last executing test programs:

16.137544241s ago: executing program 4 (id=3601):
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_emit_ethernet(0x3a, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x3, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x4, 0x0, @empty, @multicast1}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)

15.998022712s ago: executing program 4 (id=3604):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000080)=ANY=[@ANYRES16=0x0], 0x0, 0x1ca, &(0x7f00000008c0)="$eJzsmb+uEkEUxr+Z3QvcG2NiY2GjiTfxmlyW3UUNjQU+gQn4r5PIStAFDGwBJBbExsbH8BUsqCzs7Gy1UBMTCymt18xw2B35J8QQSTy/hNlvZs7MnDnAVwAYhvlv+frl5+dXt0rVUwBncIwsjX+30hhpxH/Kkfj4+l377PPx/H4CQBxvfr4N4G3ZQkT9OP599TE9q5CJvgOJq6TvQcAh/RASd0kHEHhA+omhO4ckwsB51Anrj5th4KrGU42vmuJ8fpORQB1AjvITxnxvMHxaC8OgOy8O4tk5C1Pbij/Uz56UJW4a9VPv1/2XL0aqP6uNa9TPg4RHugiBCukSsnAcJy2Jcf8Ldrq/tcn990Gcy6+LOd2DDFn8AyGMkUMl1Bc6GTk/Gb9fXPVtl4ld2u2VQZ69MPXh6O92zpAJLI1J/VNZ7hXDn2zYiX8UotazQm8wzDdbtUbQCNq+X7zhXnPd635BG9G0XeN/Oe1PR8b+BytiMyKDfi2Kul4fiLpe0venreG4lTedH3qN1P4ncXJ5uof6qOhrZ5efIegl9VOpE2tl8gzDMAzDMAzDMAzDMAzDMFtxEUL/Ckp/VMUr8G/r6F8BAAD///ckZMc=")
chdir(&(0x7f0000000240)='./file0\x00')
mount(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0)

15.851675022s ago: executing program 4 (id=3607):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f00000001c0)='kfree\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x5, &(0x7f0000000400)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="180900000000000000000000000000001812", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e000000020013000200000000000000ff0800ed05000600200000000a0006000000000026b900000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0)
sendmmsg(r7, &(0x7f0000000180), 0x400008a, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x4000040)
ioctl$F2FS_IOC_MOVE_RANGE(r5, 0xc020f509, 0x0)
r8 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r8, 0xaf01, 0x0)
socket$key(0xf, 0x3, 0x2)

13.008657554s ago: executing program 4 (id=3613):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r1, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x4}}, 0x26)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
connect$inet6(r0, &(0x7f00000003c0)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
sendmsg$NL80211_CMD_GET_POWER_SAVE(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000580)={0x0, 0x14}}, 0x0)

12.985310056s ago: executing program 4 (id=3614):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b00000000001b000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000006ffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x3ffffffffffffda, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000780)=ANY=[@ANYBLOB="61122400000000006113340000000000bf1000000000000015000a00091b00003d030100000000008701000000000000bc26000000000000bf67000000000000560300000ee600f06702000014000000160300000ee600f0bf050000000000000f610000000000006507f4ff02000400070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe7030586e3f640f9f7e9a73b761ad4f0952a70046270d2b6436fdeecd791614ed46de741eb8cf91c046ef9beca574b350021c7ec6ef130f53748068ca432dae4e248b22b9ad8b2811f67916a1764578cba4b069037bfb3362d5691ac397f7e207145d970f0d97867552629b146645c785fb77dbeca38e49a9d5221f1f45f0a25890d04d91a15a05ae7e7ed6252c3d6c1973fb858de1da70d67317e7872b0603ce47ed2c1520e71b527bb42aa2e20e1e85df73736ed0a782ab7e7278dd54358cfdf6313d40f926332623625b49626481054787ab2dff85a9bebd6b317f26c691a65aa97bb3d1506a3a565e9c7ea5ad4611d2d77ee8a5c1b23814a26b6a20061fbb65bdd03770fa849f2a29ba69f90625f42592a70ba890f7a92878ae73574c3a233ee5954119931a1905210715fa77a8795f2fbec3797cb90f59fe8a4abec25f40c87bf25b750bbaa"], &(0x7f0000000100)='GPL\x00'}, 0x48)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB, @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',\x00'])
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x3, 0x924, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
recvmsg$can_raw(r3, &(0x7f0000000280)={&(0x7f0000000040)=@l2={0x1f, 0x0, @none}, 0x80, &(0x7f00000007c0)=[{&(0x7f00000004c0)=""/222, 0xde}, {&(0x7f00000005c0)=""/254, 0xfe}, {&(0x7f00000006c0)=""/200, 0xc8}, {&(0x7f0000000180)=""/104, 0x68}, {&(0x7f0000000200)=""/42, 0x2a}, {&(0x7f00000008c0)=""/141, 0x8d}, {&(0x7f00000003c0)=""/113, 0x71}], 0x7, &(0x7f0000000b40)=""/4096, 0x1000}, 0x2)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r4, 0x400455c8, 0x0)

8.047809382s ago: executing program 2 (id=3630):
syz_mount_image$ext4(&(0x7f0000000800)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2040d0, &(0x7f0000000c40)={[{@jqfmt_vfsv0}, {@nojournal_checksum}, {@barrier}, {@barrier}, {@test_dummy_encryption}, {@nomblk_io_submit}]}, 0xff, 0x4ab, &(0x7f0000000080)="$eJzs3DtsHEUfAPD/nu34+/KyCeGREMAQEBEPO3ECSYHEQ0KiAIQERSgPx4lCLjGKjYQjixgUhQYJIiFaBKJBUFNQUSGgQqKhgB5FipCbhFSH9m7vOJ99j1wuPj9+P2m9M3t7NzO7O7szO94NYMMaSf8kEVsj4o+IGIqIXP0KI+XZtYW5iX8W5iaSKBZf+ztJvxZXF+YmKqsm2XxLOdKfznIXknh2mXSnZ8+dyhcKk2ez+NjM6bfHpmfPPXHydP7E5InJM+NHjhw6eODwU+NPdqWct6V53f3e1J5dL75x6eWJo5fe/PnbpCbTteWo2wIdGoj5mm1S7+EupLCabKsJJ/1NV+3GxqVLBiNKFXWgVP+Hou/C9upnQ/HCBz3NHHBLFYvF4njjj+eLwDqWRK9zAPRG5UJ/deGzibQPvLgfvP5dea7cAUrLfS2byp2e/mpHdaCuf9tNcxFxdP765+kUS+5DAAB03w9p++fxcrtjcfsvF3fWrLc9GxsazsZSdkTE7RGxMyLuiCite1dE3H2D6Y/UxZe2f3KXOypYm9L239PZ2FZlytKtrDLcl8W2lco/kBw/WZjcn22TfTEwmMYPLPvrSZQGgeK3jxulP1LT/kunNP1KWzDLx+X+wcXfOZafyd90wTNX3o/Y3b9c+bMBvGwMa1dE7O4wjZOPfr1n8ZK+aqh1+ZtoPs7UluIXEY+U9/981JW/Imk+Pjn2vyhM7h+rHBVL/fLrxVcbpX9T5e+CdP9vXvb4r5Z/OKkdr51e8hObWqVx8c8PG/ZpRiKeiQ6O/03J64sSfzc/M3O9GLEpeWnJ8rM1N7gr8dL8QLn8+/YuX/93xH9b4p6ISA/ieyPivoi4P9t3D0TEgxGxt0n5f3r+obealL+n+z++KZ+h2tr/lf1QPhCqR0SrQN+pH79vlHx7579DpdC+bEk75792M9jhVgMAAIA1JRcRWyPJjVbDudzoaPl/+HfG5lxhanrmseNT75w5Vn5GYDgGcpU7XUNZPLL7n8PleKn3PV6aR5zP7pcezO4bf9r3/1J8dGKqcKzXhYcNbkuD+p/6q6/XuQNuuS6MowFrVLP6/+XhFcwIsOI6v/5rOcBa16IWe2EDrGOu4rBxLVf/z/cgH8DKa3z9n9Q0gHWuWsk/aWPlmse96h/eBNYeF3nYuFrX/1du1fuvgN5p/yn+1RJIkkVL4quI5t9Kep/nDgIfrY5sNA5ErtFHgzf6goieBPKrIxutApWKOnvuVH/bb7WYLZ7PFwq/f3czqff2vAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAt/wYAAP//gN/guA==") (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080)=0xffffffffffffffff, 0x4) (async)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f0000000040)) (async)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) (async)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000380)=0x7, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'veth1_macvtap\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000540)=ANY=[@ANYRES32=r1, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x2000000002}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r5}, 0x0, &(0x7f0000000040)}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
getsockopt$IPT_SO_GET_REVISION_MATCH(r7, 0x0, 0x42, &(0x7f00000003c0)={'icmp\x00'}, &(0x7f0000000400)=0x1e) (async)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r8}, 0x10)

7.905505873s ago: executing program 2 (id=3631):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000004180)=ANY=[@ANYBLOB="620af8ff0c200021bfa10000000000000701000000feffffb702000003000000bc12000000000000850000001c000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f130c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a1387176ddf961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9a6b980aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e06000000000000002c06f815312e0c6dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3ff372b5f2ee10cebb2c5ea1393fdf24285bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9d346030cc8bba1016f1d14216bdf57d2a40d40b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38aebd1517a8250df98674152f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f92186086e29c61137abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31032ad53bc19faa5401020000793ac48c1b539c75ab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee4472c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e966d0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3e16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085b11345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330447d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17c2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9ef10773db59505ae33708c728844c872df4e7748c1f9d2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b033a2fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f14ec5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069007735232c87c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c5bcd4e95f0785fb722f346d6a5dffe1884d4d0cd8f000000000000000000000000000000000000006e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b1"], &(0x7f0000000100)='GPL\x00'}, 0x48)
sched_setscheduler(0x0, 0x1, 0x0)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x2c, 0x0, 0x0)
mkdir(0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sched_getattr(r1, &(0x7f00000004c0)={0x38}, 0x38, 0x0)
io_setup(0x4, &(0x7f0000000240)=<r5=>0x0)
r6 = eventfd(0x0)
io_cancel(r5, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x7, 0x0, r0, &(0x7f0000000640)="039fb1175a0f2d7c88fffb796b44c40851b022ed7ba6eb0689fe3745f08bf07dd2a1bc065dea75cadd8072d72eefbe9e5506f8d0573fe49d09f977b5aa048444a566bf9647e2f9a9835aafd28500f5aec3f2119f91a29083559e3fa74a4d4b08743301cb6af6d9f7296f3a43cafa6db9c5847555f4f047a4b2a2a673a29e84cb9c171c82", 0x84, 0x1, 0x0, 0x2, r6}, &(0x7f0000000480))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r4}, 0x10)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="c0000000000101040000000000000000080000003c0001802c00018014000300000000000000000000000000000000001400040000000000000000000000ffffe00000020c00028005000100000000003c0002802c00020000000000000000000000000000000000000000aa14000400fe8000000000000000000000000000aa0c000280050001000000000008000740000000002c0006801400040020010000000000000000001400050000000000000000000000060000000000"], 0xc0}}, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x18)

