last executing test programs:

5.127057274s ago: executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000000)='block_split\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='block_split\x00', r0}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r2, &(0x7f0000000180), 0x40001)

5.066889194s ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000008c0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
rt_sigtimedwait(0x0, 0x0, 0x0, 0x0)

5.040582148s ago: executing program 3:
pselect6(0x40, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_read_part_table(0x4044, &(0x7f0000004040)="$eJzszjFKxGAUBODJavBHtrCwE1aDIFvGziq3yAVyBmsLcxPL4AEsBS9mJRJNExBR9vu6x5uBCf/Sy/C8f0uumoxtm5Qkxwux9jb1adlkm+T++7uffmMrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwx5RV6eEi40OXu21STpI8HqXudlXOkyZnH6nXz8JmVu9T/cBkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCw1OviT9cZu12VkjQ3X5+XC4X97Oqn1QMBAAAAAIB3duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTiQAQAAABDmb51H+wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYKQAA//8fog11")

4.915627277s ago: executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)

3.582813147s ago: executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={0x0}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0xfffffffffffffe8b, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='block_bio_remap\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='block_bio_remap\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.current\x00', 0x7a05, 0x1700)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
write$cgroup_int(r4, &(0x7f0000000100), 0x1001)
write$cgroup_pid(r3, &(0x7f0000000340), 0xfdef)

3.549775412s ago: executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x4}, 0x8}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kvm_mmio\x00', r3}, 0x10)
r4 = epoll_create(0x802)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, 0xffffffffffffffff, &(0x7f0000000300))
ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x5437, 0x0)
capset(0x0, &(0x7f0000000280))
fchdir(0xffffffffffffffff)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
ioprio_get$pid(0x1, r0)

2.592087603s ago: executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r0}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000079000000090000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000070018110000", @ANYRES32=r1], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r2}, 0x10)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x0, @private=0xa010101}, 0x10)

2.585744473s ago: executing program 3:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r0, &(0x7f0000000b00)=[{{&(0x7f0000000040)={0xa, 0x4e20, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x1c, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="280000000000000029000000390000000002020100000000ff01020000000000000000000000000118"], 0x40}}, {{&(0x7f0000000300)={0xa, 0x4e23, 0x0, @dev}, 0x1c, 0x0, 0x0, &(0x7f0000000c40)=[@pktinfo={{0x24, 0x29, 0x32, {@private1}}}], 0x28}}], 0x2, 0x0)

2.580749934s ago: executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800004e9d00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='ext4_da_write_pages_extent\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='ext4_da_write_pages_extent\x00', r3}, 0x10)
write$cgroup_type(r2, &(0x7f0000000180), 0xf000)

2.578311324s ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
ioctl$FS_IOC_RESVSP(r1, 0x40086602, &(0x7f0000000000)={0x0, 0x0, 0x7, 0x2000000000})
r3 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
r5 = syz_usb_connect$uac1(0x6, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRES64=r5, @ANYRES64=r2], 0x0}, 0x90)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000280)=0xf000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000178500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='jbd2_checkpoint_stats\x00'}, 0x10)
ioctl$TUNSETOFFLOAD(r8, 0x4004662b, 0x20001412)
ioctl$sock_FIOSETOWN(0xffffffffffffffff, 0x8901, 0x0)
syz_emit_ethernet(0x11a, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaa290000000000008847000004000000000000000000000000000000000000000000637a832000cc0600fc020000000000000000000000000001000000000000000000000000000000012f0c040601180800ff020000000000000000000000000001fc02000000000000000000000000000120010000000000000000000000000001fc010000000000000000000000000000fc000000000000000000000000000000ff0200000000000000", @ANYRES32=0x41424344, @ANYRES32, @ANYBLOB="9102000090780001220e8d8cf763924b899286bbc93a00002fe4f61036d23b34c448989450b71fec512da2c8800052ccb37d0608401383d7ea900bb3d9d7c8b72a987b8fed740d8a1d132da887a35e4c162931e3b1e1d7aa"], &(0x7f0000000600)={0x1, 0x3, [0x8c1, 0x83a, 0xf99, 0x65]})
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x3, &(0x7f0000000040), 0x7, 0x50d, &(0x7f00000006c0)="$eJzs3U1vI3cZAPBnHLubbQNOWw6lEtvQF2URrJM0fYk4lEbi5VQJUe7ZkDhRFCdeJU67iVaQfgIQqgCJC5y4IPEBkFA/AkKqBDcOnEAVZOmBCzIae9xNHDs4Wsezm/x+0mT+8//Hfp7HiSfzFk8AV9ZURLwdEWMR8UpElLP+QjbFYXtKv+/+0b2VdEqi2Xz3n0kkWV/3cz6VPSz1ve9E/CA5HXd3/2BzuVar7pzsPri1sbW8Xl2vbs/Pz72x8ObC6wuzA1aSFM8afToi3vrmpz/78W++/dYfvvb+35b+cfOHaVq3s/FedQxDu/RSjJ9YvjzS35tiq0IAAB4Hz0bEMxHxYkR8JcoxFmduRgMAAACPoeY3Jq51mgAAAMDlVIiIiUgKlex634koFCqV9jW8X4gnC7X6buOra/W97dV0LGIySoW1jVp1NrtWeDJKSbo812o/WH61a3k+uwb3w/L1dLk1BgAAAIzGYtf+/6fl9v4/AAAAcMn0Phk/NvI8AAAAgIvjYnwAAAC4/Oz/AwAAwKX23XfeSafm/aN7rfsArL63v7dZf+/WanV3s7K1t1JZqe/cqazX6+u1amWA/wio1et3XovtvbszjeJuY2Z3/2Bpq7633Vhq3dd7qfrMCGoCAAAATnr6hY/+kkTE4devt6bUE9lYKdfMgEdIUuzquP3lnDIBhuLcH/IztXcxiQAj1/03Hbg67OMDSXdH14bBeL9NhT92d9z4v7FscwAAQD6mv+j8P1xVhbwTAHLzk7wTAHIz8LH4qYvNAxi9ktv8wZV36vx/l/F+A6fO//fTbJ4rIQAAYOgm2rPDyM4FTkShUKl8dlowWduoVWcj4vMR8edy6Vq6PJdjvgAAAAAAAAAAAAAAAAAAAAAAAADwOGo2k2gCAAAAl1pE4e9Jdv+v6fLLE93HB55I/lNuzSPi/V+++/O7y43Gzlza/6/P+hu/yPpfzeMIBgAAAFxFpTNHO/vpnf14AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABim+0f3VjrTKON+shjXY7JX/GKMt+bjUYqIJ/+dRPHY45KIGBtC/MMPIuK5XvGTNK2YzLLojl+IiOs5x39qCPHhKvtoMSLe7vX+K8RUa977/VfMpof1yWLrTd4zfmf9N9Zn/fe5AWM8//HvZvrG/yDi+WLv9U8nftIn/ksDxr/9/YODfmPNX0dM9/z7k7RnhewbG1t3Znb3D25tbC2vV9er2/Pzc28svLnw+sLszNpGrZp97Rnjp1/6/eGHfetvBzgev1PnZDvDH/Wr/+UB6//vx3ePnm03S6fjR9x8qffP/7nWvPfrn/5OvJK9POn4dKd92G4fd+O3f7rRL7c0/mqf17/98y83H8Qvnqj/5mDlH6/5V4M9BAC4SLv7B5vLtVp1ZwSNF18b3hMmrUa6FTSi5PNudA52PCr5jOcT/VrkW/u3Hvp5OpvDD/M8fx1aXek+Q++hHFdKAADAhXiw0Z93JgAAAAAAAAAAAAAAAAAAAHB1tf7/f+ycHwT4wvk+aaw75mE+pQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnOl/AQAA//9DhsFC")

2.495291658s ago: executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
write$FUSE_DIRENTPLUS(r2, &(0x7f00000005c0)={0xb8, 0x0, 0x0, [{{}, {0x0, 0x0, 0x9, 0x0, 'trans=fd,'}}]}, 0xb8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = dup2(r3, r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
r5 = open_tree(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0)
symlinkat(&(0x7f0000000040)='./file0\x00', r5, &(0x7f0000000080)='./file0\x00')

1.610581327s ago: executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='ext4_ext_remove_space\x00', r3}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
write$cgroup_int(r4, &(0x7f0000000100), 0x1001)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='ext4_ext_remove_space\x00', r2}, 0x10)
ioctl$SIOCSIFHWADDR(r0, 0x4030582b, &(0x7f0000000000)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}})

1.605218527s ago: executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)

1.604449718s ago: executing program 2:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r0}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000079000000090000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000070018110000", @ANYRES32=r1], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r2}, 0x10)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x0, @private=0xa010101}, 0x10)

1.451217912s ago: executing program 2:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x20c9}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x50)

155.061856ms ago: executing program 1:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x6c, 0x0, 0x2, 0x401, 0x0, 0x0, {0xa}, [@CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_MASK={0x18, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @local}}}]}, @CTA_EXPECT_TUPLE={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @loopback}}}}]}]}, 0x6c}}, 0x0)

154.900466ms ago: executing program 1:
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x1451c2, 0x0)
ftruncate(r2, 0x2007ffb)
sendfile(r2, r2, 0x0, 0x800000009)
lseek(r2, 0x0, 0x4)

154.817646ms ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r3 = dup2(r2, r2)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0x39, 0x0, 0x0)

154.605266ms ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800004e9d00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='ext4_da_write_pages_extent\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='ext4_da_write_pages_extent\x00', r3}, 0x10)
write$cgroup_type(r2, &(0x7f0000000180), 0xf000)

154.303796ms ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='ext4_es_find_extent_range_enter\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='ext4_es_find_extent_range_enter\x00', r1}, 0x10)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)

154.104526ms ago: executing program 2:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x256c, 0x6d, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001440)={0x24, 0x0, 0x0, &(0x7f00000013c0)=ANY=[@ANYBLOB="002205"], 0x0}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001840)={0x24, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0003040000000403"], 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000300)={0x24, 0x0, &(0x7f0000000340)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0003"], 0x0, 0x0}, 0x0)

153.749346ms ago: executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='9p_protocol_dump\x00', r0}, 0x10)
pipe2$9p(&(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018400110800395032303030"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000080)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
lchown(&(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0)
getdents64(r4, 0x0, 0x0)

150.472276ms ago: executing program 4:
r0 = socket$inet6(0xa, 0x2, 0x3a)
sendmmsg$inet6(r0, &(0x7f0000000800)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x6}, 0x1c, &(0x7f0000000b40)=[{&(0x7f0000000100)="8000102e7577d401", 0x8}, {0x0}], 0x2, &(0x7f0000000380)=[@hoplimit_2292={{0x14}}], 0x18}}], 0x1, 0x0)

150.272556ms ago: executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close(0x3)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x40042, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f0000000080)={0x31})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r0}, 0x10)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}, {}, {0x85, 0x0, 0x0, 0x69}}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='sys_enter\x00', r3}, 0x10)
socket(0x1e, 0x0, 0x0)
socket(0x0, 0x4, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4}, 0x0, &(0x7f00000002c0)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x5, &(0x7f00000029c0), 0x64, 0x4fd, &(0x7f0000000540)="$eJzs3VFrHFsdAPD/bHZr06ZNqj5owVptJS3a3aSxbfChVhB9Kqj1vcZkE0I22ZDdtE0omuIHEERU8ElffBH8AIIUfPFRhII+KyqKeNt7H+7DvZ3L7k7SNN1N0nabTZPfD07mnJmd+Z+zYWbnzBxmAji0zkbEjYh4mqbpxYgYzObnshRrrdT43JPH9ycbKYk0vfX/JJJs3vq2kmx6PFvtaER855sR309ejFtbWZ2bqFTKS1m5VJ9fLNVWVi/Nzk/MlGfKC2Njo1fHr41fGR/pSjtPRMT1r//7Zz/+zTeu/+FLd/9x+78XftCo1kC2fHM7XlJ+u4Wtphea38XmFZZeMdh+lG+2MNO/u3UevMH6AADQWeMc/+MR8fmIuBiD0bf96SwAAADwFkq/OhAfJBFpe0c6zAcAAADeIrnmGNgkV8zGAgxELlcstsbwfjKO5SrVWv2L09XlhanWWNmhKOSmZyvlkWys8FAUkkZ5tJl/Vr68pTwWEaci4qeD/c1ycbJamer1xQ8AAAA4JI5v6f+/N9jq/wMAAAAHzFCvKwAAAAC8cfr/AAAAcPDp/wMAAMCB9q2bNxspXX//9dSdleW56p1LU+XaXHF+ebI4WV1aLM5UqzPNZ/bN77S9SrW6+OVYWL5Xqpdr9VJtZfX2fHV5oX579rlXYAMAAAB76NRnH/4tiYi1r/Q3U8ORXlcK2BP5jVySTdvs/X8/2Zr+a48qBeyJvl5XAOiZfK8rAPRModcVAHou2WF5x8E7f86mn+tufQAAgO4b/nTn+/+5bddc234xsO/ZieHwcv8fDq/m/f/dDvh1sgAHSsEZABx6r33/f0dp+lIVAgAAum6gmZJcMbu8NxC5XLEYcaL5WoBCMj1bKY9ExMmI+Otg4WON8mhzzWTHPgMAAAAAAAAAAAAAAAAAAAAAAAAA0JKmSaQAAADAgRaR+0/yx9az/IcHzw9svT5wJHl/MLJXhN795a2f35uo15dGG/Pf2Zhf/0U2/3IvrmAAAAAAW63309f78QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQTU8e359cT3sZ939fi4ihdvHzcbQ5PRqFiDj2bhL5TeslEdHXhfhrDyLiU+3iJ41qbYRsF7//zcePoexbaBf/eBfiw2H2sHH8udFu/8vF2ea0/f6Xj3iu/Ko6H/9i4/jX12H/P7HLGKcf/a7UMf6DiNP59sef9fhJh/jndhn/e99dXe20LP1VxHDb35/kuVil+vxiqbayeml2fmKmPFNeGBsbvTp+bfzK+EhperZSzv62jfGTz/z+6XbtP9Yh/tAO7T+/y/Z/+Oje40+0soV28S+caxP/T7/OPvFi/Fz22/eFLN9YPryeX2vlNzvz27+c2a79Ux3av9P//8Iu23/x2z/65y4/CgDsgdrK6txEpVJeOrCZRi99H1RDZh9mftjVDaZpmjb2qdfYThL74WtpZnp9ZAIAALrt2Ul/r2sCAAAAAAAAAAAAAAAAAAAAh9dePE5sa8y1jVzSjUdoAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xUcBAAD//9om2kE=")
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc}, 0x48)

