90YHV5LE7o+x+d7wP9Wd1/PrnndvZFv17HQJgSzduRsTp0dGN41+Sj3/bd7qHY56sw/gHz8/dbP7zVqf5T2F9/hMd5j8HO8Tudmwd/4X7faimq2z+90HH+e/6otX4SJ57qTnnG0suXiqn2dj2ckSciLG9WX6z9Zwzq/ca3cra53/ZltXfmgvm53F/dO/jj5kr1Us7aXO7BzcjXus4/03W+z/p0P/Z83G+xzqOpXde71a2dfufrcbPEW907P9HK1rJ5uuTk83rYbJ1VWz0961jv3erf7fbn/X/gc3bP560r9fWnr6On/b9m3Yr2+71vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr+Kz9J45vPv51uv73R8QXPbb/1tFbXQ8dhP6fe6r+f/rEvY+//LFb/b31/9vN1Il8Ty/jX68nuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G43HgAAAAAAAAAAAAAAAAAAAAbEwYh9nT7/n/ljZLfPDnjmfOU3DK/u8Z+X9OObnoCB5P8/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV+fPncu2xurD67NZfu7q8tJC9eqpubS2UKwszRZnq4tXivPV6nw5Lc5WK1v9vXK1emVqOpauTdbTWn2ytrxyoVJduly/cKlSmk8vpGPPpVUAAAAAAAAAAAAAAAAAAADwYqktryyUyuV0UUJiW4nRwTgNiT4ndntkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH/gsAAP//sQI4ww==")
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000001080)}], 0x1, 0x7fff, 0xfffffffe, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305839, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x3fffffff404})

2.948074773s ago: executing program 1 (id=1171):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r4 = dup(r3)
write$FUSE_INIT(r4, &(0x7f0000000180)={0x50}, 0x50)
write$FUSE_CREATE_OPEN(r4, &(0x7f00000004c0)={0xa0, 0x0, 0x0, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x43}}}}, 0xa0)
write$FUSE_INIT(r4, &(0x7f00000003c0)={0x50, 0x0, 0x0, {0x7, 0x28, 0x0, 0x9208, 0xfffe}}, 0x50)
write$FUSE_OPEN(r4, &(0x7f0000000380)={0x20}, 0x20)
write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESOCT=r4])
creat(&(0x7f0000000200)='./file0/file0\x00', 0x0)

2.924472635s ago: executing program 1 (id=1172):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000f1000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="19000000040000000800000008000000000000", @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000280), 0x4)
r7 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000300)={0x0, r0}, 0x8)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@bloom_filter={0x1e, 0x4000, 0x2, 0x10005089, 0x180a0, r1, 0x0, '\x00', 0x0, r1, 0x3, 0x1, 0x205, 0xd, @value=r6, @void, @value=r7}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00'}, 0x10)
removexattr(0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r9 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r9, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="0203000910000000000000000000000005000600000000000a00000000000000000000000000000000000000000000000000000000000000020001000000000000000702000000ff05000500000000000a00000000000000ff01000000000000000000000000000100000000000000000200080008"], 0x80}}, 0x0)

2.580787026s ago: executing program 4 (id=1173):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df85000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000140)='mm_page_alloc\x00', r0}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)
sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x24040880}, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r2, 0x800448d2, &(0x7f0000000100))

2.468302076s ago: executing program 2 (id=1175):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x2, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
dup3(r0, r1, 0x0)

2.454998388s ago: executing program 2 (id=1176):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000180), r1)
sendmsg$NFC_CMD_GET_TARGET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r2, 0x1}, 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r1)
r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), r1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000280)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r8}, 0x10)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9c)
sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r3, 0x401}, 0x14}}, 0x0)

2.10034587s ago: executing program 0 (id=1177):
clock_adjtime(0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
mmap(&(0x7f0000827000/0x4000)=nil, 0x4000, 0xb635773f06ebbeee, 0x20010, 0xffffffffffffffff, 0xf4970000)
mlock2(&(0x7f0000842000/0x1000)=nil, 0x1000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)=ANY=[@ANYBLOB="34000000120001002000000000000000000000000000000000000000000000000000000000006c000c0015000000000000000000"], 0x34}}, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x2c)

2.045190605s ago: executing program 1 (id=1178):
mkdirat(0xffffffffffffff9c, 0x0, 0x12)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r1 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, 0x0, &(0x7f0000000080))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setreuid(0x0, 0x0)
r6 = fcntl$dupfd(r0, 0x0, r0)
ioctl$USBDEVFS_SUBMITURB(r6, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x9, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="11000000ff", @ANYRES32, @ANYBLOB='\x00'/17, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="04000000000000000000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r7}, 0x10)
syz_read_part_table(0x4046, &(0x7f0000004040)="$eJzszjFKxEAYBeC36ugg2wh2wmIaS4mdVW6RC+wZrBXMTSyDWHs7JQiKiMQIguL3FTMM75+ZF/6WvZftcXt/lOS0ydC2SX1L3mkvUg7rTtZJrj7G/fjjfQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF/g6WZuonwebU8yXHe5XCf1IMntbkq3WeU4ac7n/+7HpW0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH+tfmWoTMv+6/HuIUO3WU13m7OFb9ekH7/REwAAAAAAAHhmBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgQMZAAAAAGH+1nm0HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJUCAAD//8QcDoE=")

1.451048899s ago: executing program 2 (id=1179):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r2}, 0x10)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r3, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)

1.43491276s ago: executing program 2 (id=1180):
socket$inet_udp(0x2, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000007000000020000000400000005"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000380), &(0x7f0000000580)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10000001}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000080)={'filter\x00', 0x4, [{0x11}, {0x0, 0x100000000000000}]}, 0x68)

1.224393089s ago: executing program 0 (id=1181):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x7, 0x3, 0x48, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x75, 0x1a1281)
ioctl$USBDEVFS_FREE_STREAMS(r1, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303100007006000000002000020d3"])

1.183509133s ago: executing program 0 (id=1182):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r4 = dup(r3)
write$FUSE_INIT(r4, &(0x7f0000000180)={0x50}, 0x50)
write$FUSE_CREATE_OPEN(r4, &(0x7f00000004c0)={0xa0, 0x0, 0x0, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x43}}}}, 0xa0)
write$FUSE_INIT(r4, &(0x7f00000003c0)={0x50, 0x0, 0x0, {0x7, 0x28, 0x0, 0x9208, 0xfffe}}, 0x50)
write$FUSE_OPEN(r4, &(0x7f0000000380)={0x20}, 0x20)
write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESOCT=r4])
creat(&(0x7f0000000200)='./file0/file0\x00', 0x0)

1.170980504s ago: executing program 0 (id=1183):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000a40)={[{@stripe={'stripe', 0x3d, 0x3}}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@data_err_ignore}, {@noauto_da_alloc}, {@delalloc}, {@resuid}, {@oldalloc}, {@jqfmt_vfsv1}]}, 0xfc, 0x550, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec89Nzz0593t6bk5CAhhaE9mPQsSrEfFtEnG4rWw08sKJteNWH16fzbYkGo3P/koiyfe1jk/y3wfzzCsR8dvXEScLG+utLa8slMrldDHPT9YrVyZryyunLlVK8+l8enl6ZubMOzPT77/3bt/a+ub5f3749O5HZ745vvr9L/eP3E7ibBzKy9rbsQM32jMTMZE/J2Nx9okDp/pQ2SBJdvsE2JaRPM7HIhsDDsdIHvXA/99XEdEAhlQi/mFIteYBrXv7Pt0HvzAefLh2A7Sx/aNrr43Evua90YHV5LE7o+x+d7wP9Wd1/PrnndvZFv17HQJgSzduRsTp0dGN41+Sj3/bd7qHY56sw/gHz8/dbP7zVqf5T2F9/hMd5j8HO8Tudmwd/4X7faimq2z+90HH+e/6otX4SJ57qTnnG0suXiqn2dj2ckSciLG9WX6z9Zwzq/ca3cra53/ZltXfmgvm53F/dO/jj5kr1Us7aXO7BzcjXus4/03W+z/p0P/Z83G+xzqOpXde71a2dfufrcbPEW907P9HK1rJ5uuTk83rYbJ1VWz0961jv3erf7fbn/X/gc3bP560r9fWnr6On/b9m3Yr2+71vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr+Kz9J45vPv51uv73R8QXPbb/1tFbXQ8dhP6fe6r+f/rEvY+//LFb/b31/9vN1Il8Ty/jX68nuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G43HgAAAAAAAAAAAAAAAAAAAAbEwYh9nT7/n/ljZLfPDnjmfOU3DK/u8Z+X9OObnoCB5P8/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV+fPncu2xurD67NZfu7q8tJC9eqpubS2UKwszRZnq4tXivPV6nw5Lc5WK1v9vXK1emVqOpauTdbTWn2ytrxyoVJduly/cKlSmk8vpGPPpVUAAAAAAAAAAAAAAAAAAADwYqktryyUyuV0UUJiW4nRwTgNiT4ndntkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH/gsAAP//sQI4ww==")
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000001080)}], 0x1, 0x7fff, 0xfffffffe, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305839, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x3fffffff404})

1.170370794s ago: executing program 1 (id=1184):
r0 = socket(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000000900)='ext4\x00', &(0x7f00000008c0)='./file0\x00', 0x80070c, &(0x7f0000000980), 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
bind$vsock_stream(r5, &(0x7f0000000880)={0x28, 0x0, 0x2710, @host}, 0x10)
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
chdir(&(0x7f00000000c0)='./file0\x00')
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
write(r0, &(0x7f0000000180)="2000000012005f0214f9f4070000fbe40a0000000000", 0x41d)

1.156889175s ago: executing program 2 (id=1185):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
sendfile(0xffffffffffffffff, r1, &(0x7f00000001c0)=0x4, 0x2008000)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
socket$packet(0x11, 0x3, 0x300)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$USBDEVFS_CLEAR_HALT(r4, 0x80045515, &(0x7f0000000340)={0x1, 0x1})

