last executing test programs:

22.854809926s ago: executing program 2 (id=301):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r1 = io_uring_setup(0x1694, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mremap(&(0x7f00003eb000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000003000/0x1000)=nil)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000002700)=""/4096, 0x1a00}], 0x0, 0x11a}, 0x20)

22.769243137s ago: executing program 2 (id=304):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_XCRS(r2, 0x4188aea7, &(0x7f0000000000)=ANY=[@ANYBLOB="cc01"])
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000001c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000402000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

22.634111629s ago: executing program 2 (id=312):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

22.58879006s ago: executing program 2 (id=316):
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x0, &(0x7f0000000b80)={[{@nombcache}, {@abort}, {@dioread_lock}, {@norecovery}, {@discard}, {@lazytime}, {@noload}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x55d, &(0x7f0000001180)="$eJzs3d9rU1ccAPDvTRt/1c0KItseRsGHOZypbffDwR7c49hkwvbuQnst0tRIk4rthOnDfNnLkMEYE2R/wN73KPsH9lcImyBDyvawl46b3tTYNP0ZbTSfD1w9596bnHNy7vf03JyEBNC3RrJ/ChGvR8T3ScSRlmODkR8cWTlv6fGNyWxLYnn5i7+TSPJ9zfOT/P+hPPNaRPz+bcSpQnu5tYXFmXKlks7l+dH67NXR2sLi6cuz5el0Or0yPjFx9r2J8Q8/eL9rbX37wr8/fX7/k7PfnVj68deHR+8kcS4O58da27ELN1szIzGSvybFOLfmxLEuFNZLkr2uADsykMd5MbIx4EgM5FEPvPy+iYhloE8l4h/6VHMe0Ly379J98Avj0ccrN0Dt7R9ceW8kDjTujQ4tJU/dGWX3u8NdKD8r47e/7t7Jtuje+xAAm7p5KyLODA62j39JPv7t3JktnLO2jG2Of8vbrBLQ4n42/3lnvflPYXX+E+vMf4bWid2d2Dz+Cw+7UExH2fzvo3Xnv6uLVsMDee6VxpyvmFy6XEmzse3ViDgZxf1ZfqP1nLNLDzqOU63zv2zLym/OBfN6PBzc//Rjpsr18m7a3OrRrYg31p3/Jqv9n7T1f7HxelzYYhnH07tvdjq2efufreVfIt5at/+frGglG69Pjjauh9HmVdHun9vH/+hU/l63P+v/Qxu3fzhpXa+tbb+Mewf+Szsd2+n1vy/5spHel++7Xq7X58Yi9iWfte8ff/LYZr55ftb+kyc2Hv/ar/+IgxHx1Rbbf/vY7Y6n9kL/T22r/7efePDp1z93Kn9r/f9uI3Uy37OV8W+rFdzNawcAAAAAAAC9phARhyMplFbThUKptPL5jmNxqFCp1uqnLlXnr0xF47uyw1EsNFe6h1o+DzGWfx62mR9fk5+IiKMR8cPAwUa+NFmtTO114wEAAAAAAAAAAAAAAAAAAKBHDHX4/n/mz4G9rh3wzPnJb+hfm8Z/N37pCehJ/v5D/xL/0L/EP/Qv8Q/9S/xD/xL/0L/EP/SvTvF/7znXAwAAAAAAAAAAAAAAAAAAAAAAAAAAAF4SF86fz7blpcc3JrP81LWF+ZnqtdNTaW2mNDs/WZqszl0tTVer05W0NFmd3ez5KtXq1bHxmL8+Wk9r9dHawuLF2er8lfrFy7Pl6fRiWnwurQIAAAAAAAAAAAAAAAAAAIAXS21hcaZcqaRzEhI7Sgz2RjUkVhLNwN71E+7tuAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArf4PAAD//98qNtY=")
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000000c0)='./bus\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x401c5820, &(0x7f0000000100)=@v1={0x8, @aes256, 0x0, @desc3})

22.427605292s ago: executing program 2 (id=322):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000800)={{r0}, &(0x7f0000000780), &(0x7f00000007c0)}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
fspick(r0, 0x0, 0x1)

22.099423527s ago: executing program 2 (id=329):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0a000000070000000300000001"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
mkdir(&(0x7f0000000200)='./bus\x00', 0x0)
mount$incfs(&(0x7f0000000000)='./bus\x00', &(0x7f0000000040)='./bus\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./bus\x00', 0x0, 0x3ae4c20, &(0x7f0000000680)={[], [{@fowner_eq}]})

22.067391818s ago: executing program 32 (id=329):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0a000000070000000300000001"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
mkdir(&(0x7f0000000200)='./bus\x00', 0x0)
mount$incfs(&(0x7f0000000000)='./bus\x00', &(0x7f0000000040)='./bus\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./bus\x00', 0x0, 0x3ae4c20, &(0x7f0000000680)={[], [{@fowner_eq}]})

20.803531876s ago: executing program 4 (id=339):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20020084, &(0x7f00000018c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50)
sendto$inet(r0, &(0x7f0000000580)="e1", 0xfffffffffffffef1, 0x40000, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r1, &(0x7f0000000340), &(0x7f0000000040)=@tcp=r0}, 0x20)
recvmsg(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x10000)

19.911988799s ago: executing program 4 (id=349):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000740)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
utime(&(0x7f0000000200)='./file0\x00', 0x0)

19.890517449s ago: executing program 4 (id=350):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
bpf$MAP_CREATE(0x0, 0x0, 0x931c7351)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r0, &(0x7f0000001240)=""/102400, 0x200000, 0x80000000000000)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r1, 0x4b67, &(0x7f0000000340)={0x5, &(0x7f0000000000)=[{0xadaa}, {0x8, 0x1ff}, {0x7}, {0xfa, 0x9}, {0x200, 0xd}]})

19.86930533s ago: executing program 4 (id=352):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
umount2(&(0x7f0000000040)='./file0/file0\x00', 0x8)

19.83716274s ago: executing program 4 (id=354):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
gettid()
timer_create(0x1, 0x0, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x12, r1, 0x0)
write$selinux_load(r0, &(0x7f0000000000)={0xf97cff8c, 0x8, 'SE Linux', "a5199fcdafdf3bb7cc4c8bc74a5ec2b0d07a2123b1ffffc2b5877ed2f5"}, 0xfd0f)

19.750192962s ago: executing program 4 (id=356):
pipe(&(0x7f0000000600)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f0000000000)="fc0000001d000724ab09254ec100070007ab08001b000000f0ffff002100057e0000000000000e000039000000039815fad151ba0101099cecb94b46fe0000000a00020025", 0xffffff0c)
close(r0)
pipe(&(0x7f0000000500)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
splice(r2, 0x0, r1, 0x0, 0xffffffffffff8000, 0x0)
close(r3)

19.732897551s ago: executing program 33 (id=356):
pipe(&(0x7f0000000600)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f0000000000)="fc0000001d000724ab09254ec100070007ab08001b000000f0ffff002100057e0000000000000e000039000000039815fad151ba0101099cecb94b46fe0000000a00020025", 0xffffff0c)
close(r0)
pipe(&(0x7f0000000500)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
splice(r2, 0x0, r1, 0x0, 0xffffffffffff8000, 0x0)
close(r3)