146.879967ms ago: executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='ext4_ext_remove_space\x00', r3}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
write$cgroup_int(r4, &(0x7f0000000100), 0x1001)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='ext4_ext_remove_space\x00', r2}, 0x10)
ioctl$SIOCSIFHWADDR(r0, 0x4030582b, &(0x7f0000000000)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}})

146.785267ms ago: executing program 4:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
set_tid_address(0x0)

120.391881ms ago: executing program 4:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
chdir(&(0x7f0000000000)='./file0\x00')
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)

23.725157ms ago: executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000dc0)={&(0x7f0000000040)='ext4_unlink_enter\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000dc0)={&(0x7f0000000040)='ext4_unlink_enter\x00', r3}, 0x10)
unlink(&(0x7f0000000140)='./cgroup\x00')

2.45766ms ago: executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000000000000000000210d0000aaa8fa010600ba9380d412000000000000002900000005000000", 0xfe60)

0s ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f00000002c0)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000000)='ext4_mark_inode_dirty\x00', r1}, 0x10)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)

kernel console output (not intermixed with test programs):

ilesystem without journal. Quota mode: none.
[   91.071222][ T2668] EXT4-fs error (device loop1): __ext4_get_inode_loc:4497: comm syz-executor.1: Invalid inode table block 0 in block_group 0
[   91.087108][ T2668] EXT4-fs (loop1): Remounting filesystem read-only
[   91.106717][ T2246] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 13: comm syz-executor.1: path /root/syzkaller-testdir3676800473/syzkaller.vQLesf/53/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   91.134495][ T2246] EXT4-fs (loop1): unmounting filesystem.
[   91.227996][ T2664] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[   91.295288][ T2676] loop0: detected capacity change from 0 to 512
[   91.307621][ T2676] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   91.337583][ T2676] EXT4-fs (loop0): 1 truncate cleaned up
[   91.346922][ T2676] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   91.405515][ T2288] EXT4-fs (loop0): unmounting filesystem.
[   91.749400][  T343] device bridge_slave_1 left promiscuous mode
[   91.755340][  T343] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.764932][  T343] device bridge_slave_0 left promiscuous mode
[   91.771005][  T343] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.778900][  T343] device veth1_macvtap left promiscuous mode
[   91.784793][  T343] device veth0_vlan left promiscuous mode
[   92.205369][ T2692] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.212225][ T2692] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.219848][ T2692] device bridge_slave_0 entered promiscuous mode
[   92.226709][ T2692] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.233547][ T2692] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.240855][ T2692] device bridge_slave_1 entered promiscuous mode
[   92.256043][ T2697] loop0: detected capacity change from 0 to 512
[   92.264839][ T2697] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[   92.272827][ T2697] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2
[   92.282512][ T2697] EXT4-fs (loop0): 1 truncate cleaned up
[   92.288078][ T2697] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   92.334077][ T2288] EXT4-fs (loop0): unmounting filesystem.
[   92.546715][ T2700] loop4: detected capacity change from 0 to 40427
[   92.554454][ T2700] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   92.562214][ T2700] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   92.571759][ T2700] F2FS-fs (loop4): invalid crc value
[   92.583347][ T2700] F2FS-fs (loop4): Found nat_bits in checkpoint
[   92.639262][ T2700] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   92.646119][ T2700] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   92.985537][  T784] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   92.995009][  T784] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   93.008106][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   93.017076][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   93.025657][  T416] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.032509][  T416] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.040005][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   93.052217][  T784] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   93.146843][  T784] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   93.154875][  T784] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.161721][  T784] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.174999][  T784] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   93.201040][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   93.216023][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   93.225746][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   93.234544][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   93.241854][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   93.249476][ T2692] device veth0_vlan entered promiscuous mode
[   93.260690][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   93.269568][ T2692] device veth1_macvtap entered promiscuous mode
[   93.280228][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   93.288440][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   93.322322][ T2719] loop4: detected capacity change from 0 to 512
[   93.329144][ T2719] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   93.340250][ T2719] EXT4-fs (loop4): 1 truncate cleaned up
[   93.345842][ T2719] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   93.366279][ T2719] EXT4-fs error (device loop4): __ext4_get_inode_loc:4497: comm syz-executor.4: Invalid inode table block 0 in block_group 0
[   93.379472][ T2719] EXT4-fs (loop4): Remounting filesystem read-only
[   93.388737][ T2498] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 13: comm syz-executor.4: path /root/syzkaller-testdir2572146785/syzkaller.CERyRy/31/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   93.415464][ T2498] EXT4-fs (loop4): unmounting filesystem.
[   93.557674][ T2723] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.564554][ T2723] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.571744][ T2723] device bridge_slave_0 entered promiscuous mode
[   93.578655][ T2723] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.585530][ T2723] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.592431][  T332] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[   93.592834][ T2723] device bridge_slave_1 entered promiscuous mode
[   93.639294][ T2723] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.646160][ T2723] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.653207][ T2723] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.660043][ T2723] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.682431][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   93.690230][  T696] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.699623][  T696] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.719118][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   93.728375][  T696] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.735239][  T696] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.771934][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   93.780013][  T696] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.786875][  T696] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.794153][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   93.802069][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   93.815725][  T784] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   93.826816][ T2723] device veth0_vlan entered promiscuous mode
[   93.833295][  T695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   93.841153][  T695] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   93.848365][  T695] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   93.849732][  T332] usb 2-1: Using ep0 maxpacket: 32
[   93.874101][ T2723] device veth1_macvtap entered promiscuous mode
[   94.274959][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   94.283282][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   94.291462][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   94.315585][  T332] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   94.325976][  T332] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   94.345794][  T332] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[   94.358444][  T332] usb 2-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[   94.367258][  T332] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   94.376701][  T332] usb 2-1: config 0 descriptor??
[   94.922735][  T332] ntrig 0003:1B96:000A.000B: unknown main item tag 0x0
[   94.929416][  T332] ntrig 0003:1B96:000A.000B: unknown main item tag 0x0
[   94.936167][  T332] ntrig 0003:1B96:000A.000B: unknown main item tag 0x0
[   94.942788][  T332] ntrig 0003:1B96:000A.000B: unknown main item tag 0x0
[   94.949644][  T332] ntrig 0003:1B96:000A.000B: unknown main item tag 0x0
[   94.959458][  T332] ntrig 0003:1B96:000A.000B: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.1-1/input0
[   94.970593][   T43] device bridge_slave_1 left promiscuous mode
[   94.979063][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.991116][   T43] device bridge_slave_0 left promiscuous mode
[   94.997083][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.005136][   T43] device veth1_macvtap left promiscuous mode
[   95.011038][   T43] device veth0_vlan left promiscuous mode
[   95.248413][  T332] usb 2-1: USB disconnect, device number 7
[   95.376426][ T2745] loop4: detected capacity change from 0 to 2048
[   95.389623][ T2745] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   95.401264][ T2745] fs-verity: sha512 using implementation "sha512-avx2"
[   95.419723][ T2751] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.0'.
[   95.431418][ T2723] EXT4-fs (loop4): unmounting filesystem.
[   95.797591][ T2767] loop1: detected capacity change from 0 to 512
[   95.812856][ T2767] EXT4-fs (loop1): 1 orphan inode deleted
[   95.818461][ T2767] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   95.986396][ T2773] syz-executor.1[2773] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   95.986687][ T2773] syz-executor.1[2773] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   96.739573][ T2779] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.744198][ T2692] EXT4-fs error (device loop1): ext4_map_blocks:607: inode #2: block 3: comm syz-executor.1: lblock 0 mapped to illegal pblock 3 (length 1)
[   96.751278][ T2779] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.759286][ T2692] EXT4-fs (loop1): Remounting filesystem read-only
[   96.773448][ T2779] device bridge_slave_0 entered promiscuous mode
[   96.792491][ T2779] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.794750][ T2692] EXT4-fs (loop1): unmounting filesystem.
[   96.799635][ T2779] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.812213][ T2779] device bridge_slave_1 entered promiscuous mode
[   96.863102][ T2779] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.870009][ T2779] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.877059][ T2779] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.883858][ T2779] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.912995][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   96.920843][   T19] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.929073][   T19] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.950158][  T784] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   96.958708][  T784] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.965569][  T784] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.972900][  T784] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   96.980912][  T784] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.987772][  T784] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.995014][  T784] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   97.009580][  T784] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   97.020671][ T2794] loop4: detected capacity change from 0 to 256
[   97.034276][ T2794] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104b5, chksum : 0x6646eacc, utbl_chksum : 0xe619d30d)
[   97.041602][  T784] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   97.053813][   T28] kauditd_printk_skb: 13 callbacks suppressed
[   97.053828][   T28] audit: type=1326 audit(863.812:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2793 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e5067cea9 code=0x7ffc0000
[   97.054564][  T784] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   97.061114][   T28] audit: type=1326 audit(863.830:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2793 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e5067cea9 code=0x7ffc0000
[   97.084202][  T784] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   97.093039][   T28] audit: type=1326 audit(863.830:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2793 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e5067cea9 code=0x7ffc0000
[   97.113862][  T784] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   97.120722][   T28] audit: type=1326 audit(863.830:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2793 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f7e5067cea9 code=0x7ffc0000
[   97.173768][   T28] audit: type=1326 audit(863.830:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2793 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e5067cea9 code=0x7ffc0000
[   97.197554][   T28] audit: type=1326 audit(863.830:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2793 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7f7e5067cea9 code=0x7ffc0000
[   97.200588][ T2779] device veth0_vlan entered promiscuous mode
[   97.226310][   T28] audit: type=1326 audit(863.830:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2793 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e5067cea9 code=0x7ffc0000
[   97.296154][ T2801] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[   97.305257][ T2795] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.312669][ T2795] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.320735][ T2795] device bridge_slave_0 entered promiscuous mode
[   97.327831][  T784] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   97.337101][ T2779] device veth1_macvtap entered promiscuous mode
[   97.349657][ T2795] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.355308][ T2812] loop4: detected capacity change from 0 to 512
[   97.362593][ T2795] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.363069][ T2795] device bridge_slave_1 entered promiscuous mode
[   97.381960][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   97.387815][ T2812] EXT4-fs (loop4): 1 orphan inode deleted
[   97.390186][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   97.395614][ T2812] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   97.418055][ T2809] loop0: detected capacity change from 0 to 1024
[   97.425115][ T2809] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   97.436352][ T2809] EXT4-fs: test_dummy_encryption requires encrypt feature
[   97.520905][ T2795] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.527762][ T2795] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.534834][ T2795] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.541635][ T2795] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.592775][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   97.602469][  T416] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.610429][  T416] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.619543][ T2822] syz-executor.4[2822] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   97.619835][ T2822] syz-executor.4[2822] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   97.690439][   T10] device bridge_slave_1 left promiscuous mode
[   97.718681][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.728165][   T10] device bridge_slave_0 left promiscuous mode
[   97.736967][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.744895][   T10] device veth1_macvtap left promiscuous mode
[   97.750860][   T10] device veth0_vlan left promiscuous mode
[   97.768470][   T28] audit: type=1326 audit(864.477:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2824 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f285a87cea9 code=0x0
[   97.825779][    C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Dropping request.  Check SNMP counters.