6.581538701s ago: executing program 2 (id=3634):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x5, 0x2, 0x7fe2, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)}, 0x20)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000040)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@resgid}, {@grpquota}, {@usrjquota}]}, 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O")
r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000013850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000200), 0x42, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
write$FUSE_INIT(r4, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r4, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
newfstatat(0xffffffffffffff9c, &(0x7f00000008c0)='./file0\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
syz_fuse_handle_req(r4, &(0x7f000000e3c0)="afcfffae836d557ad815d86565091f986d713321fb21e047223ece2cb41156a94c07912e926c974dd0a4a28f2a5e70c1c1ed1fbce6bbbe5bf7ce55360251b9dff6b1c8f0367463a9fa7b9bdd86e170ee26b272b7e369f013d8177ba151579a63d3208ca6d99057de672e4a9ee0f736b27f7797aa6ded46a0913acfb4ba277fb0cdb8554e92b923cfe52a6ec11f59eb66c6915dda567fcd2056cc12e52bad3f5c23ced3ebf08e09ebe6a305e5bc62c10860b7dac1451c4817cf1f06160c389328776938dd125f4dcccd0f3d18ff9b59ca5671dbd1b3d0acec07a8e1f0aec1a77dedd23e0254150f90210a7a7d4cb65cd01c9e1cd6ddeb2aca795aaf7fcdf9d13a0b31b07f32195fb1e65f3c88da6511ab0b2bdce8099b7beaf9ad2a26b4f251e066252dcb5fcb977b80c4b39d96aee9292c893c54c721136831e290c4d38e85bc62a72cfe088f68608d9e6863e2f8b637a21364a0aec82cc7306d4d61f06ff914a793f43f84842dd253f862668773995d31ac8e8df40a294a7940256a9580a83233533d4837d67aa9a4820756a7a95593bdf0e84356195b037c81e71e6cb230c5a64f4b46728a1cf48ff703be7a9f719cdfc39d0ea1916f52479c7776b1b5d932d45b9a26e8a74e6770efe0fd188418e70e296806402804fa2b8cfccd88856914f869cc5513ccb3c26781310f0d03138f7c5ffc9af41a1c56d79f0479d9705fbd9f868dd1d92abf2dc32e783cfa7ac605edd3a382c11e461505af255c1e16ff6e0ed67ad62fbb6021949dcf9b30a9a6b45945d2480a41d3b8b25d04a257727d1492455f2b92e75e05f7e481a3bb366f51ad0597d59597b37496f9dfb4bf32bb6606a2c2e80d044205dd08d2b26a0f076686dab5f06065cb501122251677de1ce564c3da21fa8b58faef1ccf4fc905416920520f2403f5317278fab809a861894b4586e11fb8b9c3557f175f6e00dda0567818072faf629ef40b0a995516150345bd6b69769ef870d781913a586de76859aa6b0607142f48dfa140a49b249834e5a06377fac064f8e9249a4d1b2673eb2fa6564322d5e1ec098e79665dbc4c5f365e504aed29fd0602f9dd84c1dc9b79bf757948d2ee22418f4cc94584758da23e6f25b0b5e20feb132442c725f878e055dfe9a82da7dba767ca758e7d5dd82694869748265d19d2f4c22cda5058b3429ab3af1b3c16bdb2d75fa6644e9d8d707b825d84caeef5499ad3d281b919d0ddc692e38acc8389ee3cb3072f87a5bcf06d8bb3a515bcf8e04c14c5bfbbc56008496fa117a2430df48add80e0a3de4ec1a4114d5118b36c56bf11e15d9b025e982c5fa92790e8e480f3c3cd794fddf9f247ea6c578bb3dd35f1ed6d7120c9af7234f14cf95d81c843ea17a7fccfd8151a9bade8b33ddd8fd9ec62a8964c45792bf2d689a7cd141b68746b0cb9bacd5639917ff29db6adf1d57c019238e0fc2ee93ffafc5eeb7e99504d9e71543576b5ce4d1b10a0317a3c8ab27e2dc75d098e75b067d72cf1dee60916a0201050aa618dd9beac3ebcf95a9d0fe8fb8500000000000000013c417970aa94c7a6b4c0b871e1214080f567d6ea7605d8e35ec864935d4e25df46e8350a4e49f92fa0cf183feb9c0cb9b987e3ab82da82a360314c7049b35efcb0578fb192aa1867172d43759b8ececca98aa112eb6e5e249cd94da06ea9a922e6af67e0ecb8f0951ccdbdc49ece219234942bea5efc967fe45fe55f78229f5db8f17f2d47141284e8fee694d7f7cc6df3e9dac23306e7f7c6d41a7f3aeebc0cb6330f0151e61bb23eadcec57178b7a85f87d771e78cca7ab9976eadb1aa86214c194be6e1869ae84ef6ff73a7ab6473fde4ee70d2dfd9c9c11dde0f78b92117b461c31c2bf322c9ecf53d731614dfd2ec55d6d02eb0ed3c37c49591333002cf149de6642c894f5942e8e0a7c6f43d705c3a477c6a871988824f3a77e65b6a136f18a86537404a5d58ec6ba20283ffdbc255d3492f91111e2818b06d1fd5453960952f4a75f868ff013858e0f7e1fc855aca298473bf8468c0cb70dd284aaa0ae2663d797291d2acc1294ac823cb2e7311dcf901b4bf3aa9aeedab83578158ed15be83679d652c1d25a04f52eb2cc8b519b1d1cc410cd4cd4a49063003780e6fb001de649fb4e78ad51596be91883fd4c02389ce133244b6b49d45fa241b9f47914407cb35b5061a58b389b6971e0212d52a4f3dd44ff8bbb1fd683465f3a4c1f5c527d88879dca8a2d7387abc616c5ef5433ab07ed4896e0e662130499fbcace607bd4b3b3b69a7098efd271026cdb87c05726265bfc1305670d220a2c35329eef58b951adcdc4fff381d8892f6fc9c8eaba25be36507a866e6611b0adaaff0b9a85feae950a262c989a58a2ccb140133bb333f33717e048072a0fbd37a1339c6d33ad3183b653828783c52ff68cba072b951b37f4b75317525bda81749ab745b47e6484baeefdb79c62c9620633b1275f86a06411f098c4e721198064a28780ca96264765974ebfb8dbea1bfd145b8fa5114c9d2fed8836422b504673aaa26842704768703c761847161e4c846add4dcbc2f66c8cb35ea793d1302d8377bbb0354579652e6d4e1ba97913f2c326098abcf885bdf7070a27dbc577369796e239205458c979987c81cdc2b92a901481c33be79a5d806b6233f783bafd297471ad1c8ec53e900a7102656e379cb0636500ddd665e74f4a69d6cde479641b40eb0fd52c8ce4e062ef39ea45a7730e9ad9b458f798e9ad78cd9275e1bd9ba2e9a289e191f5fc982cbc0ed601a67f011ea6f740e4fa55b32c3e78863f023ae697c3ab91b1e89f3caa8ce1de0c8bf2b16246dc92f9016d95ccd17f32a344b6b659d9ca8a543dffeaa1f0bc5a652087903cf8242352dd624fac234b76c6be7ec6adc281f37cb865ba5ab99adaeebd9d096adbb027d28b936c2ad764e2ff5b9662133c2935f23ccccf4e95a8ac890ff2ea0ed956dd52099a326b41e2bc1c895b83aa211998933270fc6fb46b7147be8fba94d2e461bd458bedc503b6561d650ae4949d9603b8aae5ade200ed7c92ed3cdd4aa1d442106c0a3e1bb580d8e8b496d70c82b1635b6efd7519d4875a55903f7ad1204f4370247a3d8743d5ac0d4a417ec9593a302dab4c9047f966725862cff87e6172e107c841e8ab32130bf81bc2a433ad865ffa46a813781c21fa5eb8319aa050be55b7601eefb720eb47efcd29adb06dd1629197a667bbf96a199b460177f67d157dbe477507caf9f7d65a226828d3d96567d0946128933ebacf3be6a4fb70a4ee171eb4ad1d0d620bf6a5702227c0a0802e9c57367269d273d7ac6161ca134a8bbfd6565ecd58137cc9b6197495618f93ed03a97f31712b0abe9638766fdf39c63ad530526e74a5f686d19e322a5d0d2564a925b5c863dd4adc7469f965b1d259590a152798fc8994beacb070b4990ae719cb758a677c275f09fceb77bce0873fa9e90955f48f31a05cc18c27d66d0a50939c49ae02aa0911a85537da56008c9521da8b2ba7f28bf0ea3d458c347a1b8e01a646585c59ada7814394cc2619447b6cb5e195f27d5eda1673b2c37285a035dae29c5081def11b20ff62dbb47774c6d8fb7b452f355e6f5bc736e8eb1a805eb763aadfa1c3c9c0098cd92386cfcb1a4a6226478d671bb4e9d166cd3ccf1c369fffadf147a9ef301872a821847e9d43893ff9fd0353d915171c6327cb93ddc4dffdd64100be046de1fa4db9a18d95b2f6ba75f92b54bc91c16d14ff1432512d42e34aeabd181f80e5347e979cf61d2507e04c81e09fd8b04a380acc0c91db184b95d6d4763ea5362dce9faa8f8defd8492355a7f5b95ed37b83486f11ddfa2fd2ec6a05c5a8eab2f80b4136cca9417c1dd928276316605f3f0d601c7ee396905dccb0291da8eff883d76a22d6e64e6d9e6da0746401ea869035da7bc8a8caa7d6dba366afc704a92fa6b33da4a2c4f3b5ff5cc9e7d5a49d287b30e1951db1b4f474480b9d189bc0c7be872f675c9d61667fb5938ad3d6d5c8154f7d6724561b14910a39bf99991613a203016d9d7d71fe001e8da87885372fe5ac55e1f2500fd510e661b90ccdf2b06d2ddb2e38b95b832762ee1c0aa5eac81452669d7af2fd838b2b9e8c5a0f8bddb812006fc920683bf78067f81f2416365566a6583d863bc16f26befbc313a06cab99c4ef472d9aeea1f4943c89ab6efc4733350c0f21ccdbf2a2872910c41d79a409b84e5b942505133ec88a6b9f7194863d7b83c9deb625339ee09b30514cd398f6c5ce513cff9a72f45925974d9ea544482ebbd1dd682913e817f09b60f4737bad875c5fe87480d02197e5d167516abbce899abef3689fff9d6f63e0e74ce2505586e221b2d38f7faff00e1909860e0d4acba972ea9f17bcc801fd387b68196cd17596abafc2d0f626fcb70e73af89d66575971dc358548a60905c9993b63692b150dd56c9290b40560597077c19b9e74618f5ae8760bf2df704a1e5dabf67a147d93668953d5fa9c2a8f5a81ef95d34855edf8c0fb057d9f8d801e75f4c88de86fb14f5810f7bcb5c3a12c4d82acccfc35568cd1c0d88c4e3055240f79d6939f0e4b291c2188741ebcdebd5b2858a8e931dea9f78e7185ffdfbe099ec84b6032dda7190fed69661c57f8063e0ab74de550367a969888571576a87cadd6b6d34fec7ac9bba269b7ecbddd14f7eec87bbeacf55467fcb50eae5f740d0946f6cbbe29b32ec2b0131b816f075d440165a527cc47a78c210a03fa8bd98ee119d5d783011b1e7e078fcc8313c13d7bf0b9de3d8aa1e5143769e745cc6c3bba7a3463d040a285c018947b15448660136bc216774567e8f0bcdad435be32e22d833d84116ad75831fedd074c181d888bb92c4b71eaf0d8c83a9de69e382428ebe329b6045f2ec5cfdfdc06667a150971e8f22353468fd65055620622d1536d0b79887eaaaf19e12189f24eba2ff00083bcfa1cba08e6fa59f45a3a2e07827fb61804d9c9f02d70af7b4eea8b7f61b04a012da1ca98607f7dcb035cd20b14294045d571e93345a9544582a8a0593e43339c9a29069fad6de6886193e05e4fe956cf8808164291af97b84de9fb36052e05228e5aa37665501a25044d0a8b230d71113af51183b15a7786c839498ce54d68cb6e1a596ebf38f50098ce4d021d784dc22874b7b34fa06d5d456b01c42983b1d125f04b6aec91bb49178e510c8294d5e290c86fe667821628b3d4d336a0c37a8d641130cc020502227aaa876beba53e0d50fa62ca55abd4f549ff5669a80b62e3808f0d5dd00bfa5528820f6b44ae44d4511e38601bfb69e00a67677b42ca2ea718fde0390901572d7cd2bf044d4dab7a360f9a4d6e6f4e2eeff765bd61046e4cec4c2eb7e8ed6cb5f8ed770b9dd7a5138f15117ce7b8907588b91f733862aced12d2a740bf16692cd1d1d8f67d4ebd09303a3852c9ca8f6efd804fbe1baa12ae777239f5eb893e093d4dc8b940a4f65082c0374a90753d838b21a502916217285e204548fe48f3ffdddeaff10893241e9ebd07d4387ada5eb7858b2b161466153ee620ad07b69d236bf3cb75d232c9a79de319fe99ae42cf6599fe5869c7953a87b794b68df3a3202cad60adc481dd5065e7134bea800c92eefdbe49a96696f8eb8d8404b06ae33ddd8fcbc2a56386964750d0afe391238fd13dc696cc571907ebc9639f480bb743b53f26995e6f4d6b2b2968b7923a003534c8eadc8cd907d7c5a8fa8a2636a9ec148e2f8ae54de79702f0ab5d7cb8cc48bb5f678d150fbf9737e35ba053380ef27baa8a72e044db356cbc81c022e1a05b7b8b00c8f6010ab825ea431e4d22bfe9a92c88d23dd2c31687416266669b048cf3c8cc2a698ba623f24d5898ca0e4041e05e2db92cd2a7ec9948548bf1528d75a87d37ee353b30be48a55db5411e023cf198e3db146ce3ee1d5529b15d9f6eea0c662ad0a3d7555702405a7f4fb3d3471d6f242166dad8d030993b461105796c5a753946fb2d4c4c6bbe56d284df80a5603cffdbc1f629be6ca341d3a41ec728a9de53f5455635ab8792bbbc419edb3b1e2249482aa139a9cf5aafca225f336b188875c75dd9fdb17d5cf56bbd945c7ae0bc34d582cae657d227734f36fb2cf3eb6af8d89648316727104e7c68770ef5cacbcaac3b59e411b56f43769cbc18185ae226cd3c0febf3324cf68ac17a0e1c2e3a8f4e15a17b40c7c038b28d9c51aee00fe9ead6ab1eaf63b5f84b54d250fd796bd46a010f9e363904ca40515a83c8fbffd1651bd9bfb9be408914a15a7f5e478074b53df24560f980f8277fd08d00bd4156fe86271b5b60574b153a9ba8ab37d5206a759a28d7183a8bebf48c375f68c272b6837d0337f075e13a8e0404564a096742d91f4ceb0972928f4c5f3e382aec6716ef280c68a58c50498a4241331c745325280efed38fa191556b836e41d41c7bb310c0dbc06164103dbec67f601978363a483b2a629990a8e0ebca274b779e05dd3c18c2d2e5562b23b919390983b62d9d3c1cde78b8f8c0310d8c06df32906297035460cfdb190f8c825400ce58817c843c8a7b171d9b0488c5c2af43e518171b281c7940e8c14a5ee93788653d109acf37bd4320a00e137503211b0c5ce1f8e979c1a6d51995a41e785f4dfe738671b2a9f70e2b763f01abf542b6fbea48486ab647aa6b4b3c9e45493eba372c451394d0493da29cc3beb1b13f279c7404008af51bbd1a2570d255f935ce17bd957c9e882b6a9d7f4501d28d1b7aacd481f89c7d09de95906728d4ae4f9c2fd00ec87c83d31729bdce3eaee8f92c4e9a4645f7fd7d660013ea20e0083fcb8cb0f83ee18ee8900b5a9daa21423732d9d552bf316894879521ef622dc06c7088877779c7d466d62e752629d0428042e2e7d6ac72f372c8660b74b501d0e9c725027cd98c383dfe2f2a8be332ebb6c01857ce48da5e3a3bf8741306c11d223d8fff19ee9ae60e744c685b108159152a73d035e9301868256b30ef8b7bed1216e5d8278d33425ed25c455c0c41da9178a7e19953aec295ea41786ccac225045fe53679965e0c3188712b84ef2ce29aed9b47162fe940eff9a158950e1284013ca107486f01999452f71ef0b123af7dfec9168ffa987748e529de0859a32d0d7ac12d4836358fc26ad715898ea8a43b4f5971270c4ea39e2e788109e3794991a56423bab1bb9125557e3a9ed5156d409e334f22afc25f911f81813bd73825478e7ce33d959951b4809108b37eae8cffa59b74ef8d69efe0ce7bbbc66fb41283b35e573bfcd481f14558079cc920853f2a9c427d30ea4d14fe5f933ac8a2f86b16d9918d089115889dd5891cf4f28c446db52e05f72bb2a8e159a2947fca9a931eae2afdd2254df7e1dd63f0209908f4f149763abe9187a32dad7555e98e96da5fd0295e1e90383dad08dc7df58f85d54744fd4d95be7b8672713376e2d8636b002babe1e667a7840f9aaf6b0b12339f0e9982ff32e8c23f6a6b8cc30e2983fd7c724f8842a48f86745b68dfb44fe5e408640976b3ed7d392db614b4ced8e75e737c9f84bcdd97e141cb3b3fba94b9702d19692344a6d74f3f7bee0df4cf4b3b575cc8cbc138edc92f9fc6820e6454a0f463fedcda12a32f4911f831882cfe292e76a93c6b113c070a8c4afa7457ad3fd14da59d33f952e7f25942287dd16050cbdb95805fbed2dd2058fc3e5c0bd92a45ec2c50bf71269c1ebec4eb4ab55efcccf52ca7cccb9289d7567fcc64c24bdc750685d670c697165dec5118f2f082d019f3c650c7f7ce85d357395987d44456f3b69e71387cca7436211ce23f12b2c265465eece77bcdefd2dacd44f73ced8eded1609512fed0ccef3f893be7f8244a85e7c010337447959cafc89805e9bbfba55d0ba237043a7ac7edc833a2d95344c93edea0d5c01f05ab593a03e0b173d5faba93ce6efccd9182996149513e96f5123562d825dd3a29465e6ba030a34c4a056eebc3643980d2f20da820253c71cf6122ab341169d50d075f9a87d92c684d82a09eb68a0eaf6b7f8b952e74bde952a3f5085758c41ea7652df8183eeb11ff831afe4442be50f25fa293d476825368a6292ac1ea1025a62d2672439ad6b4049741e4ba10bcac6004931dee807745ff3bcd4281abf1b7dd6e64891a39772fad6c5b71f63a140bcce5679201fb7f3f5b308444a7034d056849bf3e10d4cb562077934b55189a24ae49756f4c0e91cf0c3c09cf33bb5ff5b1aa5230a9d4f0ec1693fc227fa1bb1874431205b1279cc41bcbcebb2a326f41e883a46abdc327af9b88c78c745f50469276decf1ddc441c7300a69c79361680dc2b32056c5c85dea58e953494c1e71da494d32279cab4a0c9bc54f72e68f3c0f52e5bec5c700b207a336b985f228fa303c41c14695fc08bdcca21255a9422f0f037baca50c22d2e176b0d194cfd2f145e23543aece88926695b4ce6c07c30887f912624a139cb2247cba40504d48d3f6fb72657fa709800e37b407e4fcb4dc3b6ed4f8e92462db7174de16a757bfdd8aa36b18d07ec9ac8fb8802dbd0b40df22b24e2a5ee0dd5aa85485cd5031829ea23260eab89c533c72315a43b1821aa23fc05c841d30f5a6e4513c1e03ff95376529efb6b229a56c00509594ce9767041ebcc7c6c8d856bf3b7d26a40f3a6fde478099f86a9cf75ea14e1e7b473ef2c40196d4322c65acad2fb44603bae7806e3701cb46dec6480cf638d4fa56809087cba545c6c286285af4526c7f72e32a26e87e2f68f8f36c34feab8120b6d1f41944e5cfe20f51ad29685965ef0945761b3728a98041c8f5923404ccee53f2a37585bbd8ef46b9035d32cd847104af9fd027b8c3a474adeab9a836a77d9176da99b47cf51ad3127d9e6828319f6095e7ab94241837d024f30805a0d5538c33a9aa53dd72ecacbf2fe994c1587461e8f04ff52cdb8b61c71603d51ae721ebf133ecf18499952466079385e65f95e4cd5cd0b288f22b7c14b5459a91355438c31b030e4b72716a59aca042d607b5087fe813d26525f7e670dc5c7233b16114341ac652d3748af5b74269561a82d3dcc0e14db898edc9031582ad60f051394f60e6db88dc24d5e41dc5096635fafce4723217dc0cc590e93c426a07a14e2f12a9e748af12b4cb352b6e55fd8b244866abe66d30b2c2c1cfc393746962b32d826aad83ddea48f0460a16dffb2d58162a62647dced2ee007be1f30fe8f81cf75783db9f331d67996b756fe25ceef02d6fca611ad5f63e3ba0df2b2b5b1a4a8748a2b4e6bf0fd0cd340307e47eb6827a235f24ef9c892121ab3551968f499fb47c34f17839178f25aefe793a809f6b376f24c53ad863ea194c2df605cb39ee3492a999984f8771eb5feef026ca68b7dcabf890a5b6696452f033f62c58d2f3c4b0495f0ad6109f74e8b3db74a0f801019296c2bcf8c3be2d1758f3b4aab06e3465e763110e052cfb09f8bc670e9d1e5538d4984c056892e6ff9989d56a0bcac9844b8640c493c38e794ffb7dd73e454d6982882ec9490b2f582c8a0fa40bf66b87697fe7f404f4ff276c60c328af766e1502d8d485a93127c69e171d08c017be96baea302314a9b096a44ce76255779fea81bac41d5276608cc7ba5e9dde0fa6ff63e3b5f0a5e83d8d4df88384c0f943cccebdfc1f6890128629953bf93b94d66cc6d4baab756867eaae82845403ca94540c1529210cbbf3d389a82171281d0cbe49ce89a7cd7ecd2bb9cc5e2e0cd94eca7a553dbc57cf420042f6f5d7afcc34104592f48339461102101d8aedb14755bda0994427a1abf13bfec7b08f8829ecf2d673b4319258d2932eec799afa4652f1b2c8159a0030a91fbf4e470833f1471853d7968787ea0d309c49dcab71b0c3397c6f58b5fa9baa0f45ac6db1989f69817458db023dd400d6aa95e02a36efd33c68a73880d1de0804aa19d1c379e8b5defbee51b0ba7f25359ba77d4303bd0c30c8d2b63cf8b582ece90e5498b0749a39c1ca69d6d22dab8bfb2da7e9c2267652e5c12468c367b7f120c251e647fe7bae7a429be65868d62cad0990695141cf38d144a38d8975e449edbe7b8c60fb22283fab483698a62769337c050061558cc71f54947fe5f92f9c46e52778688411f18f61043d9d24f345183765bc5a19ef9335353f8da46af14663b69cd47d65b39aaf28d26bb6c74affb539584feacf9901c8015c282bbb95008924b7a3892ee8fc9b4b07ad0bfb80980fe618bfb010ad4fb8f99e0ffbdada3136c892af9f36711c98773579456f746ddaba4d65b29a21f0443141aeb06afb59ca6f3090986b55baaf79b54dbddcd7f0c111187ed1df218a6737e3ba43916ececf7101891dcd4147b719a75a00772ec2d866d582ee0dee2cc1f093b2e1f185d8160ad1b3e03dbddfc2cdc5296db28f2461f3eb016cb6038e775ed83517803f7433ca0250711fe87a231167b8273a1c8886d520d103f0e5a3e2f3c89aacf922ff139219e3101854e0aad5553a6813867d84ca79e871bc50d0af7b707ccdbfbb2cea5430a1513076b677efd0a4e60c459fd8f80aa0af11c9cfafc849df27aaaad4a7d6aa805ce77dd2c041b919a6e8d75eccd742b48cd7e96341c9076f6c4e0bd38ef5cdb88bf420f2e2ad7cc7461cecfa5ec1a643f6f4f421a5dcaed71546ab73258b49d58f9f9d08740872e3f792fe1a4643fa2ae6eb6d0882b513c58e56ec874f08195c6028e775620dcf6b9440d20b089c1c7339e106bdb71fcf91e5aa86646f36187e12478f62759cf2c196e2d8206df6250893b36a1686fb5e96f765c7393e33b764fa22850f6cd90f82b44cc5cb1bb10d161d8d40b15cd95e506dba26f586eb7dd1459e3ab77e4cda9ab858852e2ccb7bdc09866b3ab1cf4e18a22014b73fe6b0b1e6fd6adb234b51d8d5a3dc68267abd81f3106957fb1b7d6a2ada56335e54747b9bc13a097ae7fee2754f13de40ace71bd5d9be9d3754c19f12c6852e43e45fbb489ec968c45606a4846f93141af4b217d26b875628122b1122475340a0fb9623b9ba9fa34a784865ae603660ac8ddb24a518915509d0209e9f9c93774f0df78349cfd7f8538a621fb10efefc7d67c7d96d0d68a06ef00dbb467e8208c39b3bbbb9bafd9f34ec8915016a08611ebc9bcb084447d393c74bb33c924ca28f9e86bd73e96e09903c390c73df56885a56a299341bacfc3740834324130b854c1d3a1ad35ed507caf4335ed79c8cff5c6c6e5bdf33cafca8020fbc8c3e20ab28fe7f5c09b7562df876f8abdb314476ab1ae82d67fa7be229fb7079590528102238cb3ea1db9a8c6962d3a4a43762ed087f25887c71651d0d3382abdba83e37706a8ff7243aca59629c9f39b2a93409f8bddcc167a97f78d444c2d4544f9c7d684b96034859220f4608b7111d77e73c38ab9c3535838a3f6b945760005934ee47570e281c22fb6196c2e9c78776fb605e81b2745b332319c16af9de6dbce27df23b1043dd8df05b5ddbc753d82368d0ca79ef32b0bddca37be3c39e5baced3dec68922b5a954cbbdc16ab43563abc82e689b97", 0x2000, &(0x7f0000001500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={0x18, 0xfffffffffffffffe}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
unlinkat(r2, &(0x7f0000000140)='./file0\x00', 0x0)
listxattr(&(0x7f0000000100)='./file0\x00', 0x0, 0xff8c)

6.259137695s ago: executing program 2 (id=3637):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10)

6.165308922s ago: executing program 2 (id=3639):
r0 = syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000180)=ANY=[@ANYBLOB="1201000000230040120c050000000000000109022d00010000000009040081010300000009210000ff0122050009"], 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000eef000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="0022060000000807"], 0x0}, 0x0)

6.001596405s ago: executing program 3 (id=3641):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c616c6c6f635f6d6f64653d72657573652c696e6c696e655f78617474722c64697361626c655f726f6c6c5f666f72776172642c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c6e6f666c7573685f6d657267652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c6d6f64653d61646170746976652c6a71666d743d7666736f6c642c6e6f696e6c696e655f64656e7472792c00a95dcae4342910bbad8406d2b61b206977f323d3dd050e509fc0b08a6b4cd0ef11db8f090759b88054b072cfc18523213c0ef4ab2866f5b65e4ce61e7770e5ee854199958372dd701341d373b66d646d381877baff5eecf70f557cc60ef11f387e70eac07dd72e16374acef40745060e047fca3c50c91297a88c6381b55a8c6b41dfcee1faab464a1dddb990780c60b9fdcdf4263ca046a507d0e8ab0e073dd833ba3fe581acf62ace10c0311ab786e5868d0392402e88bfb9"], 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
syz_emit_ethernet(0x46, &(0x7f00000003c0)=ANY=[], 0x0)
syz_clone3(&(0x7f00000004c0)={0x44000, &(0x7f0000000040), &(0x7f0000000240)=<r0=>0x0, &(0x7f0000000280), {0x17}, &(0x7f00000079c0)=""/4096, 0x1000, &(0x7f0000000440)=""/115, &(0x7f00000002c0)=[0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0], 0x6}, 0x58)
sched_setscheduler(r0, 0x5, &(0x7f0000000200))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
rmdir(&(0x7f0000000000)='./file1\x00')
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r1, &(0x7f0000001600)='./file0\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./bus\x00')
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/12, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)

5.241512631s ago: executing program 3 (id=3644):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48) (async)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000240)='+\x8b\x8a\xa9\x16\x11\x91J\xbc+  \x18\x17\xc2:}\xa3\x9bO\xdd\xdf\xdf\x92\xd5\xed\xb4\x17\xe5\xd6\x9a\xb2\xd8\x9ba\xde\xb2.F\xc0\x99}|\xaf\xd3\x1d\x84[*_\x9f\x9d\xb0rYP\x1b\x9f \xe0\x9cgq\x103\x89\x11\x87Rv\x169\xdf\xe3>B\x04\x00\x00\x00W\xd3\xec\xfb\xdf?\xa2\x90+\xa4!\xb2\xf2\xff\x90\a\xc3\x12\xc4;\xffh\xf1x=\xb9c\xce\x03h\xdap\x88U\x1788\x82\xd7\xfd\x83\x00Sx\x91%\x99_\xfe\xd4c\x83\x86\x0f\xa4a-\xaf\x9e\xd9\xef\xe0)]\x00F\xfa\x03\xbc4\xc4\x9a\v\x03\x8b\xa4\xf3\x8f\xf4\"\'\xd3\a9\x14H}j&~\xe9\x16\x83o\xbd\xab\xcd[\xbd\xcb\x04\xfc\xe7\xe3\x9e?\x12\xf0\xf4\x83M3\xd88\x92?@\v\xe6\xd1\xd2\xe4\xde\xdaUeJ\x9fR\xd1`\xfa\xc8\v\xed\xfd\x0e\xc8\x89W\x847\x88\x82\x94\x14\xe33\xb7H\xc8b\xd6@3F#\xb7\x04C\x8dm\t\x16a\x0fI\xf4\xfe\xf8\x06j\x19Pz&\xb8\x0f\x98`W\xdb\xc6\"81A\xa4\x8bT\xf1\xcb\xab\xa3\t\xef\xdf&\x0e\xad\x03\x123.\xc2V\xaa\xd5\xf8\xde\x8aV\xa4p{\xcez\xa2\x92\xdb8*wLO\f\x97X\x05\x9a\xc2\xe8\x85\x9d\xcb\xc8\xf0\xc4\x01\x03\xe3?\x9f1\xf4\xfb\xa5y`KB\xdf\xae#\x94C\a\x04\xea\xccG\xf2\b\x8f\xf7\xb1\xe96\x90\xf5P\xa4\'\xce\xe3\xa24\x196\xc5Q\xa1K\x95\xd6\xfal\xe9\xd1\\\r&\xb2c\xb3\x8d\xa7\xb7\xa8\x03S\xbd\xdd\b{\xae\f\x10\xc2\xbb\xd0\xdd*\xa3\xb4\fJ\x00X\xab`N; LF\xa5D\xee\xdf\x7f\x80p\xf6o\x1c\xbdXR\xf2\xa0\x81a\xa1\xe1B\x93Xn\xaf\xfc\x05?\xab\xac\x91x\xa8#\xe1\xbeQ\xd1^\x9b\xb9)\xd3\n\xf7(3!\x18\b\xc0\xaampRl\xfdQ\x03\x8c\xd5\xe4\\\xed\x9a\xd1?\xd21\xc8\x90\x1dl|\xd1\x14\xbc3\xe0\x1e\x0e\xe6\x88Y\x99K\x93\x1c@_P\x8c\xc7\x9eZ\xb74KT:\x8a\xdbJ#w\x18\x14\x00\x93\x86\xa5wo\xf6M\xe7D\xf4*\xe3X\x1d\x19\x83\xa7w\xc7+7\x89s\xed\x8a\xd7O\xdd\rhh`\xc0\xa8$\x06pu\xa0\xd0L\x0ez@I\xb8\x83\xb2f\x93j\a0I\xc8l\xe5\x9b\x06\xb5\xac`d\xa3\xcf/\x14\x10\xab\xab\t\xec\xc1c\fA\xaf\x14\xef\xbap@*7\x86\xdf\',\x03Y\xb1$\xf0\xb5}\xf0\x82%)9`\x8f\x04\x85m\x80\xd2\xcf@\x06}\xea\xe7w`\xa5\x11\x9f\x9b\x9e\x8f\xb7cb\x1a\xe1\xcf\x87\x1c\\\xf5\xc21\xf7\x82C*\xd5;\x00\x00\x00\x00\x03\xba\xe3\xdc\x92\'\x8e\xd5\x7fG\xfd.\x91\x89T\x99t\xd4d,\xd5\x92O\xf1\xafT!Y\x8e\\\xac\xf7\x11R\x05p\x1a\"\r\xe9\xe5\x8b&\x0f\x8c\xfb\xef\xf8\xd5\x18\xde\xeb\xe5\x19\xdd\xebQ8\xc5iS+\x06D\x16\xfe\xf5.\xe5\v\x89\xb0\"\xa3M\xe9\x81\x11P\xdb\xc4\xc2y\x14\x04\x06\xf6\f\xb0\xecz\x8d`\xb5\x9b\xb43\xcc1\xa7\x9e\xa8\xb5\'\xc6MAe\x0f\xd1\xfcG\xc2/\xe8\xe9t\xcaQ\xf1\fI\x1chM\xc1\x92\xe3\xc3\x01M\xc8/\xefJ\xcb\xd0]\f\xff\xf5\x92\xce\x97Z\xea\xe8\x99\xfa\x96\xce\xa7\x02\xad\xa2\xce\x955\xeaNg\x02\xcd\xfd\x1a}.\xd3\"x\x89/8H\xc2\x93B\na)\x86\xa9U\xa0\xb7\x18\xfb\xe9\xd1\x97', 0x3) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x3) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
write$binfmt_misc(r2, &(0x7f0000000740)=ANY=[], 0xff67) (async)
sendfile(r1, r2, &(0x7f0000000000), 0x2) (async)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fcntl$addseals(r2, 0x409, 0x8) (async, rerun: 32)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRESDEC=0x0, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x90) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) (async, rerun: 32)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) (rerun: 32)
close(r9) (async)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r8, &(0x7f0000000800)=[{&(0x7f0000000c00)="89e7ee2c7cdad9b4b47381c988a8", 0x12}], 0x1)