18.195646004s ago: executing program 1 (id=410):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
syz_clone(0x638c1100, 0x0, 0x0, 0x0, 0x0, 0x0)

17.724819461s ago: executing program 1 (id=419):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000000)=0x8000, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000080)=ANY=[], 0x8)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x8, 0x4)
recvmmsg(r0, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000008c0)=""/19, 0x13}, 0x5}], 0x1, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

17.639716182s ago: executing program 1 (id=423):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

17.609821702s ago: executing program 1 (id=424):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

17.592492323s ago: executing program 1 (id=425):
syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file0\x00', 0x1208000, 0x0, 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r1}, 0x10)
utime(&(0x7f0000000200)='./file0\x00', 0x0)

12.366225289s ago: executing program 1 (id=429):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x8)
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x0)

12.35080338s ago: executing program 34 (id=429):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x8)
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x0)

10.318910179s ago: executing program 3 (id=469):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xde452000)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)

10.000721654s ago: executing program 3 (id=475):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r1}, 0x10)
uname(0x0)

9.934711185s ago: executing program 3 (id=477):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r2}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c)

9.895572575s ago: executing program 3 (id=478):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000680)={[{@test_dummy_encryption}, {@init_itable}, {@noload}]}, 0x3, 0x470, &(0x7f0000001240)="$eJzs3MtvG1UXAPAzkzj98qUloZRXyyNQEBWPpGkLdMECEEgsioQEC1haSVqVpi1qjESrSKQsygohJPaIJf8CK9ggxAqJLexRpQp1Q8vKaOyZxHZsp2nsuMW/n+T23Hn43uOZa9+ZayeAoTWd/ZNE7I6I3yNisl5s3mC6/t+N6yvzN6+vzCdRrb77V1Lb7u/rK/PFpsV+E42FSOJAm3qXL146U15aWryQl2crZz+aXb546YXTZ8unFk8tnjty/Pixo3Mvv3TkxZ7kORFpHr31wVdvn/iiKf+WPHpkutvKp6vVHlc3WHsa4tEBtoOtGcmPV6nW/ydjpOHoTcabn60VPh1QA4G+qVar1YnOq1erwH9YEs1lXR6GRfFBX1z/trsOfrVvo4/Bu/Za/QIoy/tG/qivGV27Y1Bqub7tpemIeH/1n2+yR/TnPgQAQJMfsvHP89loZ2U+G3usjz/SeKBhu3vyuaGpiLg3IvZGxH1xLvZFxP0RtW0fjIiHtlh/6yTJxvFPevW2ErtF2fjvlXxuq3n8V4z+YmokL+2p5V9KTp5eWjycvyaHorQrK891qePHN377stO6xvFf9sjqL8aCeTuuju5q3mehXClvJ+dG1y5H7B9tl3+yNhOQRMTDEbG/3ROkm9dx+tnvHum0bvP8u+jBRFP124hn6sd/NVryLyTd5ydn/xdLi4dni7Nio19+vfJOp/q3lX8PZMf//23P/7X8p5LG+drlrddx5Y/PO17TTJfyYAvn/2q5Uh5L3qvFY/myT8qVyoW5iLHkRL3RjcuPrO9blIvts/wPHWzf//fG+itxICKyk/jRiHgsIh7Pj90TEfFkRBzskv/Prz/1Yeuy8SL/O+D4L2zp+K8HY9G6pH0wcuan75sqnVoP8/xvdn//O1aLDuVLbuX971badXtnMwAAANx90ojYHUk6sxan6cxM/Tv8+yLSpfPLledOnv/43EL9NwJTUUqLO12TDfdD5/LL+nr5ckTUv1pQrD8aae2+8dcj47XyzPz5pYVBJw9DbqJD/8/8OTLo1gF95wdbMLz0fxheXft/aefaAey8Df2/a5/f1de2ADurzef/+CDaAey8duN/f+8HhkNL/zftB0PE/X8YXvo/DC/9H4bS8nhs/iP5rkHxTLe5+2bBZMR2WziYIEp3RDP6FkTa9yrG+ntq9S1I7sI2bwgG954EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQS/8GAAD//3hZ0MA=")
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x1024404, 0x0, 0x1, 0x0, &(0x7f0000000080))
chdir(&(0x7f00000003c0)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

9.717550668s ago: executing program 3 (id=484):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r2}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

9.486332611s ago: executing program 3 (id=488):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e22, @empty}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x800000000f, &(0x7f0000000080)=0x7, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f00000000c0)=0x2, 0x4)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0x10000000}, 0x1c)
listen(r0, 0x0)

9.428764942s ago: executing program 35 (id=488):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e22, @empty}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x800000000f, &(0x7f0000000080)=0x7, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f00000000c0)=0x2, 0x4)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0x10000000}, 0x1c)
listen(r0, 0x0)

5.827069555s ago: executing program 6 (id=565):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0b000000ff000000020000000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/18], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r2}, &(0x7f0000000280), &(0x7f00000002c0)}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000380)={r2, &(0x7f0000000300), &(0x7f0000000340)=""/55}, 0x20)

5.772017046s ago: executing program 6 (id=566):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000003fffffe218110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r2}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

5.771569656s ago: executing program 6 (id=567):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000080)="13", 0x1}], 0x1}, 0x4051)
sendmsg$inet(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000100)="c6", 0x1}], 0x1}, 0x20000840)
recvmsg(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x10141)
recvmsg$unix(r0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x2122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x3, 0x0, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

5.696754857s ago: executing program 6 (id=568):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x400, &(0x7f0000000280)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c73686f72746e616d653d77696e39352c666c7573682c646f733178666c6f7070792c73686f72746e616d653d77696e39352c756e695f786c6174653d312c73686f72746e616d653d77696e6e742c646d61736b3d30303030303030303030303030303030303030303135322c73686f72746e616d653d77696e6e742c008cc841609217fc073a85f33e742d9e9907be78c28936f8e529c705a97e506022ad414a7e60db318bfc124a3e9248b326b9f30e00f177fe2411bfb06335d1bcfe3108f6f72894c5608f44cf0c48d277a287589c4024f65baf9eb182a128ce963cc51b5db6804905bc5c8f8b0d401a62407a046b6418edf73c30"], 0xfa, 0x2b4, &(0x7f00000009c0)="$eJzs3M9r02AYwPFn3bp2HVt7EEFBfNCLXsJW/4IiG4gFZa6iHoTMpVoa25HUSkXcbuLNv2N49CY4/4FdvHkXL0MQvOwgizRp1h8UN+eyzO37gZFned8n75tf5U0g79a9t0+rZdcomw1JpFUSImuyLZJrRx0jnWXCj8el15pcnfz55cKd+w9uForFuQXV+cLitbyqTl/8+Pzlu0ufGpN3309/SMlm7uHWj/zXzbOb57Z2FsOt1xtq6lK93jCXbEuXK27VUL1tW6ZraaXmWk5fedmur6y01KwtT2VWHMt11ay1tGq1tFHXhtNS87FZqalhGDqVkdNm9K8zSusLC2Yhks4gDhPDVjpOwRwNCkd2b2Zfaf3IegYAAI6NuMb/TyquVlyt7TX+Twjj/+j44/+doYNGnAzJ9gNAwcx07t9+jP8BAAAAAAAAAAAAAAAAAAAAAPgfbHte1vO8bLgM/1IikhaR8P+4+4loHOD8j8TYXRyyng/30iL262apWQqWQXmhLBWxxZKZpMgv/3roCOL5G8W5GfXlZMNe7eT7HwmmwvxQbnj+bJCvPfmrzVJSMr3t5yUrZ4bn5wfykyLSLI3Llcs9+YZk5fMjqYsty/513c1/Nat6/VZxoP0Jvx4AAAAAACeBobty/c+/wWyShqHhtCED5cHK7vsBye7xfkBlY1y6+WNyfiy+/QYAAAAA4DRxWy+qpm1bTjuQMRGnb83hB5ORbflog4FDNxC8OQY9PPzASAcXzR8re5632q70740mRCSmPf0uIkd/nFMiEmkT354FJ3A/leP8VQIAAAAQhe6gP+6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweu138rCw/kHmHutpbjSevQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACOh98BAAD//1HWF6c=")
r0 = creat(&(0x7f00000001c0)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000240)='./bus\x00', 0x187102, 0x1)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r1, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001ec0)=ANY=[@ANYRES16=r0], 0x3f60}, 0x1, 0x0, 0x0, 0x8085}, 0x20000000)
close(r0)