928.686346ms ago: executing program 0 (id=1186):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
sendmsg$tipc(r0, &(0x7f00000003c0)={&(0x7f0000000180), 0x10, &(0x7f0000000380)=[{&(0x7f0000000480)="c3e972bd85a6d84136d6dd55048d3593a74f338ce6772ab9a6f64041c2f6fbbecdc08ebcd3192b6a53662dae7c8e9c665e80a5d0925f728dcac30c29793992e588952653d414cb8ccdabc38767fee819ec5af0c5ee936880fe8549b4ed347779cab4ffd4e0b62c53a1c01db28f2b3f91c34211c9353bc1dece61511917c2245fd66cb8dffeacb4d46d627c97b498bf1ff6b313bfbc9765457c831771d5eec7997ec242e4505f01c1bb3e069b2e630f42a2be86598a61", 0xb6}, {&(0x7f0000000300)='V', 0x1}, {&(0x7f0000001600)="3eed50d0125719a810f88e3f47186fe4dae74182dfd109a2587c4797410c9b8e39bd3d9aa144d5908647c30c8db69b5c17084c9b1bfbb8680737c4f88abcdbc7d294d72ab1b344270915df9ddf5635644c351c22b29d948ac4106bce7107570beed63077cfbc98ef71699eae65d37724d995b553e7a3ade619b522313ab382caf879feb48942878e605ee3ee2872794e3abe22a3f025068b628a5d92468092a5cc649bbbd978b5772e537939432a502122235ced312dafd108c9ffeb0b38cc16da9418ca01d485a6afb5827da4df6e1121ec307de14bb32b6a977608e4576a998182dd93d592ff43e55bfdbbce23ecd501e43b3e93ef8d9d01711dff54c301e299d3801a3cffe6c9883fbd0e47124dc02569f62d48b878fcb58ce99fcffcd2a5166eff3ad93cf1d137274993d86a3b3730d63ded759f6ca88fa449e5575b15321e5a58a1f888eed7466db4976ce35f6d2efb5ad05d99a66482dc607cb5acb24d326803bd337519cc98103f59c63b5962cd72e4497d1b00817d6e09de70270a09b493c2226617b1c9ef9d506be00d6e07f14633a966f04ecca90fb8d2b963ad6f3817935bd6534fa3da1c5dc468789cbf1192f3c0bff3777f1edd2ada5d35f88f12f29e952c44445ce623509d66811c80a9e0f13ad85aba37d86ff0da4dda601d9e8acb264233bc939fb056316612cff687d5c44157be05bcc88b333ff2a40041d98f1acfe6e2231a84e09bd7a54a0442cf87ce3ee8fd8da39da1862862ae40fc3cb3055c8b70e62f243850707341f51426bb3e71c7a4fffefab060db786000618b05eb087a424a2f30f6a232ff44b605f70ceec0a8f70e37907f6e0bbba21e9d5b7ecb6d287742b75c101ba79525918c3473eae38f3c177249dfa8816661c9921f0b0c858d53ab87c8407b97950c842111002edd1d1e80b801b495da28bcd5409bc971e55dab1857e188ac9728efc8f9a4543945f86ade13b445eacecbbf848a96410ac37c57e3e9e8bc8b8fadd559d225c7468639da2b5d1208558b51e94c14faa7947a7c60e81a96bb5d194cc7289adbc02ebb4b49be1f1efc429db2f9b79b5a22919dba0c35341042c5776942c52365367c4bfc95b42be383cca7107161ded7e851d0126da33d581f1e2b08d0c061e86d31e7a83f9b51c79b4034c7deda7697034e1404c6e8e459f76c2efe64350146c7437ef808e04ca14df5f6f500264fd977272bbf8fc096774e8eb61d0963430751ac1425a073f84346b0eba368cba7fa34adc420800d4f99927280eba199f9695cf88124fafc3a2b1226d2f2ab3ea27c69a127650cf5c725b54c02bd8729033cf699ce7f030f9a3442056244da3cfb61a8126dba11377624f39eb009242152fd7b8b88de7dd86057f29bfcb7b7df0e65e7e9ac9eeaa41afa62743698bff03d5b2d51fb6bca2d92294e8e177cfa3661b26f1c040e9bed983b7bc0aa154eb9c92e4ee25091318c53113a1c23ac62d2d71504cba99041f29a4f332133292cf20abec9222a2acca57cac48fa6c0668ee5eecb494741a64d33b011dcca74696d4614c5b45a5d20983b1708d365ed3ffa60f9161972a611c22642c3c259b41f943f6d7a8b60f284d325e38fe76f0645e069ff70cae38850ccf973193b6232c987df26239a574691f7f07fffa6deae1eb0324fe546573c36f2a2c31cd442517a9b036ae6a2a491e7343864693c107a5dc2585820863c146c1ba6caa4fea9b87d567716f4c8ca1a9d2848055cd750512d3b7415d090019dc8a04a1a1d28931093cd8f00e94c407ca1fa2a5ce903d9df26e008c07cd13afa783220e1bd5e6b60645f3dbb6ecb4156fedafa2dd25498c6a99d94f0b38125ea7741b75109dcac9f80635f79f5c8a0483bb9f05a3a5bf721c7541edb252449f8b13e63c370a6146332f03ca1f1b6fe0bed984f13744bb7fa0fe322e83ddf9ffb2083e94f33604a0a199220c450dad94bf154805e7f9e4350ca2d81adf2978c87dcc8a8a7d56297ec124bfef0d28f35777205e973272c87e01070f14f5b14daa3b5104d9ff6b296c4f16ed49eb42d35e7ba3bccb7a26c33a263df88aadd596e9d9de0abbd4d449df11081f2cd62e1d8962b9b9feb25a3b8e03537d61a61c11ac22b7211d12c84e60a6abcc219e558b2513d8c530b3c7a57cdc47de545aafbb2a13c0e6c75b1b92fa241c713c83a09c92b2b61d565120372a9143415583c9596f27a663d4967cd653b08cebd6cb96c1f0dc80d57267ac9a8281d7149bde880828ee27d69a6818db58320db29d1b044eaf6ab8a5108bc522de406990b5393b1f7e7bab71bf6cf8eed1cd59c7607d662e8b313f5c4fce0f59b1027371381011b63dd5b2b09739082c0d62ffad96e30153a395234937d377c32fe7af82aca3a19d0ebc4a5c5fb5ff190f14d5695c703b571fb4bf03756635cafc6cf6267eab836c347a9d07e8089fc105346934cf3364e5be370b3c42b94bc5ae3d17a817398566a2953251eb91697d67278145df9a4b917bcca1bf211780b22f4caacfcb7604c84f943d05f6fdf8edbd258d7d8dbf84f9d99e57472c5b1c2337d749a1f345e662e2536d23c7a63bbbbf00f8b5b0a2106a0342ab27b9a10b82e82668cd49e0cbb09d7be0217645f1dda3be59c8232fa290d34791cda52aa5b5cec6339ab96a2eb3f5328cc7c0e6717c2824344547a2ed518f6b2b4e4fe5b684596aa6a9d3988fc5d5ff4cb46cec99d951b8386b10949a163af974b7543df97b4882a4ed60e927a1deb67c5f814235bef65fea79a2c712815be7403c93a3707fb90d4604ec3a6a3b0928f253f6ab6bd56c958e026c8c58172c4ac2a3efe2ecd5cea70c8313f9ac2d638bc296ba99e2ca86d2fd06b5402cdcddc3f3c9845d5ae77f6f36963b91e8f6cdccd17abe8d40ed02463af4bb0e496344f350097f1cc13313fa1e172b63556ed2b8a8121c01a5fb343ff7767821626fc49b0d6bd522e1c9bf137d5a5bccb4bc8dbb64c83a82ef6c2894f3896c9f6bf0c3764011d53eeb6db9ea9dae22d3ebcca4942d5828c0bca0d9ea37701d5a06c066ac4fe318e11e9c0d6c658ac810fb5d7836cfffe4ccbb0934e5567d74695980a156d4bf1c18861c5a29ccd349999dc20562d00e1f6c1851ae563541086438d60b975c8ceb466414ff60efa0b2dee790fd0659ffa98b92414c13d5a6825368f56c4984412205041cd8e006c7127d4395ecdffb5addf80ef938ce54a367154c4fc286d5f969325c12b13655a9a956dd3b98281f537e837669fc55d8930676e807aa8cd046e0f4583d59f86cb99f3f7a7ddde1fb39111fdec7677d2fee4b8f4814a5def5ebcc67c653384ce80eaffd880405f7edf8fd3ea049f040595df4a75e2f892e7a85e0ba351fb8d263bfff7168bb85017b360fcd2ba89346682a6ea7ccc46afbdb5ab444e3f477238b2ab503bde914d3cf1789539cde9c0621152cd97bff9f235d88a1ef4ea4309db3a05d401af7fb82784b050ef529dab4f1f003eb29710a962f7538c521e617e2f0efac36182d09985e1d725cc38c3833a53742a02f76fb2854a9e45f0febacf3bda83f11183ef5b9fef02ebcdf56d4104b175bad937d8f61964f97d673577cdcbbb48d8eb62b063ee6563b9ff053719baff871bcd83822d865b2f7ef023076425ac5cd71b1f2309de0c6f14cc9c4d3e8fad945f756a7c8a084ea1bfdf5ac6e740043e7f7bdaca06774b084ae314c2636529d4fdcd965c7f8c07156572620b827d694efdc9d2bfc5aa9391220a83765f2c71fcd48d4acaed60afb53d1013fa3b15e948ec4159f7d130ef85b594018346e99034c18738285223ea53a6b1d5cf11a607de2e19608ba03ec970a915b773824261f3fc931dd6d3b934d89f07baf14776314c3eeb8cd0537ef5736f565fbd14e520d4ab2f77ed9597b76ff91f8d1f99ebd6e473efda7accb273975a06944d1037032129992b994ca791a09b4d83980a1e494b0f97098df5f6fb6bbb02722adb11dc319c565c2c363cbd19d9fb3efb4613b62d6584cd53f7bd80e3e89304f444ce9dd1835661e3bb4de02ccf568a2a5daaf0d56898d4286c3fb62e22af62d7ac318685834467f337561dde2e0c1e2827cdffcf42c17728ee64b3ff4ccc0227590badd0bd7e448b8cca0892d6a5e0130d2ac665f47c6b28daa101c1b319869bdd39fa924d6d9ba7d72feda5f21ac78641c7d4801d41c7879721b3be4dab40d9c4a78552440101f373489cc5240b0144a9ce32691a784b6dfe971a21bb5980ff67da2d1bb90b223c9e192a39c1aeadd1f5c790811079c0b51a97105c99b6f95d71bb3ea47c33d9dcb0a53c929c44499e184a3cd722c908d3b0d157e28ffdeb2ed7192e780d96a7a2f0fd5a87bdc973e049da0caf931f26f5a21813e2e602ceb2259997e0205ce48fd9424bd6d4d75dd4301f429ee30745cd839a40dbeab4c3db2f0f10bbaea071ca41d1392385681730a3678a5f60f604dbe19cb9d7dd234337e327451b8cc65394af399432ef7fc3765d055874ebdca14e5999292d6f72f31e92bacf25db5ef8f5212952c1910de06ddbe1687a0e1837922f2228289916ed3aeb7b9cc24da3ae47139e371930afa6d3573df6732c26c0c7ae06d9cedfa77160711bcb06e6553338deae4c5731cf53cc154113096d02f3036d7d9edfcdc331e4bb860c5208489212e904eab70e7f860b0379895cbdecbf7a0b7a25e5b853c7dbe08a4e296a30afec8cf5a9f6ea4aef32a508655d539a770b21e660c9ee1d7688c56abeb7cf1afccc8d59780cf26312589e0c8e1bc00ad7b1325cd9a5dd69246e0b33407c381ea09265154aec297e4ccdf9785a1042a83e77c13d4ce4360782f2428f9916b5cd123b089eb683d30c1e895b9944aa905a1a5b52301d8cc5e4741834ead6ebdb5dc05c9c49c5e883e99d40b9838037beaf876534d747856103e59caf6266fbbe760b6ef83d004634b74f14f8eb4aef93c4cc9cbbd78d83d532c70feef51ea3f170b25d81a6a9b074bfca7e9b3771bf83517e0dd9d0600f70b86b20f61fe36076f8bada334b2390fa954973bc901619a3cfd039349cb328625f495ab288dbdd6dbfd022c2a83f59e0b998619a12e35891b5ae9e83a71765507b4a571cd2241e5885c705244c1022688bef7c5065fbcf219fc01753adb611b3fbc09403dcb10a4f99d788667eff75fa27074ca8481a633530e26163ccf7dada049d23e717e067b6fa5b2f652bc50abda9e7ccdc5f2f3c35ecc2c4431c819c9691be4422e379750774e9f39dae06f26423c8a4278789c9f3111b43f6dd25b0ad47c4cc5fda3f3ed82079c9366e0adced883488f429c1d7e1b351fd0bb204dd7977ef224c4df6d7a5f7697bc6500a7d03a8a914154779fa7092bf1be6bad4092367ce5d295a5d5d0e7c469f372ca2011d612637025e89f178ae9ada0c5b73bcb7d7c034ff595263cd4216e3c76ba5f3d81932a088a90bf8043e877e299c670ef1622a098d5519d9adc4ee7d4cd00e5934a4375fa83fdb81214b892482b31bdde59a70aaf25cb7f417c3a2a91c4e54b48149f6c41d9d396ee6ff13e3028c64a7c9b1f2e7c6e67184a3d52d6f570db3d225c947423c4c6533f22df57d15c5e5a3183422bd378b06fe4732a9401dcb19840fb8fa5c50a0ff497fef362c507753e46b8881d3e767f3b1d893a3805941c94f2efa05ce34b9ea81d716984af6834230d4707a87089d40779503ee6a9bb245d7d997f14acb80e89731c042bbbbe3dcd05177b0ee0eec23455830ef5b65aca357f2b0b887e", 0xffc}, {&(0x7f0000000340)="b768eb20304f2fdc5a9694a4867840d93170ca1a86406f", 0x17}], 0x4, 0x0, 0x0, 0x8010}, 0x0)
sendmmsg(r1, &(0x7f0000003b00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x3, 0x0)
r3 = dup2(r1, r0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x21, &(0x7f0000000040), 0x4)
sendmmsg$unix(r3, &(0x7f0000002f00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0)

643.635752ms ago: executing program 0 (id=1187):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000800000000000000000001801000020bd342100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000080000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
socket(0x10, 0x3, 0x0)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000)=@unlock_all, 0xb)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x89f1, &(0x7f0000000040)={'ip6tnl0\x00', @random='\a\x00\x00 \x00'})

506.784954ms ago: executing program 4 (id=1188):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x513, &(0x7f0000000c40)="$eJzs3W9rJHcdAPDvTLJp7i41WxU5C7bFVu6K3m7S2DaKtBVEHxXU+jzGZBNCNtmQ3dRLKJriCxBEVPAF+ETwBQjSlyDCgT4XFUX0Th/qjczuRPNnN1mSTfbcfD4w2d9v/n2/vyE7O39+zARwbb0QEW9FxFhEvBwR08X4tBgW8sp+Z75HD99byocksuydvyWRFOMO1pXXxyPiVmeRmIyIr38l4lvJybjN3b31xXq9tl3Uq62NrWpzd+/e2sbiam21tjk3N/va/Ovzr87PZIULtbMcEW986U8/+v7PvvzGrz7z7d8v/OXud/K0vvCxTt4RsXShAD101l1qb4sD+TbavoxgQ5K3pzQ27CwAAOhHfoz/4Yj4ZPv4fzrG2kdzAAAAwCjJ3pyKfyURGQAAADCy0oiYiiStFH0BpiJNK5VOH96Pxs203mi2Pr3S2NlczqdFlKOUrqzVazNFX+FylJK8Plv0sT2ov3KsPhcRz0TED6dvtOuVpUZ9edgXPwAAAOCauPX80fP/f06n7TIAAAAwYso9KwAAAMCocMoPAAAAo8/5PwAAAIy0r779dj5kB+/xXn53d2e98e695VpzvbKxs1RZamxvVVYbjdX2M/s2zlpfvdHY+mxs7tyvtmrNVrW5u7ew0djZbC2sHXkFNgAAAHCFnnn+g98lEbH/+RvtIYrnAAIc8cdhJwAM0tiwEwCGZnzYCQBDUzpzDnsIGHXJGdNPdt7pXCuMX19OPgAAwODd+fjJ+/8TxbSzrw0A/8/09QGA68fdPbi+SuftAXh70JkAw/KhzsdTvab3fHhHH/f/O9cYsuxciQEAAAMz1R6StFIcp09FmlYqEU+3XwtQSlbW6rWZ4vzgt9Olp/L6bHvJ5Mw+wwAAAAAAAAAAAAAAAAAAAAAAAABAR5YlkQEAAAAjLSL9c9J+mn/EnemXpo5eHTj21q+fvvPj+4ut1vZsxETy9+l81EREtH5SjH8l80oAAAAAeAJ0ztOLz9lhZwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn08L2lg+Eq4/71ixFR7hZ/PCbbn5NRioib/0hi/NBySUSMDSD+/vsRcbtb/CQeZ1lWLrLoFv/GJccvtzdN9/hpRNwaQHy4zj7I9z9vdfv+pfFC+7P792+8GC6q9/4v/e/+b6zH/ufpY/Venn3wi2rP+O9HPDveff9zED/pxD8SIq+82Gcbv/mNvb2uEw6tslv8w7GqrY2tanN3797axuJqbbW2OTc3+9r86/Ovzs9UV9bqteJv1zA/+MQvH5/W/ps94pePtv/E9n+pr9Zn8e8H9x9+pFMpdYt/98Xuv7+3e8RPi9++TxXlfPqdg/J+p3zYcz//zXOntX+5R/snz2j/3b7aH597+Wvf+0PXKSe2BgBwFZq7e+uL9Xpt+5TCZB/zXHHhzScjjQEW4slIY1iF7Lud/8eLreeCi58oZBdZfDwGkMbEie/pWJx3hUnEfr6uPv8hAQCAEfO/g/7T7iABAAAAAAAAAAAAAAAAAAAAl+mcjyWbjIi+Zz4ec384TQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONV/AgAA//8FStFZ")
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
syz_clone3(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='net/wireless\x00')
read$FUSE(r5, &(0x7f00000023c0)={0x2020}, 0x2020)

296.633993ms ago: executing program 2 (id=1189):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fb000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x4e23, @remote}, 0x10)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000380)={[{@test_dummy_encryption}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@inlinecrypt}, {@commit={'commit', 0x3d, 0x5}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@max_batch_time}, {@data_err_abort}]}, 0xd, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r3 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r3, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000f4)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)

0s ago: executing program 1 (id=1190):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r2}, 0x10)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r3, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)

kernel console output (not intermixed with test programs):

DRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  117.342012][ T2265] EXT4-fs error (device loop1): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  117.356144][ T2691] device veth0_vlan entered promiscuous mode
[  117.367947][ T2265] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.'
[  117.380333][ T2265] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /29/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  117.402051][ T2265] EXT4-fs error (device loop1): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  117.421358][ T2265] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.'
[  117.432721][ T2265] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /29/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  117.454356][ T1014] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  117.454410][ T2265] EXT4-fs error (device loop1): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  117.462214][ T1014] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  117.481075][ T2265] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.'
[  117.500181][ T1014] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  117.502257][ T2265] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /29/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  117.520288][ T2691] device veth1_macvtap entered promiscuous mode
[  117.534602][ T2265] EXT4-fs error (device loop1): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  117.554469][ T2265] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.'
[  117.565972][ T2265] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /29/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  117.587300][ T2265] EXT4-fs error (device loop1): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  117.587380][  T326] device bridge_slave_1 left promiscuous mode
[  117.606319][ T2265] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.'
[  117.623835][ T2265] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.'
[  117.629463][  T326] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.635503][ T2265] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.'
[  117.653510][ T2265] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.'
[  117.664881][  T326] device bridge_slave_0 left promiscuous mode
[  117.665087][ T2265] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.'
[  117.672286][  T326] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.682448][ T2265] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.'
[  117.706835][  T326] device veth1_macvtap left promiscuous mode
[  117.717844][  T326] device veth0_vlan left promiscuous mode
[  117.793020][ T1802] EXT4-fs (loop0): unmounting filesystem.
[  117.815356][ T2717] loop0: detected capacity change from 0 to 128
[  117.835760][ T2717] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  117.844168][ T2717] ext4 filesystem being mounted at /41/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  117.912001][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  117.933393][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  117.951602][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  117.960159][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  117.968350][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  117.971767][ T2265] EXT4-fs (loop1): unmounting filesystem.
[  118.000558][ T2721] loop3: detected capacity change from 0 to 1024
[  118.008887][ T2721] ext4: Unknown parameter 'nouser_xattr'
[  118.242857][ T2709] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.254894][ T2709] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.270426][ T2709] device bridge_slave_0 entered promiscuous mode
[  118.285297][ T2709] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.300420][ T2709] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.312072][ T2709] device bridge_slave_1 entered promiscuous mode
[  118.393381][ T2733] loop4: detected capacity change from 0 to 1024
[  118.412579][ T2733] EXT4-fs: Invalid want_extra_isize 129
[  118.427104][ T2736] overlayfs: missing 'lowerdir'
[  118.453997][ T2727] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.460902][ T2727] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.477354][ T2727] device bridge_slave_0 entered promiscuous mode
[  118.492685][ T2727] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.499739][ T2727] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.507126][ T2727] device bridge_slave_1 entered promiscuous mode
[  118.528376][ T2709] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.535223][ T2709] bridge0: port 2(bridge_slave_1) entered forwarding state
[  118.542331][ T2709] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.549119][ T2709] bridge0: port 1(bridge_slave_0) entered forwarding state
[  118.604244][  T314] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.611775][  T314] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.620318][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  118.627628][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  118.661425][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  118.669481][   T19] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.676318][   T19] bridge0: port 1(bridge_slave_0) entered forwarding state
[  118.683730][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  118.692266][   T19] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.699116][   T19] bridge0: port 2(bridge_slave_1) entered forwarding state
[  118.721498][ T1014] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  118.738641][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  118.752254][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  118.768026][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  118.775765][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  118.783089][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  118.793218][ T2709] device veth0_vlan entered promiscuous mode
[  118.809705][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  118.819998][ T2709] device veth1_macvtap entered promiscuous mode
[  118.834532][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  118.845817][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  118.853270][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  118.865375][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  118.873347][  T314] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.880183][  T314] bridge0: port 1(bridge_slave_0) entered forwarding state
[  118.887570][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  118.899058][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  118.906979][  T314] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.913805][  T314] bridge0: port 2(bridge_slave_1) entered forwarding state
[  118.935436][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  118.943693][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  118.952318][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  118.960413][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  118.980832][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  118.989082][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  118.993077][ T2741] futex_wake_op: syz.2.697 tries to shift op by 32; fix this program
[  119.001228][ T2727] device veth0_vlan entered promiscuous mode
[  119.017767][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  119.026134][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  119.037064][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  119.044788][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  119.069252][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  119.078719][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  119.088837][ T2727] device veth1_macvtap entered promiscuous mode
[  119.104614][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  119.112316][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  119.120749][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  119.131085][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  119.139406][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  119.149419][  T326] device bridge_slave_1 left promiscuous mode
[  119.155768][  T326] bridge0: port 2(bridge_slave_1) entered disabled state
[  119.163727][  T326] device bridge_slave_0 left promiscuous mode
[  119.170408][  T326] bridge0: port 1(bridge_slave_0) entered disabled state
[  119.179170][  T326] device bridge_slave_1 left promiscuous mode
[  119.185625][  T326] bridge0: port 2(bridge_slave_1) entered disabled state
[  119.193934][  T326] device bridge_slave_0 left promiscuous mode
[  119.200586][  T326] bridge0: port 1(bridge_slave_0) entered disabled state
[  119.209639][  T326] device veth1_macvtap left promiscuous mode
[  119.215652][  T326] device veth0_vlan left promiscuous mode
[  119.221895][  T326] device veth1_macvtap left promiscuous mode
[  119.228398][  T326] device veth0_vlan left promiscuous mode
[  119.396118][ T2745] loop3: detected capacity change from 0 to 128
[  119.460107][ T2745] syz.3.696: attempt to access beyond end of device
[  119.460107][ T2745] loop3: rw=34817, sector=97, nr_sectors = 32 limit=128
[  119.648540][ T2750] incfs: iterate_incfs_dir / -22
[  120.347226][ T2757] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  120.683233][ T2774] loop1: detected capacity change from 0 to 1024
[  120.689790][ T2774] ext4: Unknown parameter 'nouser_xattr'
[  120.717094][  T317] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  120.807119][ T2776] loop2: detected capacity change from 0 to 1024
[  120.815908][ T2776] EXT4-fs: Ignoring removed oldalloc option
[  120.826453][   T19] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  120.843595][ T1802] EXT4-fs (loop0): unmounting filesystem.
[  120.860010][ T2776] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  120.870080][ T2780] overlayfs: missing 'lowerdir'
[  120.913861][ T2776] syz.2.708[2776] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  120.913931][ T2776] syz.2.708[2776] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  120.949811][ T2709] EXT4-fs (loop2): unmounting filesystem.
[  120.978737][ T2785] loop2: detected capacity change from 0 to 512
[  121.019375][ T2785] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  121.036481][ T2785] ext4 filesystem being mounted at /3/file0 supports timestamps until 2038 (0x7fffffff)
[  121.076408][   T19] usb 4-1: Using ep0 maxpacket: 16
[  121.167772][ T2709] EXT4-fs (loop2): unmounting filesystem.
[  121.215949][ T2791] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  121.246819][   T19] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  121.268692][   T19] usb 4-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[  121.282187][   T45] Bluetooth: hci0: sending frame failed (-49)
[  121.288472][  T644] Bluetooth: hci0: Opcode 0x1003 failed: -49
[  121.293265][   T19] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.319402][   T19] usb 4-1: config 0 descriptor??
[  121.366900][   T19] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  121.587110][  T311] usb 4-1: USB disconnect, device number 3
[  121.632974][ T2812] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[  122.250865][ T2825] netlink: 8 bytes leftover after parsing attributes in process `syz.1.723'.
[  122.259586][ T2825] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  122.303647][ T2827] loop4: detected capacity change from 0 to 1024
[  122.310166][ T2827] EXT4-fs: Invalid want_extra_isize 129
[  122.358014][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  122.535063][ T2841] loop3: detected capacity change from 0 to 40427
[  122.541889][ T2841] F2FS-fs (loop3): Invalid log blocks per segment (83886089)
[  122.549410][ T2841] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  122.558237][ T2841] F2FS-fs (loop3): invalid crc value
[  122.564570][ T2841] F2FS-fs (loop3): Found nat_bits in checkpoint
[  122.588710][ T2841] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[  122.595603][ T2841] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  122.607704][ T2842] f2fs_ckpt-7:3: attempt to access beyond end of device
[  122.607704][ T2842] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  123.093400][ T2851] loop1: detected capacity change from 0 to 1024
[  123.117544][ T2851] ext4: Unknown parameter 'nouser_xattr'
[  123.402586][ T2854] overlayfs: missing 'lowerdir'
[  123.422421][ T2845] loop0: detected capacity change from 0 to 131072
[  123.442417][ T2845] F2FS-fs (loop0): invalid crc value
[  123.451285][ T2845] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387)
[  123.485652][ T2845] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b
[  123.526691][ T2845] syz.0.732 (pid 2845) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  124.386479][  T644] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  124.386525][ T2794] Bluetooth: hci0: command 0x1003 tx timeout
[  124.900331][ T2889] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[  125.329701][ T2896] loop4: detected capacity change from 0 to 256
[  125.344910][ T2897] netlink: 8 bytes leftover after parsing attributes in process `syz.3.743'.
[  125.363070][ T2897] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  125.493467][ T2902] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=2902 comm=syz.2.744
[  125.702782][  T334] Bluetooth: hci0: Frame reassembly failed (-84)
[  125.825594][ T2908] loop1: detected capacity change from 0 to 1024
[  125.833019][ T2908] ext4: Unknown parameter 'nouser_xattr'
[  126.007706][ T2910] overlayfs: missing 'lowerdir'
[  126.099817][ T2912] loop3: detected capacity change from 0 to 512
[  126.156577][ T2912] EXT4-fs (loop3): 1 orphan inode deleted
[  126.162565][ T2912] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  126.172040][ T2912] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038 (0x7fffffff)
[  126.181867][   T10] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  126.192111][   T10] EXT4-fs error (device loop3): ext4_release_dquot:6787: comm kworker/u4:1: Failed to release dquot type 1
[  126.945963][ T1834] EXT4-fs (loop3): unmounting filesystem.
[  127.287276][ T2937] loop4: detected capacity change from 0 to 1024
[  127.341937][ T2937] EXT4-fs: Invalid want_extra_isize 129
[  127.500656][ T2940] loop1: detected capacity change from 0 to 40427
[  127.522772][ T2940] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  127.530568][ T2940] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  127.539582][ T2940] F2FS-fs (loop1): invalid crc value
[  127.545955][ T2940] F2FS-fs (loop1): Found nat_bits in checkpoint
[  127.586972][ T2940] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  127.593861][ T2940] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  127.620499][   T10] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  127.629624][   T10] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  127.645652][ T2942] loop3: detected capacity change from 0 to 40427
[  127.654255][ T2942] F2FS-fs (loop3): Invalid log blocks per segment (83886089)
[  127.661752][ T2942] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  127.670607][ T2942] F2FS-fs (loop3): invalid crc value
[  127.676931][ T2942] F2FS-fs (loop3): Found nat_bits in checkpoint
[  127.719123][ T2942] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[  127.726019][ T2942] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  127.746464][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[  127.752694][  T644] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  128.132823][ T2957] netlink: 8 bytes leftover after parsing attributes in process `syz.1.759'.
[  128.141738][ T2957] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  128.291942][ T2965] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=2965 comm=syz.2.762
[  128.757737][ T2977] syz.1.764[2977] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  128.757810][ T2977] syz.1.764[2977] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  129.455380][ T2987] loop1: detected capacity change from 0 to 512
[  129.507858][  T317] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  129.530828][ T2987] loop1: detected capacity change from 0 to 512
[  129.558033][ T2987] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  129.583524][ T2987] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038 (0x7fffffff)
[  129.650497][ T2994] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  129.660820][ T2994] device syzkaller0 entered promiscuous mode
[  130.106606][   T28] audit: type=1400 audit(1729535126.098:245): avc:  denied  { create } for  pid=2986 comm="syz.1.769" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  130.145072][ T3000] netlink: 8 bytes leftover after parsing attributes in process `syz.3.773'.
[  130.154520][   T28] audit: type=1400 audit(1729535126.098:246): avc:  denied  { setopt } for  pid=2986 comm="syz.1.769" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  130.191936][ T3000] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  130.304178][ T2727] EXT4-fs (loop1): unmounting filesystem.
[  130.317948][ T3012] loop1: detected capacity change from 0 to 256
[  130.349515][ T3012] FAT-fs (loop1): bogus number of FAT sectors
[  130.423193][ T3012] FAT-fs (loop1): Can't find a valid FAT filesystem
[  130.794548][ T3024] syz.0.779[3024] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  130.794927][ T3024] syz.0.779[3024] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  131.445911][ T3037] loop0: detected capacity change from 0 to 512
[  131.463616][ T3037] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  131.477199][ T3037] [EXT4 FS bs=4096, gc=1, bpg=71, ipg=32, mo=a842c09c, mo2=0000]
[  131.484929][ T3037] System zones: 0-2, 18-18, 34-34
[  131.491131][  T314] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  131.499292][ T3037] EXT4-fs (loop0): 1 orphan inode deleted
[  131.504858][ T3037] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  131.513712][ T3037] ext4 filesystem being mounted at /57/file1 supports timestamps until 2038 (0x7fffffff)
[  131.552737][ T3041] loop3: detected capacity change from 0 to 1024
[  131.559361][ T3041] EXT4-fs: Invalid want_extra_isize 129
[  131.587137][  T317] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  131.866402][  T314] usb 5-1: Using ep0 maxpacket: 16
[  131.895534][ T3048] loop1: detected capacity change from 0 to 128
[  131.902143][ T3048] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  131.911163][ T3048] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  131.919645][ T3048] ext2 filesystem being mounted at /21/bus supports timestamps until 2038 (0x7fffffff)
[  131.937552][ T2727] EXT4-fs (loop1): unmounting filesystem.
[  131.951429][ T3051] loop1: detected capacity change from 0 to 512
[  131.968845][ T3051] EXT4-fs (loop1): 1 orphan inode deleted
[  131.974566][ T3051] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  131.983455][ T3051] ext4 filesystem being mounted at /22/file1 supports timestamps until 2038 (0x7fffffff)
[  131.984216][   T28] audit: type=1400 audit(1729535128.038:247): avc:  denied  { unlink } for  pid=85 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  132.036582][   T10] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  132.046266][   T10] EXT4-fs error (device loop1): ext4_release_dquot:6787: comm kworker/u4:1: Failed to release dquot type 1
[  132.216439][  T314] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  132.225374][  T314] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.233319][  T314] usb 5-1: Product: syz
[  132.237350][  T314] usb 5-1: Manufacturer: syz
[  132.241736][  T314] usb 5-1: SerialNumber: syz
[  132.246963][  T314] usb 5-1: config 0 descriptor??
[  132.287333][  T314] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  132.295199][  T314] usb 5-1: Detected FT232H
[  132.301757][ T1802] EXT4-fs (loop0): unmounting filesystem.
[  132.406453][ T3058] netlink: 8 bytes leftover after parsing attributes in process `syz.0.789'.