4.84774028s ago: executing program 3 (id=3645):
r0 = syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000001080), 0x1, 0x4e2, &(0x7f0000000b80)="$eJzs3c9vG1kdAPDvTOImm81usrASPwRsWRYKqmon7m602tNyAaHVSogVJw7ZkLhRFDuOYmdpQiXS/wGJSpzgT+CAxAGpJ+7c4MalHJAKVKAGiYPRjCdpSOMkbRMb7M9HGs28eeP5vldr3nO/SfwCGFlXI2IvIq5ExMcRMVOcT4ot3u9u2XWPH91Z3n90ZzmJTuejvyV5fXYujrwm83Jxz8mI+N63I36YPB23tbO7vlSv17aKcqXd2Ky0dnZvrDWWVmurtY1qdWF+Ye7dm+9UL6yvbzR+9fBbax98/7e/+eKD3+9948dZs6aLuqP9uEjdrpcO42TGI+KDywg2AGNFf64MuiE8lzQiPhURb+bP/0yM5e/m+ZzwWAMA/wc6nZnozBwtAwDDLs1zYElaLnIB05Gm5XI3h/d6TKX1Zqt9/VZze2OlmyubjVJ6a61emytyhbNRSrLyfH78pFw9Vr4ZEa9FxE8nXsrL5eXz5xkAgIv18rH5/58T3fkfABhyk2ddsNifdgAA/XPm/A8ADB3zPwCMHvM/AIwe8z8AjB7zPwCMnmL+Hxt0OwCAvvjuhx9mW2e/+P7rlU92ttebn9xYqbXWy43t5fJyc2uzvNpsrtZr5eVm46z71ZvNzfm3Y/t2pV1rtSutnd3FRnN7o72Yf6/3Yq3Ul14BAKd57Y37f0wiYu+9l/ItjqzlYK6G4ZYOugHAwMj5w+jyLdwwuvwfHzhrLc+evyJ87zmCdX7yHC8CLtq1z8n/w6iS/4fRJf8Po0v+H0ZXp5P0WvM/PbwEABgqcvxAX3/+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAENiOt+StFysBT4daVouR7wSEbNRSm6t1WtzEfFqRPxhojSRlecH3WgA4AWlf0mK9b+uzbw1fbz2SvKviXwfET/6+Uc/u73Ubm/NZ+f/fni+fa84Xx1E+wGAsxzM0wfz+IHHj+4sH2z9bM/Db3YXF83i7hdbt2Y8xvP9ZJQiYuofSVHuyj6vjF1A/L27EfHZk/qf5LmR2WLl0+Pxs9iv9DV++l/x07yuu8/+LT79DDHPWusVRsX9bPx5/6TnL42r+X7yxMWPJ/MR6sUdjH/7T41/6eH4N9Zj/Lt63hhv/+47PevuRnx+/KT4yWH8pEf8t84Z/09f+NKbveo6v4i4FifHPxqr0m5sVlo7uzfWGkurtdXaRrW6ML8w9+7Nd6qVPEddOchUP+2v711/9bT+T/WIP3lG/796aq87EwdHv/z3xz/48inxv/6Vk9//10+Jn82JXzs1/hNLU7/uuXx3Fn+l2/+7z/r+Xz9n/Ad/3l0556UAQB+0dnbXl+r12taFHpTigm945CC5pDY7GPKD7PP4i97nM0XK7H+gO5d9MOiRCbhsTx76QbcEAAAAAAAAAAAAAADo5dL/nCgddA8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYZv8JAAD//wqryik=")
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x75, 0x1a9a81)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = gettid()
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r9, 0x29, 0x36, &(0x7f00000003c0)=ANY=[], 0x8)
stat(&(0x7f0000002600)='./file1\x00', &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0})
sendmmsg$unix(r4, &(0x7f00000027c0)=[{{&(0x7f0000000180)=@file={0x1, './file1\x00'}, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000540)="1731f6c754fe498102a99d1c18da1bbccd42c4a05b11b442a61efe153ba7275cc0b5b9e2bfc9d06e572c0710cd511aaa0567a6e53517e6741884dd746887c7db14e3898fc6caf8df536edbb0d54d2ed4aa3925dc53296762563861e898ff9fce44b1996d86aa2c92d6023cfb093af1c509ea75e4536531033b8c21d9160dc4dae188d358f807d495f37006f86607af273647dbb419cc2acbd31d64490b38a04dd732a80ca2db17", 0xa7}, {&(0x7f0000000600)="1af4378c10cf25b830ccf34d3025cd405154a5939339de6ad4b0d3489dcec0e5f1e03cb67144cadc537b9ee617b125aef8d506ba2d6ec7a97b357b2da141790978059aeba1e83417b6a454d40fa347c8d42e016467b848219c90f21857d540717ed96be239357dc4875c4fc204fba6a7891d6aef13db621fd62775e0ec009f6cde1564760c8565086044ec56d9ff7e59552686d4c0bfbf28254eb72abcb13a0d821281e9846116a72ae5640fb2ff30736a88a0fb3d0f17d5aac686cd8dac18997ce76b058467f0b9b9fbc291244804cbd3f9cb70122610fa1b909f08dcc36ad954ba9b0f86f0a55d8bc704818da320b0", 0xf0}, {&(0x7f0000000240)="3c90cc9ceded2cc76244a374b6e050592de8a2765e0400cb309b52ffe8e3848be49b1d57d8a8914d1f8f62e4f6934e04cf3d04a1cc42008fb671041c870201b29175ffaba39d159fa8f525a1f48b1db202ac2f5b3db5e85f694e079bde909f19e90e58204b6354e178fc5e2187f3f70f8b6c", 0x72}], 0x3, 0x0, 0x0, 0x20008004}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000700)="e94f05da3b82e50866af63bb645a0200b15a2f47166394160dafd04b89269fecdf4c6556453f08769e94751891026dd1e495c5588871aff8f891a45e919b920d6e7fe4ad91b4a8cd8f83", 0x4a}], 0x1, &(0x7f00000010c0)=ANY=[@ANYBLOB="38000000000000000100000001000000", @ANYRES32=r1, @ANYRES32=r6, @ANYRES32=r0, @ANYRES32, @ANYRES32=r6, @ANYRES32=r5, @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYRES32=r8, @ANYBLOB='0\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=r4, @ANYRES32=r8, @ANYRES32=r5, @ANYRES32=r6, @ANYRES32, @ANYRES32=r9, @ANYRES32=r3, @ANYRES32=r8, @ANYBLOB="100000000000000001000000010000001c000000000000000100000002000000", @ANYRES32=r7, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r7, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000034000000100000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r5, @ANYRES32=r3, @ANYRES32=r8, @ANYRES32=r4, @ANYRES32, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0xf0, 0x8c4}}, {{&(0x7f0000000880)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000000980)=[{&(0x7f0000000940)="81e19a277a8fd5d3d482084ec2bb18c653f58a210bccaa41366fea009dc77b05240e49", 0x23}, {&(0x7f0000001500)="37fee27bef9dd608e735e435f7c827c9ed02d6aae961af3075ed73017204d9b94f5c5f1ebf35a0b74e276a566ae4e860b0eed0f824bb9c207b2af622e57a3e4f31b3021ee3d969f650abf6f5885709d0f8f127da4c1dfcdbc0a8dadfc980fa0b2f1a39151785cecb0047910b9daa18d8eecd24a61990f1f3985a6413e05fd0a67bc768e4dfc68dad91d5794a53c5b9e6cfafcb0508b7cf70593e8021fea459159e941c186caf3a3718f8bbd45f4ef4a275a39735c81b171621a2ab3cacef10bcf05d1f90eda39dd4728a205cb299a2c012e6c129208d9c9972dd2431f017b430d80ae8bf0f9f772ca067d62a5b9a0467409140ef4b3af611292bf3d36da6a331df8ec7e3cec9098d5b490d3adef2dde38339d1b93c4162c056b9ee1fc276a12e9997ac3442f2875cd6770c7a41113fce3710ad50e86b7965a20d7a850b978c2217058c555120880d79213d5a43b44cc67a0b3f142bd7179e8647830e74b3b3ea000334a7c251eefbd7108eed5a9afbde98d2d07c7a495ae1118ff039f424cc0df4c8a2e609933d03892a495c3b62496ba0f42b792dea62cb016458786f70ab7ac6af9095a8bad9b36baea63926f2363c66f45c431744c8472017a22493a700194b32e9d8fbfe31943b48cb203d01b622bc81ba38d68d55ae3b3aadcbfc055f2c27f1362903f9ed90a0ef49285f0100b972ac36cb9b8f69f982630d8da3a1b2acc09677e8e9a53444cda0adf34bf192c9456c0749b6e3f064aae0576b0e41ef778077325af9e9af0a3a8219089d2a8526309044f292db2e51805859a6a2bca015a20b93b69faa26922cf60204a6166437644e757755eee803139e30875b0eb983c45d862eb101dfffd36a7c7ad69c7ca1ecd7ad1d08728263e94b1200f234534a3bf8f08fb11b00a9087be65a1edd857dfcc5c1c7a2a5b3b82d804c2ed779b27b1fa3130f5297e1b376f859e1cf7840a46bee89dcb2a5969a5b468d6fba21fe66579f0973c8e60fc88fb12240cfac7fefe66fd80368ecf2c9ee9f5bac7f0ea831e9246599fe643ae784b5840191b5eb2fdcf3f63ee0d36a46ce201048cdb8179e4e8fc5a27ad5c681f23d386cdc9843274f58cb400301bc55e779dc5ae35bae832665fdf4ec53b863eecb3c0905b101025e41a053e8958321e75fb3091f525b5d31195053910908ceb85682b441a623e0a6e2fadef195bb50bd20c970ab494743c52b3243405e7b434d20d90e7a38f23cbd9617c26f13c136b8c28a3ff178ca1638990bf00f8fce59dbf6c6541131028b5be848d8fa2b81a3b68200f1f2abff9c82881a12e72ab32dda6bda90e223402d865eb73ee6693667faf907cd95836241a79f954c2ea1a16eabe933e80ab5ff9738271b84bd23c720587feb16649bb974b78856e196a5f07cf437fc960fc8794826149d9384602f3c4bdc2df4713c2fb2de6d889ff9b986d5f4755a373a03f57d92aad3dce7431de6989561cb13ddb18f5a3930c73f3595f79db3991a5b9a7e6a04e09dd3814201f49e9b97390f64de29f3946aa44cd52623113188120b1f0cce0a67e4ebe2fa038a32c6e42655f353e4771ecae38425d989f06b1415623e128db0cd75e82731c22623a48ce84f69b072b4eff110ac1f1efcb8d2ca286a769ffba67d8b9ecb3ee04fb1349c6810b246a496ee9fe78221bdad9ab987a60856e264ebf7ff6f01cf2ec7cc0af3369e9ca7058a0d8c6840c6680ad27774dd6911244f1855bd9ebeb0048bb9bdea261c5e003a8f28b7cda0becccf9c3eda09f4e919b539794ff8874a5e1efc4165d310c14499eb3924ef2b6613a634a5befd6cb2e19ba068493b458f54e21b82e4145839694d1d9c1e9bc3f60bac97bad5307793cc97ff323c99b331ff8497f95f182803cb678e6a7a9b38bc2985a9239c28eefa93ba1cead34b77b71cf543227955cb22bd5a5dcf0a5fc1a87bf5c76a32c1be991ba33c425fcee5407bc102cdc5f77010c139f2adc2613cdf94b1f160ae9199516b0eb45542daa62f41055c6bdbea7ac5d4d014f7d11da8d30d99a634e8de0e3492ed8690cd917d3d717bcd632932ef509aa88f1d3b40cd7d137be7a5186d6e91d9649ba1d0fc7c02fd21cd5cb6665634285de92445cd2e8d0adf817f11fb571fe95b23d700b1f8216182529c30ccb4f4869b3d538b37233b783889d7d148f750efcaf8a3780a5961cd0d9f3c725380cff3893b36b577dce6fdffcc4f6aefc957d0a1743821dbbe8b17642c83d139cc310784205514d33fa4adf3bb94906fe1a24cf27c2bfdfefc67f97562d7170e651dac7227a58acc05fe8d106a9d59b458c19f500530acf1a2de8f148a2936469e702975dc6d099e037a3819749be82191ef7ac51a8f8144a43dd3324d8999bdf6777a5fa21ff98fafcc535236e47ee7098793de37f9e2b318ab5d3f5f8b5a3ed26218090b517451b757c761e7e2798b7001dd4a760506627190a33620748e67d61f048d548db27c1c9affb6f4988420ddf52fceda74c3110b0eddbb141ee722ad9ec37f4ac3bf83d3b6cffc3cd9433823975872933dc38d07510245427c0d70e59f5579d7850cb9d1c16ca0851419dc65a51f0cdef8d47428e171b6bcb675864dca9260c92b06c1998b5bb3a3078cc523e5e640fd704e9c1e9dc2aa342168a031253c382ca01b2864100d2d1a21d484c046b94ddb71e0cf5c59e0a9934fb1b1edc20ebcec24cc6fe8ae8b27ce5f59aed96b0728a81906bdd002fed012d4b410245d57082f942bb900cdc37c55eab187b889329749766a7146cbc29675b03a4909c7e1f1ae4158a35c94a025aa924c18d8ee05554c6b1f59923218c92facd9ea9b323bcff83866424106419597ce0527b9412db8e2966758ac5d9f5b22d082ffe6b1c544c5ab926be419a883effdfcf656408b4a1017543cc144329d60650c3288bd3fe88fce7d900a1bcdeaeb5aea7c01be03f11ba78188bbcfe339fc3b7a70108d02083024c5020132c1f336cdb2cda53625b637caddfee2fb0ead50d3d441b9aa80249489a772d897d54c81056a5ff120ef34dba4ab748a321dad6a8c755554b3cff48390e9bdb65958acf8fd3e7b09be6382f50eff8afa0013b8aaa09926dfe0ef287ebded46627ef5ba64a34395b37150d3342d932721fa4326536df817a564fc5a3cd3426f6fd3dc2c34ce64930aa917e7215a33fb81eca82b4ee0d8ea880164e2c2550922d4cb4c8c6517ce6bd916f7555f797c0b8014388e1e308cfb9f34a0d0d8dc251725ffb0d640a0b78c867990fd3da85faa164258080e493ccf586f4a979b85690c9388a6197fd9f07c346507b5ed9531ef21ae51ed5e79c2c09b064b577fce249e23bb85d7d2815c5765405cdc7df335d111deeed5111df05f6c69b67079f74db0b5b2f74a87930bf7d8111c14625716afc4dadc18c98e764fff469ac7b9e75d7d36f7d3a2c28369dbfa73c0aeed5704119e271014636e848b459c1e2dadfbcf991656b3b6bf3765bd0bc620ed98cd5a0ce324282adccd4475baf0a97c744f56f7372e285d4728f1b85e5eb2d7cc1da39ec8507c6f7be58052551865040bedca1baa0d13778aa88eb256902a0cfcc913da24d39c5e611928f3c9301f27e98b337dd943918e78d0b84585d2cbea46424e6ce3e79625867aeac054686a3e3f964bbc3eb768039b5a6215bd5dc49602bbdefc3eab52d5c658c38cae6f35ffee54d873f56343e9bc63a07b02c8bf2eeee727d0fbc216a7a7558042092b8422880f5f1aeaba62ddd30e1346a0f8b3c688ce340ff4e74f58af93c694b418faace3e0e821ca91c4c772b30a770d0238b66e3b70194c1931cfde3cf47969fc7cf1d3b25a06445f1b46e2153c2ac26b5256f88bfab2952403048994781f678cebb577403f32a4b971aa2f472d3595aa24852020c4e02a55dc92eabd7d456c2e533568b5da59f820fd756dba618a10b99b5b130a78c51bbdc5bd1724ce6e9245b8a8cae90f75581a8e0002a5aedb64190453557cb254771c6ae5fb71e75da9812d07be88b2bd40bf14caf4eb0ef5696c4f8c987292cda8e6e3b6e37345eb17213f87ec0cddb2c78b38b7ec94c49ca2a6c595796a5f58882ef16219495f40b0a399970b14fe4cd0ab9957485ee106bc9929c2cbe7ba765d43c271270fde6cb6ea8f4f4bf1dac7979b01ce31a010fbf9bccee74214cf09cf1c7e22403574a57d595ab78493d993d4d2f103503a9459b9c6d9fae409846be532342c64d275a89379dbcc4d463bb0648d6e8b97958b513184a04d0c8df0030c80d23a38a5962c7c3071de6d7e9efad7fdf89e15539878b92cdc408d6cc67881093560e3f145a7272fe74957e2a48f1bcf7385f47ce1d934b333517524f6f39a81446ace461a69cc0d9578a3ab74ea839f7ab10ded2945bc5c59f92461277b0ebc2f90af753d630ecf705a7a628e3cdabc5d6e5f72259b7b412e3b5000e6028663e999d114878dccc1ceae20ade8389c19bc6a32d28ee4127b8ddfda5980e23466d01fd2321f356f26d8685916a3f82ec5465ecc89259bc97b80920b2aee1973ea70c727f42cbe6b2fbcbc3c1a88c56d12053b86e1b1766e3d87489eab63d556eb799858d17d9e853ee8610a44236e264710083b781915a04740639b81553097b3e51d1e5e29406a2b30842df5aeba94d14844ee431da42eb4e6e01add98ea1308cdd7db09cd0175361daff3e7730bd89c5017751f1b08137a85dfd4519539b31ed3fd196d9b49661f68aa91b4569aac0b2b74b2fb7bb013f093b699688c9f406031646e8b3295731091c1aeffba209c0b319c4a11004e1da92a8364f328aaf9a07974922de0b8e134e9f8255f753f1d1464eb3f80f0eba7d015242bd3025f5506feb7db193038663f834b688d17c0a24930c50be02788a1beb371dbebe44cde117c2ad111743cbd09026d9fe9ddb6a4aca25d5beb91ce6530c436279b7310f35e741f84e522611907d4935c9df83480ef42c1f73ad83938ae00b348c4ba81b2e9b8371819e4d00030978b557549edcc998216bd2e5923fd38137398fdfe7dd713f4897a62e89bfd896c6a73f4706cbd040c1e12706387c74e3002b87753583d0dc9b4eaebc8ae81ef46d3261001fac721a96b92a5beccce066c743881b8631b7e46641a4827f8e084cf00353762649c39fe47b80703ecc250501f2e75773c29d16b158e90b9277d04f282660982437a6c256ef17407146b15855e1d1c5210c1627e333259e9bcf93c49b8cfa0bd85fecfb80ba5055fec94c038a8ad9008257dd1d9e03a4844355712182dd46a27bf083c7fdb9df7adf07deb45526d85ec63198e467372e3795d9034dfe4e30fd41029afc9a7f112ca34dca7e7aeecdd7f2d9a510f15f4166f4760101759caecbce847f94784c03db5ad4b81c3a2b6448fbdd73d60a90beaedc453b9f54f8d20c26b90dc4e7a6b2bd857d885d10b16d7c9c758379d64ef8f0ee9c5b0af3b46dce67aa04d15052d040069f6c152e2557b4199aeac3fc8c9bce628f8ff8a9a69e73c4d3464c334a738ed56acc665eaddcd22766d6a10da5185087822e0004306a1804fd87ae9e135a998cca103e4c7d3fc4335624e693edc8dbe6d34d3bf171374b6ff1cecd6302ead0afcad8df2e3205c3ffee630332796d79bd3fc2581e7a767b0a431af6e24f23a9661de82967d21fc15205f82b112097db08f2466e36ab2e3c509777e7a85f363ce202ea5580ab7e56e29172767a5c1214a31745ff24f3b049e2177ca161af51b9f11051381f345af399bf9c3241996357972b74dee62", 0x1000}], 0x2, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000", @ANYRES8, @ANYRES32=r3, @ANYBLOB="1c00f0ef45983ca0980000000000000100000002000000", @ANYRES32=r2, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x38, 0x4810}}, {{0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000001380)="df7b7988224ab50cd0c753e2b9ba5af9bd5ca22fd4ccfe581abbe8d70ad8d5f70a570bb9fce49a5a8c74a148f899cbd7d27e6250f17956a5ea81", 0x3a}, {&(0x7f00000013c0)="1b83c0dc37e577ec2e9ac45d234d44b05c1fa4da769cc5fcb4ab621466d105fd86a33f8f8d85f1a2", 0x28}], 0x2, &(0x7f00000026c0)=[@cred={{0x1c, 0x1, 0x2, {r2}}}, @rights={{0x1c, 0x1, 0x1, [r1, 0xffffffffffffffff, r8]}}, @cred={{0x1c, 0x1, 0x2, {r7}}}, @rights={{0x38, 0x1, 0x1, [r0, r1, r1, 0xffffffffffffffff, 0xffffffffffffffff, r0, r8, r5, r5, r5]}}, @cred={{0x1c, 0x1, 0x2, {r7, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r10}}}, @rights={{0x18, 0x1, 0x1, [r3, r3]}}], 0xf0, 0x800}}], 0x4, 0x4000001)
connect$inet6(r9, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
setsockopt$SO_BINDTODEVICE(r9, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r9, &(0x7f00000014c0)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000040)="845d", 0x2}, {&(0x7f0000000900)="638290d61f46ae656f55d7ffcd9e4d57e92bebbe0e01", 0x16}], 0x2}}], 0x1, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$USBDEVFS_CONTROL(r1, 0x80085504, 0x0)
memfd_create(&(0x7f0000000000)='\'{:&\'\x00', 0x4)
r11 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='auxv\x00')
preadv(r11, &(0x7f0000000500)=[{0x0}, {&(0x7f0000000340)=""/250, 0xfa}], 0x2, 0x0, 0x0)

3.483817641s ago: executing program 3 (id=3646):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
userfaultfd(0x80001)
madvise(&(0x7f00003cd000/0x1000)=nil, 0x1000, 0x8)
mlock2(&(0x7f000000a000/0x800000)=nil, 0x800000, 0x0) (fail_nth: 1)

3.197350802s ago: executing program 3 (id=3652):
mkdir(0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000001280)=ANY=[@ANYBLOB="12010000020000202505a1a440000102030109025c00020100b8000904000001020d0000052406000105240000000d240f0106000000000000000006241a00003b0905810300020000000904010000020d00000904010102020d00000905820200020000000905030200020000100b0ca3e03d37a03fc9a690362d1fc6bbb2cd6abe2005dbaccfe437a96123e85f91c41f77ea1b653a033fa3dfe7a04e7c65c9cc92d5903e9475c6fda26709503044a236f4d242a7ba7aa92c62c46d4236736be621edecaefd4155565ea7ee6d37137bfe2c372ae4b529806cdc09116175c8dae5a4e78d7f"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, 0x0)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x5)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000002c0)='rpm_return_int\x00', r1}, 0x10)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