5.49409337s ago: executing program 6 (id=573):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='sys_enter\x00', r1}, 0x18)
r2 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
copy_file_range(r2, 0x0, r2, 0x0, 0x39ed, 0x0)

5.359107372s ago: executing program 6 (id=576):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x20, @multicast1}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000080)={{{@in6=@empty, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee00}, {0x0, 0x0, 0x100000000, 0x0, 0x0, 0x2, 0x0, 0xffffffffffffffff}, {}, 0x0, 0x0, 0x1}, {{@in=@loopback, 0x4d5, 0x32}, 0x0, @in6=@loopback, 0x1, 0x3, 0x0, 0xb7, 0x1fb, 0xffffffff}}, 0xe8)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r1, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8822d55593a2179}, 0xc)
sendmmsg(r0, &(0x7f0000000180), 0x400000000000077, 0x7600)

5.341915702s ago: executing program 36 (id=576):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x20, @multicast1}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000080)={{{@in6=@empty, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee00}, {0x0, 0x0, 0x100000000, 0x0, 0x0, 0x2, 0x0, 0xffffffffffffffff}, {}, 0x0, 0x0, 0x1}, {{@in=@loopback, 0x4d5, 0x32}, 0x0, @in6=@loopback, 0x1, 0x3, 0x0, 0xb7, 0x1fb, 0xffffffff}}, 0xe8)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r1, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8822d55593a2179}, 0xc)
sendmmsg(r0, &(0x7f0000000180), 0x400000000000077, 0x7600)

3.217479193s ago: executing program 5 (id=623):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000d00000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
sigaltstack(0x0, 0x0)

3.203469023s ago: executing program 5 (id=624):
unshare(0xc040400)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x6, 0x37, 0x0, 0x9}]}, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x2, 0xffffffff}]}, 0x10)

3.189734363s ago: executing program 5 (id=625):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r2}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

3.164252894s ago: executing program 5 (id=627):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000040000000c"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000080), &(0x7f0000000240)=r2}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x18000000000002a0, 0x5ee, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

3.133836694s ago: executing program 5 (id=629):
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x5, 0x4, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x3, &(0x7f0000000540), 0x1, 0x4a1, &(0x7f0000000000)="$eJzs3c1rXOUaAPBnZpq0SXNvP+7l0vaCLVSoHzSTD6SJunGlLgpiwY1Cjck01kwyITOpTegi1V0XLkRREBfu/Qvc2JVFENe6FxdS0RpBBWHknJmJ+Zo4aJqBnN8PTuc9H53nfTM8L++855w5AWTWmeSfXMRARHwZEUcaqxsPONN4Wb13YzJZclGvX/ohlx6XrLcObf2/wxGxkhSORjz/dMQrua1xq0vLMxPlcmmhuV6szc4Xq0vL56/OTkyXpktzw2MXxsfHhkZHxnetrbfeeu3WxU+e7f34lzfv3nn7s0+Tag00961vx25qNL0njm3a/uT9CNYFhYg4EBF93a4If0vy+f0nIs6m+X8kCumnCWRBvV6v/14/2G73Sh3Yt/LpGDiXH4yIRjmfHxxsjOH/G/35cqVae/RKZXFuqjFWPho9+StXy6Wh5neFo9GTS9aHG8P9tfWRTeujEekY+J1CX7o+OFkpT+1tVwdscnhT/v9caOQ/kBG+8kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q+Z9NzFi8lSb93/PnVtaXGmcu38VKk6Mzi7ODk4WVmYH5yuVKbTe3Zm/+r9ypXK/PBjsXi9WCtVa8Xq0vLl2criXO1yel//5VLPnrQK6MSx07e/zkXEyuN96ZLobe6Tq7C/1eu56PY9yEB3FLrdAQFdY+oPsst3fGCbn+jd4FC7HfO7Xxdgb+S7XQGga86ddP4Pssr8P2SX+X/ILmN8wPw/ZI/5f8iugTbP//rXumd3DUXEvyPiq0LPwdazvoD9IP9drjn+P3fkwYHNe3tzv6anCHoj4vUPLr13faJWWxhOtv+4tr32fnP7SDfqD3SqlaetPAYAsmv13o3J1rKXcb9/qnERwtb4B5pzk4fSc5T9q7kN1yrkdunahZWbEXFiu/i55vPOG2c++lcLW+Ifb77mGm+R1vdA+tz0vYl/cl38B9bFP/WP/yqQDbeT/mdou/zLpzkda/m3sf8Z2KVrJ9r3f/m1/q/Qpv873WGMVz9849u28W9GnNo2fiveoTTW5vhJ3c51GP/uSy/8r92++keN99kufktSKtZm54vVpeXz6e/ITZfmhscujI+PDY2OjBfTOepia6Z6qydOfHFnp/b3t4m/U/uTbQ932P7f/v/5i2d2iP/Q2e0//+M7xO+LiEc6jP/TyDcvt9uXxJ9q0/78DvGTbaMdxq+++8zBDg8FAPZAdWl5ZqJcLi0oKCgorBW63TMB99ufSd/tmgAAAAAAAAAAAACd2ovLibvdRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/eCPAAAA//9M99Zf")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x10)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000002780)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2405000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05"], 0x0)

2.611896212s ago: executing program 8 (id=634):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='locks_get_lock_context\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x7, &(0x7f00000000c0)={0x0, 0x1, 0x40})
fcntl$lock(r2, 0x6, &(0x7f0000000040)={0x2, 0x0, 0x0, 0xa})