[  132.415220][ T3058] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  132.516508][  T314] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  132.628571][ T3060] loop2: detected capacity change from 0 to 256
[  132.635102][ T3060] FAT-fs (loop2): bogus number of FAT sectors
[  132.641193][ T3060] FAT-fs (loop2): Can't find a valid FAT filesystem
[  132.786452][  T314] ftdi_sio 5-1:0.0: GPIO initialisation failed: -32
[  132.796783][  T314] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  132.809281][ T2727] EXT4-fs (loop1): unmounting filesystem.
[  132.841678][ T3063] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  133.246544][ T3068] loop1: detected capacity change from 0 to 40427
[  133.263637][ T3068] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  133.271530][ T3068] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  133.280606][ T3068] F2FS-fs (loop1): invalid crc value
[  133.287432][ T3068] F2FS-fs (loop1): Found nat_bits in checkpoint
[  133.315227][ T3068] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  133.322406][ T3068] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  133.469365][ T3083] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  133.994321][ T3091] loop1: detected capacity change from 0 to 512
[  134.003817][ T3091] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  134.017395][ T3091] [EXT4 FS bs=4096, gc=1, bpg=71, ipg=32, mo=a842c09c, mo2=0000]
[  134.025013][ T3091] System zones: 0-2, 18-18, 34-34
[  134.030970][ T3091] EXT4-fs (loop1): 1 orphan inode deleted
[  134.036575][ T3091] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  134.045448][ T3091] ext4 filesystem being mounted at /27/file1 supports timestamps until 2038 (0x7fffffff)
[  134.154064][ T1014] usb 5-1: USB disconnect, device number 3
[  134.161486][ T1014] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  134.167430][ T3098] loop4: detected capacity change from 0 to 256
[  134.190401][ T1014] ftdi_sio 5-1:0.0: device disconnected
[  134.603466][ T3101] incfs: iterate_incfs_dir / -22
[  134.666194][ T3104] loop2: detected capacity change from 0 to 128
[  134.751011][ T3104] syz.2.802: attempt to access beyond end of device
[  134.751011][ T3104] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[  134.814470][ T2727] EXT4-fs (loop1): unmounting filesystem.
[  135.097595][ T3119] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  135.170429][ T3120] netlink: 8 bytes leftover after parsing attributes in process `syz.1.806'.
[  135.185476][ T3124] loop0: detected capacity change from 0 to 1024
[  135.202203][ T3120] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  135.216767][ T3124] EXT4-fs: Ignoring removed orlov option
[  135.227015][ T3124] EXT4-fs (loop0): Test dummy encryption mode enabled
[  135.239275][ T3124] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  135.312261][ T1802] EXT4-fs (loop0): unmounting filesystem.
[  135.353214][ T3133] loop0: detected capacity change from 0 to 1024
[  135.359668][ T3133] EXT4-fs: Invalid want_extra_isize 129
[  135.507884][ T3131] loop2: detected capacity change from 0 to 40427
[  135.514844][ T3131] F2FS-fs (loop2): Invalid log blocks per segment (83886089)
[  135.522451][ T3131] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  135.533843][ T3131] F2FS-fs (loop2): invalid crc value
[  135.540328][ T3131] F2FS-fs (loop2): Found nat_bits in checkpoint
[  135.588120][ T3131] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  135.594969][ T3131] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  135.621587][ T3136] f2fs_ckpt-7:2: attempt to access beyond end of device
[  135.621587][ T3136] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  135.817044][ T3148] netlink: 87 bytes leftover after parsing attributes in process `syz.2.816'.
[  135.854684][ T3151] loop2: detected capacity change from 0 to 512
[  135.869004][ T3151] EXT4-fs (loop2): 1 orphan inode deleted
[  135.874700][ T3151] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  135.883774][ T3151] ext4 filesystem being mounted at /25/file1 supports timestamps until 2038 (0x7fffffff)
[  136.001650][ T3155] incfs: iterate_incfs_dir / -22
[  136.168746][ T3158] loop4: detected capacity change from 0 to 512
[  136.175384][ T3158] EXT4-fs (loop4): Test dummy encryption mode enabled
[  136.183290][ T3158] EXT4-fs error (device loop4): __ext4_iget:5046: inode #11: block 1: comm syz.4.819: invalid block
[  136.194294][ T3158] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.819: couldn't read orphan inode 11 (err -117)
[  136.206133][ T3158] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  136.576208][ T3164] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  136.585275][ T3164] device syzkaller0 entered promiscuous mode
[  136.601003][ T3166] loop1: detected capacity change from 0 to 256
[  136.707482][ T2709] EXT4-fs (loop2): unmounting filesystem.
[  136.729741][ T3170] loop2: detected capacity change from 0 to 128
[  136.760659][ T3170] syz.2.822: attempt to access beyond end of device
[  136.760659][ T3170] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[  137.018168][ T2691] EXT4-fs (loop4): unmounting filesystem.
[  137.474862][ T3185] netlink: 87 bytes leftover after parsing attributes in process `syz.3.828'.
[  137.523408][ T3188] loop3: detected capacity change from 0 to 512
[  137.587223][ T3181] loop2: detected capacity change from 0 to 40427
[  137.587819][ T3188] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  137.605893][ T3181] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  137.610980][ T3188] ext4 filesystem being mounted at /81/file0 supports timestamps until 2038 (0x7fffffff)
[  137.623273][ T3181] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  137.639054][ T3181] F2FS-fs (loop2): invalid crc value
[  137.652728][ T1834] EXT4-fs (loop3): unmounting filesystem.
[  137.664649][ T3181] F2FS-fs (loop2): Found nat_bits in checkpoint
[  137.673231][ T3197] loop3: detected capacity change from 0 to 128
[  137.709796][ T3197] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  137.719695][ T3197] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  137.728424][ T3197] ext2 filesystem being mounted at /82/bus supports timestamps until 2038 (0x7fffffff)
[  137.738124][ T3181] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  137.744982][ T3181] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  137.910420][ T3202] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  137.956884][ T3205] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  137.998225][ T3207] loop4: detected capacity change from 0 to 512
[  138.046626][ T3207] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  138.068450][ T3207] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  138.102306][ T3207] System zones: 0-1, 15-15, 18-18, 34-34
[  138.128889][ T3207] EXT4-fs (loop4): orphan cleanup on readonly fs
[  138.136529][ T3207] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=0
[  138.145757][ T3207] EXT4-fs warning (device loop4): ext4_enable_quotas:6999: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  138.160375][ T3207] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  138.173667][ T3207] EXT4-fs error (device loop4): ext4_orphan_get:1422: comm syz.4.833: bad orphan inode 16
[  138.189938][ T3207] ext4_test_bit(bit=15, block=18) = 1
[  138.196387][ T3207] is_bad_inode(inode)=0
[  138.200484][ T3207] NEXT_ORPHAN(inode)=0
[  138.210554][ T3207] max_ino=32
[  138.247559][ T3207] i_nlink=2
[  138.254969][ T3207] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  138.546640][   T28] audit: type=1400 audit(1729535134.518:248): avc:  denied  { create } for  pid=3206 comm="syz.4.833" anonclass=[userfaultfd] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  138.690973][ T3190] loop1: detected capacity change from 0 to 131072
[  138.702312][ T3190] F2FS-fs (loop1): Test dummy encryption mode enabled
[  138.709938][ T1834] EXT4-fs (loop3): unmounting filesystem.
[  138.716816][ T3190] F2FS-fs (loop1): invalid crc value
[  138.728370][ T3219] loop3: detected capacity change from 0 to 128
[  138.748502][ T3190] F2FS-fs (loop1): Found nat_bits in checkpoint
[  138.775497][ T3219] syz.3.836: attempt to access beyond end of device
[  138.775497][ T3219] loop3: rw=34817, sector=97, nr_sectors = 32 limit=128
[  138.808729][ T3190] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  138.868011][ T2691] EXT4-fs (loop4): unmounting filesystem.
[  138.915573][ T3215] loop2: detected capacity change from 0 to 40427
[  138.930735][ T3215] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  138.952950][ T3215] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  138.970400][ T3215] F2FS-fs (loop2): invalid crc value
[  138.972215][ T1014] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  138.984294][ T3215] F2FS-fs (loop2): Found nat_bits in checkpoint
[  139.022604][ T3215] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  139.029497][ T3215] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  139.226500][ T1014] usb 1-1: Using ep0 maxpacket: 16
[  139.346471][ T1014] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  139.357220][ T1014] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  139.366728][ T1014] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  139.381420][ T1014] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  139.390322][ T1014] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.403016][ T1014] usb 1-1: config 0 descriptor??
[  139.597957][ T3241] loop2: detected capacity change from 0 to 256
[  139.769882][ T3246] loop4: detected capacity change from 0 to 256
[  139.780085][ T3246] FAT-fs (loop4): bogus number of FAT sectors
[  139.785972][ T3246] FAT-fs (loop4): Can't find a valid FAT filesystem
[  139.887879][ T1014] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  139.898210][ T1014] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  139.908227][ T1014] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  139.915312][ T1014] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  139.922597][ T1014] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  139.929788][ T1014] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  139.937027][ T1014] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  139.944140][ T1014] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  139.951859][ T1014] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  139.959085][ T1014] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  139.971355][ T1014] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.0001/input/input9
[  139.989594][ T1014] microsoft 0003:045E:07DA.0001: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[  140.030806][ T3250] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  140.090204][   T19] usb 1-1: USB disconnect, device number 5
[  140.380820][ T3259] loop3: detected capacity change from 0 to 128
[  140.387457][ T3259] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  140.397407][ T3259] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  140.405842][ T3259] ext2 filesystem being mounted at /86/bus supports timestamps until 2038 (0x7fffffff)
[  141.357076][ T1834] EXT4-fs (loop3): unmounting filesystem.
[  141.509889][ T3274] loop0: detected capacity change from 0 to 512
[  141.521664][ T3274] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  141.576658][ T3274] [EXT4 FS bs=4096, gc=1, bpg=71, ipg=32, mo=a842c09c, mo2=0000]
[  141.584284][ T3274] System zones: 0-2, 18-18, 34-34
[  141.592123][ T3286] loop2: detected capacity change from 0 to 256
[  141.613576][ T3286] FAT-fs (loop2): bogus number of FAT sectors
[  141.620584][ T3274] EXT4-fs (loop0): 1 orphan inode deleted
[  141.626199][ T3274] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  141.636643][ T3286] FAT-fs (loop2): Can't find a valid FAT filesystem
[  141.643321][ T3274] ext4 filesystem being mounted at /68/file1 supports timestamps until 2038 (0x7fffffff)
[  142.634246][ T3297] incfs: iterate_incfs_dir / -22
[  142.698788][ T1802] EXT4-fs (loop0): unmounting filesystem.
[  143.081040][    T6] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  143.087349][ T3311] loop4: detected capacity change from 0 to 128
[  143.126758][ T3311] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  143.130328][ T3312] usb usb8: usbfs: process 3312 (syz.3.859) did not claim interface 0 before use
[  143.137637][ T3311] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  143.152178][ T3311] ext2 filesystem being mounted at /29/bus supports timestamps until 2038 (0x7fffffff)
[  143.366395][    T6] usb 1-1: Using ep0 maxpacket: 8
[  143.506624][    T6] usb 1-1: config index 0 descriptor too short (expected 5924, got 36)
[  143.514964][    T6] usb 1-1: config 250 has an invalid interface number: 228 but max is -1
[  143.523275][    T6] usb 1-1: config 250 has 1 interface, different from the descriptor's value: 0
[  143.532107][    T6] usb 1-1: config 250 has no interface number 0
[  143.538241][    T6] usb 1-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  143.673204][    T6] usb 1-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  144.195734][    T6] usb 1-1: config 250 interface 228 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  144.196275][ T2691] EXT4-fs (loop4): unmounting filesystem.
[  144.208968][    T6] usb 1-1: config 250 interface 228 has no altsetting 0
[  144.346479][    T6] usb 1-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  144.355622][    T6] usb 1-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  144.363945][    T6] usb 1-1: Product: syz
[  144.368227][    T6] usb 1-1: SerialNumber: syz
[  144.417250][    T6] hub 1-1:250.228: bad descriptor, ignoring hub
[  144.545645][    T6] hub: probe of 1-1:250.228 failed with error -5
[  144.716205][ T3347] incfs: iterate_incfs_dir / -22
[  145.171103][ T3348] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  145.184686][ T3348] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  145.341819][ T3355] loop2: detected capacity change from 0 to 40427
[  145.353998][ T3355] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  145.361745][ T3355] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  145.374160][ T3355] F2FS-fs (loop2): invalid crc value
[  145.380884][ T3355] F2FS-fs (loop2): Found nat_bits in checkpoint
[  145.441110][ T3355] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  145.454548][ T3355] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  145.726475][  T333] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  145.966402][  T333] usb 2-1: Using ep0 maxpacket: 16
[  146.050561][ T2709] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  146.050581][ T2709] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  146.058191][ T2709] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  146.065592][ T2709] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  146.073000][ T2709] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  146.080610][ T2709] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  146.088301][ T2709] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  146.170510][ T3376] binder: 3373:3376 ioctl 4018620d 0 returned -22
[  146.191298][ T3376] binder: 3373:3376 ioctl 4018620d 0 returned -22
[  146.399491][  T333] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  146.433873][  T333] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.459106][ T3388] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  146.489844][  T333] usb 2-1: Product: syz
[  146.493916][  T333] usb 2-1: Manufacturer: syz
[  146.498391][  T333] usb 2-1: SerialNumber: syz
[  146.507792][  T333] usb 2-1: config 0 descriptor??
[  146.547373][  T333] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  146.557566][  T333] usb 2-1: Detected FT232H
[  146.805460][ T1014] usb 1-1: USB disconnect, device number 6
[  146.811403][  T333] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  146.818647][ T3391] netlink: 4 bytes leftover after parsing attributes in process `syz.2.879'.
[  146.827886][ T3391] netlink: 12 bytes leftover after parsing attributes in process `syz.2.879'.
[  147.086466][  T333] ftdi_sio 2-1:0.0: GPIO initialisation failed: -32
[  147.106838][  T333] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  147.157139][ T3401] loop4: detected capacity change from 0 to 128
[  147.163701][ T3401] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  147.173113][ T3401] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  147.182234][ T3401] ext2 filesystem being mounted at /36/bus supports timestamps until 2038 (0x7fffffff)
[  147.371373][ T3409] syz.3.884[3409] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.371878][ T3409] syz.3.884[3409] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.620286][ T3414] loop2: detected capacity change from 0 to 1024
[  147.670888][ T3414] EXT4-fs: Ignoring removed orlov option
[  147.677407][ T3414] EXT4-fs (loop2): Test dummy encryption mode enabled
[  147.713481][ T3414] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  147.845224][ T2709] EXT4-fs (loop2): unmounting filesystem.
[  148.082723][ T2691] EXT4-fs (loop4): unmounting filesystem.
[  148.178377][ T3416] loop0: detected capacity change from 0 to 40427
[  148.185114][ T3416] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  148.192996][ T3416] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  148.202495][ T3416] F2FS-fs (loop0): invalid crc value
[  148.210817][ T3416] F2FS-fs (loop0): Found nat_bits in checkpoint
[  148.226411][ T1014] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  148.248767][ T3416] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  148.255645][ T3416] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  148.386162][ T3422] loop4: detected capacity change from 0 to 40427
[  148.476618][ T1014] usb 3-1: Using ep0 maxpacket: 8
[  148.578024][ T3422] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  148.596493][ T1014] usb 3-1: config index 0 descriptor too short (expected 5924, got 36)
[  148.636414][ T3422] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  148.644499][ T1014] usb 3-1: config 250 has an invalid interface number: 228 but max is -1
[  148.658266][ T1802] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  148.658302][ T1802] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  148.680831][ T1802] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  148.701272][ T1014] usb 3-1: config 250 has 1 interface, different from the descriptor's value: 0
[  148.736599][ T3422] F2FS-fs (loop4): invalid crc value
[  148.745056][ T1014] usb 3-1: config 250 has no interface number 0
[  148.759348][ T3422] F2FS-fs (loop4): Found nat_bits in checkpoint
[  148.762161][ T1014] usb 3-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  148.791904][ T1014] usb 3-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  148.819474][ T1014] usb 3-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  148.836099][ T1014] usb 3-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  148.849686][ T1014] usb 3-1: config 250 interface 228 has no altsetting 0
[  148.857120][   T24] usb 2-1: USB disconnect, device number 7
[  148.868965][   T24] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  148.876543][ T3422] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  148.881834][   T24] ftdi_sio 2-1:0.0: device disconnected
[  148.884921][ T3422] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  148.986476][ T1014] usb 3-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  149.005519][ T1014] usb 3-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  149.022145][ T3442] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  149.022821][ T1014] usb 3-1: Product: syz
[  149.046438][ T1014] usb 3-1: SerialNumber: syz
[  149.055722][ T3448] loop3: detected capacity change from 0 to 256
[  149.096959][ T1014] hub 3-1:250.228: bad descriptor, ignoring hub
[  149.103083][ T1014] hub: probe of 3-1:250.228 failed with error -5