3.126618858s ago: executing program 2 (id=3654):
syz_mount_image$ext4(&(0x7f0000000ac0)='ext2\x00', &(0x7f0000000180)='./file0\x00', 0x3814744, &(0x7f00000007c0)={[{@noauto_da_alloc}, {@acl}, {@test_dummy_encryption}, {@resgid}, {@jqfmt_vfsv0}, {@oldalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10000}}, {@noauto_da_alloc}, {@test_dummy_encryption}]}, 0x1, 0x46f, &(0x7f0000000b00)="$eJzs3E9oXMUfAPDve7tp++u/5Ffrn9ZWo1UM/kmatGoPXhQFDwqCHuoxJmmp3TbSRLAlaBSpRyl4F4+Cd8GTJ1FPgle9S6FoEFq9uPJ230uzm900fzbd2P18YNuZN/PezDBv3s7O7CaAnjWY/ZNE7I6IXyKivx5tzDBY/+/GwtzEXwtzE0lUq6//ntTyXV+YmyiyFuftyiNDaUT6cZIX0mjm4qWz45XK1IU8PjJ77p2RmYuXnjpzbvz01Omp82MnThw/NvrsM2NPd6SdWZ2uH3x/+tCBl9+88urEyStv/fBVVt97DtfTl7ajUwazhv9RrWlOe7TThXXZP9Wb7UzK3a4Nq1WKiKy7+mrjvz9KcbPz+uOlj7paOWBTZc/s7e2T56vAHSyJbtcA6I7ijT77/Fu8btPUY0u49nz9A1DW7hv5q55SjjTP07eJ5Q9GxMn5vz/PXtG0DlFtsW4AALBR32bznyeXz/9qeyNL8iX53tBARPw/IvZFxF0RsT8i7s7z3hsR962x/OatoesLc2njkfTqOpu2Ktn877l8b6tx/rdYjYFSHttTa39fcupMZepoROyNiKHo257FR1tdvLjEiz9/2q78pfO/7JWVX8wF84tcLTct0E2Oz453alJ67cOIg+VW7U8WdwKyvj8QEQfXdum9ReDM418eapfp1u1fQQf2mapfRDxW7//5qLc/T5lfzJOsvD85siMqU0dHirtiuR9/uvxau/I31P4OyPp/Z+P935Sj/89k6X7tzNrLuPzrJ20/U5bXef9vS96o7Vlvy4+9Nz47e2E0YlvySi3ecHzs5rlFvMiftX/oSOvxvy8/J2v//RGR3cSHI+KBiHgw77uHIuLhiDiyQvu/f+GRt9ulbYX+n2z5/Fv8FsBAY/+vPVA6+9037cpf3fPveC00lB+pPf9uoXg0LK/OjjxlvXczAAAA/PekEbE7knR4MZymw8P178vvj51pZXpm9olT0++en6z/RmAg+tJipat/yXroaFKsl9XjY/lacZF+LF83/qz0v1p8eGK6MtnltkOv29Vm/Gd+KzVl3tGNGgKbyu+1oHc1j/+0S/UAbj/v/9C7jH/oXcY/9K5W4/+DpnjzXgBwZ/D+D73L+IfeZfxD7zL+oSdt5Hf9KwW+3sDp5eh8fQQ6HYh0S1RDoEWgvGx074mISvEXeVY8PYmILNDFhxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAH/RsAAP//KdXnsw==")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000740)='./file0\x00', 0x0, 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@metacopy_on}], [], 0x2c})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x0, 0x7, 0x10001, 0x9, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800003f0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC=r1, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff8b}, 0x90)
r2 = creat(0x0, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB])
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
timerfd_gettime(0xffffffffffffffff, 0x0)
write$FUSE_INIT(r2, 0x0, 0x0)
syz_fuse_handle_req(r2, 0x0, 0x0, 0x0)
syz_fuse_handle_req(r2, 0x0, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff080047000030000000000006907800000000e00000018608ffffffff0002"], 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
syz_usb_connect(0x0, 0x41, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000e518a708ac0501859d200000690109022f00010000000009040000000e010000152403"], 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000580)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000900)={'\x00', 0x2})
pipe2(&(0x7f0000000040), 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))

1.971204323s ago: executing program 0 (id=3656):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'\x00', 0x5})
ioctl$TUNSETPERSIST(r0, 0x400454c9, 0x1)
ioctl$TUNGETIFF(r0, 0x800454d2, &(0x7f00000000c0)={'bond_slave_0\x00'})

1.773709638s ago: executing program 0 (id=3657):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3c, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_read_part_table(0x609, &(0x7f0000000d40)="$eJzs1E9rXFUYB+DfnczMnSmGBC0oIjRQ6CrEhXQRcLBBVLppQ6niwp0gCHVhoWBXE9ouRYpbIW4qlFLIF9CNlLRQ3LgKLktxbxGhRDwy98aZli5cJBAtz7M45z3vPf8u59wb/tc6qcelVMOM/8n0+nvBS23VTymlTAdc//jyhWnj/VvHbyfra+fOJ0c2Pkqy9NoLycJ0rtlCd55etyzslgzzaDBLVZOim2QjyWcPbjRhdzbL4jObr/fx4jwXtkZf/Jjm3oyGGaSXb5LV79pn4w9efvPDTlXNbmF1ahr2Dmr97WPNxU2dnemcS8n8SvetJPf2MsuTTr+28Xb7rVVnnpyo01Zz7WfwtOEzmQPaPfu1NdpeuHrtYv/rbtN8+O3RB79c6eXEzUuvL7/YuzO+XrWHdyzJoD/5yVXNYc8d8r4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDnz9Zoe6G/F+98Xj9845PuXmux/FVKSVInmXQZtPkqw4UjZVJn42DWv3r/y2Hq0ac7j0sp5VRKOfvb5vxK724vZzf31l2uMn5i2OZuW/f3vwMOU3P+1y6+99Xl0R+329TgyuMzJwZVE9dNOUx+7w/GRy8l6czGDg9lxwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAf907755eWl87dz5J1R0k6Sze2J48OPlK26Ekr/5w8uaFe2urTXtlUvzZP13Xu+X+249uLf50/Oe7c1mv2+7fd5JSrc6n220TW03ZO4x349/9HQAA///wjWn4")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x101482, 0x0)
fallocate(r0, 0x3, 0x0, 0x2000)

1.671852266s ago: executing program 0 (id=3658):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000070"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x2000480, &(0x7f0000001040), 0x1, 0x784, &(0x7f00000007c0)="$eJzs3c1rHOUfAPDvbJKmSfv7JYKg9RQQNFC6MTW2Ch4qHkSwUNCz7bLZhppNtmQ3pQkBW0TwIqh4EPTSsy/15tWXq/4XHqSlalqseJDI7Eu7bXbTTZvdDeTzgck+z8xsnue7z8wzz+wMOwHsWRPpn0zEoYj4KIkYq89PImKomhqMOFFb7/b6Wj6dktjYePOPpLrOrfW1fDS9J3WgnnkyIn58P+JwZnO55ZXV+VyxWFiq56cqC+enyiurR84t5OYKc4XFY9MzM0ePv3D82M7F+tcvqwevf/zas9+c+Oe9J65++FMSJ+JgfVlzHDtlIibqn8lQ+hHe49WdLqzPkn5XgIeS7poDtb08DsVYDFRTbYz0smYAQLe8GxEbAMAekzj+A8Ae0/ge4Nb6Wr4x9fcbid668UpE7K/F37i+WVsyWL9mt796HXT0VnLPlZEkIsZ3oPyJiPjiu7e/Sqfo0nVIgFYuXY6IM+MTm/v/ZNM9C9v13FYLN4arLxP3zdb/Qe98n45/Xmw1/svcGf9Ei/HPcIt992E8eP/PXNuBYtpKx38vN93bdrsp/rrxgXruf9Ux31By9lyxkPZt/4+IyRgaTvPT1VVb3wU1efPfm+3Kbx7//fnJO1+m5aevd9fIXBscvvc9s7lK7lHjbrhxOeKpwVbxJ3faP2kz/j3VYRmvv/TB5+2WpfGn8TamzfF318aViGdatv/dtky2vD9xqro5TDU2iha+/fWz0XblN7d/OqXlN84FeiFt/9Gt4x9Pmu/XLG+/jJ+vjP3QbtmD42+9/e9L3qqm99XnXcxVKkvTEfuSNzbPP3r3vY18Y/00/smnW+//W23/6TnhmQ7jH7z++9cPH393pfHPbqv9t5+4ent+oF35nbX/TDU1WZ/TSf/XaQUf5bMDAAAAAAAAAAAAAAAAAAAAAAAAgE5lIuJgJJnsnXQmk83WnuH9eIxmiqVy5fDZ0vLibFSflT0eQ5nGT12ONf0e6nT99/Ab+aP35Z+PiMci4tPhkWo+my8VZ/sdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHWjz/P/Ub8P9rh0A0DX7+10BAKDnHP8BYO/Z3vF/pGv1AAB6x/k/AOw9HR//z3S3HgBA7zj/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMtOnTyZTht/r6/l0/zshZXl+dKFI7OF8nx2YTmfzZeWzmfnSqW5YiGbLy20/UeXai/FUun8TCwuX5yqFMqVqfLK6umF0vJi5fS5hdxc4XRhqGeRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDnyiur87lisbAksWViZHdUY9ckBmNXVEOia4nmXmKkfx0UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwC73XwAAAP//+Lkq2Q==")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b)

1.175284363s ago: executing program 1 (id=3662):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000480)='nv\x00', 0x3)
sendmmsg$inet(r0, &(0x7f0000004bc0)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000002c0)="316f825a3d29f96a2093a917017b4cd300000000bee70035ed313e19d6dd1fb41a20baf7f7343067fd40cdd4b16742e94b62f4eb1c5d9faab7f3028100ae8180db94b9de7456ae62b0e6fe7766a0842912179154a96fa88e161d4adf77a486e10d1d1d0b90c8997e6917226fa4bb5d77e85729336ba6369a4c33ac53b45d46a92db9fda99af4429dc23db6a1706328df4e75eb173a81bd4af8b89d1870c9b2382a759d67a4cbb1280955e9a59cd8e5e8ac68c27da3d542aece1ba7920e8f39b270458224e7", 0xc5}], 0x1}}, {{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000700)="acc8", 0x2}, {&(0x7f0000000740)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc487553859348d48e6fc49d81c71590cd542e796cc2669e2c691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e46", 0x6c}], 0x2}}, {{0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000014c0)="23004e4ee760d48ddc6b7a1ebfc6df276028840fb20d5233e81c802684e8ac1dc195296ffaaeace7ee918f67beb970cd36769470f7acb5cd5becfa3839cec05a81f9488931e0a9ba9a246f45fee8b5240bd1e078539b56973bfbbee5a100668daf66", 0x62}], 0x1}}], 0x3, 0x0)

957.267209ms ago: executing program 1 (id=3663):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000300)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003e80)=[{{&(0x7f0000000340)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f00000001c0)=[{&(0x7f0000000b00)="6e9df3db556b3616a25f9c4f9721fc24de72b30722f436b1376755ba259bb0472e80950358d037c9745a6cb8b20b55d0b889677c7b243dc5b2bbef200cbda75c76a3d7315c102d39faee7c9c893498069cd244743d932b9f2510e42f15976974fd6af953ad32564ee301685e2971a218d8e0df64dbf68cba43c07cbb472dd240905da2db24a531d64e965c6e1cc0933c8226e5159c141f693037f122fcde6ded6980f1e76f34815a344f96ff", 0xac}, {&(0x7f0000000bc0)="c32d1df024d70e82eb70ec713258d4f04671f674d579ae2869235268724842846cb82211929ac71018556a6b23d13be346f617ca4358d5da91912b06b4464b6e2f89e4cc0effc8a5f9b0cc40d44370b9b12c7d7db62af19deb7dcaa83acd99a32f54695f36a2e1a9a725", 0x6a}], 0x2, 0x0, 0x0, 0x20048041}}, {{&(0x7f0000001500)=@file={0x1, './file0/file0/file0\x00'}, 0x6e, &(0x7f00000016c0), 0x0, &(0x7f0000001740)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x18, 0x8800}}, {{0x0, 0x0, &(0x7f0000002fc0)=[{0x0}], 0x1, 0x0, 0x0, 0x40000}}, {{&(0x7f0000003340)=@abs={0x2, 0x0, 0x4e24}, 0x6e, 0x0, 0x0, &(0x7f0000003500), 0x0, 0x8000}}, {{0x0, 0x0, &(0x7f0000003d80), 0x0, 0x0, 0x0, 0x14000080}}], 0x5, 0x800)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r1, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0xfdef}], 0x1)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "000080f100df00000000000000000009f600"})
r2 = syz_open_pts(r1, 0x801)
r3 = dup3(r2, r1, 0x0)
write$binfmt_elf64(r3, &(0x7f0000001400)=ANY=[], 0xfe00)

765.176183ms ago: executing program 0 (id=3664):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = fsopen(&(0x7f0000000100)='devtmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)

609.880854ms ago: executing program 1 (id=3665):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r1, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_128={{0x303}, "cfc85eb51b0ace6a", "4617a9f6040839230fb7fead776dd8dc", "3f4051c4", "bb2c8897a2b66244"}, 0x28)
recvmmsg(r1, &(0x7f0000000f00)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000b00)=""/81, 0x51}], 0x1}}], 0x1, 0x0, 0x0)
recvfrom$inet6(r1, 0x0, 0x1000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newtaction={0xd8, 0x30, 0xffff, 0x0, 0x0, {}, [{0xc4, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_gact={0x54, 0x2, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x7}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x1dbc, 0x20000000}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xd8}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = getpid()
syz_pidfd_open(r3, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, 0x0, 0x0)

281.754249ms ago: executing program 1 (id=3666):
r0 = syz_clone3(&(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r1 = syz_pidfd_open(r0, 0x0)
process_mrelease(r1, 0x0)

281.575489ms ago: executing program 0 (id=3667):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x8004, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)

276.535109ms ago: executing program 4 (id=3655):
sched_setscheduler(0x0, 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = syz_usb_connect$hid(0x0, 0x6c, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000000040b827ed0100000000000109022400010000000009040000010300000009210000200122050009058103"], 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000b80)={0x24, 0x0, 0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0022050000"], 0x0}, 0x0)

249.468381ms ago: executing program 1 (id=3668):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r2}, 0x10)
shutdown(0xffffffffffffffff, 0x1)

161.611538ms ago: executing program 1 (id=3669):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000040)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@resgid}, {@grpquota}, {@usrjquota}]}, 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O")
openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='ext4_ext_show_extent\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
sched_rr_get_interval(0x0, &(0x7f0000000040))

83.517164ms ago: executing program 3 (id=3670):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = epoll_create1(0x0)
socket(0x2, 0x80802, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r2}, 0x10)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000040)={[{@norecovery}]}, 0x1, 0xb80, &(0x7f00000017c0)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
pipe2$9p(&(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r5 = dup(r4)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [], 0x6b}})

0s ago: executing program 0 (id=3671):
open(0x0, 0x14927e, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x13, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$uhid(0xffffffffffffff9c, 0x0, 0x802, 0x0)
r3 = open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000f8)
sendfile(r3, r3, 0x0, 0x100000008)

kernel console output (not intermixed with test programs):

CONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1539.469532][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1539.508961][ T7186] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1539.518587][ T7186] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1539.526278][ T7186] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1539.565381][T16734] device veth0_vlan entered promiscuous mode
[ 1539.625458][ T6839] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1539.642257][T16734] device veth1_macvtap entered promiscuous mode
[ 1539.688735][ T7186] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1539.707758][ T1841] usb 3-1: new high-speed USB device number 100 using dummy_hcd
[ 1539.708803][ T7186] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1539.743774][  T328] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1539.758381][  T328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1539.896128][T16766] F2FS-fs (loop3): Invalid SB checksum offset: 0
[ 1539.917532][T16766] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[ 1539.979023][T16766] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1540.087223][ T1841] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1540.133857][ T1841] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1540.143822][   T24] audit: type=1400 audit(1725553747.011:3289): avc:  denied  { create } for  pid=16783 comm="syz.4.3347" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[ 1540.187614][ T1841] usb 3-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00
[ 1540.196539][ T1841] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1540.214809][   T24] audit: type=1400 audit(1725553747.081:3290): avc:  denied  { remount } for  pid=16783 comm="syz.4.3347" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1540.235827][ T1841] usb 3-1: config 0 descriptor??
[ 1540.258138][T16766] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[ 1540.265078][T16766] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1540.338426][T16784] EXT4-fs (loop4): orphan cleanup on readonly fs
[ 1540.345056][T16784] EXT4-fs (loop4): 1 truncate cleaned up
[ 1540.387397][T16784] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1540.598826][T16777] F2FS-fs (loop1): Invalid SB checksum offset: 0
[ 1540.616592][T16777] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[ 1540.634099][T16777] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1541.461379][   T24] audit: type=1400 audit(1725553748.331:3291): avc:  denied  { ioctl } for  pid=16768 comm="syz.2.3345" path="/32/file0/file1" dev="loop2" ino=15 ioctlcmd=0x582a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1541.512278][T16777] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[ 1541.531111][T16792] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1541.540196][T16777] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1541.555040][T16792] ext4 filesystem being mounted at /64/file0 supports timestamps until 2038 (0x7fffffff)
[ 1541.575115][ T1841] petalynx 0003:18B1:0037.007D: collection stack underflow
[ 1541.583471][ T1841] petalynx 0003:18B1:0037.007D: item 0 1 0 12 parsing failed
[ 1541.591940][ T1841] petalynx 0003:18B1:0037.007D: parse failed
[ 1541.598439][ T1841] petalynx: probe of 0003:18B1:0037.007D failed with error -22
[ 1541.606910][T16804] incfs: Error accessing: ./file0/file0.
[ 1541.612821][ T1841] usb 3-1: USB disconnect, device number 100
[ 1541.627274][T16804] incfs: mount failed -20
[ 1543.020737][ T6839] usb 5-1: new high-speed USB device number 96 using dummy_hcd
[ 1543.174267][T16818] FAULT_INJECTION: forcing a failure.
[ 1543.174267][T16818] name failslab, interval 1, probability 0, space 0, times 0
[ 1543.237521][T16818] CPU: 1 PID: 16818 Comm: syz.2.3352 Not tainted 5.10.223-syzkaller-00011-g1c5354a314ea #0
[ 1543.247361][T16818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1543.257354][T16818] Call Trace:
[ 1543.260502][T16818]  dump_stack_lvl+0x1e2/0x24b
[ 1543.265140][T16818]  ? panic+0x812/0x812
[ 1543.269197][T16818]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 1543.274645][T16818]  ? bpf_probe_read_kernel+0x49/0x70
[ 1543.282009][T16818]  dump_stack+0x15/0x17
[ 1543.285990][T16818]  should_fail+0x3c6/0x510
[ 1543.290325][T16818]  ? netlink_trim+0x19b/0x230
[ 1543.294926][T16818]  __should_failslab+0xa4/0xe0
[ 1543.299523][T16818]  should_failslab+0x9/0x20
[ 1543.303869][T16818]  __kmalloc_track_caller+0x5f/0x320
[ 1543.309020][T16818]  ? netlink_trim+0x19b/0x230
[ 1543.313611][T16818]  pskb_expand_head+0x12b/0x1180
[ 1543.318385][T16818]  netlink_trim+0x19b/0x230
[ 1543.322705][T16818]  netlink_broadcast_filtered+0x66/0x1270
[ 1543.328355][T16818]  ? qdisc_root_sleeping_running+0xc0/0xc0
[ 1543.333993][T16818]  ? qdisc_notify+0x7a/0x370
[ 1543.338503][T16818]  netlink_broadcast+0x3a/0x50
[ 1543.343098][T16818]  rtnetlink_send+0x128/0x190
[ 1543.347609][T16818]  qdisc_notify+0x26f/0x370
[ 1543.351949][T16818]  qdisc_graft+0xfab/0x1300
[ 1543.356291][T16818]  ? trace_qdisc_create+0x25/0x150
[ 1543.361336][T16818]  ? qdisc_create+0x12d0/0x12d0
[ 1543.366014][T16818]  ? qdisc_notify+0x370/0x370
[ 1543.370587][T16818]  ? __nla_parse+0x43/0x60
[ 1543.374883][T16818]  tc_modify_qdisc+0xc5e/0x1470
[ 1543.379571][T16818]  ? qdisc_offload_graft_helper+0x280/0x280
[ 1543.385327][T16818]  ? mutex_trylock+0xa0/0xa0
[ 1543.389790][T16818]  ? ns_capable+0x89/0xe0
[ 1543.394053][T16818]  ? netlink_net_capable+0x125/0x160
[ 1543.399275][T16818]  ? qdisc_offload_graft_helper+0x280/0x280
[ 1543.405182][T16818]  rtnetlink_rcv_msg+0x955/0xc50
[ 1543.410052][T16818]  ? is_bpf_text_address+0x172/0x190
[ 1543.415274][T16818]  ? rtnetlink_bind+0x80/0x80
[ 1543.419777][T16818]  ? arch_stack_walk+0xf3/0x140
[ 1543.424484][T16818]  ? stack_trace_save+0x113/0x1c0
[ 1543.429825][T16818]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1543.436199][T16818]  ? stack_trace_snprint+0xf0/0xf0
[ 1543.441291][T16818]  ? avc_has_perm+0x14d/0x400
[ 1543.446760][T16818]  ? memcpy+0x56/0x70
[ 1543.451274][T16818]  ? avc_has_perm+0x275/0x400
[ 1543.455986][T16818]  ? __kasan_slab_alloc+0xb1/0xe0
[ 1543.460889][T16818]  ? slab_post_alloc_hook+0x61/0x2f0
[ 1543.466223][T16818]  ? kmem_cache_alloc+0x168/0x2e0
[ 1543.471082][T16818]  ? avc_has_perm_noaudit+0x240/0x240
[ 1543.476305][T16818]  ? iov_iter_advance+0x258/0xb20
[ 1543.481248][T16818]  netlink_rcv_skb+0x1cf/0x410
[ 1543.485956][T16818]  ? rtnetlink_bind+0x80/0x80
[ 1543.490466][T16818]  ? netlink_ack+0xb30/0xb30
[ 1543.494902][T16818]  ? __netlink_lookup+0x37b/0x3a0
[ 1543.500149][T16818]  rtnetlink_rcv+0x1c/0x20
[ 1543.504605][T16818]  netlink_unicast+0x8df/0xac0
[ 1543.509350][T16818]  ? netlink_detachskb+0x90/0x90
[ 1543.514367][T16818]  ? security_netlink_send+0x7b/0xa0
[ 1543.519675][T16818]  netlink_sendmsg+0xa46/0xd00
[ 1543.524488][T16818]  ? netlink_getsockopt+0x5c0/0x5c0
[ 1543.529559][T16818]  ? kmem_cache_free+0xa9/0x1e0
[ 1543.534257][T16818]  ? security_socket_sendmsg+0x82/0xb0
[ 1543.539739][T16818]  ? netlink_getsockopt+0x5c0/0x5c0
[ 1543.545014][T16818]  ____sys_sendmsg+0x59e/0x8f0
[ 1543.549722][T16818]  ? __sys_sendmsg_sock+0x40/0x40
[ 1543.554581][T16818]  ? import_iovec+0xe5/0x120
[ 1543.559007][T16818]  ___sys_sendmsg+0x252/0x2e0
[ 1543.563689][T16818]  ? __sys_sendmsg+0x280/0x280
[ 1543.568292][T16818]  ? rw_verify_area+0x1c3/0x360
[ 1543.573035][T16818]  ? __fdget+0x1bc/0x240
[ 1543.577051][T16818]  __se_sys_sendmsg+0x1b1/0x280
[ 1543.581744][T16818]  ? __x64_sys_sendmsg+0x90/0x90
[ 1543.586532][T16818]  ? ksys_write+0x260/0x2c0
[ 1543.590868][T16818]  ? debug_smp_processor_id+0x17/0x20
[ 1543.596236][T16818]  __x64_sys_sendmsg+0x7b/0x90
[ 1543.600936][T16818]  do_syscall_64+0x34/0x70
[ 1543.605178][T16818]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1543.611019][T16818] RIP: 0033:0x7efd407edef9
[ 1543.615855][T16818] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1543.635996][T16818] RSP: 002b:00007efd3f468038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1543.644332][T16818] RAX: ffffffffffffffda RBX: 00007efd409a6f80 RCX: 00007efd407edef9
[ 1543.652135][T16818] RDX: 0000000000000000 RSI: 0000000020001200 RDI: 0000000000000005
[ 1543.660224][T16818] RBP: 00007efd3f468090 R08: 0000000000000000 R09: 0000000000000000
[ 1543.668331][T16818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1543.676230][T16818] R13: 0000000000000000 R14: 00007efd409a6f80 R15: 00007fffc504d6a8
[ 1543.797310][ T6839] usb 5-1: Using ep0 maxpacket: 32
[ 1544.702053][   T20] usb 3-1: new high-speed USB device number 101 using dummy_hcd
[ 1545.217277][ T6839] usb 5-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[ 1545.226455][ T6839] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1545.236075][ T6839] usb 5-1: Product: syz
[ 1545.240420][ T6839] usb 5-1: Manufacturer: syz
[ 1545.253959][ T6839] usb 5-1: config 0 descriptor??
[ 1545.277184][ T6839] usb 5-1: can't set config #0, error -71
[ 1545.290122][ T6839] usb 5-1: USB disconnect, device number 96
[ 1545.575413][T16831] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.3354: casefold flag without casefold feature
[ 1545.589949][T16831] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #12: comm syz.1.3354: missing EA_INODE flag
[ 1545.602394][T16831] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.3354: error while reading EA inode 12 err=-117
[ 1545.615269][T16831] EXT4-fs (loop1): 1 orphan inode deleted
[ 1545.620985][T16831] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1545.687230][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1545.701566][   T20] usb 3-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[ 1545.712760][   T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1545.734089][   T20] usb 3-1: config 0 descriptor??
[ 1545.779448][   T20] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[ 1546.047090][ T6839] usb 5-1: new high-speed USB device number 97 using dummy_hcd
[ 1546.327161][ T6839] usb 5-1: Using ep0 maxpacket: 32
[ 1546.467133][ T6839] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1546.486268][ T6839] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1546.496255][ T6839] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1546.505636][ T6839] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1546.524340][ T6839] usb 5-1: config 0 descriptor??
[ 1546.568274][ T6839] hub 5-1:0.0: USB hub found
[ 1546.745869][T16851] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 1546.767148][T16851] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 1546.788618][T16851] F2FS-fs (loop0): invalid crc value
[ 1546.803447][T16851] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1546.841448][   T24] audit: type=1326 audit(1725553753.711:3292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16837 comm="syz.4.3358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1546.902361][T16851] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 1546.909995][T16851] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1546.937226][   T20] usb 2-1: new low-speed USB device number 93 using dummy_hcd
[ 1546.976535][T16851] attempt to access beyond end of device
[ 1546.976535][T16851] loop0: rw=10241, want=45104, limit=40427
[ 1547.017226][ T6839] hub 5-1:0.0: config failed, can't read hub descriptor (err -22)
[ 1547.037435][  T504] usb 3-1: USB disconnect, device number 101
[ 1547.082046][T16871] FAT-fs (loop3): Directory bread(block 64) failed
[ 1547.088542][T16871] FAT-fs (loop3): Directory bread(block 65) failed
[ 1547.094945][T16871] FAT-fs (loop3): Directory bread(block 66) failed
[ 1547.101520][T16871] FAT-fs (loop3): Directory bread(block 67) failed
[ 1547.108034][T16871] FAT-fs (loop3): Directory bread(block 68) failed
[ 1547.114419][T16871] FAT-fs (loop3): Directory bread(block 69) failed
[ 1547.120834][T16871] FAT-fs (loop3): Directory bread(block 70) failed
[ 1547.127493][T16871] FAT-fs (loop3): Directory bread(block 71) failed
[ 1547.133865][T16871] FAT-fs (loop3): Directory bread(block 72) failed
[ 1547.137106][ T6839] usbhid 5-1:0.0: can't add hid device: -71
[ 1547.140889][T16871] FAT-fs (loop3): Directory bread(block 73) failed
[ 1547.178753][ T6839] usbhid: probe of 5-1:0.0 failed with error -71
[ 1547.207185][   T20] usb 2-1: Invalid ep0 maxpacket: 16
[ 1547.268253][ T6839] usb 5-1: USB disconnect, device number 97
[ 1547.496832][   T20] usb 2-1: new low-speed USB device number 94 using dummy_hcd
[ 1547.621550][T16882] usb usb7: usbfs: process 16882 (syz.2.3369) did not claim interface 0 before use
[ 1547.747099][   T20] usb 2-1: Invalid ep0 maxpacket: 16
[ 1547.753912][   T20] usb usb2-port1: attempt power cycle
[ 1548.337091][   T20] usb 2-1: new low-speed USB device number 95 using dummy_hcd
[ 1548.437239][   T20] usb 2-1: Invalid ep0 maxpacket: 16
[ 1548.587470][   T20] usb 2-1: new low-speed USB device number 96 using dummy_hcd
[ 1548.609372][T16885] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1548.629607][T16869] F2FS-fs (loop4): Invalid SB checksum offset: 0
[ 1548.636449][T16869] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[ 1548.684065][T16885] ext4 filesystem being mounted at /37/file0 supports timestamps until 2038 (0x7fffffff)
[ 1548.694697][   T20] usb 2-1: Invalid ep0 maxpacket: 16
[ 1548.700830][   T20] usb usb2-port1: unable to enumerate USB device
[ 1548.746426][T16869] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1548.963662][T16869] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[ 1548.977277][   T20] usb 4-1: new full-speed USB device number 99 using dummy_hcd
[ 1549.127399][T16869] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1549.519849][   T20] usb 4-1: not running at top speed; connect to a high speed hub
[ 1549.767296][   T20] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1549.933123][   T20] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[ 1550.228900][    T7] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1550.261945][    T7] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1550.480364][T16909] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.3375: casefold flag without casefold feature
[ 1550.541227][T16909] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz.2.3375: missing EA_INODE flag
[ 1550.670250][T16909] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.3375: error while reading EA inode 12 err=-117
[ 1550.709512][T16909] EXT4-fs (loop2): 1 orphan inode deleted
[ 1550.747454][T16909] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1550.841697][T16909] overlayfs: failed to resolve './file0': -2
[ 1551.127246][   T20] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1551.141766][   T20] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1551.172224][   T20] usb 4-1: Product: င
[ 1551.207159][   T20] usb 4-1: can't set config #1, error -71
[ 1551.221110][   T20] usb 4-1: USB disconnect, device number 99
[ 1551.563519][T16924] usb usb7: usbfs: process 16924 (syz.2.3380) did not claim interface 0 before use
[ 1551.930752][T16929] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1552.427274][T16929] ext4 filesystem being mounted at /131/file0 supports timestamps until 2038 (0x7fffffff)
[ 1552.665701][T16941] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1552.677576][T16941] ext4 filesystem being mounted at /29/file0 supports timestamps until 2038 (0x7fffffff)
[ 1552.727378][T16942] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1552.746722][T16942] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038 (0x7fffffff)
[ 1556.069822][   T24] audit: type=1400 audit(1725553762.941:3293): avc:  denied  { write } for  pid=16974 comm="syz.4.3390" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[ 1556.357027][ T1841] usb 5-1: new high-speed USB device number 98 using dummy_hcd
[ 1556.433351][T16990] usb usb7: usbfs: process 16990 (syz.2.3392) did not claim interface 0 before use
[ 1557.160725][T16961] F2FS-fs (loop0): Invalid SB checksum offset: 0
[ 1557.187056][T16961] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 1557.218668][T16961] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1557.266867][T16994] netlink: 52 bytes leftover after parsing attributes in process `syz.3.3396'.
[ 1557.296747][T16961] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[ 1557.304126][T16961] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1557.319619][T16999] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1557.328723][T17000] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3396'.
[ 1557.328828][T16999] ext4 filesystem being mounted at /48/file0 supports timestamps until 2038 (0x7fffffff)
[ 1557.367236][ T6839] usb 2-1: new full-speed USB device number 97 using dummy_hcd
[ 1557.417024][ T1841] usb 5-1: Using ep0 maxpacket: 16
[ 1558.077824][ T1841] usb 5-1: config 1 interface 0 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 16
[ 1558.087949][ T1841] usb 5-1: config 1 interface 0 altsetting 1 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1558.101432][ T1841] usb 5-1: config 1 interface 0 has no altsetting 0
[ 1558.197530][ T6839] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1558.210741][ T6839] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1558.222733][ T6839] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1558.232836][ T6839] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1558.258224][ T6839] usb 2-1: New USB device found, idVendor=17ef, idProduct=6085, bcdDevice= 0.00
[ 1558.279712][ T6839] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1558.297155][ T1841] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1558.317249][ T1841] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1558.325288][ T1841] usb 5-1: Product: 癟
[ 1558.339851][ T6839] usb 2-1: config 0 descriptor??
[ 1558.345758][ T1841] usb 5-1: Manufacturer: ፃ踴ಈ갆懢鰎설꛺┏᠟᪘ꆡ點刀ᒛ紌䊻宑頏㬮膊쿜␀᲎럂괃氱⭪❗㒡꧎ᣯ몖颠숔ᮜ৆
[ 1558.363760][ T1841] usb 5-1: SerialNumber: syz
[ 1558.381442][ T1841] usb 5-1: rejected 1 configuration due to insufficient available bus power
[ 1558.391346][ T1841] usb 5-1: no configuration chosen from 1 choice
[ 1558.877203][ T6839] usbhid 2-1:0.0: can't add hid device: -71
[ 1558.883870][ T6839] usbhid: probe of 2-1:0.0 failed with error -71
[ 1558.915853][ T6839] usb 2-1: USB disconnect, device number 97
[ 1558.935380][T17030] EXT4-fs (loop0): 1 orphan inode deleted
[ 1558.941790][T17030] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1558.951678][T17030] ext4 filesystem being mounted at /73/file1 supports timestamps until 2038 (0x7fffffff)
[ 1559.044963][ T1926] usb 5-1: USB disconnect, device number 98
[ 1560.671006][T17043] netlink: 52 bytes leftover after parsing attributes in process `syz.4.3408'.
[ 1560.828266][T17043] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3408'.
[ 1560.894481][   T24] audit: type=1400 audit(1725553767.761:3294): avc:  denied  { mounton } for  pid=17052 comm="syz.2.3412" path="/53/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1
[ 1560.894526][T17056] fuse: Bad value for 'fd'
[ 1561.275292][T17056] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[ 1561.939158][T17069] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[ 1563.195782][T17080] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3419'.
[ 1563.952817][T17054] F2FS-fs (loop0): Invalid SB checksum offset: 0
[ 1563.983137][T17054] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 1564.037530][T17054] F2FS-fs (loop0): Failed to start F2FS issue_checkpoint_thread (-12)
[ 1565.415970][T17102] netlink: 52 bytes leftover after parsing attributes in process `syz.4.3424'.
[ 1565.490979][ T9448] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1565.497848][T17104] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3424'.
[ 1566.090854][T17117] 9pnet: Insufficient options for proto=fd
[ 1566.462731][T17128] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3431'.
[ 1566.472674][T17123] FAT-fs (loop4): Directory bread(block 64) failed
[ 1566.483561][T17123] FAT-fs (loop4): Directory bread(block 65) failed
[ 1566.493633][T17123] FAT-fs (loop4): Directory bread(block 66) failed
[ 1566.519830][T17123] FAT-fs (loop4): Directory bread(block 67) failed
[ 1566.526430][T17123] FAT-fs (loop4): Directory bread(block 68) failed
[ 1566.557025][T17123] FAT-fs (loop4): Directory bread(block 69) failed
[ 1566.573818][T17123] FAT-fs (loop4): Directory bread(block 70) failed
[ 1566.593868][T17123] FAT-fs (loop4): Directory bread(block 71) failed
[ 1566.609557][T17123] FAT-fs (loop4): Directory bread(block 72) failed
[ 1566.636275][T17123] FAT-fs (loop4): Directory bread(block 73) failed
[ 1566.990022][T17119] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 1567.015494][T17119] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 1567.045993][T17119] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1567.145525][T17119] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 1567.167263][T17119] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1567.518927][T17148] syz.2.3436[17148] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1567.519050][T17148] syz.2.3436[17148] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1567.532341][T17148] device pim6reg1 entered promiscuous mode
[ 1567.633117][   T20] Bluetooth: hci0: command 0x1003 tx timeout
[ 1567.639601][T14509] Bluetooth: hci0: sending frame failed (-49)
[ 1567.671622][T17119] overlayfs: invalid origin (0000)
[ 1567.765084][T17158] usb usb7: usbfs: process 17158 (syz.4.3437) did not claim interface 0 before use
[ 1568.415932][T15492] f2fs_fill_dentries: 4 callbacks suppressed
[ 1568.415954][T15492] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[ 1568.422935][T15492] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[ 1568.442951][T15492] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[ 1568.456384][T17157] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3438'.
[ 1568.474997][T15492] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[ 1568.475022][T15492] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[ 1568.497118][T15492] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[ 1568.509183][T15492] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[ 1568.560090][T17159] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3438'.
[ 1568.955676][T17170] 9pnet: Insufficient options for proto=fd
[ 1569.007010][ T1841] usb 5-1: new high-speed USB device number 99 using dummy_hcd
[ 1569.356646][ T9448] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1569.537119][ T1841] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1569.548467][ T1841] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1569.558164][ T1841] usb 5-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[ 1569.567516][ T1841] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1569.577174][ T1841] usb 5-1: config 0 descriptor??
[ 1569.707053][   T20] Bluetooth: hci0: command 0x1001 tx timeout
[ 1569.713059][T17175] Bluetooth: hci0: sending frame failed (-49)
[ 1570.121113][ T1841] arvo 0003:1E7D:30D4.007E: unknown main item tag 0x0
[ 1570.128261][ T1841] arvo 0003:1E7D:30D4.007E: unknown main item tag 0x0
[ 1570.136780][ T1841] arvo 0003:1E7D:30D4.007E: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.4-1/input0
[ 1570.357121][ T1841] arvo 0003:1E7D:30D4.007E: couldn't init struct arvo_device
[ 1570.364796][ T1841] arvo 0003:1E7D:30D4.007E: couldn't install keyboard
[ 1570.374697][T17188] incfs: Error accessing: ./file0/file0.
[ 1570.387201][T17188] incfs: mount failed -20
[ 1570.396887][ T1841] arvo: probe of 0003:1E7D:30D4.007E failed with error -71
[ 1570.415295][ T1841] usb 5-1: USB disconnect, device number 99
[ 1570.707037][ T6839] usb 3-1: new high-speed USB device number 102 using dummy_hcd
[ 1570.956968][ T6839] usb 3-1: Using ep0 maxpacket: 32
[ 1571.257125][ T6839] usb 3-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[ 1571.276234][ T6839] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1571.286328][ T6839] usb 3-1: Product: syz
[ 1571.296444][ T6839] usb 3-1: Manufacturer: syz
[ 1571.306544][ T6839] usb 3-1: SerialNumber: syz
[ 1571.315115][   T24] audit: type=1326 audit(1725553778.181:3295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17195 comm="syz.4.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1571.326112][ T6839] usb 3-1: config 0 descriptor??
[ 1571.371854][   T24] audit: type=1326 audit(1725553778.221:3296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17195 comm="syz.4.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f03a1627890 code=0x7ffc0000
[ 1571.395536][ T7186] Bluetooth: hci1: command 0x1003 tx timeout
[ 1571.401576][T17175] Bluetooth: hci1: sending frame failed (-49)
[ 1571.401615][   T24] audit: type=1326 audit(1725553778.231:3297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17195 comm="syz.4.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1571.401673][   T24] audit: type=1326 audit(1725553778.231:3298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17195 comm="syz.4.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1571.511903][   T24] audit: type=1326 audit(1725553778.231:3299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17195 comm="syz.4.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1571.550703][   T24] audit: type=1326 audit(1725553778.231:3300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17195 comm="syz.4.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1571.574816][   T24] audit: type=1326 audit(1725553778.231:3301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17195 comm="syz.4.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1571.599822][   T24] audit: type=1326 audit(1725553778.231:3302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17195 comm="syz.4.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=94 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1571.623974][   T24] audit: type=1326 audit(1725553778.241:3303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17195 comm="syz.4.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1571.651572][   T24] audit: type=1326 audit(1725553778.241:3304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17195 comm="syz.4.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1571.786982][ T1926] Bluetooth: hci0: command 0x1009 tx timeout
[ 1571.947022][T17203] usb usb7: usbfs: process 17203 (syz.3.3450) did not claim interface 0 before use
[ 1572.052795][ T6839] rtl8150 3-1:0.0: eth1: rtl8150 is detected
[ 1572.212491][T17205] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1572.232004][T17205] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038 (0x7fffffff)
[ 1572.368285][ T1841] usb 3-1: USB disconnect, device number 102
[ 1573.467152][ T1841] Bluetooth: hci1: command 0x1001 tx timeout
[ 1573.473240][T17175] Bluetooth: hci1: sending frame failed (-49)
[ 1575.529294][T17240] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1575.547459][ T1841] Bluetooth: hci1: command 0x1009 tx timeout
[ 1575.582007][T17240] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1575.600134][T17240] device bridge_slave_0 entered promiscuous mode
[ 1575.610917][T17253] device bridge0 entered promiscuous mode
[ 1575.639032][T17240] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1575.646004][T17240] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1575.654365][T17240] device bridge_slave_1 entered promiscuous mode
[ 1575.661193][T17253] device bridge0 left promiscuous mode
[ 1575.863950][T17271] overlayfs: statfs failed on './file0'
[ 1575.904546][T17269] EXT4-fs (loop3): Unrecognized mount option "fowner>00000000000000000000" or missing value
[ 1575.931144][ T1841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1575.940570][ T1841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1575.965239][  T328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1575.975628][  T328] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1576.148190][T17273] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1576.158276][T17273] ext4 filesystem being mounted at /66/file0 supports timestamps until 2038 (0x7fffffff)
[ 1576.276232][  T328] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1576.283205][  T328] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1576.327665][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1576.416265][T17283] overlayfs: failed to resolve './file0': -2
[ 1576.479963][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1576.488633][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1576.496844][   T20] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1576.503859][   T20] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1576.808426][T17288] usb usb7: usbfs: process 17288 (syz.4.3462) did not claim interface 0 before use
[ 1577.699905][   T24] audit: type=1326 audit(1725553784.571:3305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17294 comm="syz.4.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1577.727011][   T24] audit: type=1326 audit(1725553784.591:3306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17294 comm="syz.4.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1577.762562][T17290] device pim6reg1 entered promiscuous mode
[ 1577.977366][  T328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1577.985561][   T24] audit: type=1326 audit(1725553784.841:3307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17294 comm="syz.4.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1578.018337][  T328] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1578.151604][  T328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1578.186586][   T24] audit: type=1326 audit(1725553784.841:3308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17294 comm="syz.4.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1578.224828][  T328] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1578.804666][   T24] audit: type=1326 audit(1725553784.841:3309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17294 comm="syz.4.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1578.828634][   T24] audit: type=1326 audit(1725553784.881:3310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17294 comm="syz.4.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1578.852225][   T24] audit: type=1326 audit(1725553784.881:3311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17294 comm="syz.4.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1578.876877][   T24] audit: type=1326 audit(1725553784.881:3312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17294 comm="syz.4.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1578.988976][ T1841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1579.002579][ T1841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1579.041011][T17240] device veth0_vlan entered promiscuous mode