2.598164872s ago: executing program 8 (id=635):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56c49, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)=@newtfilter={0x40, 0x2c, 0xd27, 0xfffffffc, 0x25dfdbfe, {0x0, 0x0, 0x0, r3, {0xc, 0x4}, {}, {0x3, 0xf}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0x9, 0xffe0}}]}}]}, 0x40}}, 0x20040054)

2.545468573s ago: executing program 8 (id=636):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, <r1=>0xffffffffffffffff}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000009c0)='m ', 0x2}], 0x1}, 0x4000005)
recvmsg$unix(r3, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x10002)

1.794817874s ago: executing program 5 (id=644):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x8f, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109027d0002010080000904000001020d0000052406000105240000000d240f0103000000fd0000000406241aff072908241c0101090000142413099f33760bf14377323063f9c8a04d113905241510000905810300020800040904010000020d00000904010102020d0000090582020002e1ad00090503020002"], 0x0)
syz_open_procfs(0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000000)={0x44, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x20, 0x80, 0x1c, {0xb656, 0x70, 0x20002002, 0x1ff, 0x6, 0x8001, 0x5, 0x800, 0x56, 0xfffd, 0x3, 0x3}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000100)={0x14, 0x0, &(0x7f0000000080)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)

1.650676726s ago: executing program 8 (id=646):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_read_part_table(0x405b, &(0x7f0000004080)="$eJzszjFKA1EUBdCbxMGvDARBK0EM9jJ2VrOL6SVrsFZxdmIZXIArsnQLIyhGEkW0CKicU73P5b1/wx9RltMoycP8fi/J8Sx907yGW2/5zvtSc5Zqt4xTJ7n8eLNbbL43AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwS41XXtdraVlO88P0V23O66QcTJPbSar2aJT9ZHb6yd1J8phklOQpSTfdUH8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4J+5WHltr8f1F6t3J+nb6mW8STIMw/Dtb0vSLX7SE57ZgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKMCAAD//wx/Es8=")
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.415963869s ago: executing program 8 (id=649):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000180)=0x7b, 0x4)
recvmmsg(r1, &(0x7f00000000c0)=[{{0x0, 0x0, 0x0}, 0x101}], 0x1, 0x0, 0x0)

1.284508651s ago: executing program 9 (id=650):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000a00)={'#! ', './file0/file0'}, 0x11)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000004, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

1.257866692s ago: executing program 9 (id=651):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000180), r1)
sendmsg$NFC_CMD_GET_TARGET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r2, 0x1}, 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000300), r1)
r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), r1)
sendmsg$NBD_CMD_RECONFIGURE(r0, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000003000000080001"], 0x28}}, 0x0)

1.231632222s ago: executing program 9 (id=652):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r0}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

1.220303443s ago: executing program 7 (id=653):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
pipe2(&(0x7f0000001440)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r2, 0x0, r1, 0x0, 0x6, 0x0)
vmsplice(r1, &(0x7f0000000100)=[{&(0x7f0000000080)="f1bce082c2aa", 0x6}], 0x1, 0xc)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
sendmsg$NFNL_MSG_CTHELPER_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000006c0)=ANY=[@ANYBLOB="14000000010901"], 0x14}}, 0x0)

1.201953452s ago: executing program 9 (id=654):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
dup3(r1, r0, 0x0)
ppoll(&(0x7f0000000240)=[{r0, 0x20}, {r1, 0x88}], 0x2, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000540)={0x10, 0x0, &(0x7f0000000440)=[@request_death], 0x0, 0x1000000, 0x0})

1.047249615s ago: executing program 7 (id=655):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xd68210}], 0x1, 0x0, 0x1f00000000000000, 0x200000}, 0x1f00)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x3a0ffffffff)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x12, &(0x7f0000000580)=r2, 0x4)

924.929207ms ago: executing program 0 (id=659):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={0x0}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000010400000100000000000000000000fa000000001700"])
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)

827.481419ms ago: executing program 0 (id=660):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r2}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

806.214439ms ago: executing program 0 (id=661):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000f"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_TABLE(r2, 0x29, 0xcf, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r3, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)

787.622059ms ago: executing program 0 (id=662):
r0 = socket$inet6(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r2}, 0x10)
sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)

715.67776ms ago: executing program 0 (id=663):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x90)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000040)=0x8000, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x6a, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "6d4dfdeb8cf7bbfe143803bec2ce783e04cd32308cdd8dde", "c71cb8adfce542a4bc5a026c208fd0c45787e4aa384e3d26b21ea41cc128364c"}}}}}}, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

537.228772ms ago: executing program 0 (id=664):
r0 = syz_clone(0xa0122580, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
r2 = syz_open_procfs(r0, &(0x7f00000000c0)='statm\x00')
pread64(r2, &(0x7f0000000140)=""/15, 0xf, 0x4)

510.019623ms ago: executing program 8 (id=665):
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000001c0)={'ip6gre0\x00', &(0x7f00000002c0)={'syztnl2\x00', <r0=>0x0, 0x29, 0x3, 0x7, 0xfffffffc, 0x42, @loopback, @dev={0xfe, 0x80, '\x00', 0x42}, 0x8000, 0x40, 0x7, 0x30000000}})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000380)={{{@in6=@private1, @in=@local, 0x4e22, 0x0, 0x4e23, 0x0, 0x2, 0x80, 0xa0, 0x8, r0, 0xffffffffffffffff}, {0x274, 0x1, 0x0, 0x1, 0x6, 0x3, 0x1ff, 0xde2}, {0x6, 0x3, 0x8, 0x8}, 0x8, 0x6e6bb6, 0x0, 0x1, 0xb3657e89c72aa8ea, 0x1}, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x4d4, 0x6c}, 0x2, @in6=@rand_addr=' \x01\x00', 0x0, 0x4, 0x1, 0x2, 0x81, 0x1, 0xe}}, 0xe8)
bind$packet(0xffffffffffffffff, &(0x7f0000000140)={0x27, 0x10, 0x0, 0x1, 0x0, 0x6, @local}, 0x14)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000106a05310300000000000109022400010000c60009040002010300010009210000000122f80409058103"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='\x00\"'], 0x0}, 0x0)

356.124375ms ago: executing program 9 (id=666):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r2}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

340.953555ms ago: executing program 9 (id=667):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@sack_perm, @window, @sack_perm, @sack_perm, @timestamp, @timestamp, @timestamp, @timestamp], 0x20000149)
syz_clone(0x88080080, 0x0, 0x0, 0x0, 0x0, 0x0)

164.225728ms ago: executing program 7 (id=668):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f00000005c0)=0x8000, 0x4)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000140)=ANY=[], 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000600)=ANY=[], 0x8)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=""/20, 0x14}, 0xffffffff}], 0x1, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