[  149.250249][ T3452] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  149.260383][ T3452] device syzkaller0 entered promiscuous mode
[  149.264057][ T3454] ------------[ cut here ]------------
[  149.270297][   T28] audit: type=1400 audit(1729535145.318:249): avc:  denied  { unlink } for  pid=3453 comm="syz.4.899" name="#d" dev="tmpfs" ino=237 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  149.271597][ T3454] WARNING: CPU: 1 PID: 3454 at fs/overlayfs/util.c:484 ovl_dir_modified+0x1a5/0x1e0
[  149.302491][ T3454] Modules linked in:
[  149.306191][ T3454] CPU: 1 PID: 3454 Comm: syz.4.899 Not tainted 6.1.99-syzkaller-00050-gadd3d68602a0 #0
[  149.315679][ T3454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  149.325563][ T3454] RIP: 0010:ovl_dir_modified+0x1a5/0x1e0
[  149.331033][ T3454] Code: 00 00 fc ff df 80 3c 08 00 74 08 4c 89 ff e8 d2 32 9d ff 49 ff 07 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 2b f1 55 ff <0f> 0b e9 06 ff ff ff e8 1f f1 55 ff 0f 0b e9 3d ff ff ff 44 89 e1
[  149.350479][ T3454] RSP: 0018:ffffc90002137ae0 EFLAGS: 00010287
[  149.356371][ T3454] RAX: ffffffff821fb215 RBX: 0000000000000000 RCX: 0000000000040000
[  149.364163][ T3454] RDX: ffffc9000d252000 RSI: 0000000000001bc8 RDI: 0000000000001bc9
[  149.371998][ T3454] RBP: ffffc90002137b10 R08: ffffffff821fb114 R09: ffffed10239786f4
[  149.379800][ T3454] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88812fc87660
[  149.387619][ T3454] R13: ffff88812fc87690 R14: 1ffff11025f90ed2 R15: ffff88811cbc36f8
[  149.395411][ T3454] FS:  00007f47fa1816c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  149.404190][ T3454] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  149.410615][ T3454] CR2: 000000110c2a6151 CR3: 000000013f6c7000 CR4: 00000000003506a0
[  149.418421][ T3454] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  149.426216][ T3454] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  149.434048][ T3454] Call Trace:
[  149.437173][ T3454]  <TASK>
[  149.439934][ T3454]  ? show_regs+0x58/0x60
[  149.444010][ T3454]  ? __warn+0x160/0x3d0
[  149.448033][ T3454]  ? ovl_dir_modified+0x1a5/0x1e0
[  149.452863][ T3454]  ? report_bug+0x4d5/0x7d0
[  149.457233][ T3454]  ? ovl_dir_modified+0x1a5/0x1e0
[  149.462063][ T3454]  ? handle_bug+0x41/0x70
[  149.466228][ T3454]  ? exc_invalid_op+0x1b/0x50
[  149.470767][ T3454]  ? asm_exc_invalid_op+0x1b/0x20
[  149.475603][ T3454]  ? ovl_dir_modified+0xa4/0x1e0
[  149.480396][ T3454]  ? ovl_dir_modified+0x1a5/0x1e0
[  149.485237][ T3454]  ? ovl_dir_modified+0x1a5/0x1e0
[  149.490118][ T3454]  ovl_do_remove+0x7fc/0xbf0
[  149.494525][ T3454]  ? ovl_set_redirect+0x670/0x670
[  149.499406][ T3454]  ? selinux_inode_rmdir+0x22/0x30
[  149.504331][ T3454]  ovl_rmdir+0x1a/0x20
[  149.508264][ T3454]  vfs_rmdir+0x398/0x500
[  149.512317][ T3454]  incfs_kill_sb+0x113/0x230
[  149.516767][ T3454]  deactivate_locked_super+0xad/0x110
[  149.521949][ T3454]  deactivate_super+0xbe/0xf0
[  149.526486][ T3454]  cleanup_mnt+0x485/0x510
[  149.530723][ T3454]  __cleanup_mnt+0x19/0x20
[  149.534968][ T3454]  task_work_run+0x24d/0x2e0
[  149.539426][ T3454]  ? task_work_cancel+0x2b0/0x2b0
[  149.544261][ T3454]  ? __x64_sys_mount+0xd0/0xd0
[  149.548878][ T3454]  exit_to_user_mode_loop+0x94/0xa0
[  149.553892][ T3454]  exit_to_user_mode_prepare+0x5a/0xa0
[  149.559207][ T3454]  syscall_exit_to_user_mode+0x26/0x130
[  149.564564][ T3454]  do_syscall_64+0x47/0xb0
[  149.568853][ T3454]  ? clear_bhb_loop+0x55/0xb0
[  149.573330][ T3454]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  149.579079][ T3454] RIP: 0033:0x7f47f937dff9
[  149.583312][ T3454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.602811][ T3454] RSP: 002b:00007f47fa181038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  149.611015][ T3454] RAX: ffffffffffffffec RBX: 00007f47f9535f80 RCX: 00007f47f937dff9
[  149.618840][ T3454] RDX: 0000000020000340 RSI: 0000000020000480 RDI: 0000000020000040
[  149.626648][ T3454] RBP: 00007f47f93f0296 R08: 0000000000000000 R09: 0000000000000000
[  149.634434][ T3454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  149.642270][ T3454] R13: 0000000000000000 R14: 00007f47f9535f80 R15: 00007ffe4c48e2b8
[  149.650076][ T3454]  </TASK>
[  149.652920][ T3454] ---[ end trace 0000000000000000 ]---
[  149.658586][ T3454] ------------[ cut here ]------------
[  149.663887][ T3454] WARNING: CPU: 0 PID: 3454 at fs/overlayfs/util.c:484 ovl_dir_modified+0x1a5/0x1e0
[  149.673136][ T3454] Modules linked in:
[  149.676805][ T3454] CPU: 0 PID: 3454 Comm: syz.4.899 Tainted: G        W          6.1.99-syzkaller-00050-gadd3d68602a0 #0
[  149.687737][ T3454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  149.697642][ T3454] RIP: 0010:ovl_dir_modified+0x1a5/0x1e0
[  149.703096][ T3454] Code: 00 00 fc ff df 80 3c 08 00 74 08 4c 89 ff e8 d2 32 9d ff 49 ff 07 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 2b f1 55 ff <0f> 0b e9 06 ff ff ff e8 1f f1 55 ff 0f 0b e9 3d ff ff ff 44 89 e1
[  149.722541][ T3454] RSP: 0018:ffffc90002137ae0 EFLAGS: 00010246
[  149.728449][ T3454] RAX: ffffffff821fb215 RBX: 0000000000000000 RCX: 0000000000040000
[  149.736411][ T3454] RDX: ffffc9000d252000 RSI: 000000000003ffff RDI: 0000000000040000
[  149.744351][ T3454] RBP: ffffc90002137b10 R08: ffffffff821fb114 R09: ffffed10239786f4
[  149.752671][ T3454] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88812fc87660
[  149.760655][ T3454] R13: ffff88812fc87690 R14: 1ffff11025f90ed2 R15: ffff88811cbc36f8
[  149.768462][ T3454] FS:  00007f47fa1816c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  149.777226][ T3454] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  149.783628][ T3454] CR2: 00007fb96165c5da CR3: 000000013f6c7000 CR4: 00000000003506b0
[  149.791462][ T3454] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  149.799265][ T3454] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  149.807088][ T3454] Call Trace:
[  149.810195][ T3454]  <TASK>
[  149.812970][ T3454]  ? show_regs+0x58/0x60
[  149.817056][ T3454]  ? __warn+0x160/0x3d0
[  149.821044][ T3454]  ? ovl_dir_modified+0x1a5/0x1e0
[  149.825898][ T3454]  ? report_bug+0x4d5/0x7d0
[  149.830262][ T3454]  ? ovl_dir_modified+0x1a5/0x1e0
[  149.835098][ T3454]  ? handle_bug+0x41/0x70
[  149.839288][ T3454]  ? exc_invalid_op+0x1b/0x50
[  149.843780][ T3454]  ? asm_exc_invalid_op+0x1b/0x20
[  149.848661][ T3454]  ? ovl_dir_modified+0xa4/0x1e0
[  149.853411][ T3454]  ? ovl_dir_modified+0x1a5/0x1e0
[  149.858292][ T3454]  ? ovl_dir_modified+0x1a5/0x1e0
[  149.863136][ T3454]  ovl_do_remove+0x7fc/0xbf0
[  149.867605][ T3454]  ? ovl_set_redirect+0x670/0x670
[  149.872421][ T3454]  ? selinux_inode_rmdir+0x22/0x30
[  149.877385][ T3454]  ovl_rmdir+0x1a/0x20
[  149.881272][ T3454]  vfs_rmdir+0x398/0x500
[  149.885357][ T3454]  incfs_kill_sb+0x1b4/0x230
[  149.889806][ T3454]  deactivate_locked_super+0xad/0x110
[  149.895004][ T3454]  deactivate_super+0xbe/0xf0
[  149.899519][ T3454]  cleanup_mnt+0x485/0x510
[  149.903773][ T3454]  __cleanup_mnt+0x19/0x20
[  149.908027][ T3454]  task_work_run+0x24d/0x2e0
[  149.912426][ T3454]  ? task_work_cancel+0x2b0/0x2b0
[  149.917448][ T3454]  ? __x64_sys_mount+0xd0/0xd0
[  149.922137][ T3454]  exit_to_user_mode_loop+0x94/0xa0
[  149.927188][ T3454]  exit_to_user_mode_prepare+0x5a/0xa0
[  149.932463][ T3454]  syscall_exit_to_user_mode+0x26/0x130
[  149.937856][ T3454]  do_syscall_64+0x47/0xb0
[  149.942091][ T3454]  ? clear_bhb_loop+0x55/0xb0
[  149.946621][ T3454]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  149.952333][ T3454] RIP: 0033:0x7f47f937dff9
[  149.953200][ T3458] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  149.956614][ T3454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.956633][ T3454] RSP: 002b:00007f47fa181038 EFLAGS: 00000246
[  149.966330][ T3458] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  149.984207][ T3454]  ORIG_RAX: 00000000000000a5
[  150.002152][ T3454] RAX: ffffffffffffffec RBX: 00007f47f9535f80 RCX: 00007f47f937dff9
[  150.009984][ T3454] RDX: 0000000020000340 RSI: 0000000020000480 RDI: 0000000020000040
[  150.017786][ T3454] RBP: 00007f47f93f0296 R08: 0000000000000000 R09: 0000000000000000
[  150.025585][ T3454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  150.033414][ T3454] R13: 0000000000000000 R14: 00007f47f9535f80 R15: 00007ffe4c48e2b8
[  150.041230][ T3454]  </TASK>
[  150.044071][ T3454] ---[ end trace 0000000000000000 ]---
[  150.084116][ T3463] loop4: detected capacity change from 0 to 128
[  150.090693][ T3463] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  150.153985][ T3463] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  150.198657][ T3471] tipc: Started in network mode
[  150.203292][ T3463] ext2 filesystem being mounted at /39/bus supports timestamps until 2038 (0x7fffffff)
[  150.210236][ T3471] tipc: Node identity ac1414aa, cluster identity 4711
[  150.260787][ T3471] tipc: New replicast peer: 100.1.1.1
[  150.266113][ T3471] tipc: Enabled bearer <udp:syz2>, priority 10
[  150.373403][ T3476] syz.0.903[3476] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  150.374043][ T3476] syz.0.903[3476] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  150.546462][   T24] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  150.806414][   T24] usb 2-1: Using ep0 maxpacket: 16
[  151.020083][ T2691] EXT4-fs (loop4): unmounting filesystem.
[  151.131450][ T3483] loop0: detected capacity change from 0 to 512
[  151.159203][ T3483] EXT4-fs (loop0): 1 orphan inode deleted
[  151.164814][ T3483] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  151.173863][ T3483] ext4 filesystem being mounted at /78/file1 supports timestamps until 2038 (0x7fffffff)
[  151.184213][   T41] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  151.193994][   T41] EXT4-fs error (device loop0): ext4_release_dquot:6787: comm kworker/u4:2: Failed to release dquot type 1
[  151.216464][   T24] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  151.233470][ T1802] EXT4-fs (loop0): unmounting filesystem.
[  151.326492][  T314] usb 3-1: USB disconnect, device number 2
[  151.336722][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.339744][ T3499] loop0: detected capacity change from 0 to 256
[  151.349932][   T24] usb 2-1: Product: syz
[  151.354628][   T24] usb 2-1: Manufacturer: syz
[  151.359574][   T24] usb 2-1: SerialNumber: syz
[  151.372110][   T24] usb 2-1: config 0 descriptor??
[  151.429700][  T333] tipc: Node number set to 2886997162
[  151.466994][   T24] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  151.474592][   T24] usb 2-1: Detected FT232H
[  151.542525][ T3503] usb usb8: usbfs: process 3503 (syz.2.913) did not claim interface 0 before use
[  151.676425][   T24] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  151.946431][   T24] ftdi_sio 2-1:0.0: GPIO initialisation failed: -32
[  151.954643][   T24] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  152.005186][ T3510] tipc: Started in network mode
[  152.009907][ T3510] tipc: Node identity ac1414aa, cluster identity 4711
[  152.017066][ T3510] tipc: New replicast peer: 100.1.1.1
[  152.022309][ T3510] tipc: Enabled bearer <udp:syz2>, priority 10
[  152.137606][ T3524] loop4: detected capacity change from 0 to 512
[  152.159033][ T3524] EXT4-fs (loop4): 1 orphan inode deleted
[  152.164787][ T3524] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  152.174058][ T3524] ext4 filesystem being mounted at /45/file1 supports timestamps until 2038 (0x7fffffff)
[  152.183970][  T326] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  152.220234][ T2691] EXT4-fs (loop4): unmounting filesystem.
[  152.248572][  T326] EXT4-fs error (device loop4): ext4_release_dquot:6787: comm kworker/u4:3: Failed to release dquot type 1
[  152.766382][    T6] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  153.016405][    T6] usb 5-1: Using ep0 maxpacket: 8
[  153.136644][ T1184] tipc: Node number set to 2886997162
[  153.744605][  T333] usb 2-1: USB disconnect, device number 8
[  153.751113][  T333] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  153.766575][    T6] usb 5-1: config index 0 descriptor too short (expected 5924, got 36)
[  153.771953][  T333] ftdi_sio 2-1:0.0: device disconnected
[  153.777235][    T6] usb 5-1: config 250 has an invalid interface number: 228 but max is -1
[  153.788371][    T6] usb 5-1: config 250 has 1 interface, different from the descriptor's value: 0
[  153.797897][    T6] usb 5-1: config 250 has no interface number 0
[  153.804243][    T6] usb 5-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  153.815811][    T6] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  153.826401][    T6] usb 5-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  153.836726][    T6] usb 5-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  153.850217][    T6] usb 5-1: config 250 interface 228 has no altsetting 0
[  153.905653][ T3559] loop3: detected capacity change from 0 to 512
[  153.928684][ T3559] EXT4-fs (loop3): 1 orphan inode deleted
[  153.934308][ T3559] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  153.946992][   T10] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  153.956751][ T3559] ext4 filesystem being mounted at /106/file1 supports timestamps until 2038 (0x7fffffff)
[  153.966517][   T10] EXT4-fs error (device loop3): ext4_release_dquot:6787: comm kworker/u4:1: Failed to release dquot type 1
[  153.977955][    T6] usb 5-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  154.024919][ T1834] EXT4-fs (loop3): unmounting filesystem.
[  154.028791][ T3565] loop2: detected capacity change from 0 to 128
[  154.036587][    T6] usb 5-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  154.044632][    T6] usb 5-1: Product: syz
[  154.108567][ T3567] usb usb8: usbfs: process 3567 (syz.1.933) did not claim interface 0 before use
[  154.284748][    T6] usb 5-1: SerialNumber: syz
[  154.376840][    T6] hub 5-1:250.228: bad descriptor, ignoring hub
[  154.382910][    T6] hub: probe of 5-1:250.228 failed with error -5
[  155.247154][ T3599] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  155.276598][ T3599] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  155.994142][ T3622] usb usb8: usbfs: process 3622 (syz.1.951) did not claim interface 0 before use
[  156.332067][ T3629] netlink: 52 bytes leftover after parsing attributes in process `syz.3.954'.
[  156.499093][ T3634] capability: warning: `syz.2.956' uses deprecated v2 capabilities in a way that may be insecure
[  156.557247][ T3642] loop4: detected capacity change from 0 to 1024
[  156.574262][ T3642] EXT4-fs: Ignoring removed orlov option
[  156.580757][ T3642] EXT4-fs (loop4): Test dummy encryption mode enabled
[  156.590896][ T3642] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  156.626553][ T1184] usb 5-1: USB disconnect, device number 4
[  156.766179][ T2691] EXT4-fs (loop4): unmounting filesystem.
[  157.718245][ T3660] loop0: detected capacity change from 0 to 256
[  157.724969][ T3660] FAT-fs (loop0): bogus number of FAT sectors
[  157.731249][ T3660] FAT-fs (loop0): Can't find a valid FAT filesystem
[  157.791829][  T588] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  158.496427][  T333] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  158.796384][  T333] usb 4-1: Using ep0 maxpacket: 8
[  158.804896][ T3687] netlink: 52 bytes leftover after parsing attributes in process `syz.2.974'.
[  158.946564][  T333] usb 4-1: config index 0 descriptor too short (expected 5924, got 36)
[  158.959605][  T333] usb 4-1: config 250 has an invalid interface number: 228 but max is -1
[  159.019922][  T333] usb 4-1: config 250 has 1 interface, different from the descriptor's value: 0
[  159.059909][  T333] usb 4-1: config 250 has no interface number 0
[  159.124079][  T333] usb 4-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  159.152667][  T333] usb 4-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  159.163236][  T333] usb 4-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  159.176677][ T3696] loop1: detected capacity change from 0 to 512
[  159.189377][ T3696] EXT4-fs: Ignoring removed mblk_io_submit option
[  159.195704][  T333] usb 4-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  159.209181][ T3696] EXT4-fs: Ignoring removed i_version option
[  159.215011][  T333] usb 4-1: config 250 interface 228 has no altsetting 0
[  159.223329][ T3696] EXT4-fs error (device loop1): __ext4_iget:5046: inode #11: block 1: comm syz.1.976: invalid block
[  159.234096][ T3696] EXT4-fs (loop1): Remounting filesystem read-only
[  159.240672][ T3696] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.976: couldn't read orphan inode 11 (err -117)
[  159.252511][ T3696] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  159.376444][  T333] usb 4-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  159.385586][  T333] usb 4-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  159.393721][  T333] usb 4-1: Product: syz
[  159.398159][  T333] usb 4-1: SerialNumber: syz
[  159.500575][  T333] hub 4-1:250.228: bad descriptor, ignoring hub
[  159.507379][  T333] hub: probe of 4-1:250.228 failed with error -5
[  160.133330][ T3720] usb usb8: usbfs: process 3720 (syz.2.984) did not claim interface 0 before use
[  160.217107][ T2727] EXT4-fs (loop1): unmounting filesystem.
[  160.220370][ T3704] loop4: detected capacity change from 0 to 40427
[  160.246676][ T3704] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  160.264364][ T3704] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  160.273099][ T3704] F2FS-fs (loop4): invalid crc value
[  160.279762][ T3704] F2FS-fs (loop4): Found nat_bits in checkpoint
[  160.317930][ T3704] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  160.327926][ T3704] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  160.386174][ T3732] netlink: 52 bytes leftover after parsing attributes in process `syz.0.987'.
[  160.466839][ T3721] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  160.518602][ T3721] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  160.746804][ T2691] f2fs_fill_dentries: 4 callbacks suppressed
[  160.746820][ T2691] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  160.754703][ T2691] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  160.766101][ T2691] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  160.773836][ T2691] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  160.781362][ T2691] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  160.788858][ T2691] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  160.796202][ T2691] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  161.812542][ T3770] loop3: detected capacity change from 0 to 512
[  161.826275][ T3770] EXT4-fs: Ignoring removed mblk_io_submit option
[  161.845851][ T3770] EXT4-fs: Ignoring removed i_version option
[  161.869710][ T3770] EXT4-fs error (device loop3): __ext4_iget:5046: inode #11: block 1: comm syz.3.997: invalid block
[  161.885791][ T3770] EXT4-fs (loop3): Remounting filesystem read-only
[  161.893100][ T3770] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.997: couldn't read orphan inode 11 (err -117)
[  161.919708][ T3770] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  161.944170][  T313] usb 4-1: USB disconnect, device number 4
[  162.058267][ T3776] usb usb8: usbfs: process 3776 (syz.4.998) did not claim interface 0 before use
[  162.673835][ T1834] EXT4-fs (loop3): unmounting filesystem.
[  162.686956][ T3786] netlink: 87 bytes leftover after parsing attributes in process `syz.3.1001'.
[  163.106384][    T6] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  163.165699][ T3809] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  163.186036][ T3811] loop1: detected capacity change from 0 to 1024
[  163.192507][ T3811] EXT4-fs: Ignoring removed oldalloc option