[ 1579.063562][ T1926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1579.072236][ T1926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1579.091520][ T1926] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1579.107245][T17302] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1579.118753][ T1926] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1579.262447][ T1926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1579.303907][ T1926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1579.320827][T17240] device veth1_macvtap entered promiscuous mode
[ 1579.336513][ T1926] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1579.569886][T17308] SELinux:  Context #! ./cgroup/file0 is not valid (left unmapped).
[ 1579.589947][   T24] audit: type=1400 audit(1725553786.441:3313): avc:  denied  { mac_admin } for  pid=17300 comm="syz.2.3465" capability=33  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1580.488791][ T1926] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1580.522293][ T1926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1580.769278][ T9449] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1580.791791][ T9449] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1580.841049][T17317] overlayfs: statfs failed on './file0'
[ 1581.028045][ T9448] device bridge_slave_1 left promiscuous mode
[ 1581.038014][ T9448] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1581.106685][T17324] EXT4-fs (loop3): Unrecognized mount option "fowner>00000000000000000000" or missing value
[ 1581.117306][ T9448] device bridge_slave_0 left promiscuous mode
[ 1581.123788][ T9448] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1581.150008][ T9448] device veth1_macvtap left promiscuous mode
[ 1581.157671][ T9448] device veth0_vlan left promiscuous mode
[ 1581.250429][T17301] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1581.266250][T17301] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1581.396439][T17301] F2FS-fs (loop4): invalid crc value
[ 1581.440223][T17301] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1581.535499][T17332] overlayfs: failed to resolve './file0': -2
[ 1581.879429][T17315] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1581.886575][T17315] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1581.894516][T17315] device bridge_slave_0 entered promiscuous mode
[ 1581.902161][T17315] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1581.909073][T17315] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1581.917033][T17315] device bridge_slave_1 entered promiscuous mode
[ 1582.119887][T17315] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1582.127018][T17315] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1582.134277][T17315] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1582.141237][T17315] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1582.223245][T17337] usb usb7: usbfs: process 17337 (syz.2.3473) did not claim interface 0 before use
[ 1582.437125][T17323] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1582.444810][T17323] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1582.462260][T17323] F2FS-fs (loop1): invalid crc value
[ 1582.530553][T17323] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[ 1582.615025][ T1841] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1582.622861][ T1841] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1582.630976][ T1841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1582.658753][ T1841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1582.670008][T17342] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1582.679559][T17342] ext4 filesystem being mounted at /163/file0 supports timestamps until 2038 (0x7fffffff)
[ 1582.734664][ T1841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1582.761279][ T1841] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1582.768351][ T1841] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1582.806576][ T1841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1582.825893][T17323] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1582.836991][T17323] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1582.844839][ T1841] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1582.851905][ T1841] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1583.267032][   T24] audit: type=1326 audit(1725553790.131:3314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17352 comm="syz.4.3475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1583.367456][   T24] audit: type=1326 audit(1725553790.131:3315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17352 comm="syz.4.3475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1583.396663][T17315] device veth0_vlan entered promiscuous mode
[ 1583.574024][   T24] audit: type=1326 audit(1725553790.131:3316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17352 comm="syz.4.3475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1583.599309][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1583.612204][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1583.621358][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1583.630404][   T24] audit: type=1326 audit(1725553790.161:3317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17352 comm="syz.4.3475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1583.654526][   T24] audit: type=1326 audit(1725553790.161:3318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17352 comm="syz.4.3475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1583.655015][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1583.679093][   T24] audit: type=1326 audit(1725553790.171:3319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17352 comm="syz.4.3475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1583.688119][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1583.710579][   T24] audit: type=1326 audit(1725553790.171:3320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17352 comm="syz.4.3475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1583.741089][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1583.972142][   T24] audit: type=1326 audit(1725553790.171:3321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17352 comm="syz.4.3475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1585.057534][   T24] audit: type=1326 audit(1725553790.171:3322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17352 comm="syz.4.3475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1585.251369][ T6839] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1585.267593][ T6839] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1585.290219][T17315] device veth1_macvtap entered promiscuous mode
[ 1585.360929][   T24] audit: type=1326 audit(1725553790.171:3323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17352 comm="syz.4.3475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03a1628ef9 code=0x7ffc0000
[ 1585.414325][T17368] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3478'.
[ 1585.423413][ T6839] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1585.432828][ T6839] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1585.458062][ T6839] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1585.476488][ T6839] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1585.517090][T17368] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3478'.
[ 1585.681863][T17377] overlayfs: statfs failed on './file0'
[ 1585.857133][T15921] usb 4-1: new full-speed USB device number 100 using dummy_hcd
[ 1586.003369][T17380] EXT4-fs (loop2): Unrecognized mount option "fowner>00000000000000000000" or missing value
[ 1586.217723][T15921] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1586.321776][T15921] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1586.574035][T15921] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1586.596976][T15921] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1586.622239][T15921] usb 4-1: New USB device found, idVendor=17ef, idProduct=6085, bcdDevice= 0.00
[ 1586.631775][T15921] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1586.657288][T15921] usb 4-1: config 0 descriptor??
[ 1586.895636][T17380] overlayfs: failed to resolve './file0': -2
[ 1587.015401][T17389] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1587.028545][T17389] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038 (0x7fffffff)
[ 1587.049240][T17367] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1587.075698][T17367] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1587.099023][T17367] F2FS-fs (loop4): invalid crc value
[ 1587.282085][ T9448] device bridge_slave_1 left promiscuous mode
[ 1587.298253][ T9448] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1587.307823][ T9448] device bridge_slave_0 left promiscuous mode
[ 1587.313863][ T9448] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1587.322461][T17367] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[ 1587.325422][T17396] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1587.333040][T15921] usbhid 4-1:0.0: can't add hid device: -71
[ 1587.360361][T15921] usbhid: probe of 4-1:0.0 failed with error -71
[ 1587.400008][T15921] usb 4-1: USB disconnect, device number 100
[ 1587.430980][T17396] ext4 filesystem being mounted at /73/file0 supports timestamps until 2038 (0x7fffffff)
[ 1587.691802][ T9448] device veth1_macvtap left promiscuous mode
[ 1587.721795][ T9448] device veth0_vlan left promiscuous mode
[ 1587.783789][T17387] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1587.833249][T17387] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1587.877399][T17387] F2FS-fs (loop1): invalid crc value
[ 1587.908080][T17387] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1588.512958][T17387] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1589.139729][T17417] usb usb7: usbfs: process 17417 (syz.0.3487) did not claim interface 0 before use
[ 1589.497787][T17387] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1589.605846][T17387] attempt to access beyond end of device
[ 1589.605846][T17387] loop1: rw=10241, want=45104, limit=40427
[ 1589.917086][T15921] usb 4-1: new high-speed USB device number 101 using dummy_hcd
[ 1589.986980][ T1970] usb 3-1: new high-speed USB device number 103 using dummy_hcd
[ 1590.096973][T17428] netlink: 52 bytes leftover after parsing attributes in process `syz.4.3491'.
[ 1590.157329][T17429] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3491'.
[ 1590.226963][ T1970] usb 3-1: Using ep0 maxpacket: 16
[ 1590.402376][T15921] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1590.413616][T15921] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1590.423588][T15921] usb 4-1: New USB device found, idVendor=1020, idProduct=0006, bcdDevice= 0.00
[ 1590.432887][T15921] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1590.442467][T15921] usb 4-1: config 0 descriptor??
[ 1590.867835][ T1970] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[ 1590.930449][ T1970] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1591.022610][ T1970] usb 3-1: Product: syz
[ 1591.075897][ T1970] usb 3-1: Manufacturer: syz
[ 1591.259621][ T1970] usb 3-1: SerialNumber: syz
[ 1591.382621][ T1970] usb 3-1: config 0 descriptor??
[ 1591.406016][   T24] kauditd_printk_skb: 27 callbacks suppressed
[ 1591.406052][   T24] audit: type=1400 audit(1725553798.271:3351): avc:  denied  { read } for  pid=17435 comm="syz.4.3493" name="rtc0" dev="devtmpfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1591.429041][ T1970] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[ 1591.457119][ T1970] usb 3-1: Detected FT232H
[ 1591.469958][  T318] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1591.498594][  T318] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1591.553580][   T24] audit: type=1400 audit(1725553798.301:3352): avc:  denied  { open } for  pid=17435 comm="syz.4.3493" path="/dev/rtc0" dev="devtmpfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1591.888790][T17440] EXT4-fs (loop4): Unrecognized mount option "fowner>00000000000000000000" or missing value
[ 1591.979997][T17424] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1592.120082][T17424] ext4 filesystem being mounted at /74/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[ 1592.688464][T17440] overlayfs: failed to resolve './file0': -2
[ 1592.842167][T17448] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1592.851851][T17448] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038 (0x7fffffff)
[ 1593.016688][T15921] usbhid 4-1:0.0: can't add hid device: -71
[ 1593.023075][T15921] usbhid: probe of 4-1:0.0 failed with error -71
[ 1593.037644][T15921] usb 4-1: USB disconnect, device number 101
[ 1593.255126][T17462] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.3494: inode #1: comm syz.1.3494: iget: illegal inode #
[ 1593.359334][T17462] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.3494: error while reading EA inode 1 err=-117
[ 1593.396142][T17462] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.3494: inode #1: comm syz.1.3494: iget: illegal inode #
[ 1593.409712][T15921] usb 4-1: new full-speed USB device number 102 using dummy_hcd
[ 1593.451760][T17462] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.3494: error while reading EA inode 1 err=-117
[ 1593.478122][T17462] EXT4-fs (loop1): 1 orphan inode deleted
[ 1593.483823][T17462] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue
[ 1593.565704][T17462] EXT4-fs error (device loop1): ext4_free_branches:1026: inode #13: comm syz.1.3494: invalid indirect mapped block 234881024 (level 0)
[ 1593.633924][ T1970] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[ 1593.657515][ T1970] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[ 1593.677142][ T1970] ftdi_sio 3-1:0.0: GPIO initialisation failed: -71
[ 1593.685038][ T1970] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1593.695795][ T1970] usb 3-1: USB disconnect, device number 103
[ 1593.703928][ T1970] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1593.714286][ T1970] ftdi_sio 3-1:0.0: device disconnected
[ 1593.817122][T15921] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1593.836983][T15921] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1593.943465][T17474] FAULT_INJECTION: forcing a failure.
[ 1593.943465][T17474] name failslab, interval 1, probability 0, space 0, times 0
[ 1593.981644][T17474] CPU: 0 PID: 17474 Comm: syz.1.3504 Not tainted 5.10.223-syzkaller-00011-g1c5354a314ea #0
[ 1593.991505][T17474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1594.001546][T17474] Call Trace:
[ 1594.004694][T17474]  dump_stack_lvl+0x1e2/0x24b
[ 1594.009222][T17474]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 1594.014710][T17474]  ? avc_has_perm+0x14d/0x400
[ 1594.019382][T17474]  dump_stack+0x15/0x17
[ 1594.023365][T17474]  should_fail+0x3c6/0x510
[ 1594.024904][T15921] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1594.027909][T17474]  ? bpf_test_init+0x101/0x1b0
[ 1594.027944][T17474]  __should_failslab+0xa4/0xe0
[ 1594.027986][T17474]  should_failslab+0x9/0x20
[ 1594.028042][T17474]  __kmalloc+0x60/0x330
[ 1594.040276][T15921] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1594.042454][T17474]  bpf_test_init+0x101/0x1b0
[ 1594.047492][T15921] usb 4-1: New USB device found, idVendor=17ef, idProduct=6085, bcdDevice= 0.00
[ 1594.051486][T17474]  bpf_prog_test_run_skb+0x262/0x1410
[ 1594.055558][T15921] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1594.068787][T17474]  ? __bpf_prog_test_run_raw_tp+0x240/0x240
[ 1594.068829][T17474]  ? __kasan_check_write+0x14/0x20
[ 1594.068888][T17474]  ? fput_many+0x160/0x1b0
[ 1594.078063][T15921] usb 4-1: config 0 descriptor??
[ 1594.082498][T17474]  ? __bpf_prog_test_run_raw_tp+0x240/0x240
[ 1594.119572][T17470] netlink: 52 bytes leftover after parsing attributes in process `syz.4.3502'.
[ 1594.121487][T17474]  __se_sys_bpf+0x5235/0x11cb0
[ 1594.135104][T17474]  ? stack_trace_save+0x113/0x1c0
[ 1594.140066][T17474]  ? terminate_walk+0x407/0x4f0
[ 1594.144925][T17474]  ? stack_trace_snprint+0xf0/0xf0
[ 1594.150154][T17474]  ? kmem_cache_free+0xa9/0x1e0
[ 1594.154916][T17474]  ? kmem_cache_free+0xa9/0x1e0
[ 1594.159646][T17474]  ? kasan_set_track+0x5d/0x70
[ 1594.164209][T17474]  ? __x64_sys_bpf+0x90/0x90
[ 1594.168633][T17474]  ? __kasan_slab_free+0x11/0x20
[ 1594.173748][T17474]  ? slab_free_freelist_hook+0xc0/0x190
[ 1594.179698][T17474]  ? kmem_cache_free+0xa9/0x1e0
[ 1594.184499][T17474]  ? putname+0xe7/0x140
[ 1594.185151][T17475] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3502'.
[ 1594.188460][T17474]  ? do_sys_openat2+0x1fc/0x710
[ 1594.188491][T17474]  ? __x64_sys_openat+0x243/0x290
[ 1594.188521][T17474]  ? do_syscall_64+0x34/0x70
[ 1594.188574][T17474]  ? _kstrtoull+0x3a0/0x4a0
[ 1594.215909][T17474]  ? kstrtouint_from_user+0x20a/0x2a0
[ 1594.221297][T17474]  ? kstrtol_from_user+0x310/0x310
[ 1594.226434][T17474]  ? memset+0x35/0x40
[ 1594.230333][T17474]  ? __fsnotify_parent+0x4b9/0x6c0
[ 1594.235287][T17474]  ? __fsnotify_update_child_dentry_flags+0x2b0/0x2b0
[ 1594.241874][T17474]  ? proc_fail_nth_write+0x20b/0x290
[ 1594.247340][T17474]  ? proc_fail_nth_read+0x210/0x210
[ 1594.252372][T17474]  ? security_file_permission+0x86/0xb0
[ 1594.257997][T17474]  ? rw_verify_area+0x1c3/0x360
[ 1594.262680][T17474]  ? preempt_count_add+0x92/0x1a0
[ 1594.267639][T17474]  ? vfs_write+0x852/0xe70
[ 1594.272065][T17474]  ? kmem_cache_free+0xa9/0x1e0
[ 1594.277215][T17474]  ? kernel_write+0x3d0/0x3d0
[ 1594.281783][T17474]  ? __kasan_check_write+0x14/0x20
[ 1594.286727][T17474]  ? mutex_lock+0xa5/0x110
[ 1594.290975][T17474]  ? mutex_trylock+0xa0/0xa0
[ 1594.295495][T17474]  ? __kasan_check_write+0x14/0x20
[ 1594.300699][T17474]  ? fput_many+0x160/0x1b0
[ 1594.304970][T17474]  ? debug_smp_processor_id+0x17/0x20
[ 1594.310195][T17474]  __x64_sys_bpf+0x7b/0x90
[ 1594.314599][T17474]  do_syscall_64+0x34/0x70
[ 1594.318860][T17474]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1594.324574][T17474] RIP: 0033:0x7f42a314def9
[ 1594.328938][T17474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1594.348669][T17474] RSP: 002b:00007f42a1dc8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1594.357228][T17474] RAX: ffffffffffffffda RBX: 00007f42a3306f80 RCX: 00007f42a314def9
[ 1594.364963][T17474] RDX: 0000000000000050 RSI: 0000000020000080 RDI: 000000000000000a
[ 1594.372784][T17474] RBP: 00007f42a1dc8090 R08: 0000000000000000 R09: 0000000000000000
[ 1594.380690][T17474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1594.388575][T17474] R13: 0000000000000000 R14: 00007f42a3306f80 R15: 00007ffc8a5bbb68
[ 1594.526794][T17485] usb usb7: usbfs: process 17485 (syz.2.3500) did not claim interface 0 before use
[ 1594.765077][ T1970] usb 5-1: new high-speed USB device number 100 using dummy_hcd
[ 1594.791584][T17482] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1594.818253][T17482] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038 (0x7fffffff)
[ 1594.828476][T15921] usbhid 4-1:0.0: can't add hid device: -71
[ 1594.834376][T15921] usbhid: probe of 4-1:0.0 failed with error -71
[ 1594.885500][T17488] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1594.894721][T15921] usb 4-1: USB disconnect, device number 102
[ 1595.071964][T17488] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038 (0x7fffffff)
[ 1595.656989][ T1970] usb 5-1: Using ep0 maxpacket: 16
[ 1596.688255][ T1970] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1596.716968][ T1970] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1596.757044][ T1970] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1596.776335][ T1970] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1596.797164][T17503] EXT4-fs (loop3): Unrecognized mount option "fowner>00000000000000000000" or missing value
[ 1596.809253][ T1970] usb 5-1: config 0 descriptor??
[ 1597.052194][   T24] audit: type=1400 audit(1725553803.921:3353): avc:  denied  { audit_write } for  pid=17505 comm="syz.1.3508" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 1597.083081][   T24] audit: type=1107 audit(1725553803.931:3354): pid=17505 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[ 1597.097668][   T24] audit: type=1326 audit(1725553803.951:3355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17505 comm="syz.1.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42a314def9 code=0x7ffc0000
[ 1597.121762][   T24] audit: type=1326 audit(1725553803.951:3356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17505 comm="syz.1.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7f42a314def9 code=0x7ffc0000
[ 1597.145427][   T24] audit: type=1326 audit(1725553803.951:3357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17505 comm="syz.1.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42a314def9 code=0x7ffc0000
[ 1597.172201][   T24] audit: type=1326 audit(1725553803.951:3358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17505 comm="syz.1.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f42a314def9 code=0x7ffc0000
[ 1597.299859][   T24] audit: type=1326 audit(1725553803.951:3359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17505 comm="syz.1.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42a314def9 code=0x7ffc0000
[ 1597.324675][ T1970] usbhid 5-1:0.0: can't add hid device: -71
[ 1597.331776][   T24] audit: type=1326 audit(1725553803.951:3360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17505 comm="syz.1.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f42a314def9 code=0x7ffc0000
[ 1597.364298][ T1970] usbhid: probe of 5-1:0.0 failed with error -71
[ 1597.424549][ T1970] usb 5-1: USB disconnect, device number 100
[ 1597.842525][   T24] audit: type=1326 audit(1725553803.951:3361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17505 comm="syz.1.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42a314def9 code=0x7ffc0000
[ 1597.975125][   T24] audit: type=1326 audit(1725553803.951:3362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17505 comm="syz.1.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f42a314def9 code=0x7ffc0000
[ 1598.223152][T17503] overlayfs: failed to resolve './file0': -2
[ 1598.490395][T17532] erofs: (device loop0): mounted with root inode @ nid 36.
[ 1598.521974][T17532] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=46
[ 1598.543844][T17532] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=46
[ 1598.589888][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1598.642604][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1598.651616][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1598.661292][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1598.669884][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1598.678522][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1598.686779][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1598.870760][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1598.879452][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1598.890520][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1598.906348][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1598.923357][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1598.932092][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1598.948518][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1598.977403][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1598.985895][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1599.019546][T17537] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1599.037125][T17537] ext4 filesystem being mounted at /79/file0 supports timestamps until 2038 (0x7fffffff)
[ 1599.047643][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1599.068005][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1599.076229][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1599.117640][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1599.126004][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1599.178078][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1599.227817][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1599.243856][T17546] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1599.260507][T17546] ext4 filesystem being mounted at /170/file0 supports timestamps until 2038 (0x7fffffff)
[ 1599.271507][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1599.287249][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1599.683691][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.012821][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.068451][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.626628][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.636637][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.655693][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.674364][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.716200][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.725148][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.768359][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.786774][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.805612][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.817248][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.835687][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.851032][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.859492][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.867927][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.876176][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.885170][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.893960][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.903352][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.911815][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.925318][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.933810][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.958253][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.966572][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.981394][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1601.998193][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.025086][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.039265][T15422] usb 5-1: new high-speed USB device number 101 using dummy_hcd
[ 1602.046383][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.055987][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.069239][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.079875][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.089132][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.098300][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.107568][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.116295][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.125774][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.134527][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.143870][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.152600][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.161205][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.169589][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.178097][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.186482][T17574] erofs: (device loop3): mounted with root inode @ nid 36.
[ 1602.194244][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.207585][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.225733][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.234585][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.243666][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.252853][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.261362][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.270058][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.287285][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.296186][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.310267][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.319317][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.327672][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.336288][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.345174][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.353879][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.363608][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.385896][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.403322][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.420875][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.437355][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.457149][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.475888][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.503473][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.520419][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.529217][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.550520][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.558514][T15422] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1602.558969][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.569329][T15422] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1602.579092][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.587631][T15422] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1602.596298][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.619117][T17581] EXT4-fs (loop1): Unrecognized mount option "fowner>00000000000000000000" or missing value