[   97.871470][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   97.879511][  T332] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.886387][  T332] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.893646][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   97.901685][  T332] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.908560][  T332] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.922463][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   97.930393][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   97.938141][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   97.946036][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   97.959009][  T784] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   97.967186][  T784] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   97.979137][  T695] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   97.986847][  T695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   97.994900][  T695] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   98.002202][  T695] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   98.010144][ T2795] device veth0_vlan entered promiscuous mode
[   98.020055][  T695] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   98.028033][  T695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   98.037369][ T2795] device veth1_macvtap entered promiscuous mode
[   98.046875][  T695] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   98.054478][  T695] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   98.054685][  T695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   98.055696][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   98.055910][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   98.211133][   T28] audit: type=1400 audit(864.883:451): avc:  denied  { ioctl } for  pid=2843 comm="syz-executor.1" path="pid:[4026532292]" dev="nsfs" ino=4026532292 ioctlcmd=0xb702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   98.296875][ T2723] EXT4-fs error (device loop4): ext4_map_blocks:607: inode #2: block 3: comm syz-executor.4: lblock 0 mapped to illegal pblock 3 (length 1)
[   98.311347][ T2723] EXT4-fs (loop4): Remounting filesystem read-only
[   98.319637][ T2723] EXT4-fs (loop4): unmounting filesystem.
[   98.390854][ T2855] loop1: detected capacity change from 0 to 1024
[   98.397629][ T2855] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   98.408758][ T2855] EXT4-fs: test_dummy_encryption requires encrypt feature
[   98.528303][ T2858] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.535368][ T2858] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.542791][ T2858] device bridge_slave_0 entered promiscuous mode
[   98.549758][ T2858] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.556862][ T2858] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.564240][ T2858] device bridge_slave_1 entered promiscuous mode
[   98.619364][ T2858] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.626221][ T2858] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.633345][ T2858] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.640129][ T2858] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.668005][  T695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   98.676521][  T695] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.684330][  T695] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.699286][ T2871] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=2871 comm=syz-executor.3
[   98.715210][  T695] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   98.723201][   T28] audit: type=1400 audit(865.353:452): avc:  denied  { read } for  pid=2870 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   98.750087][  T695] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.756951][  T695] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.764305][  T695] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   98.773154][  T695] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.780030][  T695] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.787372][  T695] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   98.795242][  T695] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   98.811615][   T10] device bridge_slave_1 left promiscuous mode
[   98.817617][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.835114][   T10] device bridge_slave_0 left promiscuous mode
[   98.841180][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.851519][   T10] device veth1_macvtap left promiscuous mode
[   98.857980][   T10] device veth0_vlan left promiscuous mode
[   98.959994][ T2897] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=2897 comm=syz-executor.0
[   98.978664][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   98.984827][    C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Dropping request.  Check SNMP counters.
[   98.987321][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   99.024511][ T2858] device veth0_vlan entered promiscuous mode
[   99.032726][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   99.052206][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   99.109210][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   99.123896][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   99.157194][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   99.170061][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   99.184593][ T2858] device veth1_macvtap entered promiscuous mode
[   99.211442][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   99.219389][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   99.227771][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   99.236811][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   99.245175][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   99.645960][  T416] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[   99.906009][  T416] usb 5-1: Using ep0 maxpacket: 32
[   99.907844][ T2933] xt_limit: Overflow, try lower: 184549376/256
[   99.920180][ T2936] virtio-fs: tag <(null)> not found
[  100.101046][  T416] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  101.775504][  T416] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  101.797642][   T10] device bridge_slave_1 left promiscuous mode
[  101.808478][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.816268][   T10] device bridge_slave_0 left promiscuous mode
[  101.822399][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.837224][   T10] device veth1_macvtap left promiscuous mode
[  101.847725][   T10] device veth0_vlan left promiscuous mode
[  101.910435][  T416] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  101.944115][  T416] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  101.952709][  T416] usb 5-1: Product: syz
[  101.961825][ T2960] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=2960 comm=syz-executor.0
[  101.974825][  T416] usb 5-1: Manufacturer: syz
[  102.019045][  T416] hub 5-1:4.0: USB hub found
[  102.085464][ T2977] virtio-fs: tag <(null)> not found
[  102.257179][  T416] hub 5-1:4.0: 2 ports detected
[  102.398991][ T2995] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=2995 comm=syz-executor.0
[  104.066341][  T416] hub 5-1:4.0: hub_hub_status failed (err = -71)
[  104.072592][  T416] hub 5-1:4.0: config failed, can't get hub status (err -71)
[  104.104932][ T3004] loop0: detected capacity change from 0 to 256
[  104.115245][ T3004] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  104.127085][  T416] usb 5-1: USB disconnect, device number 9
[  104.129194][ T3009] loop4: detected capacity change from 0 to 512
[  104.146718][ T3009] EXT4-fs (loop4): 1 orphan inode deleted
[  104.152337][ T3009] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  104.334876][ T3017] syz-executor.4[3017] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.335185][ T3017] syz-executor.4[3017] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.611757][ T3039] input: syz0 as /devices/virtual/input/input15
[  104.631708][ T3040] virtio-fs: tag <(null)> not found
[  104.638048][   T28] kauditd_printk_skb: 6 callbacks suppressed
[  104.638100][   T28] audit: type=1400 audit(870.818:459): avc:  denied  { read } for  pid=87 comm="acpid" name="event3" dev="devtmpfs" ino=453 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  104.740762][   T28] audit: type=1400 audit(870.818:460): avc:  denied  { open } for  pid=87 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=453 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  104.764146][   T28] audit: type=1400 audit(870.818:461): avc:  denied  { ioctl } for  pid=87 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=453 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  107.167348][ T2858] EXT4-fs error (device loop4): ext4_map_blocks:607: inode #2: block 3: comm syz-executor.4: lblock 0 mapped to illegal pblock 3 (length 1)
[  107.189259][ T2858] EXT4-fs (loop4): Remounting filesystem read-only
[  107.203997][ T2858] EXT4-fs (loop4): unmounting filesystem.
[  107.283631][ T3064] device vlan2 entered promiscuous mode
[  107.315665][ T3067] loop0: detected capacity change from 0 to 256
[  107.322394][ T3067] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  107.369098][ T3070] loop3: detected capacity change from 0 to 512
[  107.399402][ T3068] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.406355][ T3068] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.408910][ T3070] EXT4-fs (loop3): 1 orphan inode deleted
[  107.413887][ T3068] device bridge_slave_0 entered promiscuous mode
[  107.418784][ T3070] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  107.426154][ T3068] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.449930][ T3068] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.457497][ T3068] device bridge_slave_1 entered promiscuous mode
[  107.675185][ T3085] syz-executor.3[3085] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  107.675263][ T3085] syz-executor.3[3085] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  109.685771][ T3081] virtio-fs: tag <(null)> not found
[  109.779421][   T28] audit: type=1400 audit(875.562:462): avc:  denied  { ioctl } for  pid=3093 comm="syz-executor.0" path="socket:[31700]" dev="sockfs" ino=31700 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  109.782895][ T3094] skbuff: bad partial csum: csum=65506/2 headroom=144 headlen=65526
[  109.951593][ T2779] EXT4-fs error (device loop3): ext4_map_blocks:607: inode #2: block 3: comm syz-executor.3: lblock 0 mapped to illegal pblock 3 (length 1)
[  109.980727][ T2779] EXT4-fs (loop3): Remounting filesystem read-only
[  110.000561][ T2779] EXT4-fs (loop3): unmounting filesystem.
[  110.046065][ T3047] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  110.057055][ T3047] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  110.100238][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  110.108683][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  110.118151][  T315] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.125033][  T315] bridge0: port 1(bridge_slave_0) entered forwarding state
[  110.144433][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  110.152621][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  110.177092][  T315] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.183954][  T315] bridge0: port 2(bridge_slave_1) entered forwarding state
[  110.209411][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  110.220826][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  110.230471][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  110.238474][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  110.248059][ T3105] device vlan2 entered promiscuous mode
[  110.263797][ T3047] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  110.292596][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  110.331104][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  110.338948][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  110.348633][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  110.361734][ T3110] incfs_lookup_dentry err:-14
[  110.366236][ T3110] incfs: Can't find or create .index dir in ./file0
[  110.375273][ T3110] incfs: mount failed -14
[  110.379986][ T3110] incfs_lookup_dentry err:-14
[  110.385999][ T3110] incfs: Can't find or create .index dir in ./file0
[  110.392612][ T3110] incfs: mount failed -14
[  110.405223][ T3068] device veth0_vlan entered promiscuous mode
[  110.435799][ T3068] device veth1_macvtap entered promiscuous mode
[  110.455279][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  110.482314][   T28] audit: type=1400 audit(876.217:463): avc:  denied  { bind } for  pid=3119 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  110.482887][ T3126] virtio-fs: tag <(null)> not found
[  110.501832][   T28] audit: type=1400 audit(876.217:464): avc:  denied  { name_bind } for  pid=3119 comm="syz-executor.1" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  110.517237][ T3107] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.537951][ T3107] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.538250][   T28] audit: type=1400 audit(876.217:465): avc:  denied  { node_bind } for  pid=3119 comm="syz-executor.1" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  110.550900][ T3107] device bridge_slave_0 entered promiscuous mode
[  110.586880][  T783] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  110.596186][  T783] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  110.605103][  T783] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  110.613356][  T783] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  110.622227][  T357] device bridge_slave_1 left promiscuous mode
[  110.628204][  T357] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.636525][  T357] device bridge_slave_0 left promiscuous mode
[  110.642498][  T357] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.650989][  T357] device veth1_macvtap left promiscuous mode
[  110.657112][  T357] device veth0_vlan left promiscuous mode
[  110.782119][ T3107] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.789165][ T3107] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.796598][ T3107] device bridge_slave_1 entered promiscuous mode
[  110.855126][ T3108] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.875810][ T3108] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.893083][ T3108] device bridge_slave_0 entered promiscuous mode
[  110.932075][ T3108] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.940015][ T3108] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.949230][ T3108] device bridge_slave_1 entered promiscuous mode
[  110.968466][ T3145] skbuff: bad partial csum: csum=65506/2 headroom=144 headlen=65526
[  111.507525][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  111.514777][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  111.531784][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  111.539828][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  111.547796][  T334] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.554635][  T334] bridge0: port 1(bridge_slave_0) entered forwarding state
[  111.563998][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  111.572159][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  111.580212][  T334] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.587072][  T334] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.594260][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  111.602103][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  111.610097][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  111.630284][   T28] audit: type=1400 audit(877.279:466): avc:  denied  { map } for  pid=3156 comm="syz-executor.1" path="socket:[33195]" dev="sockfs" ino=33195 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  111.653168][   T28] audit: type=1400 audit(877.279:467): avc:  denied  { accept } for  pid=3156 comm="syz-executor.1" path="socket:[33195]" dev="sockfs" ino=33195 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  111.672764][ T3107] device veth0_vlan entered promiscuous mode
[  111.684271][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  111.692669][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  111.700578][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  111.708395][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  111.715907][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  111.723380][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  111.731149][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  111.739526][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  111.747601][  T416] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.754460][  T416] bridge0: port 1(bridge_slave_0) entered forwarding state