98.037619ms ago: executing program 7 (id=669):
ioctl$PPPIOCGFLAGS(0xffffffffffffffff, 0x8004745a, 0x0)
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
close(r0)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000380)=@base={0x1f, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0xfffffffc, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000640), 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x808003, &(0x7f0000000000), 0x3, 0x4e9, &(0x7f00000000c0)="$eJzs3d9rW9cdAPDvla3MTpzZ2faQBZaYsZGELZIdL4nZQ5LB2J4C27J3z7NlYyxbxpKT2IThsOcxGGMb28v61JdC/4BCyZ9QCoH2PZTSEtokfehDWxVJV4nrSnZCJCuxPx84vuf+0P1+j4SOdO691g3gwBqNiKsR0RcRZyNiOF2eSUtsNkptu0cPb8/UShLV6vVPkkjSZc19Jen0SPqwgYj4w28j/pwkjQVblNc3FqeLxcJqOp+vLK3ky+sb5xaWpucL84XliYnxi5OXJi9MjnWsrZd//eG//v76by6//fOb96c+PvOXWr5D6bqt7eikxnOSrT8XTf0RsdqNYD3Ql7Yn+ywbJ93PBwCAndW+438vIn4cEY//2+tsAAAAgG6oXhmKL5KIKgAAALBvZerXwCaZXHotwFBkMrlc4xreH8SVKJbKlZ/NldaWZxvXyo5ENjO3UCyMpdcKj0Q2qc2P1+tP589vm5+IiGMR8c/hwfp8bqZUnO31wQ8AAAA4IGrj/KFMo16bfDbcGP8DAAAA+8xIrxMAAAAAus74HwAAAPa/b4//RxuTpH/vkwEAAAA67XfXrtVKtXn/69kb62uLpRvnZgvlxdzS2kxuprS6kpsvlebrv9m3tNv+iqXSyi9iee1WvlIoV/Ll9Y2ppdLacmWqfl/vqcIz3ScaAAAA6Khjp+6+n0TE5i8H66XmULrOWB32t8zzbZ50Kw9g7/X1OgGgZ1zgCweXMT6w28B+YI/yAAAAuuf0D5+c/x+MLef/j953bAD2u+c8/w/sI87/w8G17fz//3uVB7D3jPGB3Y4DtD3//07ncwEAALpjqF6STC4dAwxFJpPLRRyt3xYgm8wtFAtjEfHdiHhvOPud2vx4r5MGAAAAAAAAAAAAAAAAAAAAAAAAgFdMtZpEFQAAANjXIjIfJRGRxEDE8E+Gth8fOJR8PlyfRsTN/13/963pSmV1vLb80yfLK/9Jl5/vxREMAAAAYLvmOL05jgcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACATnr08PZMs+xl3Ae/ioiRVvH7Y6A+HYhsRBx+nET/lsclEdHXgfibdyLieKv4SS2tGEmz2B4/ExGDPY5/pAPx4SC7W+t/rrZ6/2VitD5t/f7rT8uLejDarv/LPOn/+tr0f0d32fehdHri3pv5tvHvRJzob93/NOMnL9j//umPGxvt1lVfizjd8vMn+UasfGVpJV9e3zi3sDQ9X5gvLE9MjF+cvDR5YXIsP7dQLKR/W8b4x4/e+mqn9h9uE3+kXfuTRk7Vaut9nto2/+W9Ww+/32rDJOLB39J6i9f/eLv46XP/0/RzoLb+dLO+2ahvdfKNd0/u1P7ZNu3f7fU/026n25z9/V8/aNSyz/gIAKCbyusbi9PFYmH1Va/UGvMSpNHByujLkYbKwaz0umcCAAA67emX/l5nAgAAAAAAAAAAAAAAAAAAAAdX8///m7/l3I2fE9sab6BZSZI9bysAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwE6+DgAA///TSdFe")

14.61014ms ago: executing program 7 (id=670):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000d00000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

0s ago: executing program 7 (id=671):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fsetxattr$security_selinux(r1, &(0x7f00000000c0), &(0x7f0000000040)='system_u:object_r:dhcp_state_t:s0\x00', 0x1e, 0x0)

kernel console output (not intermixed with test programs):