[ 1602.629619][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.657794][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.665983][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.690445][T15422] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1602.727830][T15422] usb 5-1: config 0 descriptor??
[ 1602.734998][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.752926][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.762047][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.774170][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.789736][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.802195][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.810991][T17581] overlayfs: failed to resolve './file0': -2
[ 1602.818122][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.826795][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.835537][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.853217][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.872975][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.947146][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.965810][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1602.984737][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.013504][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.055070][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.071895][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.080566][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.088826][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.097419][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.105794][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.114044][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.122323][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.130547][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.138804][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.147072][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.155783][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.183062][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.212217][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.238916][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.269697][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.304105][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.332326][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.360628][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.385969][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.440024][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.472023][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.480772][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.489010][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.497385][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.505587][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.514015][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.522379][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.530844][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.539556][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.547906][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.556457][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.565126][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.587380][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.595655][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.617335][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.625713][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.647322][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.655642][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.687374][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.695786][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.787554][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.806084][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.855107][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.874212][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.894426][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.922389][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.967323][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.986164][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1603.996280][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.029270][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.047298][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.077934][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.107547][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.128449][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.157444][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.165789][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.205046][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.227550][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.267558][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.275509][T15422] usbhid 5-1:0.0: can't add hid device: -71
[ 1604.281776][T15422] usbhid: probe of 5-1:0.0 failed with error -71
[ 1604.289105][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.300010][T15422] usb 5-1: USB disconnect, device number 101
[ 1604.307293][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.317743][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.326050][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.334787][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.352865][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.361415][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.386843][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.395756][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.404450][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.413917][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.415883][T17602] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1604.422229][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.439453][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.447046][T17602] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038 (0x7fffffff)
[ 1604.447809][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.465930][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.474250][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.482762][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.491259][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.499969][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.508600][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.517165][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.526193][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.534567][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.543104][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.551426][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.559763][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.587325][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.605877][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.634785][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.658811][  T455] usb 4-1: new high-speed USB device number 103 using dummy_hcd
[ 1604.659468][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.707319][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.726329][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.904791][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1604.967681][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1605.051690][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1605.060896][  T455] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1605.220959][  T455] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1605.237363][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1605.262184][  T455] usb 4-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[ 1605.272000][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1605.291841][T17599] F2FS-fs (loop2): Invalid SB checksum offset: 0
[ 1605.311783][  T455] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1605.321018][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1605.329445][T17599] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[ 1605.363233][  T455] usb 4-1: config 0 descriptor??
[ 1605.369850][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1605.396756][T17599] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1605.408426][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1605.416629][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1605.450307][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1605.459923][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1605.468639][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1605.478277][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1605.486533][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1605.495708][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1605.504809][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1605.513500][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1605.521999][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1605.530782][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1605.542287][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1605.551587][T17599] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[ 1605.559542][T17599] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1605.609902][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1605.618009][T17616] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1605.627876][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1605.636000][T17616] ext4 filesystem being mounted at /63/file0 supports timestamps until 2038 (0x7fffffff)
[ 1605.647342][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1605.655977][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1605.674661][T17315] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[ 1606.050390][T17625] fuse: Bad value for 'fd'
[ 1607.076347][T17632] tipc: Started in network mode
[ 1607.088680][T17632] tipc: Own node identity 1, cluster identity 4711
[ 1607.103650][T17632] tipc: 32-bit node address hash set to 1
[ 1607.116354][T17632] tipc: Cannot configure node identity twice
[ 1607.430268][T17636] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1607.437876][T17636] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1607.446389][T17636] device bridge_slave_0 entered promiscuous mode
[ 1607.455289][T17636] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1607.463077][T17636] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1607.472010][T15993] attempt to access beyond end of device
[ 1607.472010][T15993] loop2: rw=2049, want=45112, limit=40427
[ 1607.495592][T17636] device bridge_slave_1 entered promiscuous mode
[ 1607.566854][T17645] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.3544: inode #1: comm syz.3.3544: iget: illegal inode #
[ 1607.567281][  T455] usbhid 4-1:0.0: can't add hid device: -71
[ 1607.580550][T17645] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.3544: error while reading EA inode 1 err=-117
[ 1607.621913][  T455] usbhid: probe of 4-1:0.0 failed with error -71
[ 1607.660602][  T455] usb 4-1: USB disconnect, device number 103
[ 1607.790385][T17645] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.3544: inode #1: comm syz.3.3544: iget: illegal inode #
[ 1607.803855][T17645] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.3544: error while reading EA inode 1 err=-117
[ 1607.832343][T17645] EXT4-fs (loop3): 1 orphan inode deleted
[ 1607.887008][T17645] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue
[ 1608.645997][T17645] EXT4-fs error (device loop3): ext4_free_branches:1026: inode #13: comm syz.3.3544: invalid indirect mapped block 234881024 (level 0)
[ 1609.088488][    T7] device bridge_slave_1 left promiscuous mode
[ 1609.094548][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1609.107899][    T7] device bridge_slave_0 left promiscuous mode
[ 1609.127030][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1609.156692][    T7] device veth1_macvtap left promiscuous mode
[ 1609.173068][    T7] device veth0_vlan left promiscuous mode
[ 1609.362884][T17663] EXT4-fs (loop3): mounted filesystem without journal. Opts: commit=0x0000000000000005,,errors=continue
[ 1609.656969][  T317] usb 2-1: new high-speed USB device number 98 using dummy_hcd
[ 1609.683739][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1609.697723][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1609.727366][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1609.735926][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1609.765748][  T504] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1609.772682][  T504] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1609.790495][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1609.807493][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1609.826035][  T504] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1609.832975][  T504] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1609.867277][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1609.875307][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1609.897569][  T317] usb 2-1: Using ep0 maxpacket: 32
[ 1609.904107][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1609.917665][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1609.937893][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1609.968336][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1609.980550][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1610.000406][ T6839] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1610.009612][ T6839] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1610.017950][  T317] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1610.032434][T17636] device veth0_vlan entered promiscuous mode
[ 1610.050652][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1610.063501][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1610.089633][ T1926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1610.099252][ T1926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1610.112094][T17636] device veth1_macvtap entered promiscuous mode
[ 1610.149113][ T1926] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1610.157637][ T1926] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1610.166091][ T1926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1610.191055][ T6839] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1610.201983][ T6839] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1610.227229][  T317] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1610.240278][  T317] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1610.249236][  T317] usb 2-1: Product: syz
[ 1610.253265][  T317] usb 2-1: Manufacturer: syz
[ 1610.258274][  T317] usb 2-1: SerialNumber: syz
[ 1611.688982][T17688] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1611.697993][T17688] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038 (0x7fffffff)
[ 1613.627145][  T317] cdc_ncm 2-1:1.0: SET_CRC_MODE failed
[ 1613.687018][  T317] cdc_ncm 2-1:1.0: bind() failure
[ 1613.704377][  T317] cdc_ncm 2-1:1.1: bind() failure
[ 1613.767859][  T317] usb 2-1: USB disconnect, device number 98
[ 1614.066938][  T504] usb 4-1: new high-speed USB device number 104 using dummy_hcd
[ 1614.348095][T17717] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.3555: inode #1: comm syz.4.3555: iget: illegal inode #
[ 1614.501684][T17717] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.3555: error while reading EA inode 1 err=-117
[ 1614.651854][T17717] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.3555: inode #1: comm syz.4.3555: iget: illegal inode #
[ 1614.839541][T17717] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.3555: error while reading EA inode 1 err=-117
[ 1614.895852][T17717] EXT4-fs (loop4): 1 orphan inode deleted
[ 1614.905218][T17717] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue
[ 1614.992257][T17717] EXT4-fs error (device loop4): ext4_free_branches:1026: inode #13: comm syz.4.3555: invalid indirect mapped block 234881024 (level 0)
[ 1615.091623][T17731] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1615.100533][T17731] ext4 filesystem being mounted at /3/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[ 1615.131929][ T6839] usb 3-1: new full-speed USB device number 104 using dummy_hcd
[ 1615.317067][  T504] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1615.336976][  T504] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1615.347479][  T504] usb 4-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[ 1615.356362][  T504] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1615.382014][  T504] usb 4-1: config 0 descriptor??
[ 1615.441626][T17740] SELinux:  duplicate or incompatible mount options
[ 1615.497105][ T6839] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1615.513571][ T6839] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1615.536718][ T6839] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1615.558871][ T6839] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1615.586527][ T6839] usb 3-1: New USB device found, idVendor=17ef, idProduct=6085, bcdDevice= 0.00
[ 1615.605878][ T6839] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1615.632098][ T6839] usb 3-1: config 0 descriptor??
[ 1616.177023][ T6839] usbhid 3-1:0.0: can't add hid device: -71
[ 1616.183145][ T6839] usbhid: probe of 3-1:0.0 failed with error -71
[ 1616.210979][ T6839] usb 3-1: USB disconnect, device number 104
[ 1617.366993][  T504] usbhid 4-1:0.0: can't add hid device: -71
[ 1617.374417][  T504] usbhid: probe of 4-1:0.0 failed with error -71
[ 1617.395491][  T504] usb 4-1: USB disconnect, device number 104
[ 1617.716645][T17744] xt_bpf: check failed: parse error
[ 1617.770049][T17744] FAT-fs (loop1): Unrecognized mount option "allow_utime=00000000000G0000177777" or missing value
[ 1617.855797][T17761] usb usb7: usbfs: process 17761 (syz.4.3565) did not claim interface 0 before use
[ 1618.698274][T17636] EXT4-fs error (device loop0): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 1024
[ 1618.732476][T17636] EXT4-fs error (device loop0): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 8192
[ 1618.748330][T17636] EXT4-fs error (device loop0): ext4_empty_dir:3058: inode #11: block 1: comm syz-executor: Directory block failed checksum
[ 1618.757079][  T317] usb 3-1: new high-speed USB device number 105 using dummy_hcd
[ 1618.766510][T17636] EXT4-fs error (device loop0): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 1024
[ 1618.817731][T17636] EXT4-fs error (device loop0): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 8192
[ 1618.842939][T17636] EXT4-fs error (device loop0): ext4_empty_dir:3058: inode #11: block 1: comm syz-executor: Directory block failed checksum
[ 1618.857439][T17636] EXT4-fs error (device loop0): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 1024
[ 1618.871826][T17636] EXT4-fs error (device loop0): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 8192
[ 1618.893949][T17636] EXT4-fs error (device loop0): ext4_empty_dir:3058: inode #11: block 1: comm syz-executor: Directory block failed checksum
[ 1618.929160][T17636] EXT4-fs error (device loop0): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 1024
[ 1619.157025][  T317] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1619.169071][T17764] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.3569: casefold flag without casefold feature
[ 1619.175006][  T317] usb 3-1: config 0 interface 0 altsetting 129 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1619.186111][T17764] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #12: comm syz.4.3569: missing EA_INODE flag
[ 1619.213957][T17764] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.3569: error while reading EA inode 12 err=-117
[ 1619.227512][T17764] EXT4-fs (loop4): 1 orphan inode deleted
[ 1619.233120][T17764] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1619.466491][  T317] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1619.473080][  T317] usb 3-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[ 1619.482000][  T317] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1619.491354][  T317] usb 3-1: config 0 descriptor??
[ 1619.515601][T17776] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.3571: inode #1: comm syz.3.3571: iget: illegal inode #
[ 1619.530274][  T317] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[ 1619.555012][T17776] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.3571: error while reading EA inode 1 err=-117
[ 1619.568585][T17776] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.3571: inode #1: comm syz.3.3571: iget: illegal inode #
[ 1619.582255][T17776] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.3571: error while reading EA inode 1 err=-117
[ 1619.595302][T17776] EXT4-fs (loop3): 1 orphan inode deleted
[ 1619.635780][T17776] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue
[ 1619.741335][T17776] EXT4-fs error (device loop3): ext4_free_branches:1026: inode #13: comm syz.3.3571: invalid indirect mapped block 234881024 (level 0)
[ 1620.040064][T17787] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1620.047338][T17787] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1620.055530][T17787] device bridge_slave_0 entered promiscuous mode
[ 1620.063735][T17787] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1620.071635][T17787] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1620.079775][T17787] device bridge_slave_1 entered promiscuous mode
[ 1620.247747][T17798] SELinux:  duplicate or incompatible mount options
[ 1620.319476][    T7] device bridge_slave_1 left promiscuous mode
[ 1620.325568][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1620.334692][    T7] device bridge_slave_0 left promiscuous mode
[ 1620.342421][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1620.352686][    T7] device veth1_macvtap left promiscuous mode
[ 1620.359326][    T7] device veth0_vlan left promiscuous mode
[ 1620.676153][ T6839] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1620.685873][ T6839] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1620.697891][T17800] tipc: Cannot configure node identity twice
[ 1620.703721][T17800] tipc: Cannot configure node identity twice
[ 1620.718084][  T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1620.727217][  T317] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1620.736286][  T317] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1620.743198][  T317] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1620.794915][  T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1620.805065][  T317] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1620.813786][  T317] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1620.820889][  T317] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1620.854432][  T317] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1620.894762][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1620.908366][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1620.960525][  T455] usb 3-1: USB disconnect, device number 105
[ 1621.029762][T12562] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1621.332607][  T455] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1621.382589][  T455] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1621.512905][T17787] device veth0_vlan entered promiscuous mode
[ 1621.602940][T12562] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1621.813868][T12562] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1621.949922][ T7789] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1621.968310][ T7789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1621.978045][T17787] device veth1_macvtap entered promiscuous mode
[ 1621.993620][ T7789] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1622.017562][ T7789] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1622.044236][ T7789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1622.094141][ T1647] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1622.103451][ T1647] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1622.577025][ T7789] usb 1-1: new high-speed USB device number 93 using dummy_hcd
[ 1622.683612][T17826] usb usb7: usbfs: process 17826 (syz.3.3579) did not claim interface 0 before use
[ 1623.021277][T17809] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[ 1623.057012][T17809] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1623.077066][ T7789] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1623.096038][T17809] F2FS-fs (loop2): invalid crc value
[ 1623.105233][ T7789] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1623.118721][ T7789] usb 1-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[ 1623.128281][ T7789] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1623.138858][ T7789] usb 1-1: config 0 descriptor??
[ 1623.149557][T17809] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1623.240697][T17832] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.3585: inode #1: comm syz.1.3585: iget: illegal inode #
[ 1623.255156][T17832] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.3585: error while reading EA inode 1 err=-117
[ 1623.280520][T17832] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.3585: inode #1: comm syz.1.3585: iget: illegal inode #
[ 1623.300065][T17832] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.3585: error while reading EA inode 1 err=-117
[ 1623.316777][T17832] EXT4-fs (loop1): 1 orphan inode deleted
[ 1623.323524][T17832] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue
[ 1623.346813][T17809] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1623.353825][T17809] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1623.437793][T17832] EXT4-fs error (device loop1): ext4_free_branches:1026: inode #13: comm syz.1.3585: invalid indirect mapped block 234881024 (level 0)
[ 1623.775219][T17849] tipc: Cannot configure node identity twice
[ 1623.789916][T17849] tipc: Cannot configure node identity twice
[ 1623.816673][T17828] F2FS-fs (loop4): Invalid SB checksum offset: 0
[ 1623.838914][T17828] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[ 1624.032624][T17846] netlink: 52 bytes leftover after parsing attributes in process `syz.1.3587'.
[ 1624.120012][T17828] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1624.526468][T17828] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[ 1624.533629][T17828] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1624.555321][T17862] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[ 1626.038560][T17881] SELinux:  duplicate or incompatible mount options
[ 1626.087044][ T7789] usbhid 1-1:0.0: can't add hid device: -71
[ 1626.093612][ T7789] usbhid: probe of 1-1:0.0 failed with error -71
[ 1626.108867][ T7789] usb 1-1: USB disconnect, device number 93
[ 1627.253218][T17897] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.3598: casefold flag without casefold feature
[ 1627.266160][T17897] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #12: comm syz.1.3598: missing EA_INODE flag
[ 1627.279288][T17897] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.3598: error while reading EA inode 12 err=-117
[ 1627.291931][T17897] EXT4-fs (loop1): 1 orphan inode deleted
[ 1627.297558][T17897] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1627.599368][T17913] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[ 1627.656307][   T24] kauditd_printk_skb: 17 callbacks suppressed
[ 1627.656332][   T24] audit: type=1107 audit(1725553834.521:3380): pid=17914 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[ 1627.762547][T17917] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1627.791282][T17917] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=46
[ 1627.800595][T17917] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=46
[ 1627.892380][T17924] incfs: Error accessing: ./file0/file0.
[ 1627.916997][T17924] incfs: mount failed -20
[ 1628.302930][ T7789] usb 3-1: new high-speed USB device number 106 using dummy_hcd
[ 1630.558630][  T317] usb 4-1: new high-speed USB device number 105 using dummy_hcd
[ 1630.882163][T17951] device bridge0 entered promiscuous mode
[ 1630.924091][T17956] devpts: called with bogus options
[ 1631.335518][T17943] device bridge0 left promiscuous mode
[ 1631.468283][ T7789] usb 3-1: device descriptor read/all, error -71
[ 1631.477361][ T9448] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1631.530359][T17967] erofs: (device loop3): mounted with root inode @ nid 36.
[ 1631.584146][T17967] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=46
[ 1631.609349][T17967] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=46
[ 1631.816883][  T317] usb 4-1: device not accepting address 105, error -71
[ 1631.858259][T17970] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1631.969216][T17970] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038 (0x7fffffff)
[ 1632.129511][T17980] netlink: 52 bytes leftover after parsing attributes in process `syz.0.3620'.
[ 1632.272802][T17983] SELinux:  duplicate or incompatible mount options
[ 1632.843646][T17991] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1634.051332][  T328] Bluetooth: hci0: command 0x1003 tx timeout
[ 1634.057347][ T2821] Bluetooth: hci0: sending frame failed (-49)
[ 1634.233202][T18008] incfs: Error accessing: ./file0/file0.
[ 1634.247834][T18008] incfs: mount failed -107
[ 1635.523749][T18020] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1635.564102][T18020] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=46
[ 1635.583509][T18020] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=46
[ 1635.912320][ T6839] usb 4-1: new high-speed USB device number 107 using dummy_hcd
[ 1636.138615][T15422] Bluetooth: hci0: command 0x1001 tx timeout
[ 1636.145129][ T2821] Bluetooth: hci0: sending frame failed (-49)
[ 1636.920473][T18036] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1636.929740][T18036] ext4 filesystem being mounted at /42/file0 supports timestamps until 2038 (0x7fffffff)
[ 1637.047094][ T6839] usb 4-1: Using ep0 maxpacket: 32
[ 1637.177628][T18041] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.3634: inode #1: comm syz.2.3634: iget: illegal inode #