[  163.218694][ T3811] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  163.238615][ T3811] syz.1.1010[3811] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  163.238659][ T3811] syz.1.1010[3811] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  163.255866][ T2727] EXT4-fs (loop1): unmounting filesystem.
[  163.302562][ T3817] netlink: 87 bytes leftover after parsing attributes in process `syz.0.1012'.
[  163.356449][    T6] usb 4-1: Using ep0 maxpacket: 8
[  163.461152][ T3821] usb usb8: usbfs: process 3821 (syz.0.1013) did not claim interface 0 before use
[  163.556510][  T313] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  163.615253][ T3823] loop2: detected capacity change from 0 to 512
[  163.621626][ T3823] EXT4-fs: Ignoring removed mblk_io_submit option
[  163.628187][ T3823] EXT4-fs: Ignoring removed i_version option
[  163.635305][ T3823] EXT4-fs error (device loop2): __ext4_iget:5046: inode #11: block 1: comm syz.2.1014: invalid block
[  163.636588][    T6] usb 4-1: config index 0 descriptor too short (expected 5924, got 36)
[  163.646299][ T3823] EXT4-fs (loop2): Remounting filesystem read-only
[  163.654137][    T6] usb 4-1: config 250 has an invalid interface number: 228 but max is -1
[  163.660752][ T3823] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.1014: couldn't read orphan inode 11 (err -117)
[  163.668947][    T6] usb 4-1: config 250 has 1 interface, different from the descriptor's value: 0
[  163.680685][ T3823] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  163.689278][    T6] usb 4-1: config 250 has no interface number 0
[  163.715967][    T6] usb 4-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  163.739658][    T6] usb 4-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  163.759635][    T6] usb 4-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  163.774330][    T6] usb 4-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  163.784643][    T6] usb 4-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  163.798029][    T6] usb 4-1: config 250 interface 228 has no altsetting 0
[  164.015497][  T313] usb 2-1: Using ep0 maxpacket: 16
[  164.206518][    T6] usb 4-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  164.215534][    T6] usb 4-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  164.223907][    T6] usb 4-1: Product: syz
[  164.228004][    T6] usb 4-1: SerialNumber: syz
[  164.301655][ T3839] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[  164.337303][  T313] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  164.349145][  T313] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.358463][  T313] usb 2-1: Product: syz
[  164.382187][  T313] usb 2-1: Manufacturer: syz
[  164.386839][  T313] usb 2-1: SerialNumber: syz
[  164.399085][  T313] usb 2-1: config 0 descriptor??
[  164.442700][  T313] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  164.510914][    T6] hub 4-1:250.228: bad descriptor, ignoring hub
[  164.517041][    T6] hub: probe of 4-1:250.228 failed with error -5
[  164.528774][  T313] usb 2-1: Detected FT232H
[  164.529631][ T2709] EXT4-fs (loop2): unmounting filesystem.
[  164.546523][ T3843] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  164.558998][    T6] usblp 4-1:250.228: usblp0: USB Bidirectional printer dev 5 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  164.569945][ T3845] loop2: detected capacity change from 0 to 1024
[  164.577239][ T3845] EXT4-fs: Ignoring removed oldalloc option
[  164.587725][ T3845] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  164.598631][    T6] usb 4-1: USB disconnect, device number 5
[  164.607692][    T6] usblp0: removed
[  164.615133][ T3845] syz.2.1021[3845] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  164.615264][ T3845] syz.2.1021[3845] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  164.632541][ T2709] EXT4-fs (loop2): unmounting filesystem.
[  164.646466][  T313] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  164.748227][ T3850] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1022'.
[  164.906417][  T313] ftdi_sio 2-1:0.0: GPIO initialisation failed: -5
[  164.913094][  T313] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  165.005449][ T3853] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3853 comm=syz.4.1023
[  165.146380][    T6] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  165.360639][ T3860] loop0: detected capacity change from 0 to 40427
[  165.376264][ T3860] F2FS-fs (loop0): Invalid segment/section count (24 != 24 * 3)
[  165.384035][ T3860] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  165.392602][ T3860] F2FS-fs (loop0): heap/no_heap options were deprecated
[  165.399437][ T3860] F2FS-fs (loop0): Image doesn't support compression
[  165.406467][    T6] usb 4-1: Using ep0 maxpacket: 8
[  165.406852][ T3860] F2FS-fs (loop0): invalid crc value
[  165.417889][ T3860] F2FS-fs (loop0): Found nat_bits in checkpoint
[  165.456597][ T3860] F2FS-fs (loop0): Start checkpoint disabled!
[  165.463657][ T3860] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  165.470714][ T3860] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  165.536450][    T6] usb 4-1: config index 0 descriptor too short (expected 5924, got 36)
[  165.544506][    T6] usb 4-1: config 250 has an invalid interface number: 228 but max is -1
[  165.552922][    T6] usb 4-1: config 250 has 1 interface, different from the descriptor's value: 0
[  165.561771][    T6] usb 4-1: config 250 has no interface number 0
[  165.567848][    T6] usb 4-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  165.579353][    T6] usb 4-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  165.589619][    T6] usb 4-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  165.599683][    T6] usb 4-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  165.609753][    T6] usb 4-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  165.623042][    T6] usb 4-1: config 250 interface 228 has no altsetting 0
[  165.660473][   T28] audit: type=1400 audit(1729535161.718:250): avc:  denied  { mounton } for  pid=3859 comm="syz.0.1026" path="/101/bus/file0" dev="loop0" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  165.756436][    T6] usb 4-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  165.765426][    T6] usb 4-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  165.773546][    T6] usb 4-1: Product: syz
[  165.777913][    T6] usb 4-1: SerialNumber: syz
[  165.826905][    T6] hub 4-1:250.228: bad descriptor, ignoring hub
[  165.841339][    T6] hub: probe of 4-1:250.228 failed with error -5
[  165.867683][    T6] usblp 4-1:250.228: usblp0: USB Bidirectional printer dev 6 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  165.907048][    T6] usb 4-1: USB disconnect, device number 6
[  165.919839][    T6] usblp0: removed
[  166.470419][   T39] usb 2-1: USB disconnect, device number 9
[  166.479516][   T39] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  166.483498][ T3880] loop1: detected capacity change from 0 to 512
[  166.491081][   T39] ftdi_sio 2-1:0.0: device disconnected
[  166.518828][ T3880] EXT4-fs (loop1): 1 orphan inode deleted
[  166.524392][ T3880] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  166.533257][ T3880] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038 (0x7fffffff)
[  166.542957][  T326] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  166.552713][  T326] EXT4-fs error (device loop1): ext4_release_dquot:6787: comm kworker/u4:3: Failed to release dquot type 1
[  166.809265][ T3888] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  166.884682][ T3890] loop3: detected capacity change from 0 to 1024
[  166.892839][ T3890] EXT4-fs: Ignoring removed oldalloc option
[  166.912888][ T3890] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  167.027784][ T3894] syz.3.1032[3894] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  167.029059][ T3894] syz.3.1032[3894] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  167.201851][ T1834] EXT4-fs (loop3): unmounting filesystem.
[  167.628831][ T3899] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[  167.661995][ T2727] EXT4-fs (loop1): unmounting filesystem.
[  167.843787][ T3902] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3902 comm=syz.3.1035
[  168.069834][ T3917] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  168.126820][  T333] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  168.456466][  T333] usb 3-1: Using ep0 maxpacket: 8
[  168.609627][  T333] usb 3-1: config index 0 descriptor too short (expected 5924, got 36)
[  168.649923][  T333] usb 3-1: config 250 has an invalid interface number: 228 but max is -1
[  168.660469][ T3927] loop3: detected capacity change from 0 to 512
[  168.676661][  T333] usb 3-1: config 250 has 1 interface, different from the descriptor's value: 0
[  168.746275][  T333] usb 3-1: config 250 has no interface number 0
[  168.752653][  T333] usb 3-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  168.754743][ T1802] syz-executor: attempt to access beyond end of device
[  168.754743][ T1802] loop0: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  168.782763][  T333] usb 3-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  168.783404][ T3927] EXT4-fs (loop3): 1 truncate cleaned up
[  168.802049][ T1802] syz-executor: attempt to access beyond end of device
[  168.802049][ T1802] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  168.887438][  T333] usb 3-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  168.897598][  T333] usb 3-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  168.907722][  T333] usb 3-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  168.921142][  T333] usb 3-1: config 250 interface 228 has no altsetting 0
[  168.936434][ T3927] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  168.977168][  T326] kworker/u4:3: attempt to access beyond end of device
[  168.977168][  T326] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  169.039979][ T3935] loop4: detected capacity change from 0 to 512
[  169.062883][ T3933] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1047'.
[  169.075409][ T3935] EXT4-fs (loop4): 1 orphan inode deleted
[  169.081152][ T3935] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  169.086449][  T333] usb 3-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  169.090158][  T334] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  169.098957][  T333] usb 3-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  169.108426][ T3935] ext4 filesystem being mounted at /71/file1 supports timestamps until 2038 (0x7fffffff)
[  169.116639][  T333] usb 3-1: Product: syz
[  169.154365][  T334] EXT4-fs error (device loop4): ext4_release_dquot:6787: comm kworker/u4:4: Failed to release dquot type 1
[  169.203132][  T333] usb 3-1: SerialNumber: syz
[  169.259312][  T333] hub 3-1:250.228: bad descriptor, ignoring hub
[  169.267732][  T333] hub: probe of 3-1:250.228 failed with error -5
[  169.483589][  T333] usblp 3-1:250.228: usblp0: USB Bidirectional printer dev 3 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  169.568731][  T333] usb 3-1: USB disconnect, device number 3
[  169.588081][  T333] usblp0: removed
[  169.722316][  T326] device bridge_slave_1 left promiscuous mode
[  169.729535][  T326] bridge0: port 2(bridge_slave_1) entered disabled state
[  169.737837][  T326] device bridge_slave_0 left promiscuous mode
[  169.743981][  T326] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.754483][  T326] device veth1_macvtap left promiscuous mode
[  169.760661][  T326] device veth0_vlan left promiscuous mode
[  169.935303][ T2691] EXT4-fs (loop4): unmounting filesystem.
[  169.949008][ T3943] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.957585][ T1834] EXT4-fs (loop3): unmounting filesystem.
[  169.963651][ T3943] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.978382][ T3943] device bridge_slave_0 entered promiscuous mode
[  169.987856][ T3943] bridge0: port 2(bridge_slave_1) entered blocking state
[  169.994779][ T3943] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.002474][ T3943] device bridge_slave_1 entered promiscuous mode
[  170.054283][ T3954] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  170.076719][  T333] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  170.107313][ T3960] loop3: detected capacity change from 0 to 1024
[  170.113882][ T3943] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.120743][ T3943] bridge0: port 2(bridge_slave_1) entered forwarding state
[  170.127835][ T3943] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.134600][ T3943] bridge0: port 1(bridge_slave_0) entered forwarding state
[  170.146488][ T3960] EXT4-fs: Ignoring removed oldalloc option
[  170.153050][ T1184] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.160465][ T1184] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.185454][ T1184] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  170.192922][ T1184] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  170.193534][ T3960] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  170.208003][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  170.220906][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  170.230977][  T313] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.237839][  T313] bridge0: port 1(bridge_slave_0) entered forwarding state
[  170.240013][ T3960] syz.3.1056[3960] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  170.244894][ T3960] syz.3.1056[3960] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  170.245348][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  170.281859][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  170.292859][ T1834] EXT4-fs (loop3): unmounting filesystem.
[  170.298760][  T313] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.305617][  T313] bridge0: port 2(bridge_slave_1) entered forwarding state
[  170.313342][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  170.318792][ T3962] loop4: detected capacity change from 0 to 40427
[  170.321582][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  170.327678][ T3962] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  170.342556][ T3962] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  170.349409][ T1184] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  170.351481][ T3962] F2FS-fs (loop4): invalid crc value
[  170.358275][  T333] usb 3-1: Using ep0 maxpacket: 8
[  170.364498][ T3962] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  170.381410][ T3962] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  170.385349][ T1184] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  170.408659][ T3943] device veth0_vlan entered promiscuous mode
[  170.408926][ T3962] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  170.416590][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  170.421660][ T3962] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  170.448458][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  170.457352][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  170.465058][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  170.482388][ T3943] device veth1_macvtap entered promiscuous mode
[  170.490143][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  170.497779][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  170.505054][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  170.514066][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  170.522016][  T333] usb 3-1: config index 0 descriptor too short (expected 5924, got 36)
[  170.530391][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  170.544903][  T333] usb 3-1: config 250 has an invalid interface number: 228 but max is -1
[  170.565463][  T333] usb 3-1: config 250 has 1 interface, different from the descriptor's value: 0
[  170.574971][  T333] usb 3-1: config 250 has no interface number 0
[  170.581228][  T333] usb 3-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  170.594154][  T333] usb 3-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  170.627721][  T333] usb 3-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  170.656117][  T333] usb 3-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  170.666939][  T333] usb 3-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  170.680915][  T333] usb 3-1: config 250 interface 228 has no altsetting 0
[  170.713522][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  170.789310][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  170.797754][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  170.805733][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  170.826421][  T333] usb 3-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  170.835494][  T333] usb 3-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  170.843640][  T333] usb 3-1: Product: syz
[  170.863091][  T333] usb 3-1: SerialNumber: syz
[  170.865988][ T3983] loop4: detected capacity change from 0 to 512
[  170.882274][ T3983] EXT4-fs (loop4): 1 truncate cleaned up
[  170.887942][ T3983] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  170.936436][  T333] usb 3-1: can't set config #250, error -71
[  170.946587][  T333] usb 3-1: USB disconnect, device number 4
[  171.356290][ T3995] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  171.420752][ T4007] loop3: detected capacity change from 0 to 256
[  171.427433][ T4007] FAT-fs (loop3): bogus number of FAT sectors
[  171.433368][ T4007] FAT-fs (loop3): Can't find a valid FAT filesystem
[  171.721862][ T4014] loop2: detected capacity change from 0 to 512
[  171.732002][ T4014] fuse: Unknown parameter 'grou00000000000000000000'
[  171.783394][ T2691] EXT4-fs (loop4): unmounting filesystem.
[  171.837116][ T4016] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1074'.
[  171.846220][ T4016] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  171.918595][ T4018] loop2: detected capacity change from 0 to 512
[  172.165016][ T4023] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  172.216381][ T2006] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  172.284775][ T4039] loop4: detected capacity change from 0 to 256
[  172.291343][ T4039] FAT-fs (loop4): bogus number of FAT sectors
[  172.297328][ T4039] FAT-fs (loop4): Can't find a valid FAT filesystem
[  172.421928][ T4041] loop4: detected capacity change from 0 to 512
[  172.428632][ T4041] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  172.447394][ T4041] EXT4-fs (loop4): failed to initialize system zone (-117)
[  172.454486][ T4041] EXT4-fs (loop4): mount failed
[  172.476445][ T2006] usb 4-1: Using ep0 maxpacket: 8
[  172.506416][    T6] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  172.637851][ T4045] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1085'.
[  172.646765][ T4045] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  172.666395][ T2006] usb 4-1: config index 0 descriptor too short (expected 5924, got 36)
[  172.677546][ T2006] usb 4-1: config 250 has an invalid interface number: 228 but max is -1
[  172.696160][ T4041] loop4: detected capacity change from 0 to 40427
[  172.702428][ T2006] usb 4-1: config 250 has 1 interface, different from the descriptor's value: 0
[  172.711461][ T2006] usb 4-1: config 250 has no interface number 0
[  172.718235][ T2006] usb 4-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  172.729650][ T4041] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  172.736609][ T4041] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  172.744606][ T2006] usb 4-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  172.755033][ T4041] F2FS-fs (loop4): Unrecognized mount option "noinline_xat˛8¨¤-hŪe_logs=4" or missing value
[  172.765179][ T2006] usb 4-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  172.776181][ T2006] usb 4-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  172.786430][    T6] usb 2-1: Using ep0 maxpacket: 16
[  172.791508][ T2006] usb 4-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  172.804925][ T2006] usb 4-1: config 250 interface 228 has no altsetting 0
[  172.876525][ T4048] loop2: detected capacity change from 0 to 40427