syzkaller
syzkaller login: [   14.058842][   T28] kauditd_printk_skb: 31 callbacks suppressed
[   14.058858][   T28] audit: type=1400 audit(1749263615.621:59): avc:  denied  { transition } for  pid=225 comm="sshd-session" path="/bin/sh" dev="sda1" ino=90 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   14.063072][   T28] audit: type=1400 audit(1749263615.621:60): avc:  denied  { noatsecure } for  pid=225 comm="sshd-session" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   14.066197][   T28] audit: type=1400 audit(1749263615.621:61): avc:  denied  { write } for  pid=225 comm="sh" path="pipe:[14744]" dev="pipefs" ino=14744 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[   14.069300][   T28] audit: type=1400 audit(1749263615.621:62): avc:  denied  { rlimitinh } for  pid=225 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   14.071867][   T28] audit: type=1400 audit(1749263615.621:63): avc:  denied  { siginh } for  pid=225 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
Warning: Permanently added '10.128.0.66' (ED25519) to the list of known hosts.
[   21.548712][   T28] audit: type=1400 audit(1749263623.111:64): avc:  denied  { mounton } for  pid=275 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   21.550111][  T275] cgroup: Unknown subsys name 'net'
[   21.571379][   T28] audit: type=1400 audit(1749263623.111:65): avc:  denied  { mount } for  pid=275 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   21.598682][   T28] audit: type=1400 audit(1749263623.151:66): avc:  denied  { unmount } for  pid=275 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   21.598931][  T275] cgroup: Unknown subsys name 'devices'
[   21.717030][  T275] cgroup: Unknown subsys name 'hugetlb'
[   21.722652][  T275] cgroup: Unknown subsys name 'rlimit'
[   21.827652][   T28] audit: type=1400 audit(1749263623.391:67): avc:  denied  { setattr } for  pid=275 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   21.850843][   T28] audit: type=1400 audit(1749263623.391:68): avc:  denied  { mounton } for  pid=275 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   21.875634][   T28] audit: type=1400 audit(1749263623.391:69): avc:  denied  { mount } for  pid=275 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   21.888516][  T277] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[   21.907533][   T28] audit: type=1400 audit(1749263623.471:70): avc:  denied  { relabelto } for  pid=277 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   21.932993][   T28] audit: type=1400 audit(1749263623.471:71): avc:  denied  { write } for  pid=277 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   21.962758][   T28] audit: type=1400 audit(1749263623.521:72): avc:  denied  { read } for  pid=275 comm="syz-executor" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   21.963285][  T275] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   21.988413][   T28] audit: type=1400 audit(1749263623.521:73): avc:  denied  { open } for  pid=275 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   22.785697][  T283] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.792763][  T283] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.800317][  T283] device bridge_slave_0 entered promiscuous mode
[   22.807361][  T283] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.814403][  T283] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.821906][  T283] device bridge_slave_1 entered promiscuous mode
[   22.876037][  T285] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.883131][  T285] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.890791][  T285] device bridge_slave_0 entered promiscuous mode
[   22.898617][  T285] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.905664][  T285] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.913099][  T285] device bridge_slave_1 entered promiscuous mode
[   23.019990][  T284] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.027089][  T284] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.034474][  T284] device bridge_slave_0 entered promiscuous mode
[   23.045415][  T287] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.052469][  T287] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.059990][  T287] device bridge_slave_0 entered promiscuous mode
[   23.066861][  T286] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.073916][  T286] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.081348][  T286] device bridge_slave_0 entered promiscuous mode
[   23.088058][  T284] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.095192][  T284] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.102578][  T284] device bridge_slave_1 entered promiscuous mode
[   23.112890][  T287] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.119999][  T287] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.127461][  T287] device bridge_slave_1 entered promiscuous mode
[   23.134042][  T286] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.141159][  T286] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.148591][  T286] device bridge_slave_1 entered promiscuous mode
[   23.268676][  T283] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.275757][  T283] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.283053][  T283] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.290110][  T283] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.353258][  T285] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.360348][  T285] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.367650][  T285] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.374792][  T285] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.408428][  T284] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.415524][  T284] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.422791][  T284] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.429847][  T284] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.452291][  T287] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.459367][  T287] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.466686][  T287] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.473712][  T287] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.486969][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.494344][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.501930][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.509729][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.517483][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.524732][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.531911][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.539257][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.547017][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   23.554423][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   23.576613][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   23.584169][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   23.592479][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.599525][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.607045][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   23.615343][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.622368][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.630240][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   23.638568][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.645615][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.653080][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   23.661416][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.668481][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.702785][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   23.712989][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   23.726504][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   23.734796][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   23.754220][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   23.776171][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   23.784968][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   23.793210][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.800259][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.808375][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   23.816954][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   23.825205][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.832241][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.839737][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   23.847903][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   23.856285][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   23.864335][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   23.872470][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   23.880931][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   23.904455][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   23.912704][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   23.924467][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   23.932339][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   23.940308][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   23.947910][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   23.959107][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   23.967968][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   23.981571][  T283] device veth0_vlan entered promiscuous mode
[   23.991193][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   23.999624][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   24.008038][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.015104][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.022814][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   24.031258][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   24.039424][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.046460][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.053837][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   24.061430][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   24.074356][  T285] device veth0_vlan entered promiscuous mode
[   24.086707][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   24.095054][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   24.103212][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   24.111826][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   24.120543][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   24.128205][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   24.136947][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   24.145435][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   24.153629][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.160685][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.174267][  T283] device veth1_macvtap entered promiscuous mode
[   24.184762][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   24.192667][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   24.200959][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   24.209363][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   24.217266][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   24.225415][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   24.233809][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   24.242277][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.249337][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.256996][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   24.264750][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   24.273670][  T287] device veth0_vlan entered promiscuous mode