[ 1637.186973][ T6839] usb 4-1: unable to read config index 0 descriptor/start: -71
[ 1637.217883][ T6839] usb 4-1: can't read configurations, error -71
[ 1637.238187][T18041] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.3634: error while reading EA inode 1 err=-117
[ 1637.252696][T18041] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.3634: inode #1: comm syz.2.3634: iget: illegal inode #
[ 1637.266279][T18041] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.3634: error while reading EA inode 1 err=-117
[ 1637.279268][T18041] EXT4-fs (loop2): 1 orphan inode deleted
[ 1637.285375][T18041] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue
[ 1637.330036][T18047] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.3635: casefold flag without casefold feature
[ 1637.332497][T18041] EXT4-fs error (device loop2): ext4_free_branches:1026: inode #13: comm syz.2.3634: invalid indirect mapped block 234881024 (level 0)
[ 1637.357658][T18047] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #12: comm syz.3.3635: missing EA_INODE flag
[ 1637.386967][T18047] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.3635: error while reading EA inode 12 err=-117
[ 1637.416513][T18047] EXT4-fs (loop3): 1 orphan inode deleted
[ 1637.424802][T18047] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1637.787056][  T504] usb 3-1: new high-speed USB device number 108 using dummy_hcd
[ 1637.906542][T18064] F2FS-fs (loop3): invalid crc value
[ 1637.913775][T18064] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1637.993605][T18064] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1638.157005][  T504] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1638.176955][  T504] usb 3-1: config 0 interface 0 altsetting 129 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1638.191623][  T504] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1638.197181][T15422] Bluetooth: hci0: command 0x1009 tx timeout
[ 1638.199138][  T504] usb 3-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[ 1638.205042][T12562] usb 2-1: new high-speed USB device number 99 using dummy_hcd
[ 1638.222070][  T504] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1638.244989][  T504] usb 3-1: config 0 descriptor??
[ 1638.288329][  T504] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[ 1638.391414][T13787] attempt to access beyond end of device
[ 1638.391414][T13787] loop3: rw=524288, want=45072, limit=40427
[ 1638.404030][T13787] attempt to access beyond end of device
[ 1638.404030][T13787] loop3: rw=0, want=45072, limit=40427
[ 1638.480058][    T7] attempt to access beyond end of device
[ 1638.480058][    T7] loop3: rw=2049, want=40992, limit=40427
[ 1638.496898][T12562] usb 2-1: Using ep0 maxpacket: 32
[ 1638.514204][    T7] tipc: Left network mode
[ 1638.637371][T12562] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[ 1638.649916][T12562] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[ 1638.693496][T12562] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 1638.702727][T12562] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1638.722698][T12562] usb 2-1: config 0 descriptor??
[ 1638.767152][T18067] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[ 1638.788098][T12562] hub 2-1:0.0: USB hub found
[ 1638.997182][T12562] hub 2-1:0.0: 2 ports detected
[ 1639.070133][    T7] device bridge_slave_1 left promiscuous mode
[ 1639.076260][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1639.084640][    T7] device bridge_slave_0 left promiscuous mode
[ 1639.090763][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1639.100438][    T7] device veth1_macvtap left promiscuous mode
[ 1639.222449][   T24] audit: type=1326 audit(1725553846.091:3381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18066 comm="syz.1.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42a314def9 code=0x7ffc0000
[ 1639.248276][   T24] audit: type=1326 audit(1725553846.121:3382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18066 comm="syz.1.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42a314def9 code=0x7ffc0000
[ 1639.274554][   T24] audit: type=1326 audit(1725553846.141:3383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18066 comm="syz.1.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42a314def9 code=0x7ffc0000
[ 1639.298504][   T24] audit: type=1326 audit(1725553846.141:3384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18066 comm="syz.1.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42a314def9 code=0x7ffc0000
[ 1639.323760][   T24] audit: type=1326 audit(1725553846.191:3385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18066 comm="syz.1.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42a314def9 code=0x7ffc0000
[ 1639.366922][   T24] audit: type=1326 audit(1725553846.191:3386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18066 comm="syz.1.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42a314def9 code=0x7ffc0000
[ 1639.421181][   T24] audit: type=1326 audit(1725553846.191:3387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18066 comm="syz.1.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42a314def9 code=0x7ffc0000
[ 1639.449732][   T24] audit: type=1326 audit(1725553846.191:3388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18066 comm="syz.1.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f42a314def9 code=0x7ffc0000
[ 1639.480609][   T24] audit: type=1326 audit(1725553846.191:3389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18066 comm="syz.1.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42a314def9 code=0x7ffc0000
[ 1639.509044][   T24] audit: type=1326 audit(1725553846.191:3390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18066 comm="syz.1.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42a314def9 code=0x7ffc0000
[ 1639.552651][T18079] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1639.561697][T18079] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1639.580663][T18079] device bridge_slave_0 entered promiscuous mode
[ 1639.589437][T18079] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1639.596439][T18079] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1639.605521][T18079] device bridge_slave_1 entered promiscuous mode
[ 1639.621058][T18087] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.3648: casefold flag without casefold feature
[ 1639.634556][T18087] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #12: comm syz.0.3648: missing EA_INODE flag
[ 1639.647254][T18087] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.3648: error while reading EA inode 12 err=-117
[ 1639.660856][T18087] EXT4-fs (loop0): 1 orphan inode deleted
[ 1639.666613][T18087] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1639.798784][T18079] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1639.806093][T18079] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1639.813538][T18079] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1639.820439][T18079] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1639.863817][ T6839] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1639.872705][ T6839] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1639.882559][ T6839] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1639.892608][ T6839] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1639.901823][T18095] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.3651: casefold flag without casefold feature
[ 1639.914852][T18095] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #12: comm syz.0.3651: missing EA_INODE flag
[ 1639.915208][ T6839] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1639.934806][T18095] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.3651: error while reading EA inode 12 err=-117
[ 1639.935528][ T6839] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1639.948872][T18095] EXT4-fs (loop0): 1 orphan inode deleted
[ 1639.954304][ T6839] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1639.959915][T18095] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1639.976668][ T6839] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1639.991779][ T6839] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1639.998698][ T6839] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1640.022820][ T6839] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1640.049180][ T6839] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1640.059837][T12562] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1640.077410][T12562] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1640.086032][T12562] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1640.093853][T12562] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1640.103920][T18079] device veth0_vlan entered promiscuous mode
[ 1640.120992][ T1647] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1640.132528][T18079] device veth1_macvtap entered promiscuous mode
[ 1640.147621][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1640.160517][ T1647] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1640.207130][T18099] FAULT_INJECTION: forcing a failure.
[ 1640.207130][T18099] name failslab, interval 1, probability 0, space 0, times 0
[ 1640.220247][T18099] CPU: 1 PID: 18099 Comm: syz.3.3646 Not tainted 5.10.223-syzkaller-00011-g1c5354a314ea #0
[ 1640.230156][T18099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1640.240040][T18099] Call Trace:
[ 1640.243180][T18099]  dump_stack_lvl+0x1e2/0x24b
[ 1640.247685][T18099]  ? panic+0x812/0x812
[ 1640.252042][T18099]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 1640.257550][T18099]  dump_stack+0x15/0x17
[ 1640.261504][T18099]  should_fail+0x3c6/0x510
[ 1640.265853][T18099]  ? vm_area_dup+0x26/0x270
[ 1640.270103][T18099]  __should_failslab+0xa4/0xe0
[ 1640.274788][T18099]  should_failslab+0x9/0x20
[ 1640.279151][T18099]  kmem_cache_alloc+0x3d/0x2e0
[ 1640.283825][T18099]  ? do_send_sig_info+0xfb/0x230
[ 1640.288690][T18099]  vm_area_dup+0x26/0x270
[ 1640.292844][T18099]  __split_vma+0xc0/0x420
[ 1640.297027][T18099]  split_vma+0x7c/0xd0
[ 1640.301010][T18099]  mlock_fixup+0x46f/0x540
[ 1640.305311][T18099]  apply_vma_lock_flags+0x203/0x340
[ 1640.310298][T18099]  ? do_mlock+0x540/0x540
[ 1640.314542][T18099]  ? bpf_trace_run2+0xf4/0x280
[ 1640.319195][T18099]  ? bpf_trace_run1+0x210/0x210
[ 1640.323921][T18099]  do_mlock+0x459/0x540
[ 1640.327952][T18099]  ? __bpf_trace_sys_enter+0x62/0x70
[ 1640.333128][T18099]  __x64_sys_mlock2+0xb8/0xe0
[ 1640.337721][T18099]  do_syscall_64+0x34/0x70
[ 1640.341977][T18099]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1640.348416][T18099] RIP: 0033:0x7fe5a7de7ef9
[ 1640.352708][T18099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1640.372649][T18099] RSP: 002b:00007fe5a6a62038 EFLAGS: 00000246 ORIG_RAX: 0000000000000145
[ 1640.381873][T18099] RAX: ffffffffffffffda RBX: 00007fe5a7fa0f80 RCX: 00007fe5a7de7ef9
[ 1640.389934][T18099] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 000000002000a000
[ 1640.397738][T18099] RBP: 00007fe5a6a62090 R08: 0000000000000000 R09: 0000000000000000
[ 1640.405824][T18099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1640.413918][T18099] R13: 0000000000000000 R14: 00007fe5a7fa0f80 R15: 00007ffcbab978e8
[ 1640.542289][T15422] usb 3-1: USB disconnect, device number 108
[ 1640.657483][T18104] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 1640.664170][T18104] EXT4-fs (loop2): Ignoring removed oldalloc option
[ 1640.683653][T18104] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 1640.690761][T18104] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[ 1640.797101][  T328] usb 4-1: new high-speed USB device number 109 using dummy_hcd
[ 1641.077361][  T328] usb 4-1: Using ep0 maxpacket: 32
[ 1641.229040][  T328] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1641.363683][  T455] usb 2-1: USB disconnect, device number 99
[ 1641.667026][  T328] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1641.686649][  T328] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1641.726885][  T328] usb 4-1: Product: syz
[ 1641.738084][  T328] usb 4-1: Manufacturer: syz
[ 1641.742558][  T328] usb 4-1: SerialNumber: syz
[ 1641.782648][T18115] tun0: tun_chr_ioctl cmd 2147767506
[ 1641.821816][T18113] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1641.829207][T18113] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1641.837865][T18113] device bridge_slave_0 entered promiscuous mode
[ 1641.845460][T18113] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1641.852859][T18113] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1641.871627][T18113] device bridge_slave_1 entered promiscuous mode
[ 1641.930011][T18120]  loop0: p2 < >
[ 1641.952821][   T93]  loop0: p2 < >
[ 1641.967039][ T6839] usb 3-1: new high-speed USB device number 109 using dummy_hcd
[ 1642.110112][T14219] udevd[14219]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[ 1642.114893][T18113] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1642.126872][T18113] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1642.134087][T18113] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1642.141276][T18113] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1642.149217][T18123] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1642.164427][T14219] udevd[14219]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[ 1642.208193][ T6839] usb 3-1: Using ep0 maxpacket: 8
[ 1642.245416][  T504] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1642.256443][  T504] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1642.280077][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1642.290970][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1642.308760][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1642.318847][  T504] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1642.325739][  T504] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1642.333682][ T6839] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1642.353359][T18132] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1642.376634][  T317] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1642.385882][  T317] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1642.392845][  T317] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1642.410578][T18132] EXT4-fs (loop1): 1 orphan inode deleted
[ 1642.416291][T18132] EXT4-fs (loop1): 1 truncate cleaned up
[ 1642.417973][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1642.423188][T18132] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1642.429799][ T6839] usb 3-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[ 1642.476892][ T6839] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[ 1642.501137][ T6839] usb 3-1: SerialNumber: syz
[ 1642.512314][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1642.521537][ T6839] usb 3-1: config 0 descriptor??
[ 1642.529231][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1642.558438][ T6839] uvcvideo: Found UVC 0.00 device <unnamed> (05ac:8501)
[ 1642.560575][T18113] device veth0_vlan entered promiscuous mode
[ 1642.572404][ T6839] uvcvideo 3-1:0.0: Entity type for entity Output 255 was not initialized!
[ 1642.586227][ T6839] uvcvideo: Failed to create links for entity 255
[ 1642.594522][ T6839] uvcvideo: Failed to register entities (-22).
[ 1642.603423][  T504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1642.630595][ T6839] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1642.647558][ T6839] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1642.661906][ T1647] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1642.677431][T18113] device veth1_macvtap entered promiscuous mode
[ 1642.696459][ T9448] device bridge_slave_1 left promiscuous mode
[ 1642.757289][ T9448] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1642.776260][ T9448] device bridge_slave_0 left promiscuous mode
[ 1642.790159][ T9448] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1642.808227][ T9448] device veth1_macvtap left promiscuous mode
[ 1642.814582][ T9448] device veth0_vlan left promiscuous mode
[ 1642.917502][  T328] cdc_ncm 4-1:1.0: bind() failure
[ 1642.919544][  T318] EXT4-fs error (device loop0): ext4_mb_generate_buddy:808: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1642.925663][  T328] cdc_ncm 4-1:1.1: bind() failure
[ 1642.950284][  T318] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[ 1642.963090][  T318] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 1642.963090][  T318] 
[ 1642.973110][  T318] EXT4-fs (loop0): Total free blocks count 0
[ 1642.979419][  T318] EXT4-fs (loop0): Free/Dirty block details
[ 1642.985391][  T318] EXT4-fs (loop0): free_blocks=2415919104
[ 1642.991394][  T318] EXT4-fs (loop0): dirty_blocks=7088
[ 1642.996644][  T318] EXT4-fs (loop0): Block reservation details
[ 1643.002899][  T318] EXT4-fs (loop0): i_reserved_data_blocks=443
[ 1643.034030][  T328] usb 4-1: USB disconnect, device number 109
[ 1643.076042][  T318] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[ 1643.089478][  T318] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 1643.089478][  T318] 
[ 1643.297978][ T1647] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1643.310366][ T1647] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1643.438821][T10516] usb 3-1: USB disconnect, device number 109
[ 1643.540878][T18156] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.3667: casefold flag without casefold feature
[ 1643.560210][T18156] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #12: comm syz.0.3667: missing EA_INODE flag
[ 1643.585029][T18156] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.3667: error while reading EA inode 12 err=-117
[ 1643.598390][T18156] EXT4-fs (loop0): 1 orphan inode deleted
[ 1643.604085][T18156] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1643.643320][T18160] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.3669: inode #1: comm syz.1.3669: iget: illegal inode #
[ 1643.681418][T18160] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.3669: error while reading EA inode 1 err=-117
[ 1643.694524][T18160] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.3669: inode #1: comm syz.1.3669: iget: illegal inode #
[ 1643.696983][ T1647] usb 5-1: new high-speed USB device number 102 using dummy_hcd
[ 1643.712937][T18160] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.3669: error while reading EA inode 1 err=-117
[ 1643.729277][T18160] EXT4-fs (loop1): 1 orphan inode deleted
[ 1643.735406][T18160] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue
[ 1643.790655][T18164] ==================================================================
[ 1643.798703][T18164] BUG: KASAN: use-after-free in __ext4_iget+0x3a0/0x41f0
[ 1643.805669][T18164] Read of size 8 at addr ffff88812aa75f48 by task syz.3.3670/18164
[ 1643.813576][T18164] 
[ 1643.815774][T18164] CPU: 0 PID: 18164 Comm: syz.3.3670 Not tainted 5.10.223-syzkaller-00011-g1c5354a314ea #0
[ 1643.825577][T18164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1643.835817][T18164] Call Trace:
[ 1643.838954][T18164]  dump_stack_lvl+0x1e2/0x24b
[ 1643.843470][T18164]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 1643.848760][T18164]  ? panic+0x812/0x812
[ 1643.852759][T18164]  print_address_description+0x81/0x3b0
[ 1643.858227][T18164]  kasan_report+0x179/0x1c0
[ 1643.862571][T18164]  ? __ext4_iget+0x3a0/0x41f0
[ 1643.867074][T18164]  ? __ext4_iget+0x3a0/0x41f0
[ 1643.871772][T18164]  __asan_report_load8_noabort+0x14/0x20
[ 1643.877258][T18164]  __ext4_iget+0x3a0/0x41f0
[ 1643.881704][T18164]  ? ida_alloc_range+0x9c3/0xa30
[ 1643.886565][T18164]  ? ext4_get_projid+0x140/0x140
[ 1643.891419][T18164]  ? _raw_write_lock+0xa4/0x170
[ 1643.896176][T18164]  ? _raw_write_trylock+0x1a0/0x1a0
[ 1643.901382][T18164]  ? __proc_create+0x65a/0xa00
[ 1643.906012][T18164]  ext4_enable_quotas+0x56f/0x9f0
[ 1643.910850][T18164]  ? ext4_fill_flex_info+0x5b0/0x5b0
[ 1643.915969][T18164]  ? proc_create_single_data+0x1de/0x240
[ 1643.921453][T18164]  ? proc_create_seq_private+0x280/0x280
[ 1643.926913][T18164]  ? __kasan_check_write+0x14/0x20
[ 1643.932118][T18164]  ? ext4_register_sysfs+0x253/0x290
[ 1643.937247][T18164]  ext4_fill_super+0x86dc/0x9150
[ 1643.942034][T18164]  ? ext4_mount+0x40/0x40
[ 1643.946266][T18164]  ? vscnprintf+0x80/0x80
[ 1643.950437][T18164]  ? sb_set_blocksize+0xa8/0xf0
[ 1643.955196][T18164]  mount_bdev+0x262/0x370
[ 1643.959376][T18164]  ? ext4_mount+0x40/0x40
[ 1643.963545][T18164]  ext4_mount+0x34/0x40
[ 1643.967538][T18164]  legacy_get_tree+0xf1/0x190
[ 1643.972050][T18164]  ? ext4_chksum+0x210/0x210
[ 1643.976481][T18164]  vfs_get_tree+0x88/0x290
[ 1643.980751][T18164]  do_new_mount+0x2ba/0xb30
[ 1643.985163][T18164]  ? do_move_mount_old+0x160/0x160
[ 1643.990189][T18164]  ? security_capable+0x87/0xb0
[ 1643.994889][T18164]  ? ns_capable+0x89/0xe0
[ 1643.999058][T18164]  path_mount+0x56f/0xcb0
[ 1644.003221][T18164]  __se_sys_mount+0x2c4/0x3b0
[ 1644.007754][T18164]  ? __x64_sys_mount+0xd0/0xd0
[ 1644.012338][T18164]  __x64_sys_mount+0xbf/0xd0
[ 1644.016764][T18164]  do_syscall_64+0x34/0x70
[ 1644.021026][T18164]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1644.026812][T18164] RIP: 0033:0x7fe5a7de969a
[ 1644.031066][T18164] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1644.050654][T18164] RSP: 002b:00007fe5a6a61e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1644.059351][T18164] RAX: ffffffffffffffda RBX: 00007fe5a6a61ef0 RCX: 00007fe5a7de969a
[ 1644.067837][T18164] RDX: 0000000020000b80 RSI: 0000000020000bc0 RDI: 00007fe5a6a61eb0
[ 1644.075628][T18164] RBP: 0000000020000b80 R08: 00007fe5a6a61ef0 R09: 0000000000000000
[ 1644.083676][T18164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000020000bc0
[ 1644.091955][T18164] R13: 00007fe5a6a61eb0 R14: 0000000000000b80 R15: 0000000020000040
[ 1644.099950][T18164] 
[ 1644.102267][T18164] Allocated by task 17809:
[ 1644.106531][T18164]  __kasan_slab_alloc+0xb1/0xe0
[ 1644.111839][T18164]  slab_post_alloc_hook+0x61/0x2f0
[ 1644.116926][T18164]  kmem_cache_alloc+0x168/0x2e0
[ 1644.121894][T18164]  f2fs_alloc_inode+0x26/0x420
[ 1644.126532][T18164]  iget_locked+0x14f/0x870
[ 1644.130798][T18164]  f2fs_iget+0x55/0x4ec0
[ 1644.135022][T18164]  f2fs_fill_super+0x4c90/0x7e30
[ 1644.139969][T18164]  mount_bdev+0x262/0x370
[ 1644.144239][T18164]  f2fs_mount+0x34/0x40
[ 1644.148407][T18164]  legacy_get_tree+0xf1/0x190
[ 1644.152998][T18164]  vfs_get_tree+0x88/0x290
[ 1644.157423][T18164]  do_new_mount+0x2ba/0xb30
[ 1644.161759][T18164]  path_mount+0x56f/0xcb0
[ 1644.165953][T18164]  __se_sys_mount+0x2c4/0x3b0
[ 1644.170446][T18164]  __x64_sys_mount+0xbf/0xd0
[ 1644.174947][T18164]  do_syscall_64+0x34/0x70
[ 1644.179411][T18164]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1644.185811][T18164] 
[ 1644.187994][T18164] Freed by task 17858:
[ 1644.192230][T18164]  kasan_set_track+0x4b/0x70
[ 1644.197035][T18164]  kasan_set_free_info+0x23/0x40
[ 1644.202033][T18164]  ____kasan_slab_free+0x121/0x160
[ 1644.207078][T18164]  __kasan_slab_free+0x11/0x20
[ 1644.211841][T18164]  slab_free_freelist_hook+0xc0/0x190
[ 1644.217052][T18164]  kmem_cache_free+0xa9/0x1e0
[ 1644.221593][T18164]  f2fs_free_inode+0x24/0x30
[ 1644.226025][T18164]  i_callback+0x4b/0x70
[ 1644.229993][T18164]  rcu_do_batch+0x597/0xc40
[ 1644.234322][T18164]  rcu_core+0x5ad/0xe40
[ 1644.238305][T18164]  rcu_core_si+0x9/0x10
[ 1644.242298][T18164]  __do_softirq+0x268/0x5bb
[ 1644.247680][T18164] 
[ 1644.249918][T18164] Last potentially related work creation:
[ 1644.255598][T18164]  kasan_save_stack+0x3b/0x60
[ 1644.260373][T18164]  __kasan_record_aux_stack+0xd3/0x100
[ 1644.266204][T18164]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 1644.272324][T18164]  call_rcu+0x135/0x11f0
[ 1644.276360][T18164]  evict+0x648/0x6c0
[ 1644.280233][T18164]  iput+0x632/0x7e0
[ 1644.284133][T18164]  f2fs_put_super+0x692/0xc10
[ 1644.289051][T18164]  generic_shutdown_super+0x14f/0x2d0
[ 1644.294670][T18164]  kill_block_super+0x7e/0xe0
[ 1644.299698][T18164]  kill_f2fs_super+0x2f9/0x3c0
[ 1644.304389][T18164]  deactivate_locked_super+0xad/0x110
[ 1644.310246][T18164]  deactivate_super+0xbe/0xf0
[ 1644.314705][T18164]  cleanup_mnt+0x45c/0x510
[ 1644.319050][T18164]  __cleanup_mnt+0x19/0x20
[ 1644.323484][T18164]  task_work_run+0x129/0x190
[ 1644.328344][T18164]  exit_to_user_mode_loop+0xbf/0xd0
[ 1644.333663][T18164]  syscall_exit_to_user_mode+0xa2/0x1a0
[ 1644.339119][T18164]  do_syscall_64+0x40/0x70
[ 1644.343748][T18164]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1644.349639][T18164] 
[ 1644.351781][T18164] Second to last potentially related work creation:
[ 1644.358586][T18164]  kasan_save_stack+0x3b/0x60
[ 1644.363099][T18164]  __kasan_record_aux_stack+0xd3/0x100
[ 1644.368383][T18164]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 1644.374244][T18164]  call_rcu+0x135/0x11f0
[ 1644.378285][T18164]  evict+0x648/0x6c0
[ 1644.382029][T18164]  iput+0x632/0x7e0
[ 1644.385671][T18164]  f2fs_fill_super+0x6739/0x7e30
[ 1644.390444][T18164]  mount_bdev+0x262/0x370
[ 1644.394776][T18164]  f2fs_mount+0x34/0x40
[ 1644.398897][T18164]  legacy_get_tree+0xf1/0x190
[ 1644.403503][T18164]  vfs_get_tree+0x88/0x290
[ 1644.407839][T18164]  do_new_mount+0x2ba/0xb30
[ 1644.412177][T18164]  path_mount+0x56f/0xcb0
[ 1644.416342][T18164]  __se_sys_mount+0x2c4/0x3b0
[ 1644.420857][T18164]  __x64_sys_mount+0xbf/0xd0
[ 1644.425284][T18164]  do_syscall_64+0x34/0x70
[ 1644.429719][T18164]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1644.435411][T18164] 
[ 1644.437605][T18164] The buggy address belongs to the object at ffff88812aa75a20
[ 1644.437605][T18164]  which belongs to the cache f2fs_inode_cache of size 1520
[ 1644.452458][T18164] The buggy address is located 1320 bytes inside of
[ 1644.452458][T18164]  1520-byte region [ffff88812aa75a20, ffff88812aa76010)
[ 1644.465984][T18164] The buggy address belongs to the page:
[ 1644.471487][T18164] page:ffffea0004aa9c00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12aa70
[ 1644.481618][T18164] head:ffffea0004aa9c00 order:3 compound_mapcount:0 compound_pincount:0
[ 1644.489787][T18164] flags: 0x4000000000010200(slab|head)
[ 1644.495081][T18164] raw: 4000000000010200 ffffea000441c400 0000000300000003 ffff8881029de780
[ 1644.503503][T18164] raw: 0000000000000000 0000000080130013 00000001ffffffff 0000000000000000
[ 1644.512083][T18164] page dumped because: kasan: bad access detected
[ 1644.518524][T18164] page_owner tracks the page as allocated
[ 1644.524189][T18164] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0x1d2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 973, ts 96116163623, free_ts 56080987278
[ 1644.546229][T18164]  prep_new_page+0x166/0x180
[ 1644.550646][T18164]  get_page_from_freelist+0x2d8c/0x2f30
[ 1644.556022][T18164]  __alloc_pages_nodemask+0x435/0xaf0
[ 1644.561224][T18164]  new_slab+0x80/0x400
[ 1644.565132][T18164]  ___slab_alloc+0x302/0x4b0
[ 1644.569575][T18164]  __slab_alloc+0x63/0xa0
[ 1644.573731][T18164]  kmem_cache_alloc+0x1b9/0x2e0
[ 1644.578423][T18164]  f2fs_alloc_inode+0x26/0x420
[ 1644.583188][T18164]  iget_locked+0x14f/0x870
[ 1644.587445][T18164]  f2fs_iget+0x55/0x4ec0
[ 1644.591553][T18164]  f2fs_fill_super+0x64c2/0x7e30
[ 1644.596296][T18164]  mount_bdev+0x262/0x370
[ 1644.600462][T18164]  f2fs_mount+0x34/0x40
[ 1644.604455][T18164]  legacy_get_tree+0xf1/0x190
[ 1644.608993][T18164]  vfs_get_tree+0x88/0x290
[ 1644.613222][T18164]  do_new_mount+0x2ba/0xb30
[ 1644.617543][T18164] page last free stack trace:
[ 1644.622079][T18164]  free_unref_page_prepare+0x2ae/0x2d0
[ 1644.627377][T18164]  free_unref_page_list+0x122/0xb20
[ 1644.632469][T18164]  release_pages+0xea0/0xef0
[ 1644.636912][T18164]  __pagevec_release+0x84/0x100
[ 1644.641613][T18164]  shmem_undo_range+0x7d1/0x1a60
[ 1644.646470][T18164]  shmem_evict_inode+0x215/0x9d0
[ 1644.651236][T18164]  evict+0x2a3/0x6c0
[ 1644.654966][T18164]  iput+0x632/0x7e0
[ 1644.658616][T18164]  dentry_unlink_inode+0x2ea/0x3d0
[ 1644.663647][T18164]  __dentry_kill+0x447/0x650
[ 1644.668078][T18164]  dentry_kill+0xc0/0x2a0
[ 1644.672246][T18164]  dput+0x40/0x80
[ 1644.675718][T18164]  __fput+0x52e/0x7b0
[ 1644.679531][T18164]  ____fput+0x15/0x20
[ 1644.683360][T18164]  task_work_run+0x129/0x190
[ 1644.687781][T18164]  do_exit+0xc83/0x2a50
[ 1644.691750][T18164] 
[ 1644.694008][T18164] Memory state around the buggy address:
[ 1644.699504][T18164]  ffff88812aa75e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1644.707432][T18164]  ffff88812aa75e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1644.715324][T18164] >ffff88812aa75f00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1644.723192][T18164]                                               ^
[ 1644.729443][T18164]  ffff88812aa75f80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1644.737428][T18164]  ffff88812aa76000: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1644.745347][T18164] ==================================================================
[ 1644.753314][T18164] Disabling lock debugging due to kernel taint
[ 1644.767968][T18164] EXT4-fs warning (device loop3): ext4_enable_quotas:6467: Failed to enable quota tracking (type=0, err=-13, ino=3). Please run e2fsck to fix.
[ 1644.838956][T18164] EXT4-fs (loop3): mount failed
[ 1645.007023][ T1647] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1645.017908][ T1647] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1645.027749][ T1647] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[ 1645.036951][ T1647] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1645.052800][ T1647] usb 5-1: config 0 descriptor??
[ 1645.530039][ T1647] hid-led 0003:27B8:01ED.007F: unknown main item tag 0x0
[ 1645.538169][ T1647] hid-led 0003:27B8:01ED.007F: unknown main item tag 0x0
[ 1645.545301][ T1647] hid-led 0003:27B8:01ED.007F: unknown main item tag 0x0
[ 1645.552454][ T1647] hid-led 0003:27B8:01ED.007F: unknown main item tag 0x0
[ 1645.559587][ T1647] hid-led 0003:27B8:01ED.007F: unknown main item tag 0x0
[ 1645.737136][ T1647] hid-led: probe of 0003:27B8:01ED.007F failed with error -71
[ 1645.748355][ T1647] usb 5-1: USB disconnect, device number 102