[  172.885899][ T4048] F2FS-fs (loop2): Invalid log blocks per segment (83886089)
[  172.893461][ T4048] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  172.902413][ T4048] F2FS-fs (loop2): invalid crc value
[  172.914752][ T4048] F2FS-fs (loop2): Found nat_bits in checkpoint
[  172.941233][ T4048] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  172.948230][ T2006] usb 4-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  172.954220][ T4048] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  172.957452][ T2006] usb 4-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  172.969355][ T4051] f2fs_ckpt-7:2: attempt to access beyond end of device
[  172.969355][ T4051] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  172.975124][ T4053] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1087'.
[  172.995292][ T2006] usb 4-1: Product: syz
[  172.999303][ T2006] usb 4-1: SerialNumber: syz
[  173.037035][ T2006] hub 4-1:250.228: bad descriptor, ignoring hub
[  173.043274][ T2006] hub: probe of 4-1:250.228 failed with error -5
[  173.064513][ T4057] loop2: detected capacity change from 0 to 1024
[  173.077529][ T4057] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  173.092001][   T28] audit: type=1400 audit(1729535169.148:251): avc:  denied  { mount } for  pid=4056 comm="syz.2.1089" name="/" dev="ramfs" ino=31285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  173.114071][    T6] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  173.123092][    T6] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.130883][    T6] usb 2-1: Product: syz
[  173.134832][    T6] usb 2-1: Manufacturer: syz
[  173.139280][    T6] usb 2-1: SerialNumber: syz
[  173.147508][    T6] usb 2-1: config 0 descriptor??
[  173.197091][    T6] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  173.204691][    T6] usb 2-1: Detected FT232H
[  173.281831][ T4062] tipc: Started in network mode
[  173.286641][ T4062] tipc: Node identity ac1414aa, cluster identity 4711
[  173.293541][ T4062] tipc: New replicast peer: 100.1.1.1
[  173.299106][ T4062] tipc: Enabled bearer <udp:syz2>, priority 10
[  173.386995][ T2006] usblp 4-1:250.228: usblp0: USB Bidirectional printer dev 7 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  173.406487][    T6] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  173.427190][ T2006] usb 4-1: USB disconnect, device number 7
[  173.433713][ T2006] usblp0: removed
[  173.666425][    T6] ftdi_sio 2-1:0.0: GPIO initialisation failed: -5
[  173.673212][    T6] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  173.786164][ T4070] 9pnet_fd: Insufficient options for proto=fd
[  173.801462][ T4072] loop0: detected capacity change from 0 to 256
[  173.808226][ T4072] FAT-fs (loop0): bogus number of FAT sectors
[  173.814165][ T4072] FAT-fs (loop0): Can't find a valid FAT filesystem
[  173.925968][   T28] audit: type=1400 audit(1729535169.978:252): avc:  denied  { unmount } for  pid=2709 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  173.946474][ T2006] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  173.954520][ T2709] EXT4-fs error (device loop2): ext4_lookup:1859: inode #2: comm syz-executor: deleted inode referenced: 11
[  173.965693][   T28] audit: type=1400 audit(1729535170.008:253): avc:  denied  { unlink } for  pid=2709 comm="syz-executor" name="file0" dev="loop2" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  173.966206][ T2709] EXT4-fs error (device loop2): ext4_lookup:1859: inode #2: comm syz-executor: deleted inode referenced: 11
[  173.998568][   T28] audit: type=1400 audit(1729535170.008:254): avc:  denied  { unlink } for  pid=2709 comm="syz-executor" name="file1" dev="loop2" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  174.015099][ T4074] loop0: detected capacity change from 0 to 128
[  174.029815][ T4074] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  174.043841][ T4074] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  174.052357][ T4074] ext2 filesystem being mounted at /6/bus supports timestamps until 2038 (0x7fffffff)
[  174.079033][ T2709] EXT4-fs (loop2): unmounting filesystem.
[  174.084625][  T326] tipc: Disabling bearer <udp:syz2>
[  174.090061][  T326] tipc: Left network mode
[  174.213864][ T4079] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.220905][ T4079] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.228503][ T4079] device bridge_slave_0 entered promiscuous mode
[  174.236390][ T2006] usb 4-1: Using ep0 maxpacket: 8
[  174.241772][ T4079] bridge0: port 2(bridge_slave_1) entered blocking state
[  174.248707][ T4079] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.256076][ T4079] device bridge_slave_1 entered promiscuous mode
[  174.332364][ T4079] bridge0: port 2(bridge_slave_1) entered blocking state
[  174.339225][ T4079] bridge0: port 2(bridge_slave_1) entered forwarding state
[  174.346318][ T4079] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.353098][ T4079] bridge0: port 1(bridge_slave_0) entered forwarding state
[  174.376467][ T2006] usb 4-1: config index 0 descriptor too short (expected 5924, got 36)
[  174.381600][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  174.387954][ T2006] usb 4-1: config 250 has an invalid interface number: 228 but max is -1
[  174.400465][  T313] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.400589][ T2006] usb 4-1: config 250 has 1 interface, different from the descriptor's value: 0
[  174.416206][ T2006] usb 4-1: config 250 has no interface number 0
[  174.416232][  T313] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.422319][ T2006] usb 4-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  174.440528][ T2006] usb 4-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  174.450754][ T2006] usb 4-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  174.460823][ T2006] usb 4-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  174.470891][ T2006] usb 4-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  174.484164][ T2006] usb 4-1: config 250 interface 228 has no altsetting 0
[  174.491628][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  174.499736][ T3719] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.506595][ T3719] bridge0: port 1(bridge_slave_0) entered forwarding state
[  174.513690][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  174.521737][ T3719] bridge0: port 2(bridge_slave_1) entered blocking state
[  174.528581][ T3719] bridge0: port 2(bridge_slave_1) entered forwarding state
[  174.538369][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  174.547418][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  174.560774][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  174.571853][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  174.580116][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  174.587563][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  174.594809][ T4079] device veth0_vlan entered promiscuous mode
[  174.606706][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  174.615648][ T4079] device veth1_macvtap entered promiscuous mode
[  174.624540][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  174.639677][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  174.656600][ T2006] usb 4-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  174.670222][ T2006] usb 4-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  174.679388][ T2006] usb 4-1: Product: syz
[  174.706618][ T2006] usb 4-1: can't set config #250, error -71
[  174.713913][  T326] device bridge_slave_1 left promiscuous mode
[  174.722606][  T326] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.729729][ T2006] usb 4-1: USB disconnect, device number 8
[  174.738453][  T326] device bridge_slave_0 left promiscuous mode
[  174.744441][  T326] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.752462][  T326] device veth1_macvtap left promiscuous mode
[  174.758378][  T326] device veth0_vlan left promiscuous mode
[  174.897094][ T3943] EXT4-fs (loop0): unmounting filesystem.
[  174.937955][ T4096] incfs: Backing dir is not set, filesystem can't be mounted.
[  174.954122][ T4096] incfs: mount failed -2
[  175.285959][  T313] usb 2-1: USB disconnect, device number 10
[  175.316796][  T313] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  175.343774][  T313] ftdi_sio 2-1:0.0: device disconnected
[  175.364663][ T4103] loop1: detected capacity change from 0 to 512
[  175.373011][ T4103] EXT4-fs (loop1): 1 truncate cleaned up
[  175.378797][ T4103] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  175.544698][ T4107] 9pnet_fd: Insufficient options for proto=fd
[  175.918046][ T4114] loop2: detected capacity change from 0 to 256
[  175.934929][ T4114] FAT-fs (loop2): bogus number of FAT sectors
[  175.945082][ T4114] FAT-fs (loop2): Can't find a valid FAT filesystem
[  175.984967][ T4119] syz.0.1107[4119] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  175.985011][ T4119] syz.0.1107[4119] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  176.174961][ T4121] loop2: detected capacity change from 0 to 40427
[  176.192778][ T4121] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  176.201039][ T4121] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  176.211785][ T4121] F2FS-fs (loop2): invalid crc value
[  176.218213][ T4121] F2FS-fs (loop2): Found nat_bits in checkpoint
[  176.228960][ T2727] EXT4-fs (loop1): unmounting filesystem.
[  176.236527][ T2006] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  176.256180][ T4121] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  176.263090][ T4121] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  176.420686][ T4131] loop3: detected capacity change from 0 to 128
[  176.427252][ T4131] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  176.436053][ T4131] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  176.444547][ T4131] ext2 filesystem being mounted at /147/bus supports timestamps until 2038 (0x7fffffff)
[  176.506411][ T2006] usb 5-1: Using ep0 maxpacket: 8
[  176.516482][   T19] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  176.656436][ T2006] usb 5-1: config index 0 descriptor too short (expected 5924, got 36)
[  176.664707][ T2006] usb 5-1: config 250 has an invalid interface number: 228 but max is -1
[  176.673094][ T2006] usb 5-1: config 250 has 1 interface, different from the descriptor's value: 0
[  176.682021][ T2006] usb 5-1: config 250 has no interface number 0
[  176.688125][ T2006] usb 5-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  176.699600][ T2006] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  176.709896][ T2006] usb 5-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  176.719967][ T2006] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  176.730041][ T2006] usb 5-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  176.743274][ T2006] usb 5-1: config 250 interface 228 has no altsetting 0
[  176.786410][   T19] usb 2-1: Using ep0 maxpacket: 16
[  176.866939][ T2006] usb 5-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  176.875909][ T2006] usb 5-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  176.883907][ T2006] usb 5-1: Product: syz
[  176.888043][ T2006] usb 5-1: SerialNumber: syz
[  176.906520][   T19] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  176.917784][   T19] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  176.927496][   T19] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  176.940674][ T2006] hub 5-1:250.228: bad descriptor, ignoring hub
[  176.948644][   T19] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  176.957642][ T2006] hub: probe of 5-1:250.228 failed with error -5
[  176.964438][   T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.986902][   T19] usb 2-1: config 0 descriptor??
[  177.156983][ T2006] usblp 5-1:250.228: usblp0: USB Bidirectional printer dev 5 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  177.196568][ T2006] usb 5-1: USB disconnect, device number 5
[  177.212557][ T2006] usblp0: removed
[  177.286423][ T3719] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  177.433384][ T1834] EXT4-fs (loop3): unmounting filesystem.
[  177.457989][   T19] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[  177.465044][   T19] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[  177.469484][ T4150] loop3: detected capacity change from 0 to 512
[  177.472385][   T19] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[  177.485538][ T4150] EXT4-fs: Ignoring removed mblk_io_submit option
[  177.485726][   T19] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[  177.492312][ T4150] EXT4-fs: Ignoring removed i_version option
[  177.499032][   T19] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[  177.506268][ T4150] EXT4-fs error (device loop3): __ext4_iget:5046: inode #11: block 1: comm syz.3.1117: invalid block
[  177.511862][   T19] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[  177.522607][ T4150] EXT4-fs (loop3): Remounting filesystem read-only
[  177.529622][   T19] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[  177.535764][ T4150] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.1117: couldn't read orphan inode 11 (err -117)
[  177.542898][   T19] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[  177.542921][   T19] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[  177.542942][   T19] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[  177.547733][   T19] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0002/input/input10
[  177.554694][ T3719] usb 3-1: Using ep0 maxpacket: 16
[  177.561828][ T4150] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  177.607758][   T19] microsoft 0003:045E:07DA.0002: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  177.664735][   T19] usb 2-1: USB disconnect, device number 11
[  177.873047][ T2006] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  177.886529][ T3719] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  177.895450][ T3719] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.903218][ T3719] usb 3-1: Product: syz
[  177.907324][ T3719] usb 3-1: Manufacturer: syz
[  177.911727][ T3719] usb 3-1: SerialNumber: syz
[  177.916968][ T3719] usb 3-1: config 0 descriptor??
[  177.956878][ T3719] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[  177.964413][ T3719] usb 3-1: Detected FT232H
[  178.060505][ T4157] loop0: detected capacity change from 0 to 256
[  178.067761][ T4157] FAT-fs (loop0): bogus number of FAT sectors
[  178.073671][ T4157] FAT-fs (loop0): Can't find a valid FAT filesystem
[  178.136407][ T2006] usb 5-1: Using ep0 maxpacket: 8
[  178.166412][ T3719] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  178.256443][ T2006] usb 5-1: config index 0 descriptor too short (expected 5924, got 36)
[  178.264747][ T2006] usb 5-1: config 250 has an invalid interface number: 228 but max is -1
[  178.274297][ T2006] usb 5-1: config 250 has 1 interface, different from the descriptor's value: 0
[  178.283267][ T2006] usb 5-1: config 250 has no interface number 0
[  178.289297][ T2006] usb 5-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  178.303368][ T2006] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  178.313843][ T2006] usb 5-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  178.324875][ T2006] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  178.337897][ T2006] usb 5-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  178.351207][ T2006] usb 5-1: config 250 interface 228 has no altsetting 0
[  178.359154][ T1834] EXT4-fs (loop3): unmounting filesystem.
[  178.621719][ T4168] syz.3.1122[4168] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  178.621789][ T4168] syz.3.1122[4168] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  178.636426][ T3719] ftdi_sio 3-1:0.0: GPIO initialisation failed: -5
[  178.655663][ T3719] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  178.676466][ T2006] usb 5-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  178.685404][ T2006] usb 5-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  178.693563][ T2006] usb 5-1: Product: syz
[  178.697727][ T2006] usb 5-1: SerialNumber: syz
[  178.757971][ T2006] hub 5-1:250.228: bad descriptor, ignoring hub
[  178.764169][ T2006] hub: probe of 5-1:250.228 failed with error -5
[  179.086965][ T2006] usblp 5-1:250.228: usblp0: USB Bidirectional printer dev 6 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  179.111620][ T4176] loop4: detected capacity change from 0 to 512
[  179.128046][ T4176] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  179.141098][ T4176] ext4 filesystem being mounted at /88/file0 supports timestamps until 2038 (0x7fffffff)
[  179.143495][ T2006] usb 5-1: USB disconnect, device number 6
[  179.160256][ T2006] usblp0: removed
[  179.175541][ T2691] EXT4-fs (loop4): unmounting filesystem.
[  179.253404][ T4186] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1126'.
[  179.262277][ T4186] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  180.006025][ T4197] loop0: detected capacity change from 0 to 512
[  180.012536][ T4197] EXT4-fs: Ignoring removed oldalloc option
[  180.018842][ T4197] EXT4-fs (loop0): Test dummy encryption mode enabled
[  180.025433][ T4197] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  180.359746][  T313] usb 3-1: USB disconnect, device number 5
[  180.410636][  T313] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  180.448184][  T313] ftdi_sio 3-1:0.0: device disconnected
[  180.544859][ T4210] futex_wake_op: syz.2.1133 tries to shift op by 32; fix this program
[  180.606406][  T333] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  180.826383][   T39] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  180.846387][  T333] usb 4-1: Using ep0 maxpacket: 16
[  180.996430][  T333] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  181.007330][  T333] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  181.537217][  T333] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  181.556405][   T39] usb 2-1: Using ep0 maxpacket: 8
[  181.602611][  T333] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  181.612359][  T333] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.623675][  T333] usb 4-1: config 0 descriptor??
[  181.676573][   T39] usb 2-1: config index 0 descriptor too short (expected 5924, got 36)
[  181.691593][   T39] usb 2-1: config 250 has an invalid interface number: 228 but max is -1
[  181.701012][   T39] usb 2-1: config 250 has 1 interface, different from the descriptor's value: 0
[  181.710094][   T39] usb 2-1: config 250 has no interface number 0
[  181.716259][   T39] usb 2-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  181.723789][ T4228] loop2: detected capacity change from 0 to 128
[  181.729997][   T39] usb 2-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  181.750473][   T39] usb 2-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  181.762482][   T39] usb 2-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  181.778736][   T39] usb 2-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  181.792254][ T4228] syz.2.1139: attempt to access beyond end of device
[  181.792254][ T4228] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[  181.806093][   T39] usb 2-1: config 250 interface 228 has no altsetting 0
[  181.929645][ T4239] loop2: detected capacity change from 0 to 1024
[  181.936083][ T4239] EXT4-fs: Ignoring removed oldalloc option
[  182.624895][ T4239] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  182.633969][   T39] usb 2-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  182.649635][  T333] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  182.657158][  T333] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  182.768130][ T4252] loop0: detected capacity change from 0 to 512
[  182.768507][   T39] usb 2-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  182.784477][  T333] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  182.791698][  T333] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  182.798924][   T39] usb 2-1: Product: syz