[  111.761680][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  111.770017][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  111.778260][  T416] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.785128][  T416] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.792295][  T783] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  111.799727][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  111.807719][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  111.816087][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  111.832860][ T3108] device veth0_vlan entered promiscuous mode
[  111.849929][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  111.862330][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  111.865444][ T3162] syz-executor.4[3162] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  111.871109][ T3162] syz-executor.4[3162] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  111.872659][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  111.898867][ T3162] syz-executor.4[3162] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  111.901885][ T3162] syz-executor.4[3162] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  111.903300][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  111.938047][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  111.946988][ T3107] device veth1_macvtap entered promiscuous mode
[  111.970803][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  111.980194][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  111.988640][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  111.996868][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  112.022139][ T3173] syz-executor.1[3173] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  112.022217][ T3173] syz-executor.1[3173] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  112.051256][  T783] usb 1-1: Using ep0 maxpacket: 32
[  112.055302][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  112.078530][ T3174] virtio-fs: tag <(null)> not found
[  112.150665][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  112.202902][  T783] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  112.216374][ T3108] device veth1_macvtap entered promiscuous mode
[  112.228122][  T783] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  112.248674][  T783] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  112.262310][  T783] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  112.296167][  T783] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  112.317706][  T783] usb 1-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[  112.334876][  T783] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.346140][  T783] usb 1-1: config 0 descriptor??
[  112.351633][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  112.360557][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  112.369370][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  112.377804][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  112.389807][ T3187] loop3: detected capacity change from 0 to 512
[  112.398480][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  112.584480][ T3199] syz-executor.2[3199] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  112.584543][ T3199] syz-executor.2[3199] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  112.615966][ T3199] syz-executor.2[3199] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  112.621523][ T3201] incfs_lookup_dentry err:-14
[  112.631091][ T3199] syz-executor.2[3199] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  112.641731][ T3201] incfs: Can't find or create .index dir in ./file0
[  112.661968][  T357] device bridge_slave_1 left promiscuous mode
[  112.667916][  T357] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.670412][ T3201] incfs: mount failed -14
[  112.677925][ T3206] incfs_lookup_dentry err:-14
[  112.683709][ T3206] incfs: Can't find or create .index dir in ./file0
[  112.684319][  T357] device bridge_slave_0 left promiscuous mode
[  112.696134][ T3206] incfs: mount failed -14
[  112.696580][  T357] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.708492][  T357] device bridge_slave_1 left promiscuous mode
[  112.715179][  T357] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.722741][  T357] device bridge_slave_0 left promiscuous mode
[  112.728864][  T357] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.737409][  T357] device veth1_macvtap left promiscuous mode
[  112.743544][  T357] device veth0_vlan left promiscuous mode
[  112.750780][  T357] device veth1_macvtap left promiscuous mode
[  112.756721][  T357] device veth0_vlan left promiscuous mode
[  112.779173][ T3213] loop3: detected capacity change from 0 to 512
[  112.805974][ T3213] EXT4-fs (loop3): 1 orphan inode deleted
[  112.813558][ T3213] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  112.848479][ T3213] EXT4-fs error (device loop3): ext4_discard_preallocations:5101: comm syz-executor.3: Error -117 loading buddy information for 523466497
[  112.863421][ T3213] EXT4-fs (loop3): Remounting filesystem read-only
[  112.870126][ T3213] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #16: comm syz-executor.3: attempt to clear invalid blocks 41 len 1
[  112.884131][  T783] ntrig 0003:1B96:000A.000C: unknown main item tag 0x0
[  112.885216][ T3213] EXT4-fs error (device loop3): __ext4_get_inode_loc:4497: comm syz-executor.3: Invalid inode table block 0 in block_group 0
[  112.892031][  T783] ntrig 0003:1B96:000A.000C: unknown main item tag 0x0
[  112.905412][ T3213] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5870: Corrupt filesystem
[  112.911485][  T783] ntrig 0003:1B96:000A.000C: unknown main item tag 0x0
[  112.921171][ T3213] EXT4-fs error (device loop3): ext4_punch_hole:4142: inode #16: comm syz-executor.3: mark_inode_dirty error
[  112.933117][  T783] ntrig 0003:1B96:000A.000C: unknown main item tag 0x0
[  112.946895][  T783] ntrig 0003:1B96:000A.000C: unknown main item tag 0x0
[  112.963751][  T783] ntrig 0003:1B96:000A.000C: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.0-1/input0
[  112.977818][ T3108] EXT4-fs error (device loop3): ext4_map_blocks:607: inode #2: block 3: comm syz-executor.3: lblock 0 mapped to illegal pblock 3 (length 1)
[  112.997124][ T3108] EXT4-fs (loop3): unmounting filesystem.
[  113.190225][  T783] usb 1-1: USB disconnect, device number 4
[  113.285998][   T28] audit: type=1400 audit(878.792:468): avc:  denied  { read } for  pid=3237 comm="syz-executor.3" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  113.326221][   T28] audit: type=1400 audit(878.838:469): avc:  denied  { open } for  pid=3237 comm="syz-executor.3" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  113.378361][ T3237] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.386237][ T3237] bridge0: port 1(bridge_slave_0) entered disabled state
[  113.399409][ T3237] device bridge_slave_0 entered promiscuous mode
[  113.415253][ T3237] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.425125][ T3237] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.477924][ T3237] device bridge_slave_1 entered promiscuous mode
[  113.677955][ T3237] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.684801][ T3237] bridge0: port 2(bridge_slave_1) entered forwarding state
[  113.691933][ T3237] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.698702][ T3237] bridge0: port 1(bridge_slave_0) entered forwarding state
[  113.706832][ T3250] skbuff: bad partial csum: csum=65506/2 headroom=144 headlen=65526
[  113.733405][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  113.741175][  T332] bridge0: port 1(bridge_slave_0) entered disabled state
[  113.748658][  T332] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.766810][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  113.774937][  T332] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.781809][  T332] bridge0: port 1(bridge_slave_0) entered forwarding state
[  113.789148][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  113.797240][  T332] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.798217][ T3257] loop4: detected capacity change from 0 to 512
[  113.804129][  T332] bridge0: port 2(bridge_slave_1) entered forwarding state
[  113.825036][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  113.833646][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  113.855853][  T783] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  113.867488][ T3237] device veth0_vlan entered promiscuous mode
[  113.874132][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  113.888347][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  113.896400][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  113.908301][ T3237] device veth1_macvtap entered promiscuous mode
[  113.915675][  T783] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  113.931242][  T783] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  113.942871][  T695] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  113.959635][ T3260] loop0: detected capacity change from 0 to 128
[  113.967536][ T3260] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  114.090903][ T3289] loop3: detected capacity change from 0 to 128
[  114.097742][ T3289] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  114.193061][ T3284] loop1: detected capacity change from 0 to 40427
[  114.200364][ T3284] F2FS-fs (loop1): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  114.208194][ T3284] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  114.216851][ T3284] F2FS-fs (loop1): invalid crc value
[  114.231224][ T3284] F2FS-fs (loop1): Found nat_bits in checkpoint
[  114.261209][   T28] audit: type=1326 audit(879.697:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3277 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c0de7cea9 code=0x7fc00000
[  114.278102][ T3284] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  114.291223][ T3284] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  114.338258][ T2795] bio_check_eod: 5 callbacks suppressed
[  114.338275][ T2795] syz-executor.1: attempt to access beyond end of device
[  114.338275][ T2795] loop1: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  114.357884][ T2795] syz-executor.1: attempt to access beyond end of device
[  114.357884][ T2795] loop1: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  114.380850][ T3047] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  114.384649][ T3315] skbuff: bad partial csum: csum=65506/2 headroom=144 headlen=65526
[  114.400296][  T343] kworker/u4:3: attempt to access beyond end of device
[  114.400296][  T343] loop1: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  114.457488][  T357] device bridge_slave_1 left promiscuous mode
[  114.463472][  T357] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.470862][  T357] device bridge_slave_0 left promiscuous mode
[  114.479567][  T357] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.489098][  T357] device veth1_macvtap left promiscuous mode
[  114.495450][  T357] device veth0_vlan left promiscuous mode
[  114.519845][ T3321] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  114.673031][ T3047] usb 1-1: Using ep0 maxpacket: 32
[  114.779371][ T3344] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  114.791108][ T3342] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.798290][ T3342] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.805658][ T3342] device bridge_slave_0 entered promiscuous mode
[  114.812890][ T3342] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.819768][ T3342] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.824779][ T3047] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  114.827113][ T3342] device bridge_slave_1 entered promiscuous mode
[  114.843452][ T3047] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  114.853784][ T3047] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  114.864839][ T3047] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  114.874229][ T3047] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  114.886952][ T3047] usb 1-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[  114.895795][ T3047] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.905967][ T3047] usb 1-1: config 0 descriptor??
[  114.954181][   T28] audit: type=1326 audit(880.334:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3277 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c0de7cea9 code=0x7fc00000
[  114.955027][ T3342] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.984051][ T3342] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.986978][   T28] audit: type=1326 audit(880.334:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3277 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4c0de7cea9 code=0x7fc00000
[  114.991171][ T3342] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.020964][ T3342] bridge0: port 1(bridge_slave_0) entered forwarding state
[  115.057318][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  115.065617][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  115.079003][  T523] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.128921][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  115.137601][  T696] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.144474][  T696] bridge0: port 2(bridge_slave_1) entered forwarding state
[  115.151864][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  115.159812][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  115.186737][  T695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  115.260817][ T3377] loop3: detected capacity change from 0 to 16
[  115.267617][ T3377] erofs: Unknown parameter '������1844674407370955161518446744073709551615������������01777777777777777777777��������0xffffffffffffffff|}��v�).ij��I�7�&���@>r��'�p'
[  115.402042][ T3379] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=3379 comm=syz-executor.4
[  115.430674][ T3047] ntrig 0003:1B96:000A.000D: unknown main item tag 0x0
[  115.438294][ T3047] ntrig 0003:1B96:000A.000D: unknown main item tag 0x0
[  115.445071][ T3047] ntrig 0003:1B96:000A.000D: unknown main item tag 0x0
[  115.453606][ T3047] ntrig 0003:1B96:000A.000D: unknown main item tag 0x0
[  115.456450][ T3342] device veth0_vlan entered promiscuous mode
[  115.460356][ T3047] ntrig 0003:1B96:000A.000D: unknown main item tag 0x0
[  115.473616][ T3047] ntrig 0003:1B96:000A.000D: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.0-1/input0
[  115.475873][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  115.492416][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  115.501122][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  115.508491][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  115.522674][ T3385] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  115.527438][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  115.538126][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  115.546955][ T3342] device veth1_macvtap entered promiscuous mode
[  115.557673][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  115.565730][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  115.573853][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  115.592497][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  115.600714][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  115.613410][ T3389] input: syz0 as /devices/virtual/input/input17
[  115.747211][ T3047] usb 1-1: USB disconnect, device number 5
[  115.909215][   T28] kauditd_printk_skb: 9 callbacks suppressed
[  115.909230][   T28] audit: type=1326 audit(881.229:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3382 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcb467cea9 code=0x7fc00000
[  115.952592][    T8] device bridge_slave_1 left promiscuous mode
[  115.952798][ T3409] loop1: detected capacity change from 0 to 40427
[  115.965740][   T28] audit: type=1326 audit(881.257:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3382 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcb467cea9 code=0x7fc00000
[  115.976365][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.006728][   T28] audit: type=1326 audit(881.312:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3382 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcb467cea9 code=0x7fc00000
[  116.026386][ T3409] F2FS-fs (loop1): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  116.037281][ T3409] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  116.037492][    T8] device bridge_slave_0 left promiscuous mode
[  116.046143][ T3409] F2FS-fs (loop1): invalid crc value
[  116.051383][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.058215][ T3409] F2FS-fs (loop1): Found nat_bits in checkpoint
[  116.075663][    T8] device veth1_macvtap left promiscuous mode
[  116.081823][    T8] device veth0_vlan left promiscuous mode
[  116.093392][   T28] audit: type=1326 audit(881.395:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3382 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcb467cea9 code=0x7fc00000