[   24.296822][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   24.305127][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   24.313143][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   24.321502][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   24.329728][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   24.338134][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   24.346311][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   24.354342][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   24.362419][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   24.370567][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   24.384480][  T284] device veth0_vlan entered promiscuous mode
[   24.392996][  T285] device veth1_macvtap entered promiscuous mode
[   24.401203][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   24.409051][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   24.417535][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   24.426864][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   24.434816][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   24.442875][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   24.450880][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   24.472002][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   24.480904][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.489417][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.498107][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.506630][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.520430][  T286] device veth0_vlan entered promiscuous mode
[   24.531855][  T284] device veth1_macvtap entered promiscuous mode
[   24.546846][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   24.555308][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   24.555610][  T283] request_module fs-gadgetfs succeeded, but still no fs?
[   24.562948][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   24.578683][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   24.586987][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.595249][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.603541][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.612180][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.620712][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   24.628954][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.637300][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.647564][  T287] device veth1_macvtap entered promiscuous mode
[   24.662275][  T286] device veth1_macvtap entered promiscuous mode
[   24.669576][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   24.679740][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.688484][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.728595][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.739978][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.749197][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.758564][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.768304][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.777159][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.785977][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.796526][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.874107][  T323] device syzkaller0 entered promiscuous mode
[   24.916542][  T323] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 65487
[   24.930052][  T330] mmap: syz.1.10 (330) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   25.005562][  T344] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   25.074153][  T353] netlink: 8 bytes leftover after parsing attributes in process `syz.0.21'.
[   25.083041][  T353] netlink: 4 bytes leftover after parsing attributes in process `syz.0.21'.
[   25.334636][  T294] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   25.368089][  T346] loop3: detected capacity change from 0 to 40427
[   25.392762][  T346] F2FS-fs (loop3): invalid crc_offset: 16
[   25.436759][  T346] F2FS-fs (loop3): Found nat_bits in checkpoint
[   25.516369][  T346] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   25.535735][  T294] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[   25.554586][  T294] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[   25.584602][  T294] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   25.609543][  T346] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=400000, run fsck to fix.
[   25.624614][  T294] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   25.633672][  T294] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   25.666280][  T294] usb 5-1: config 0 descriptor??
[   25.671542][  T348] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[   27.224549][    C0] sched: RT throttling activated
[   28.224658][  T294] plantronics 0003:047F:FFFF.0001: unknown main item tag 0xd
[   28.230934][  T387] netlink: 12 bytes leftover after parsing attributes in process `syz.3.30'.
[   28.234248][  T294] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving
[   28.240907][   T28] kauditd_printk_skb: 58 callbacks suppressed
[   28.240922][   T28] audit: type=1326 audit(1749263629.771:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=340 comm="syz.1.16" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9a9132ab19 code=0x7fc00000
[   29.214410][   T28] audit: type=1400 audit(1749263629.791:133): avc:  denied  { create } for  pid=384 comm="syz.3.30" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   29.234534][  T294] plantronics 0003:047F:FFFF.0001: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[   29.247728][  T395] loop4: detected capacity change from 0 to 128
[   29.252876][  T294] usb 5-1: USB disconnect, device number 2
[   29.274130][   T28] audit: type=1400 audit(1749263629.791:134): avc:  denied  { write } for  pid=384 comm="syz.3.30" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   29.302134][  T395] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   29.321684][   T28] audit: type=1400 audit(1749263629.791:135): avc:  denied  { nlmsg_write } for  pid=384 comm="syz.3.30" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   29.342545][   T28] audit: type=1400 audit(1749263630.881:136): avc:  denied  { mount } for  pid=394 comm="syz.4.37" name="/" dev="loop4" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   29.387800][  T400] capability: warning: `syz.3.39' uses deprecated v2 capabilities in a way that may be insecure
[   29.436415][  T404] fido_id[404]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[   29.457140][   T28] audit: type=1400 audit(1749263631.021:137): avc:  denied  { unmount } for  pid=287 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   29.479169][  T313] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   29.501966][  T414] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=414 comm=syz.1.43
[   29.527733][   T28] audit: type=1400 audit(1749263631.051:138): avc:  denied  { create } for  pid=411 comm="syz.3.42" anonclass=[userfaultfd] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   29.571971][   T28] audit: type=1400 audit(1749263631.051:139): avc:  denied  { ioctl } for  pid=411 comm="syz.3.42" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=15915 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   29.683189][  T423] Driver unsupported XDP return value 0 on prog  (id 43) dev N/A, expect packet loss!
[   29.745299][  T426] syz.1.49 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   29.803388][  T432] loop3: detected capacity change from 0 to 512
[   29.827548][   T28] audit: type=1400 audit(1749263631.391:140): avc:  denied  { lock } for  pid=434 comm="syz.2.53" path="socket:[15965]" dev="sockfs" ino=15965 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[   29.852181][  T432] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   29.894612][  T432] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   29.917029][  T432] EXT4-fs (loop3): 1 truncate cleaned up
[   29.922822][  T432] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   29.939176][   T28] audit: type=1400 audit(1749263631.501:141): avc:  denied  { write } for  pid=431 comm="syz.3.52" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   29.977687][  T432] EXT4-fs error (device loop3): ext4_append:79: inode #2: comm syz.3.52: Logical block already allocated
[   30.016825][  T285] EXT4-fs (loop3): unmounting filesystem.
[   30.100829][  T456] loop4: detected capacity change from 0 to 1024
[   30.107885][  T456] =======================================================
[   30.107885][  T456] WARNING: The mand mount option has been deprecated and
[   30.107885][  T456]          and is ignored by this kernel. Remove the mand
[   30.107885][  T456]          option from the mount to silence this warning.
[   30.107885][  T456] =======================================================
[   30.143399][  T456] EXT4-fs: Ignoring removed i_version option
[   30.168129][  T456] EXT4-fs error (device loop4): ext4_map_blocks:745: inode #3: block 1: comm syz.4.61: lblock 1 mapped to illegal pblock 1 (length 1)
[   30.183583][  T459] syz.1.62[459] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   30.183689][  T459] syz.1.62[459] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   30.195699][  T456] EXT4-fs error (device loop4): ext4_acquire_dquot:6789: comm syz.4.61: Failed to acquire dquot type 0
[   30.218404][  T456] EXT4-fs error (device loop4): ext4_free_blocks:6210: comm syz.4.61: Freeing blocks not in datazone - block = 0, count = 4096
[   30.232304][  T456] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.61: Invalid inode bitmap blk 0 in block_group 0
[   30.245249][   T43] EXT4-fs error (device loop4): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:2: lblock 1 mapped to illegal pblock 1 (length 1)
[   30.264626][  T456] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem
[   30.284740][  T456] EXT4-fs (loop4): 1 orphan inode deleted
[   30.284757][   T43] EXT4-fs error (device loop4): ext4_release_dquot:6825: comm kworker/u4:2: Failed to release dquot type 0
[   30.304617][  T456] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   30.358025][  T456] EXT4-fs (loop4): re-mounted. Quota mode: writeback.
[   30.365600][  T456] EXT4-fs error (device loop4): ext4_search_dir:1549: inode #2: block 16: comm syz.4.61: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[   30.394024][  T456] EXT4-fs error (device loop4): ext4_search_dir:1549: inode #2: block 16: comm syz.4.61: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[   30.423544][  T456] EXT4-fs error (device loop4): ext4_search_dir:1549: inode #2: block 16: comm syz.4.61: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[   30.496060][  T287] EXT4-fs (loop4): unmounting filesystem.
[   30.577656][  T477] netlink: 24 bytes leftover after parsing attributes in process `syz.0.71'.
[   30.890100][  T496] SELinux: ebitmap: truncated map
[   30.920633][  T496] SELinux: failed to load policy
[   30.974604][   T19] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   30.984659][  T498] device pim6reg1 entered promiscuous mode
[   31.011202][  T500] loop0: detected capacity change from 0 to 512
[   31.029869][  T479] loop1: detected capacity change from 0 to 40427
[   31.039787][  T479] F2FS-fs (loop1): fault_injection options not supported
[   31.047199][  T479] F2FS-fs (loop1): Image doesn't support compression
[   31.064414][  T479] F2FS-fs (loop1): invalid crc value
[   31.086118][  T500] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   31.095917][  T479] F2FS-fs (loop1): Found nat_bits in checkpoint
[   31.113669][  T500] ext4 filesystem being mounted at /19/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   31.140581][  T500] EXT4-fs error (device loop0): ext4_do_update_inode:5255: inode #2: comm syz.0.82: corrupted inode contents