[  182.800046][ T4239] syz.2.1144[4239] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  182.802884][   T39] usb 2-1: SerialNumber: syz
[  182.805879][  T333] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  182.826786][  T333] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  182.834433][ T4252] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  182.843890][   T39] hub 2-1:250.228: bad descriptor, ignoring hub
[  182.850175][  T333] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  182.850199][ T4239] syz.2.1144[4239] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  182.857829][   T39] hub: probe of 2-1:250.228 failed with error -5
[  182.876415][  T333] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  182.883425][  T333] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  182.892084][  T333] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  182.903865][  T333] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0003/input/input11
[  182.905447][ T4079] EXT4-fs (loop2): unmounting filesystem.
[  182.916267][  T333] microsoft 0003:045E:07DA.0003: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  182.933209][ T4252] EXT4-fs (loop0): failed to initialize system zone (-117)
[  182.947745][ T4252] EXT4-fs (loop0): mount failed
[  182.964774][  T333] usb 4-1: USB disconnect, device number 9
[  183.024090][ T4251] loop4: detected capacity change from 0 to 40427
[  183.047767][ T4251] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  183.055343][ T4251] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  183.064272][ T4251] F2FS-fs (loop4): invalid crc value
[  183.087169][   T39] usblp 2-1:250.228: usblp0: USB Bidirectional printer dev 12 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  183.108921][ T4251] F2FS-fs (loop4): Found nat_bits in checkpoint
[  183.137345][   T39] usb 2-1: USB disconnect, device number 12
[  183.155055][   T39] usblp0: removed
[  183.374584][ T4251] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  183.382013][ T4251] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  183.409062][ T4251] syz.4.1146: attempt to access beyond end of device
[  183.409062][ T4251] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  183.437635][ T4252] loop0: detected capacity change from 0 to 40427
[  183.439311][ T4251] syz.4.1146: attempt to access beyond end of device
[  183.439311][ T4251] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  183.463909][ T4251] syz.4.1146: attempt to access beyond end of device
[  183.463909][ T4251] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  183.465771][ T4252] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504)
[  183.477980][ T4251] syz.4.1146: attempt to access beyond end of device
[  183.477980][ T4251] loop4: rw=2049, sector=45112, nr_sectors = 48 limit=40427
[  183.484936][ T4252] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  183.498269][ T4251] syz.4.1146: attempt to access beyond end of device
[  183.498269][ T4251] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  183.507321][ T4252] F2FS-fs (loop0): Unrecognized mount option "noinline_xat˛8¨¤-hŪe_logs=4" or missing value
[  183.585262][ T4267] syz.4.1146: attempt to access beyond end of device
[  183.585262][ T4267] loop4: rw=2051, sector=45096, nr_sectors = 64 limit=40427
[  183.599151][ T4267] F2FS-fs (loop4): Issue discard(5637, 5637, 8) failed, ret: -5
[  183.766390][   T39] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  183.992001][ T4279] syz.2.1153[4279] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  183.992242][ T4279] syz.2.1153[4279] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  184.036393][   T39] usb 2-1: Using ep0 maxpacket: 8
[  184.186824][   T39] usb 2-1: config index 0 descriptor too short (expected 5924, got 36)
[  184.210334][   T39] usb 2-1: config 250 has an invalid interface number: 228 but max is -1
[  184.216384][ T4277] bridge0: port 1(bridge_slave_0) entered blocking state
[  184.218910][   T39] usb 2-1: config 250 has 1 interface, different from the descriptor's value: 0
[  184.225464][ T4277] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.234391][   T39] usb 2-1: config 250 has no interface number 0
[  184.247541][   T39] usb 2-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  184.259352][ T4277] device bridge_slave_0 entered promiscuous mode
[  184.265510][   T39] usb 2-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  184.276498][   T41] device bridge_slave_1 left promiscuous mode
[  184.282689][   T41] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.289703][   T39] usb 2-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  184.299836][   T39] usb 2-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  184.303301][   T41] device bridge_slave_0 left promiscuous mode
[  184.325529][   T39] usb 2-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  184.334409][ T4286] loop0: detected capacity change from 0 to 128
[  184.344974][   T41] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.351941][   T39] usb 2-1: config 250 interface 228 has no altsetting 0
[  184.360226][   T41] device veth1_macvtap left promiscuous mode
[  184.368106][   T41] device veth0_vlan left promiscuous mode
[  184.443593][ T4291] loop1: detected capacity change from 0 to 1024
[  184.445415][ T4286] syz.0.1155: attempt to access beyond end of device
[  184.445415][ T4286] loop0: rw=34817, sector=97, nr_sectors = 32 limit=128
[  184.450060][ T4291] EXT4-fs: Ignoring removed oldalloc option
[  184.468963][   T39] usb 2-1: string descriptor 0 read error: -71
[  184.475840][   T39] usb 2-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  184.486135][   T39] usb 2-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  184.516686][   T39] usb 2-1: can't set config #250, error -71
[  184.554064][ T4277] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.574486][ T4277] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.583951][   T39] usb 2-1: USB disconnect, device number 13
[  184.669300][ T4277] device bridge_slave_1 entered promiscuous mode
[  184.672354][ T4291] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  184.725605][ T4291] syz.1.1157[4291] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  184.725675][ T4291] syz.1.1157[4291] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  184.739700][ T4301] loop2: detected capacity change from 0 to 512
[  184.791850][ T2727] EXT4-fs (loop1): unmounting filesystem.
[  184.823849][ T4301] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  184.833229][ T4301] ext4 filesystem being mounted at /10/file0 supports timestamps until 2038 (0x7fffffff)
[  184.861749][ T2006] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  185.325080][ T4079] EXT4-fs (loop2): unmounting filesystem.
[  185.360385][ T2794] Bluetooth: hci0: sending frame failed (-49)
[  185.366589][  T644] Bluetooth: hci0: Opcode 0x1003 failed: -49
[  185.382947][ T2006] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  185.396186][ T2006] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  185.408728][ T2006] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  185.416751][ T2006] bridge0: port 1(bridge_slave_0) entered blocking state
[  185.423602][ T2006] bridge0: port 1(bridge_slave_0) entered forwarding state
[  185.431412][ T2006] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  185.449950][ T2006] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  185.458524][ T2006] bridge0: port 2(bridge_slave_1) entered blocking state
[  185.465366][ T2006] bridge0: port 2(bridge_slave_1) entered forwarding state
[  185.492521][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  185.500290][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  185.508168][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  185.520702][ T1184] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  185.531204][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  185.539034][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  185.546187][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  185.558917][ T4277] device veth0_vlan entered promiscuous mode
[  185.575871][ T1184] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  185.615686][ T4277] device veth1_macvtap entered promiscuous mode
[  185.630920][ T1184] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  185.633059][ T4323] usb usb8: usbfs: process 4323 (syz.2.1163) did not claim interface 0 before use
[  185.652351][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  185.766414][    T6] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  185.775854][ T4332] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  185.779903][ T4334] loop4: detected capacity change from 0 to 1024
[  185.811965][ T4334] EXT4-fs: Ignoring removed oldalloc option
[  185.896911][ T4334] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  185.914437][ T4325] loop0: detected capacity change from 0 to 40427
[  185.927882][ T4325] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  185.929064][ T4334] syz.4.1170[4334] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  185.935415][ T4325] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  185.971629][ T4325] F2FS-fs (loop0): invalid crc value
[  186.033539][ T4334] syz.4.1170[4334] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  186.101855][ T4325] F2FS-fs (loop0): Found nat_bits in checkpoint
[  186.174568][ T4277] EXT4-fs (loop4): unmounting filesystem.
[  186.210706][ T4325] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  186.217120][   T41] Bluetooth: hci0: Frame reassembly failed (-84)
[  186.217597][    T6] usb 4-1: Using ep0 maxpacket: 8
[  186.224501][ T4325] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  186.251446][ T4325] syz.0.1167: attempt to access beyond end of device
[  186.251446][ T4325] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  186.272821][   T41] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  186.282139][   T41] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  186.346551][    T6] usb 4-1: config index 0 descriptor too short (expected 5924, got 36)
[  186.357502][    T6] usb 4-1: config 250 has an invalid interface number: 228 but max is -1
[  186.365775][    T6] usb 4-1: config 250 has 1 interface, different from the descriptor's value: 0
[  186.374872][    T6] usb 4-1: config 250 has no interface number 0
[  186.380936][    T6] usb 4-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  186.392398][    T6] usb 4-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  186.402616][    T6] usb 4-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  186.412696][    T6] usb 4-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  186.422720][    T6] usb 4-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  186.436258][    T6] usb 4-1: config 250 interface 228 has no altsetting 0
[  186.710633][   T28] audit: type=1400 audit(1729535182.768:255): avc:  denied  { append } for  pid=4361 comm="syz.1.1178" name="001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  186.736548][    T6] usb 4-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  187.273919][ T4366] loop1: detected capacity change from 0 to 32768
[  187.297729][    T6] usb 4-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  187.309974][    T6] usb 4-1: Product: syz
[  187.333357][ T4366]  loop1: p1 p3 < p5 p6 p7 >
[  187.413823][    T6] usb 4-1: SerialNumber: syz
[  187.539665][ T4372] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  187.579767][    T6] hub 4-1:250.228: bad descriptor, ignoring hub
[  187.585971][    T6] hub: probe of 4-1:250.228 failed with error -5
[  187.605095][ T4378] loop0: detected capacity change from 0 to 1024
[  187.618963][ T4378] EXT4-fs: Ignoring removed oldalloc option
[  187.668222][ T4383] loop1: detected capacity change from 0 to 512
[  187.669198][ T4378] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  187.689252][ T4383] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.1184: inode #1: comm syz.1.1184: iget: illegal inode #
[  187.699564][ T4378] syz.0.1183[4378] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  187.702063][ T4378] syz.0.1183[4378] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  187.704151][ T4383] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.1184: error while reading EA inode 1 err=-117
[  187.736450][ T4383] EXT4-fs (loop1): 1 orphan inode deleted
[  187.741984][ T4383] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  187.826194][ T3943] EXT4-fs (loop0): unmounting filesystem.
[  187.832103][ T4387] usb usb8: usbfs: process 4387 (syz.2.1185) did not claim interface 0 before use
[  187.842066][    T6] usblp 4-1:250.228: usblp0: USB Bidirectional printer dev 10 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  188.226508][  T644] Bluetooth: hci0: command 0x1003 tx timeout
[  188.226548][ T2794] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  188.255083][ T4395] loop4: detected capacity change from 0 to 512
[  188.296699][ T4395] EXT4-fs (loop4): 1 orphan inode deleted
[  188.302375][ T4395] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  188.311247][ T4395] ext4 filesystem being mounted at /3/file1 supports timestamps until 2038 (0x7fffffff)
[  188.320958][    T8] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  188.330869][    T8] EXT4-fs error (device loop4): ext4_release_dquot:6787: comm kworker/u4:0: Failed to release dquot type 1
[  188.340708][    T6] usb 4-1: reset high-speed USB device number 10 using dummy_hcd
[  188.481988][ T4401] loop2: detected capacity change from 0 to 1024
[  188.489977][ T4401] EXT4-fs: Ignoring removed orlov option
[  188.691527][ T2727] EXT4-fs error (device loop1): htree_dirblock_to_tree:1111: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  188.696883][ T4401] EXT4-fs (loop2): Test dummy encryption mode enabled
[  188.712535][   T28] audit: type=1400 audit(1729535184.768:256): avc:  denied  { unlink } for  pid=2727 comm="syz-executor" name="lost+found" dev="loop1" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=blk_file permissive=1
[  188.721029][ T4401] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  188.749996][ T2727] ------------[ cut here ]------------
[  188.755298][ T2727] kernel BUG at fs/namei.c:2956!
[  188.760753][   T28] audit: type=1400 audit(1729535184.808:257): avc:  denied  { mount } for  pid=4400 comm="syz.2.1189" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  188.782285][ T2727] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  188.788161][ T2727] CPU: 1 PID: 2727 Comm: syz-executor Tainted: G        W          6.1.99-syzkaller-00050-gadd3d68602a0 #0
[  188.799355][ T2727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  188.809254][ T2727] RIP: 0010:may_delete+0x6eb/0x6f0
[  188.814197][ T2727] Code: 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c 7f fe ff ff 4c 89 e7 e8 a6 6e f3 ff e9 72 fe ff ff e8 2c 2d ac ff 0f 0b e8 25 2d ac ff <0f> 0b 0f 1f 00 55 48 89 e5 41 56 53 48 89 fb e8 11 2d ac ff 4c 8d
[  188.833638][ T2727] RSP: 0018:ffffc90005c7fbd8 EFLAGS: 00010293
[  188.839537][ T2727] RAX: ffffffff81c9761b RBX: ffff8881122a2f10 RCX: ffff888110c61440
[  188.847348][ T2727] RDX: 0000000000000000 RSI: 0000000000200000 RDI: 0000000000000000
[  188.855160][ T2727] RBP: ffffc90005c7fc40 R08: ffffffff81c96faf R09: 0000000000000003
[  188.862971][ T2727] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff88810db68dd0
[  188.870782][ T2727] R13: 1ffff11021b6d1ba R14: ffff888135c8c608 R15: dffffc0000000000
[  188.878593][ T2727] FS:  0000555555870500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  188.887362][ T2727] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  188.893781][ T2727] CR2: 00005555558934e8 CR3: 0000000127cb1000 CR4: 00000000003506a0
[  188.901595][ T2727] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  188.909408][ T2727] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  188.917218][ T2727] Call Trace:
[  188.920341][ T2727]  <TASK>
[  188.923119][ T2727]  ? __die_body+0x62/0xb0
[  188.927285][ T2727]  ? die+0x88/0xb0
[  188.930847][ T2727]  ? do_trap+0x103/0x330
[  188.934924][ T2727]  ? may_delete+0x6eb/0x6f0
[  188.939262][ T2727]  ? handle_invalid_op+0x95/0xc0
[  188.944036][ T2727]  ? may_delete+0x6eb/0x6f0
[  188.948376][ T2727]  ? exc_invalid_op+0x32/0x50
[  188.952888][ T2727]  ? asm_exc_invalid_op+0x1b/0x20
[  188.957751][ T2727]  ? may_delete+0x7f/0x6f0
[  188.962001][ T2727]  ? may_delete+0x6eb/0x6f0
[  188.966346][ T2727]  ? may_delete+0x6eb/0x6f0
[  188.970683][ T2727]  ? may_delete+0x6eb/0x6f0
[  188.975023][ T2727]  vfs_rmdir+0x32/0x500
[  188.979015][ T2727]  ? generic_shutdown_super+0x2b8/0x370
[  188.984398][ T2727]  incfs_kill_sb+0x113/0x230
[  188.988824][ T2727]  deactivate_locked_super+0xad/0x110
[  188.994032][ T2727]  deactivate_super+0xbe/0xf0
[  188.998542][ T2727]  cleanup_mnt+0x485/0x510
[  189.002795][ T2727]  ? user_path_at_empty+0x14e/0x1a0
[  189.007829][ T2727]  __cleanup_mnt+0x19/0x20
[  189.012080][ T2727]  task_work_run+0x24d/0x2e0
[  189.016508][ T2727]  ? task_work_cancel+0x2b0/0x2b0
[  189.021368][ T2727]  ? __x64_sys_umount+0x122/0x170
[  189.026229][ T2727]  exit_to_user_mode_loop+0x94/0xa0
[  189.031264][ T2727]  exit_to_user_mode_prepare+0x5a/0xa0
[  189.036556][ T2727]  syscall_exit_to_user_mode+0x26/0x130
[  189.041938][ T2727]  do_syscall_64+0x47/0xb0
[  189.046190][ T2727]  ? clear_bhb_loop+0x55/0xb0
[  189.050703][ T2727]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  189.056432][ T2727] RIP: 0033:0x7f5ebfd7f327
[  189.060684][ T2727] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  189.080125][ T2727] RSP: 002b:00007ffeb5e2f0b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  189.088370][ T2727] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f5ebfd7f327
[  189.096183][ T2727] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffeb5e2f170
[  189.103993][ T2727] RBP: 00007ffeb5e2f170 R08: 0000000000000000 R09: 0000000000000000
[  189.111805][ T2727] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffeb5e30260
[  189.119618][ T2727] R13: 00007f5ebfdf0134 R14: 000000000002dcfe R15: 00007ffeb5e31320
[  189.127432][ T2727]  </TASK>
[  189.130292][ T2727] Modules linked in:
[  189.143758][ T2727] ---[ end trace 0000000000000000 ]---
[  189.149150][ T2727] RIP: 0010:may_delete+0x6eb/0x6f0
[  189.154108][ T2727] Code: 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c 7f fe ff ff 4c 89 e7 e8 a6 6e f3 ff e9 72 fe ff ff e8 2c 2d ac ff 0f 0b e8 25 2d ac ff <0f> 0b 0f 1f 00 55 48 89 e5 41 56 53 48 89 fb e8 11 2d ac ff 4c 8d
[  189.174441][   T28] audit: type=1400 audit(1729535185.228:258): avc:  denied  { unmount } for  pid=4277 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  189.174504][ T2727] RSP: 0018:ffffc90005c7fbd8 EFLAGS: 00010293
[  189.200760][ T4277] EXT4-fs (loop4): unmounting filesystem.
[  189.207332][ T2727] RAX: ffffffff81c9761b RBX: ffff8881122a2f10 RCX: ffff888110c61440
[  189.216687][ T2727] RDX: 0000000000000000 RSI: 0000000000200000 RDI: 0000000000000000
[  189.224464][ T2727] RBP: ffffc90005c7fc40 R08: ffffffff81c96faf R09: 0000000000000003
[  189.224659][ T4079] EXT4-fs (loop2): unmounting filesystem.
[  189.232611][ T2727] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff88810db68dd0
[  189.245830][ T2727] R13: 1ffff11021b6d1ba R14: ffff888135c8c608 R15: dffffc0000000000
[  189.254626][ T2727] FS:  0000555555870500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  189.264111][ T2727] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  189.266473][    T6] usb 4-1: device descriptor read/all, error -71
[  189.270726][ T2727] CR2: 00007f93c0d07ab8 CR3: 0000000127cb1000 CR4: 00000000003506a0
[  189.284511][ T2727] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  189.292427][ T2727] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  189.300392][ T2727] Kernel panic - not syncing: Fatal exception
[  189.306462][ T2727] Kernel Offset: disabled
[  189.310577][ T2727] Rebooting in 86400 seconds..