[  116.126642][ T3409] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  116.133588][ T3409] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  116.141002][   T28] audit: type=1326 audit(881.423:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3382 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcb467cea9 code=0x7fc00000
[  116.197142][   T28] audit: type=1326 audit(881.469:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3382 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcb467cea9 code=0x7fc00000
[  116.219208][ T3342] syz-executor.1: attempt to access beyond end of device
[  116.219208][ T3342] loop1: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  116.222057][   T28] audit: type=1326 audit(881.478:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3382 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcb467cea9 code=0x7fc00000
[  116.235078][ T3342] syz-executor.1: attempt to access beyond end of device
[  116.235078][ T3342] loop1: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  116.305639][  T357] kworker/u4:4: attempt to access beyond end of device
[  116.305639][  T357] loop1: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  116.360139][   T28] audit: type=1326 audit(881.635:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3382 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcb467cea9 code=0x7fc00000
[  116.383492][   T28] audit: type=1326 audit(881.635:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3382 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efcb467cea9 code=0x7fc00000
[  116.406633][   T28] audit: type=1326 audit(881.635:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3382 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcb467cea9 code=0x7fc00000
[  116.623187][  T696] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  116.637497][ T3460] loop3: detected capacity change from 0 to 256
[  116.648220][ T3460] FAT-fs (loop3): Directory bread(block 64) failed
[  116.654616][ T3460] FAT-fs (loop3): Directory bread(block 65) failed
[  116.666261][ T3460] FAT-fs (loop3): Directory bread(block 66) failed
[  116.672792][ T3460] FAT-fs (loop3): Directory bread(block 67) failed
[  116.679284][ T3460] FAT-fs (loop3): Directory bread(block 68) failed
[  116.685656][ T3460] FAT-fs (loop3): Directory bread(block 69) failed
[  116.692069][ T3460] FAT-fs (loop3): Directory bread(block 70) failed
[  116.698552][ T3460] FAT-fs (loop3): Directory bread(block 71) failed
[  116.714445][ T3460] FAT-fs (loop3): Directory bread(block 72) failed
[  116.720901][ T3460] FAT-fs (loop3): Directory bread(block 73) failed
[  116.772061][ T3463] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.779051][ T3463] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.788664][ T3463] device bridge_slave_0 entered promiscuous mode
[  116.795701][ T3463] bridge0: port 2(bridge_slave_1) entered blocking state
[  116.802738][ T3463] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.810285][ T3463] device bridge_slave_1 entered promiscuous mode
[  116.872486][  T695] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  116.883211][  T696] usb 1-1: Using ep0 maxpacket: 8
[  116.887719][ T3463] bridge0: port 2(bridge_slave_1) entered blocking state
[  116.892453][ T3471] kvm [3470]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0x186 data 0x10df00000800
[  116.894959][ T3463] bridge0: port 2(bridge_slave_1) entered forwarding state
[  116.895050][ T3463] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.918379][ T3463] bridge0: port 1(bridge_slave_0) entered forwarding state
[  116.947551][  T783] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  116.955440][  T783] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.962805][  T783] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.984968][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  116.993501][  T332] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.000368][  T332] bridge0: port 1(bridge_slave_0) entered forwarding state
[  117.007720][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  117.015678][  T696] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  117.027387][  T332] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.034263][  T332] bridge0: port 2(bridge_slave_1) entered forwarding state
[  117.041535][  T696] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  117.051296][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  117.058969][  T696] usb 1-1: New USB device found, idVendor=1020, idProduct=0006, bcdDevice= 0.00
[  117.068219][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  117.075905][  T696] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.096434][  T696] usb 1-1: config 0 descriptor??
[  117.105400][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  117.113908][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  117.122235][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  117.129689][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  117.137133][ T3463] device veth0_vlan entered promiscuous mode
[  117.154579][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  117.164347][ T3463] device veth1_macvtap entered promiscuous mode
[  117.175387][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  117.192358][  T783] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  117.305966][  T695] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  117.371916][    T8] device bridge_slave_1 left promiscuous mode
[  117.377877][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.385293][    T8] device bridge_slave_0 left promiscuous mode
[  117.391235][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.399346][    T8] device veth1_macvtap left promiscuous mode
[  117.405278][  T695] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  117.414207][    T8] device veth0_vlan left promiscuous mode
[  117.419890][  T695] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  117.428068][  T695] usb 5-1: SerialNumber: syz
[  117.483247][ T3490] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=3490 comm=syz-executor.1
[  117.620785][  T696] belkin 0003:1020:0006.000E: unexpected long global item
[  117.628991][  T696] belkin 0003:1020:0006.000E: parse failed
[  117.636703][  T696] belkin: probe of 0003:1020:0006.000E failed with error -22
[  117.778102][ T3510] loop3: detected capacity change from 0 to 512
[  117.789227][ T3510] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  117.798954][ T3510] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz-executor.3: iget: bad i_size value: -67835469387268086
[  117.812706][ T3510] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz-executor.3: couldn't read orphan inode 15 (err -117)
[  117.825224][ T3510] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  117.837930][  T696] usb 1-1: USB disconnect, device number 6
[  117.856163][ T3237] EXT4-fs (loop3): unmounting filesystem.
[  118.181884][ T3537] bpf_get_probe_write_proto: 6 callbacks suppressed
[  118.181903][ T3537] syz-executor.2[3537] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  118.188443][ T3537] syz-executor.2[3537] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  118.315312][  T695] cdc_ether 5-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.4-1, CDC Ethernet Device, 42:42:42:42:42:42
[  119.017934][ T3539] loop2: detected capacity change from 0 to 16
[  119.024246][ T3539] erofs: Unknown parameter '������1844674407370955161518446744073709551615������������01777777777777777777777��������0xffffffffffffffff|}��v�).ij��I�7�&���@>r��'�p'
[  119.290140][  T783] usb 5-1: USB disconnect, device number 10
[  119.296579][  T783] cdc_ether 5-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.4-1, CDC Ethernet Device
[  119.564261][ T3568] loop0: detected capacity change from 0 to 256
[  119.567061][ T3555] loop3: detected capacity change from 0 to 40427
[  119.579668][ T3568] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  119.621734][ T3572] SELinux:  Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped).
[  119.697274][ T3580] syz-executor.0[3580] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  119.697345][ T3580] syz-executor.0[3580] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  119.900968][ T3589] loop0: detected capacity change from 0 to 16
[  119.919661][ T3589] erofs: Unknown parameter '������1844674407370955161518446744073709551615������������01777777777777777777777��������0xffffffffffffffff|}��v�).ij��I�7�&���@>r��'�p'
[  120.073768][ T3591] loop4: detected capacity change from 0 to 512
[  120.090547][ T3591] EXT4-fs (loop4): Invalid log cluster size: 393216
[  120.315381][ T3628] loop3: detected capacity change from 0 to 512
[  120.322104][ T3628] EXT4-fs (loop3): Invalid log cluster size: 393216
[  120.372249][ T3631] loop3: detected capacity change from 0 to 128
[  120.380492][ T3631] FAT-fs (loop3): error, corrupted file size (i_pos 196, 617103980)
[  120.388400][ T3631] FAT-fs (loop3): Filesystem has been set read-only
[  120.429339][ T3637] loop2: detected capacity change from 0 to 128
[  120.476945][ T3644] loop4: detected capacity change from 0 to 2048
[  120.503299][ T3644] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  120.732893][ T3659] loop0: detected capacity change from 0 to 512
[  120.742346][ T3068] EXT4-fs (loop4): unmounting filesystem.
[  120.753651][ T3659] EXT4-fs (loop0): Invalid log cluster size: 393216
[  120.787729][ T3663] loop4: detected capacity change from 0 to 1024
[  120.807182][ T3663] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  120.980618][ T3663] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  120.995545][ T3663] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  121.007676][ T3663] EXT4-fs (loop4): This should not happen!! Data will be lost
[  121.007676][ T3663] 
[  121.017131][ T3663] EXT4-fs (loop4): Total free blocks count 0
[  121.022991][ T3663] EXT4-fs (loop4): Free/Dirty block details
[  121.028716][ T3663] EXT4-fs (loop4): free_blocks=68451041280
[  121.034506][ T3663] EXT4-fs (loop4): dirty_blocks=16400
[  121.039743][ T3663] EXT4-fs (loop4): Block reservation details
[  121.045572][ T3663] EXT4-fs (loop4): i_reserved_data_blocks=1025
[  121.058665][   T10] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 2048 with error 28
[  121.181925][ T3690] syz-executor.1[3690] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  121.182003][ T3690] syz-executor.1[3690] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  121.196318][ T3690] syz-executor.1[3690] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  121.207956][ T3690] syz-executor.1[3690] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  121.262846][ T3697] loop0: detected capacity change from 0 to 1024
[  121.294172][ T3697] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  121.786268][ T3697] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  121.801048][ T3697] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  121.813165][ T3697] EXT4-fs (loop0): This should not happen!! Data will be lost
[  121.813165][ T3697] 
[  121.822755][ T3697] EXT4-fs (loop0): Total free blocks count 0
[  121.828631][ T3697] EXT4-fs (loop0): Free/Dirty block details
[  121.834457][ T3697] EXT4-fs (loop0): free_blocks=68451041280
[  121.840199][ T3697] EXT4-fs (loop0): dirty_blocks=16400
[  121.845452][ T3697] EXT4-fs (loop0): Block reservation details
[  121.851364][ T3697] EXT4-fs (loop0): i_reserved_data_blocks=1025
[  121.885477][    T8] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 2048 with error 28
[  121.907970][ T3732] binder: 3729:3732 ioctl c0306201 0 returned -14
[  121.909168][ T3731] loop3: detected capacity change from 0 to 256
[  121.929950][ T3732] input: syz0 as /devices/virtual/input/input18
[  121.937301][ T3731] incfs: Can't find or create .incomplete dir in ./file0
[  121.946146][   T28] kauditd_printk_skb: 70 callbacks suppressed
[  121.946160][   T28] audit: type=1400 audit(886.795:562): avc:  denied  { rmdir } for  pid=3730 comm="syz-executor.3" name=".index" dev="loop3" ino=1048733 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  121.983733][ T3731] incfs: mount failed -28
[  121.992825][ T3731] incfs: Can't find or create .incomplete dir in ./file0
[  122.003232][ T3731] incfs: mount failed -28
[  122.027199][ T3739] loop3: detected capacity change from 0 to 128
[  122.084531][   T28] audit: type=1326 audit(886.924:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3738 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc560e7cea9 code=0x0
[  122.152816][ T3756] loop0: detected capacity change from 0 to 1024
[  122.191547][ T3756] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  122.200628][   T28] audit: type=1400 audit(887.025:564): avc:  denied  { mounton } for  pid=3738 comm="syz-executor.3" path="/root/syzkaller-testdir792473726/syzkaller.mPZAZM/57/file0/file0/bus" dev="loop3" ino=1048737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=file permissive=1
[  122.453575][ T3768] loop4: detected capacity change from 0 to 256
[  122.497041][ T3768] incfs: Can't find or create .incomplete dir in ./file0
[  122.510934][ T3768] incfs: mount failed -28
[  122.518284][ T3768] incfs: Can't find or create .incomplete dir in ./file0
[  122.528406][ T3768] incfs: mount failed -28
[  122.582524][ T3779] binder: 3778:3779 ioctl c0306201 0 returned -14
[  122.605103][ T3779] input: syz0 as /devices/virtual/input/input19
[  122.619585][ T3756] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  122.646626][ T3756] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  122.659317][   T28] audit: type=1400 audit(887.459:565): avc:  denied  { create } for  pid=3781 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  122.671752][ T3772] loop2: detected capacity change from 0 to 32768
[  122.679063][ T3756] EXT4-fs (loop0): This should not happen!! Data will be lost
[  122.679063][ T3756] 
[  122.688802][   T28] audit: type=1400 audit(887.478:566): avc:  denied  { setopt } for  pid=3781 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  122.697345][ T3756] EXT4-fs (loop0): Total free blocks count 0
[  122.719900][ T3756] EXT4-fs (loop0): Free/Dirty block details
[  122.725883][ T3756] EXT4-fs (loop0): free_blocks=68451041280
[  122.731572][ T3756] EXT4-fs (loop0): dirty_blocks=16400
[  122.737015][ T3756] EXT4-fs (loop0): Block reservation details
[  122.742953][ T3756] EXT4-fs (loop0): i_reserved_data_blocks=1025
[  122.749437][ T3772]  loop2: p1 p2 p3 < p5 p6 p7 >
[  122.775194][  T357] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 2048 with error 28
[  122.906461][ T3808] syz-executor.2[3808] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  122.906529][ T3808] syz-executor.2[3808] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  122.969323][ T3237] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 0, start 0000ae15)
[  122.992630][ T3237] FAT-fs (loop3): Filesystem has been set read-only
[  122.999162][ T3237] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 0, start 0000ae15)
[  123.018643][ T3821] loop4: detected capacity change from 0 to 128
[  123.058739][  T523] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  123.264782][  T334] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  123.318761][  T523] usb 2-1: Using ep0 maxpacket: 32
[  123.449099][  T523] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  123.470520][  T523] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  123.480204][  T523] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  123.516420][  T523] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  123.526129][  T523] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  123.539143][  T523] usb 2-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[  123.548267][  T523] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.575089][  T523] usb 2-1: config 0 descriptor??
[  123.637417][ T3827] bridge0: port 1(bridge_slave_0) entered blocking state
[  123.644404][ T3827] bridge0: port 1(bridge_slave_0) entered disabled state
[  123.652999][ T3827] device bridge_slave_0 entered promiscuous mode
[  123.665771][  T334] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  123.676653][ T3827] bridge0: port 2(bridge_slave_1) entered blocking state
[  123.676729][  T334] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  123.693301][ T3827] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.702410][ T3827] device bridge_slave_1 entered promiscuous mode
[  123.711406][   T10] device bridge_slave_1 left promiscuous mode
[  123.717748][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.726328][   T10] device bridge_slave_0 left promiscuous mode
[  123.732704][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  123.743717][   T10] device veth1_macvtap left promiscuous mode
[  123.749727][   T10] device veth0_vlan left promiscuous mode
[  123.903910][  T334] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  123.913103][  T334] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.920986][  T334] usb 1-1: Product: syz
[  123.924983][  T334] usb 1-1: Manufacturer: syz
[  123.929335][  T334] usb 1-1: SerialNumber: syz
[  123.995401][ T3844] bpf_get_probe_write_proto: 2 callbacks suppressed
[  123.995413][ T3844] syz-executor.4[3844] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  124.002114][ T3844] syz-executor.4[3844] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  124.034304][ T3844] syz-executor.4[3844] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  124.046103][ T3844] syz-executor.4[3844] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  124.090257][ T3827] bridge0: port 2(bridge_slave_1) entered blocking state
[  124.108578][ T3827] bridge0: port 2(bridge_slave_1) entered forwarding state
[  124.115688][ T3827] bridge0: port 1(bridge_slave_0) entered blocking state
[  124.122483][ T3827] bridge0: port 1(bridge_slave_0) entered forwarding state
[  124.142999][  T523] ntrig 0003:1B96:000A.000F: unknown main item tag 0x0
[  124.149707][  T523] ntrig 0003:1B96:000A.000F: unknown main item tag 0x0
[  124.158579][  T332] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.163817][  T523] ntrig 0003:1B96:000A.000F: unknown main item tag 0x0
[  124.172251][  T332] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.179711][  T523] ntrig 0003:1B96:000A.000F: unknown main item tag 0x0
[  124.186600][  T523] ntrig 0003:1B96:000A.000F: unknown main item tag 0x0
[  124.196956][  T523] ntrig 0003:1B96:000A.000F: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.1-1/input0
[  124.220199][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  124.232816][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  124.262764][  T783] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  124.271535][  T783] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  124.284911][  T783] bridge0: port 1(bridge_slave_0) entered blocking state
[  124.291787][  T783] bridge0: port 1(bridge_slave_0) entered forwarding state
[  124.299069][  T783] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  124.307285][  T783] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  124.315325][  T783] bridge0: port 2(bridge_slave_1) entered blocking state
[  124.322189][  T783] bridge0: port 2(bridge_slave_1) entered forwarding state
[  124.348682][  T783] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  124.356626][  T783] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  124.364687][  T783] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  124.372664][  T783] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  124.390430][ T3827] device veth0_vlan entered promiscuous mode
[  124.399387][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  124.409440][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  124.418369][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  124.428278][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  124.449812][  T523] usb 2-1: USB disconnect, device number 8
[  124.454019][ T3827] device veth1_macvtap entered promiscuous mode
[  124.471110][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  124.480445][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  124.488336][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  124.497038][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  124.506522][  T696] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  124.645566][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  124.654484][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  124.678763][  T695] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  124.688730][  T695] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  124.735113][ T3865] loop4: detected capacity change from 0 to 128
[  125.171860][  T334] cdc_ncm 1-1:1.0: bind() failure
[  125.282827][   T28] audit: type=1400 audit(889.877:567): avc:  denied  { mounton } for  pid=3880 comm="syz-executor.1" path="/root/syzkaller-testdir683440490/syzkaller.riEeDw/34/file0" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  125.312308][  T334] cdc_ncm: probe of 1-1:1.1 failed with error -71
[  125.319202][ T3882] incfs: ino conflict with backing FS 1
[  125.330119][ T3882] incfs: ino conflict with backing FS 4
[  125.344793][  T334] cdc_mbim: probe of 1-1:1.1 failed with error -71
[  125.354904][  T334] usb 1-1: USB disconnect, device number 7
[  125.374372][   T28] audit: type=1400 audit(889.924:568): avc:  denied  { rename } for  pid=3880 comm="syz-executor.1" name=131377C5FC35D41454D5D41D29AD1A6029598146E6BE166E41AD0DBD4054033C9F33BBDA8224A2F3D772E7636E48B33CBF708372E8F1B9933EC5127743BE2206209EF02DF9CBF2F6E880D338 dev="incremental-fs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  125.412644][ T3876] loop3: detected capacity change from 0 to 32768
[  125.476214][ T3876]  loop3: p1 p2 p3 < p5 p6 p7 >
[  125.500709][ T3897] syz-executor.1[3897] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.500779][ T3897] syz-executor.1[3897] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.526636][ T3884] loop2: detected capacity change from 0 to 40427
[  125.547574][ T3884] F2FS-fs (loop2): Found nat_bits in checkpoint
[  125.586322][ T3884] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  125.619688][ T3107] syz-executor.2: attempt to access beyond end of device
[  125.619688][ T3107] loop2: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  125.635399][ T3107] syz-executor.2: attempt to access beyond end of device
[  125.635399][ T3107] loop2: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  125.654709][ T3107] syz-executor.2: attempt to access beyond end of device
[  125.654709][ T3107] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  125.941329][   T28] audit: type=1400 audit(890.487:569): avc:  denied  { mount } for  pid=3928 comm="syz-executor.3" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  126.012840][ T3926] loop0: detected capacity change from 0 to 32768
[  126.035088][ T3934] loop3: detected capacity change from 0 to 128
[  126.042446][ T3932] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.049598][ T3932] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.049623][ T3926]  loop0: p1 p2 p3 < p5 p6 p7 >
[  126.056865][ T3932] device bridge_slave_0 entered promiscuous mode
[  126.070363][ T3932] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.088160][ T3932] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.101373][ T3932] device bridge_slave_1 entered promiscuous mode
[  126.171249][ T3932] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.178126][ T3932] bridge0: port 2(bridge_slave_1) entered forwarding state
[  126.185220][ T3932] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.192013][ T3932] bridge0: port 1(bridge_slave_0) entered forwarding state
[  126.219080][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  126.227467][   T19] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.235168][   T19] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.266716][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  126.274720][  T315] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.281589][  T315] bridge0: port 1(bridge_slave_0) entered forwarding state
[  126.288848][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  126.296887][  T315] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.303743][  T315] bridge0: port 2(bridge_slave_1) entered forwarding state
[  126.311607][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  126.319335][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  126.334405][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  126.342607][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  126.351062][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  126.358643][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  126.369480][ T3932] device veth0_vlan entered promiscuous mode
[  126.381228][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  126.389939][ T3932] device veth1_macvtap entered promiscuous mode
[  126.401207][ T3047] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  126.409849][ T3047] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  126.430589][   T28] audit: type=1400 audit(890.939:570): avc:  denied  { create } for  pid=3951 comm="syz-executor.2" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=blk_file permissive=1
[  126.452197][   T28] audit: type=1400 audit(890.939:571): avc:  denied  { write } for  pid=3951 comm="syz-executor.2" name="bus" dev="sda1" ino=1968 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=blk_file permissive=1
[  126.548571][   T10] device bridge_slave_1 left promiscuous mode
[  126.554588][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.562051][   T10] device bridge_slave_0 left promiscuous mode
[  126.568017][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.575663][   T10] device veth1_macvtap left promiscuous mode
[  126.581560][   T10] device veth0_vlan left promiscuous mode
[  126.659370][ T3958] netlink: 'syz-executor.2': attribute type 27 has an invalid length.
[  126.674900][ T3958] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.681935][ T3958] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.688937][   T60] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  126.892000][ T3978] loop4: detected capacity change from 0 to 128
[  126.899801][ T3978] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  126.915012][ T3068] EXT4-fs (loop4): unmounting filesystem.
[  127.069511][ T4001] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  127.078859][   T60] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  127.096618][   T60] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  127.143417][ T3867] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  127.274269][   T60] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  127.284487][   T60] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.292487][   T60] usb 1-1: Product: syz
[  127.296625][   T60] usb 1-1: Manufacturer: syz
[  127.301011][   T60] usb 1-1: SerialNumber: syz
[  127.349599][ T4012] loop4: detected capacity change from 0 to 128
[  127.357422][ T4012] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  127.360206][ T4011] loop3: detected capacity change from 0 to 128
[  127.375694][ T3068] EXT4-fs (loop4): unmounting filesystem.
[  127.414141][ T3867] usb 3-1: Using ep0 maxpacket: 32
[  127.544160][ T3867] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  127.565852][ T3867] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  127.587508][ T3867] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  127.596463][ T3867] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.618867][ T3867] usb 3-1: config 0 descriptor??
[  127.641679][ T3969] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  127.663689][ T3867] hub 3-1:0.0: USB hub found
[  127.904564][ T4038] loop4: detected capacity change from 0 to 512
[  127.923410][ T3867] hub 3-1:0.0: 2 ports detected
[  127.935138][ T4038] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  127.949757][ T4038] EXT4-fs (loop4): orphan cleanup on readonly fs
[  127.958098][ T4038] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #17: comm syz-executor.4: iget: bad i_size value: -6917529027641081756
[  127.971824][ T4038] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz-executor.4: couldn't read orphan inode 17 (err -117)
[  127.984165][ T4038] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  128.280270][ T4044] incfs: ino conflict with backing FS 1
[  128.286382][ T4044] incfs: ino conflict with backing FS 4
[  128.627563][   T60] cdc_ncm 1-1:1.0: bind() failure
[  128.649225][   T60] cdc_ncm: probe of 1-1:1.1 failed with error -71
[  128.670917][   T60] cdc_mbim: probe of 1-1:1.1 failed with error -71
[  128.677936][   T60] usb 1-1: USB disconnect, device number 8
[  129.050810][ T3867] usb 3-1: USB disconnect, device number 8
[  129.347421][   T28] kauditd_printk_skb: 2 callbacks suppressed
[  129.347436][   T28] audit: type=1400 audit(893.625:574): avc:  denied  { read } for  pid=4071 comm="syz-executor.3" name="file2" dev="sda1" ino=1961 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=blk_file permissive=1
[  129.360323][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.383084][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.391763][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.393851][   T28] audit: type=1400 audit(893.625:575): avc:  denied  { ioctl } for  pid=4071 comm="syz-executor.3" path="/root/syzkaller-testdir2808239589/syzkaller.4iCqTJ/25/file2" dev="sda1" ino=1961 ioctlcmd=0x1288 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=blk_file permissive=1
[  129.399241][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.434451][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.442115][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.449473][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.456769][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.464063][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.471341][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.478650][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.485960][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.493515][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.500830][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.508227][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.515479][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.522805][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.530072][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.537355][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.544625][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.551906][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.559148][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.566456][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.573737][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.589618][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.597085][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.604514][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.612015][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.619891][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.627639][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.635382][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.642831][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.650138][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.662501][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.670060][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.677870][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.685256][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.692651][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.699903][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.707250][ T3867] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  129.715225][ T3867] hid-generic 0000:0000:0000.0010: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  129.753627][ T4086] loop3: detected capacity change from 0 to 256
[  129.786967][ T4086] incfs: Can't find or create .incomplete dir in ./file0
[  129.802029][ T4086] incfs: mount failed -28
[  129.816694][ T4086] incfs: Can't find or create .incomplete dir in ./file0
[  129.830455][ T4086] incfs: mount failed -28
[  129.904290][ T4082] loop2: detected capacity change from 0 to 40427
[  129.911202][ T4082] F2FS-fs (loop2): Magic Mismatch, valid(0xf2f52010) - read(0x1f10)
[  129.919214][ T4082] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  129.927891][ T4082] F2FS-fs (loop2): invalid crc value
[  129.934631][ T4082] F2FS-fs (loop2): Found nat_bits in checkpoint
[  129.959172][ T4082] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  129.966181][ T4082] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  130.062589][ T4097] loop1: detected capacity change from 0 to 256
[  130.069471][ T4097] FAT-fs (loop1): Unrecognized mount option "shortn" or missing value
[  130.820136][ T4112] loop3: detected capacity change from 0 to 256
[  130.843645][ T4116] usb usb8: usbfs: process 4116 (syz-executor.3) did not claim interface 0 before use
[  130.863630][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  130.871592][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  130.878858][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  130.886648][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  130.893904][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  130.901163][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  130.908425][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  130.915698][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  130.922958][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  130.930547][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  130.937871][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  130.940976][   T28] audit: type=1326 audit(895.092:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4122 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facc427cea9 code=0x7ffc0000
[  130.945407][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  130.974066][   T28] audit: type=1326 audit(895.092:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4122 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7facc427cea9 code=0x7ffc0000
[  130.975415][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.005667][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.012970][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.020201][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.027510][   T28] audit: type=1326 audit(895.092:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4122 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facc427cea9 code=0x7ffc0000
[  131.037536][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.058433][ T3068] EXT4-fs (loop4): unmounting filesystem.
[  131.066725][   T28] audit: type=1326 audit(895.092:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4122 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7facc427cea9 code=0x7ffc0000
[  131.071237][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.090643][   T28] audit: type=1326 audit(895.176:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4122 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facc427cea9 code=0x7ffc0000
[  131.099344][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.120582][   T28] audit: type=1326 audit(895.203:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4122 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facc427cea9 code=0x7ffc0000
[  131.132651][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.150947][   T28] audit: type=1326 audit(895.203:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4122 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7facc427a627 code=0x7ffc0000
[  131.180403][   T28] audit: type=1326 audit(895.203:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4122 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7facc42402e9 code=0x7ffc0000
[  131.189257][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.214062][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.221442][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.228716][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.235855][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.243511][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.252622][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.259883][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.267419][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.274798][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.282019][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.289210][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.296453][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.308963][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.316285][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.323533][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.330749][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.338072][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.345315][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.352615][ T3047] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  131.384357][ T3047] hid-generic 0000:0000:0000.0011: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  131.771639][ T4150] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.778612][ T4150] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.787204][ T4150] device bridge_slave_0 entered promiscuous mode
[  131.796214][ T4150] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.803169][ T4150] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.810439][ T4150] device bridge_slave_1 entered promiscuous mode
[  131.905781][ T4150] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.912669][ T4150] bridge0: port 2(bridge_slave_1) entered forwarding state
[  131.919746][ T4150] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.926548][ T4150] bridge0: port 1(bridge_slave_0) entered forwarding state
[  131.952683][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  131.973653][  T315] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.981584][  T315] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.998245][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  132.006181][  T315] bridge0: port 1(bridge_slave_0) entered blocking state
[  132.013016][  T315] bridge0: port 1(bridge_slave_0) entered forwarding state
[  132.020272][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  132.028289][  T315] bridge0: port 2(bridge_slave_1) entered blocking state
[  132.035124][  T315] bridge0: port 2(bridge_slave_1) entered forwarding state
[  132.250723][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  132.273706][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  132.289257][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  132.299918][ T3047] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  132.307695][ T3047] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  132.314972][ T3047] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  132.330068][ T4150] device veth0_vlan entered promiscuous mode
[  132.341791][ T3047] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  132.351283][ T4150] device veth1_macvtap entered promiscuous mode
[  132.375360][ T3047] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  132.389189][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  132.472327][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  132.480168][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  132.487492][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  132.494727][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  132.502214][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  132.509488][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  132.516647][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  132.527297][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  132.535645][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  132.543988][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  132.554511][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  132.569518][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  132.888486][  T343] device bridge_slave_1 left promiscuous mode
[  132.928008][  T343] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.947718][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  132.955028][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  132.962184][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  132.969366][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  132.969529][  T343] device bridge_slave_0 left promiscuous mode
[  132.976566][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  132.976606][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  132.982635][  T343] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.989720][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  133.010985][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  133.018156][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  133.018240][  T343] device veth1_macvtap left promiscuous mode
[  133.025322][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  133.025343][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  133.025362][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  133.031302][  T343] device veth0_vlan left promiscuous mode
[  133.038379][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  133.065590][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  133.072772][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  133.079963][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  133.087251][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  133.094489][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  133.101681][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  133.108926][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  133.116120][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  133.123298][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  133.130538][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  133.137719][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  133.144909][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  133.152159][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  133.159339][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  133.166540][  T315] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  133.176228][  T315] hid-generic 0000:0000:0000.0012: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  133.347378][ T4204] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.3'.
[  133.470472][   T60] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  133.546634][ T4216] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  133.752181][   T60] usb 2-1: Using ep0 maxpacket: 8
[  133.936619][   T60] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  133.945658][   T60] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  133.955840][   T60] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  134.055495][  T783] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  134.131358][   T60] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  134.140354][   T60] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  134.149844][   T60] usb 2-1: Product: syz
[  134.154119][   T60] usb 2-1: SerialNumber: syz
[  134.290906][ T4252] loop2: detected capacity change from 0 to 512
[  134.299556][ T4252] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz-executor.2: inode #1: comm syz-executor.2: iget: illegal inode #
[  134.313373][ T4252] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 1 err=-117
[  134.326384][  T783] usb 5-1: Using ep0 maxpacket: 32
[  134.333140][ T4252] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz-executor.2: inode #1: comm syz-executor.2: iget: illegal inode #
[  134.347797][ T4252] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 1 err=-117
[  134.362156][ T4252] EXT4-fs (loop2): 1 orphan inode deleted
[  134.367854][ T4252] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  134.388748][ T4256] loop0: detected capacity change from 0 to 16
[  134.395643][ T4256] erofs: Unknown parameter '������1844674407370955161518446744073709551615������������01777777777777777777777��������0xffffffffffffffff|}��v�).ij��I�7�&���@>r��'�p'
[  134.434311][ T4191] loop1: detected capacity change from 0 to 256
[  134.465641][ T4191] FAT-fs (loop1): Directory bread(block 64) failed
[  134.472556][ T4191] FAT-fs (loop1): Directory bread(block 65) failed
[  134.479927][ T3932] EXT4-fs (loop2): unmounting filesystem.
[  134.485968][ T4191] FAT-fs (loop1): Directory bread(block 66) failed
[  134.492963][ T4191] FAT-fs (loop1): Directory bread(block 67) failed
[  134.499431][ T4191] FAT-fs (loop1): Directory bread(block 68) failed
[  134.500212][  T783] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  134.517472][ T4191] FAT-fs (loop1): Directory bread(block 69) failed
[  134.523922][ T4191] FAT-fs (loop1): Directory bread(block 70) failed
[  134.530290][  T783] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  134.539874][ T4191] FAT-fs (loop1): Directory bread(block 71) failed
[  134.546255][ T4191] FAT-fs (loop1): Directory bread(block 72) failed
[  134.552901][ T4191] FAT-fs (loop1): Directory bread(block 73) failed
[  134.683966][  T783] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  134.693370][  T783] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  134.712773][  T783] usb 5-1: Product: syz
[  134.716797][  T783] usb 5-1: Manufacturer: syz
[  134.760122][  T783] hub 5-1:4.0: USB hub found
[  134.786404][ T4272] loop2: detected capacity change from 0 to 1024
[  134.793287][ T4272] EXT4-fs: Ignoring removed oldalloc option
[  134.799054][ T4272] ext4: Unknown parameter 'fsuuid'
[  134.967150][ T4191] syz-executor.1: attempt to access beyond end of device
[  134.967150][ T4191] loop1: rw=2049, sector=1800, nr_sectors = 24 limit=256
[  134.988236][ T4286] binder: 4285:4286 ioctl c0306201 20000880 returned -14
[  134.998150][  T783] hub 5-1:4.0: 2 ports detected
[  135.052440][   T60] usb 2-1: 0:2 : does not exist
[  135.058081][   T60] usb 2-1: USB disconnect, device number 9
[  135.182649][ T4307] device veth0_vlan left promiscuous mode
[  135.188498][ T4307] device veth0_vlan entered promiscuous mode
[  135.195524][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  135.206404][ T4307] loop0: detected capacity change from 0 to 2048
[  135.209258][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  135.220848][  T416] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  135.222201][ T4312] binder: 4311:4312 ioctl c0306201 20000880 returned -14
[  135.239349][ T4307] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  135.616743][ T4330] loop1: detected capacity change from 0 to 1024
[  135.623927][ T4330] EXT4-fs: Ignoring removed oldalloc option
[  135.638093][ T4330] ext4: Unknown parameter 'fsuuid'
[  135.652919][ T4335] syz-executor.3[4335] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  135.652992][ T4335] syz-executor.3[4335] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  135.772793][ T4333] loop2: detected capacity change from 0 to 40427
[  135.792088][ T4333] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  135.800577][ T4333] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  135.813414][ T4333] F2FS-fs (loop2): invalid crc value
[  135.859647][ T4345] loop3: detected capacity change from 0 to 16
[  135.866712][ T4345] erofs: Unknown parameter '������1844674407370955161518446744073709551615������������01777777777777777777777��������0xffffffffffffffff|}��v�).ij��I�7�&���@>r��'�p'
[  135.990485][ T4333] F2FS-fs (loop2): Found nat_bits in checkpoint
[  136.022977][ T4333] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  136.029960][ T4333] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  136.110090][ T2288] EXT4-fs (loop0): unmounting filesystem.
[  136.460709][  T783] hub 5-1:4.0: activate --> -90
[  136.471640][ T3047] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  136.602664][ T4366] device wg2 entered promiscuous mode
[  137.032661][    C1] IPv4: Oversized IP packet from 172.20.20.10
[  137.039280][   T60] usb 5-1: USB disconnect, device number 11
[  137.056669][  T783] hub 5-1:4.0: hub_ext_port_status failed (err = -71)
[  137.186705][ T3047] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.203019][ T3047] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  137.222589][ T3047] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  137.229246][ T4393] loop1: detected capacity change from 0 to 40427
[  137.236199][ T3047] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.246271][ T3047] usb 3-1: config 0 descriptor??
[  137.251833][ T4393] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  137.259431][ T4393] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  137.268207][ T4393] F2FS-fs (loop1): invalid crc value
[  137.275061][ T4393] F2FS-fs (loop1): Found nat_bits in checkpoint
[  137.298442][ T4393] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  137.305375][ T4393] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  137.581234][ T4410] loop3: detected capacity change from 0 to 1024
[  137.587981][ T4410] EXT4-fs: Ignoring removed mblk_io_submit option
[  137.609761][ T4410] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  137.635859][ T3827] EXT4-fs (loop3): unmounting filesystem.
[  137.695848][   T60] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  137.707934][    T8] Bluetooth: hci0: Frame reassembly failed (-84)
[  137.966877][ T3047] hid (null): bogus close delimiter
[  138.096637][   T60] usb 2-1: Using ep0 maxpacket: 32
[  138.195473][ T3047] usb 3-1: language id specifier not provided by device, defaulting to English
[  138.226695][   T60] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  138.243076][   T60] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  138.252825][   T60] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  138.263511][   T60] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  138.273008][   T60] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  138.285873][   T60] usb 2-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[  138.294927][   T60] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.305221][   T60] usb 2-1: config 0 descriptor??
[  138.737729][ T3047] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0013/input/input22
[  138.750395][ T3047] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0013/input/input23
[  138.763073][ T3047] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0013/input/input24
[  138.776382][ T3047] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0013/input/input25
[  138.791737][ T3047] uclogic 0003:256C:006D.0013: input,hiddev96,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.2-1/input0
[  138.931434][   T60] ntrig 0003:1B96:000A.0014: unknown main item tag 0x0
[  138.938143][   T60] ntrig 0003:1B96:000A.0014: unknown main item tag 0x0
[  138.944961][   T60] ntrig 0003:1B96:000A.0014: unknown main item tag 0x0
[  138.951731][   T60] ntrig 0003:1B96:000A.0014: unknown main item tag 0x0
[  138.958492][   T60] ntrig 0003:1B96:000A.0014: unknown main item tag 0x0
[  138.965448][   T19] usb 3-1: USB disconnect, device number 9
[  138.965959][   T60] ntrig 0003:1B96:000A.0014: hidraw1: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.1-1/input0
[  139.125926][ T3047] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  139.213585][   T60] usb 2-1: USB disconnect, device number 10
[  139.396769][ T3047] usb 5-1: Using ep0 maxpacket: 32
[  139.537670][ T3047] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  139.548502][  T334] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  139.555860][ T3047] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  139.689368][ T3047] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  139.698353][ T3047] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  139.706562][ T3047] usb 5-1: Product: syz
[  139.710632][ T3047] usb 5-1: Manufacturer: syz
[  139.765572][ T3047] hub 5-1:4.0: USB hub found
[  139.938509][ T4425] Bluetooth: hci0: command 0x1003 tx timeout
[  139.938534][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  139.981839][  T334] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  139.992657][  T334] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  140.002146][  T334] usb 1-1: New USB device found, idVendor=046d, idProduct=c29a, bcdDevice= 0.00
[  140.011113][ T3047] hub 5-1:4.0: 2 ports detected
[  140.015940][  T315] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  140.023389][  T334] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.031697][  T334] usb 1-1: config 0 descriptor??
[  140.209345][  T783] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  140.246454][ T4498] loop3: detected capacity change from 0 to 32768
[  140.296365][ T4498]  loop3: p1 p3 < >
[  140.306839][  T315] usb 3-1: Using ep0 maxpacket: 8
[  140.361756][    T8] Bluetooth: hci0: Frame reassembly failed (-84)
[  140.458566][  T315] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  140.467118][  T315] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  140.476982][  T315] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  140.567444][  T334] logitech 0003:046D:C29A.0015: unknown main item tag 0x0
[  140.574387][  T334] logitech 0003:046D:C29A.0015: item fetching failed at offset 5/7
[  140.582234][  T334] logitech 0003:046D:C29A.0015: parse failed
[  140.588043][  T334] logitech: probe of 0003:046D:C29A.0015 failed with error -22
[  140.599406][  T783] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  140.610255][  T783] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  140.619788][  T783] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  140.628693][  T783] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.636835][  T783] usb 2-1: config 0 descriptor??
[  140.696910][  T315] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  140.705809][  T315] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.713622][  T315] usb 3-1: Product: syz
[  140.717570][  T315] usb 3-1: SerialNumber: syz
[  140.784920][  T334] usb 1-1: USB disconnect, device number 9
[  140.980246][ T4463] loop2: detected capacity change from 0 to 256
[  140.991825][ T4463] FAT-fs (loop2): Directory bread(block 64) failed
[  140.998176][ T4463] FAT-fs (loop2): Directory bread(block 65) failed
[  141.004588][ T4463] FAT-fs (loop2): Directory bread(block 66) failed
[  141.010836][ T4463] FAT-fs (loop2): Directory bread(block 67) failed
[  141.017232][ T4463] FAT-fs (loop2): Directory bread(block 68) failed
[  141.023539][ T4463] FAT-fs (loop2): Directory bread(block 69) failed
[  141.029856][ T4463] FAT-fs (loop2): Directory bread(block 70) failed
[  141.036216][ T4463] FAT-fs (loop2): Directory bread(block 71) failed
[  141.042545][ T4463] FAT-fs (loop2): Directory bread(block 72) failed
[  141.048883][ T4463] FAT-fs (loop2): Directory bread(block 73) failed
[  141.152157][  T783] hid (null): bogus close delimiter
[  141.301971][ T4463] syz-executor.2: attempt to access beyond end of device
[  141.301971][ T4463] loop2: rw=2049, sector=1800, nr_sectors = 24 limit=256
[  141.390334][  T783] usb 2-1: language id specifier not provided by device, defaulting to English
[  141.401216][  T334] hub 5-1:4.0: activate --> -90
[  141.405971][  T315] usb 3-1: 0:2 : does not exist
[  141.411458][  T315] usb 3-1: USB disconnect, device number 10
[  141.437995][ T4512] EXT4-fs warning (device sda1): verify_group_input:151: Cannot add at group 49 (only 8 groups)
[  141.497330][ T4513] loop0: detected capacity change from 0 to 512
[  141.522331][ T4513] EXT4-fs (loop0): orphan cleanup on readonly fs
[  141.529056][ T4513] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz-executor.0: bg 0: block 248: padding at end of block bitmap is not set
[  141.543775][ T4513] __quota_error: 126 callbacks suppressed
[  141.543787][ T4513] Quota error (device loop0): write_blk: dquota write failed
[  141.556600][ T4513] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  141.566634][ T4513] EXT4-fs (loop0): 1 truncate cleaned up
[  141.572464][ T4513] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  141.612168][ T2288] EXT4-fs (loop0): unmounting filesystem.
[  141.791734][   T60] usb 5-1: USB disconnect, device number 12
[  141.812799][  T334] hub 5-1:4.0: hub_ext_port_status failed (err = -71)
[  141.868776][  T783] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0016/input/input26
[  141.889634][  T783] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0016/input/input27
[  141.902387][  T783] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0016/input/input28
[  141.929528][  T783] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0016/input/input29
[  141.944118][  T783] uclogic 0003:256C:006D.0016: input,hiddev96,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.1-1/input0
[  141.966036][ T4526] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  142.089519][  T334] usb 2-1: USB disconnect, device number 11
[  142.528780][ T4550] incfs: Options parsing error. -22
[  142.533892][ T4550] incfs: mount failed -22
[  142.614594][ T4424] Bluetooth: hci0: command 0x1003 tx timeout
[  142.614594][ T4475] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  142.715228][ T4576] 9p: Unknown Cache mode mmap"
[  142.727970][   T28] audit: type=1400 audit(905.975:710): avc:  denied  { write } for  pid=4577 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  143.510157][ T4588] loop3: detected capacity change from 0 to 512
[  143.555897][ T4588] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  143.611706][ T4588] EXT4-fs (loop3): orphan cleanup on readonly fs
[  143.618383][ T4588] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #17: comm syz-executor.3: iget: bad i_size value: -6917529027641081756
[  143.619399][ T4595] syz-executor.1[4595] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  143.632061][ T4588] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz-executor.3: couldn't read orphan inode 17 (err -117)
[  143.655991][ T4595] syz-executor.1[4595] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  143.656970][ T4588] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  143.705330][ T4595] syz-executor.1[4595] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  143.705404][ T4595] syz-executor.1[4595] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  143.726001][  T343] Bluetooth: hci0: Frame reassembly failed (-84)
[  143.743931][   T28] audit: type=1400 audit(906.898:711): avc:  denied  { write } for  pid=4598 comm="syz-executor.4" path="socket:[41337]" dev="sockfs" ino=41337 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  144.120485][  T783] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  144.510544][  T783] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.521424][  T783] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  144.531016][  T783] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  144.539885][  T783] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.548096][  T783] usb 3-1: config 0 descriptor??
[  144.666318][ T4622] EXT4-fs warning (device sda1): verify_group_input:151: Cannot add at group 49 (only 8 groups)
[  144.701293][ T4622] loop4: detected capacity change from 0 to 512
[  144.708956][ T4622] EXT4-fs (loop4): orphan cleanup on readonly fs
[  144.715622][ T4622] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz-executor.4: bg 0: block 248: padding at end of block bitmap is not set
[  144.730535][ T4622] Quota error (device loop4): write_blk: dquota write failed
[  144.737808][ T4622] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  144.748101][ T4622] EXT4-fs (loop4): 1 truncate cleaned up
[  144.754611][ T4622] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  144.796091][ T4150] EXT4-fs (loop4): unmounting filesystem.
[  145.069251][ T4627] syz-executor.1[4627] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  145.069314][ T4627] syz-executor.1[4627] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  145.081818][ T4627] syz-executor.1[4627] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  145.093470][ T4627] syz-executor.1[4627] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  145.106069][ T4630] loop4: detected capacity change from 0 to 1024
[  145.124033][ T4630] EXT4-fs: Ignoring removed orlov option
[  145.129820][ T4630] EXT4-fs: Ignoring removed nomblk_io_submit option
[  145.141115][ T4630] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  145.152756][   T28] audit: type=1400 audit(908.218:712): avc:  denied  { map } for  pid=4629 comm="syz-executor.4" path="/root/syzkaller-testdir2420027151/syzkaller.E8Yn9Q/36/file1/file0/bus" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  145.155528][ T4630] EXT4-fs error (device loop4): get_max_inline_xattr_value_size:69: inode #12: comm syz-executor.4: corrupt xattr in inline inode
[  145.196292][ T4630] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2213: inode #12: comm syz-executor.4: corrupted in-inode xattr
[  145.218010][   T28] audit: type=1400 audit(908.273:713): avc:  denied  { unmount } for  pid=4150 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  145.237781][ T4150] ==================================================================
[  145.245661][ T4150] BUG: KASAN: use-after-free in ext4_xattr_delete_inode+0xcd0/0xce0
[  145.253470][ T4150] Read of size 4 at addr ffff8881374f5000 by task syz-executor.4/4150
[  145.261453][ T4150] 
[  145.263625][ T4150] CPU: 0 PID: 4150 Comm: syz-executor.4 Not tainted 6.1.78-syzkaller-00003-gdda68b1657b1 #0
[  145.273521][ T4150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  145.283421][ T4150] Call Trace:
[  145.286552][ T4150]  <TASK>
[  145.289338][ T4150]  dump_stack_lvl+0x151/0x1b7
[  145.293829][ T4150]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  145.299120][ T4150]  ? _printk+0xd1/0x111
[  145.303116][ T4150]  ? __virt_addr_valid+0x242/0x2f0
[  145.308062][ T4150]  print_report+0x158/0x4e0
[  145.312401][ T4150]  ? __virt_addr_valid+0x242/0x2f0
[  145.317349][ T4150]  ? kasan_addr_to_slab+0xd/0x80
[  145.322123][ T4150]  ? ext4_xattr_delete_inode+0xcd0/0xce0
[  145.327591][ T4150]  kasan_report+0x13c/0x170
[  145.331929][ T4150]  ? ext4_xattr_delete_inode+0xcd0/0xce0
[  145.337399][ T4150]  __asan_report_load4_noabort+0x14/0x20
[  145.342866][ T4150]  ext4_xattr_delete_inode+0xcd0/0xce0
[  145.348163][ T4150]  ? sb_end_intwrite+0x130/0x130
[  145.352934][ T4150]  ? ext4_expand_extra_isize_ea+0x1c40/0x1c40
[  145.358837][ T4150]  ? __kasan_check_read+0x11/0x20
[  145.363698][ T4150]  ? ext4_inode_is_fast_symlink+0x295/0x3d0
[  145.369424][ T4150]  ? ext4_evict_inode+0xbc2/0x1550
[  145.374372][ T4150]  ext4_evict_inode+0xef9/0x1550
[  145.379146][ T4150]  ? _raw_spin_unlock+0x4c/0x70
[  145.383835][ T4150]  ? ext4_inode_is_fast_symlink+0x3d0/0x3d0
[  145.389560][ T4150]  ? __kasan_check_write+0x14/0x20
[  145.394515][ T4150]  ? _raw_spin_lock+0xa4/0x1b0
[  145.399108][ T4150]  ? _raw_spin_trylock_bh+0x190/0x190
[  145.404315][ T4150]  ? ext4_inode_is_fast_symlink+0x3d0/0x3d0
[  145.410046][ T4150]  evict+0x2a3/0x630
[  145.413785][ T4150]  iput+0x642/0x870
[  145.417422][ T4150]  vfs_rmdir+0x3c2/0x500
[  145.421502][ T4150]  do_rmdir+0x3ab/0x630
[  145.425496][ T4150]  ? d_delete_notify+0x160/0x160
[  145.430271][ T4150]  __x64_sys_unlinkat+0xdf/0xf0
[  145.434953][ T4150]  do_syscall_64+0x3d/0xb0
[  145.439205][ T4150]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  145.444936][ T4150] RIP: 0033:0x7f32cfc7c687
[  145.449189][ T4150] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  145.468631][ T4150] RSP: 002b:00007fff4b304ce8 EFLAGS: 00000207 ORIG_RAX: 0000000000000107
[  145.476875][ T4150] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007f32cfc7c687
[  145.484685][ T4150] RDX: 0000000000000200 RSI: 00007fff4b305e90 RDI: 00000000ffffff9c
[  145.492499][ T4150] RBP: 00007f32cfcd9636 R08: 0000000000000000 R09: 0000000000000000
[  145.500308][ T4150] R10: 0000000000000100 R11: 0000000000000207 R12: 00007fff4b305e90
[  145.508121][ T4150] R13: 00007f32cfcd9636 R14: 0000000000022384 R15: 0000000000000007
[  145.515937][ T4150]  </TASK>
[  145.518795][ T4150] 
[  145.520964][ T4150] The buggy address belongs to the physical page:
[  145.527225][ T4150] page:ffffea0004dd3d40 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x1374f5
[  145.537283][ T4150] flags: 0x4000000000000000(zone=1)
[  145.542324][ T4150] raw: 4000000000000000 ffffea0004dd3c48 ffffea0004f3ed08 0000000000000000
[  145.550743][ T4150] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[  145.559154][ T4150] page dumped because: kasan: bad access detected
[  145.565412][ T4150] page_owner tracks the page as freed
[  145.570611][ T4150] page last allocated via order 0, migratetype Movable, gfp_mask 0x8140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO|__GFP_CMA), pid 4629, tgid 4629 (syz-executor.4), ts 145149999417, free_ts 145213698711
[  145.590402][ T4150]  post_alloc_hook+0x213/0x220
[  145.595001][ T4150]  prep_new_page+0x1b/0x110
[  145.599339][ T4150]  get_page_from_freelist+0x27ea/0x2870
[  145.604721][ T4150]  __alloc_pages+0x3a1/0x780
[  145.609148][ T4150]  __folio_alloc+0x15/0x40
[  145.613399][ T4150]  wp_page_copy+0x23b/0x1690
[  145.617826][ T4150]  do_wp_page+0xc25/0xdf0
[  145.621991][ T4150]  handle_mm_fault+0x15a2/0x2f40
[  145.626766][ T4150]  exc_page_fault+0x3b3/0x700
[  145.631280][ T4150]  asm_exc_page_fault+0x27/0x30
[  145.635967][ T4150] page last free stack trace:
[  145.640480][ T4150]  free_unref_page_prepare+0x83d/0x850
[  145.645776][ T4150]  free_unref_page_list+0xf1/0x7b0
[  145.650726][ T4150]  release_pages+0xf7f/0xfe0
[  145.655149][ T4150]  free_pages_and_swap_cache+0x8a/0xa0
[  145.660441][ T4150]  tlb_finish_mmu+0x1e0/0x3f0
[  145.664957][ T4150]  exit_mmap+0x421/0x940
[  145.669033][ T4150]  __mmput+0x95/0x310
[  145.672853][ T4150]  mmput+0x56/0x170
[  145.676497][ T4150]  do_exit+0xb29/0x2b80
[  145.680491][ T4150]  do_group_exit+0x21a/0x2d0
[  145.684917][ T4150]  get_signal+0x169d/0x1820
[  145.689258][ T4150]  arch_do_signal_or_restart+0xb0/0x16f0
[  145.694726][ T4150]  exit_to_user_mode_loop+0x74/0xa0
[  145.699759][ T4150]  exit_to_user_mode_prepare+0x5a/0xa0
[  145.705055][ T4150]  syscall_exit_to_user_mode+0x26/0x140
[  145.710435][ T4150]  do_syscall_64+0x49/0xb0
[  145.714690][ T4150] 
[  145.716859][ T4150] Memory state around the buggy address:
[  145.722331][ T4150]  ffff8881374f4f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  145.730229][ T4150]  ffff8881374f4f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  145.738125][ T4150] >ffff8881374f5000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  145.746020][ T4150]                    ^
[  145.749928][ T4150]  ffff8881374f5080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  145.757828][ T4150]  ffff8881374f5100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
1970/01/01 00:15:08 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  145.765724][ T4150] ==================================================================
[  145.773875][ T4150] Disabling lock debugging due to kernel taint
[  145.825521][ T4150] EXT4-fs (loop4): unmounting filesystem.
[  145.885796][ T4588] EXT4-fs (loop3): unmounting filesystem.
[  145.908203][ T4475] Bluetooth: hci0: Opcode 0x1003 failed: -110