[   31.161041][  T500] EXT4-fs error (device loop0): ext4_dirty_inode:6120: inode #2: comm syz.0.82: mark_inode_dirty error
[   31.162860][  T479] F2FS-fs (loop1): Start checkpoint disabled!
[   31.173157][  T500] EXT4-fs error (device loop0): ext4_do_update_inode:5255: inode #2: comm syz.0.82: corrupted inode contents
[   31.190221][   T19] usb 5-1: Using ep0 maxpacket: 8
[   31.203571][   T19] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[   31.228578][   T19] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   31.229696][  T479] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[   31.241115][   T19] usb 5-1: config 0 descriptor??
[   31.250666][  T286] EXT4-fs (loop0): unmounting filesystem.
[   31.330406][  T523] loop0: detected capacity change from 0 to 1024
[   31.357714][  T517] syz.2.88 (517) used greatest stack depth: 22400 bytes left
[   31.365928][  T523] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   31.374475][  T479] syz.1.72: attempt to access beyond end of device
[   31.374475][  T479] loop1: rw=2049, sector=77824, nr_sectors = 136 limit=40427
[   31.451340][   T19] asix 5-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[   31.467015][  T286] EXT4-fs error (device loop0): mb_free_blocks:1815: group 0, inode 19: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[   31.468220][  T304] kworker/u4:3: attempt to access beyond end of device
[   31.468220][  T304] loop1: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[   31.490364][  T534] loop2: detected capacity change from 0 to 512
[   31.523869][  T534] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   31.535499][  T286] EXT4-fs (loop0): unmounting filesystem.
[   31.546380][  T534] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   31.562209][  T534] ext4 filesystem being mounted at /23/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   31.662393][  T284] EXT4-fs (loop2): unmounting filesystem.
[   31.706535][  T545] device dummy0 entered promiscuous mode
[   31.714837][  T545] device dummy0 left promiscuous mode
[   31.748749][  T555] loop1: detected capacity change from 0 to 1024
[   31.765266][  T555] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   31.793812][  T555] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   31.806461][  T555] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[   31.825165][  T555] EXT4-fs error (device loop1): ext4_get_journal_inode:5710: comm syz.1.103: inode #1: comm syz.1.103: iget: illegal inode #
[   31.841612][  T555] EXT4-fs (loop1): no journal found
[   32.052837][   T19] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[   32.066987][   T19] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x00b0: ffffffb9
[   32.092093][  T584] netlink: 24 bytes leftover after parsing attributes in process `syz.0.116'.
[   32.119577][   T19] asix: probe of 5-1:0.0 failed with error -71
[   32.141997][   T19] usb 5-1: USB disconnect, device number 3
[   32.159368][   T24] kernel write not supported for file /uhid (pid: 24 comm: kworker/1:0)
[   32.336031][  T611] loop3: detected capacity change from 0 to 128
[   32.347006][  T611] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   32.357077][  T611] ext4 filesystem being mounted at /24/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   32.373958][  T611] overlayfs: upper fs needs to support d_type.
[   32.396014][  T285] EXT4-fs (loop3): unmounting filesystem.
[   32.501396][  T625] netlink: 12 bytes leftover after parsing attributes in process `syz.0.133'.
[   33.104685][   T19] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   33.111017][  T709] netlink: 8 bytes leftover after parsing attributes in process `syz.1.172'.
[   33.201978][  T725] loop2: detected capacity change from 0 to 2048
[   33.235049][  T392] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   33.272307][   T28] kauditd_printk_skb: 77 callbacks suppressed
[   33.272322][   T28] audit: type=1400 audit(1749263634.831:216): avc:  denied  { read } for  pid=727 comm="syz.1.180" name="loop-control" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   33.302831][   T19] usb 4-1: Using ep0 maxpacket: 32
[   33.311043][   T19] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   33.334974][   T28] audit: type=1400 audit(1749263634.831:217): avc:  denied  { open } for  pid=727 comm="syz.1.180" path="/dev/loop-control" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   33.342757][   T19] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   33.373519][   T19] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   33.382782][   T19] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   33.394492][   T19] usb 4-1: config 0 descriptor??
[   33.402398][   T19] hub 4-1:0.0: bad descriptor, ignoring hub
[   33.403477][   T28] audit: type=1400 audit(1749263634.971:218): avc:  denied  { write } for  pid=733 comm="syz.0.182" name="route" dev="proc" ino=4026532598 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   33.408553][   T19] hub: probe of 4-1:0.0 failed with error -5
[   33.441450][   T19] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[   33.479327][  T740] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   33.494638][   T28] audit: type=1326 audit(1749263635.001:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=631 comm="syz.4.136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd29198e929 code=0x7fc00000
[   33.524647][  T740] SELinux: failed to load policy
[   33.554618][   T28] audit: type=1400 audit(1749263635.011:220): avc:  denied  { ioctl } for  pid=727 comm="syz.1.180" path="/dev/loop-control" dev="devtmpfs" ino=117 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   33.582192][   T28] audit: type=1400 audit(1749263635.011:221): avc:  denied  { execute } for  pid=733 comm="syz.0.182" name="file0" dev="tmpfs" ino=285 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   33.607281][   T28] audit: type=1400 audit(1749263635.011:222): avc:  denied  { execute_no_trans } for  pid=733 comm="syz.0.182" path="/50/file0" dev="tmpfs" ino=285 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   33.670847][  T744] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=744 comm=syz.0.186
[   33.700753][  T736] loop2: detected capacity change from 0 to 40427
[   33.738873][  T736] F2FS-fs (loop2): invalid crc value
[   33.758207][  T756] 9pnet: p9_errstr2errno: server reported unknown error �@íÎÇpî‘AçÁ›
¬ž;
KZì44§/@®qæžkøp
[   33.758207][  T756] éC<+¨¦³P5…"kÜÔö­¦ôÎxU’:
[   33.788378][  T736] F2FS-fs (loop2): Found nat_bits in checkpoint
[   33.834033][   T28] audit: type=1326 audit(1749263635.391:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=761 comm="syz.4.194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd29198e929 code=0x7ffc0000
[   33.865991][   T28] audit: type=1326 audit(1749263635.391:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=761 comm="syz.4.194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd29198e929 code=0x7ffc0000
[   33.867051][  T766] loop4: detected capacity change from 0 to 512
[   33.890877][  T736] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   33.954637][   T28] audit: type=1326 audit(1749263635.391:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=761 comm="syz.4.194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd29198e929 code=0x7ffc0000
[   33.981082][  T766] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   33.991178][  T766] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal
[   34.040169][  T778] netlink: 96 bytes leftover after parsing attributes in process `syz.4.201'.
[   34.067155][  T780] loop4: detected capacity change from 0 to 512
[   34.094931][  T780] EXT4-fs (loop4): 1 truncate cleaned up
[   34.100683][  T780] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   34.121258][  T287] EXT4-fs (loop4): unmounting filesystem.
[   34.147652][  T788] loop2: detected capacity change from 0 to 1024
[   34.154994][  T788] EXT4-fs: Ignoring removed nobh option
[   34.161009][  T788] EXT4-fs: Ignoring removed bh option
[   34.170935][  T788] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   34.196514][  T788] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   34.220718][  T284] EXT4-fs (loop2): unmounting filesystem.
[   34.482678][  T815] netlink: 20 bytes leftover after parsing attributes in process `syz.4.214'.
[   34.636811][  T829] netlink: 96 bytes leftover after parsing attributes in process `syz.4.222'.
[   34.695078][  T294] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   34.788829][  T774] incfs: Can't find or create .index dir in ./file0
[   34.795590][  T774] incfs: mount failed -103
[   34.884613][  T294] usb 3-1: Using ep0 maxpacket: 16
[   34.893114][  T294] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[   34.902365][  T294] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   34.910432][  T294] usb 3-1: Product: syz
[   34.914838][  T294] usb 3-1: Manufacturer: syz
[   34.919473][  T294] usb 3-1: SerialNumber: syz
[   34.925299][  T294] r8152-cfgselector 3-1: config 0 descriptor??
[   35.054633][   T19] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   35.234697][   T19] usb 5-1: Using ep0 maxpacket: 32
[   35.245434][   T19] usb 5-1: config 0 has an invalid interface number: 2 but max is 0
[   35.253533][   T19] usb 5-1: config 0 has no interface number 0
[   35.259973][   T19] usb 5-1: config 0 interface 2 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   35.271358][   T19] usb 5-1: config 0 interface 2 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[   35.281618][   T19] usb 5-1: config 0 interface 2 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   35.294650][  T202] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   35.302228][   T19] usb 5-1: config 0 interface 2 has no altsetting 0
[   35.309139][   T19] usb 5-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[   35.318450][   T19] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   35.333894][  T294] r8152-cfgselector 3-1: Unknown version 0x0000
[   35.339818][   T19] usb 5-1: config 0 descriptor??
[   35.342014][  T294] r8152-cfgselector 3-1: bad CDC descriptors
[   35.353415][  T294] r8152-cfgselector 3-1: Unknown version 0x0000
[   35.360533][  T294] r8152-cfgselector 3-1: USB disconnect, device number 2
[   35.505783][  T202] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   35.516621][  T202] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[   35.527622][  T202] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[   35.537542][  T202] usb 1-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   35.550561][  T202] usb 1-1: config 1 interface 1 has no altsetting 0
[   35.560762][  T202] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   35.570042][  T202] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   35.578238][  T202] usb 1-1: Product: syz
[   35.582450][  T202] usb 1-1: Manufacturer: syz
[   35.587226][  T202] usb 1-1: SerialNumber: syz
[   35.761708][   T19] uclogic 0003:5543:0781.0002: unknown main item tag 0x0
[   35.769364][   T19] uclogic 0003:5543:0781.0002: unknown main item tag 0x0
[   35.776562][   T19] uclogic 0003:5543:0781.0002: unknown main item tag 0x0
[   35.783825][   T19] uclogic 0003:5543:0781.0002: unknown main item tag 0x0
[   35.791000][   T19] uclogic 0003:5543:0781.0002: unknown main item tag 0x0
[   35.798315][   T19] uclogic 0003:5543:0781.0002: unknown main item tag 0x0
[   35.806789][  T861] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   35.816399][   T19] uclogic 0003:5543:0781.0002: unknown main item tag 0x0
[   35.824450][  T861] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   35.832649][   T19] uclogic 0003:5543:0781.0002: No inputs registered, leaving
[   35.863288][  T202] usb 1-1: MIDIStreaming interface descriptor not found
[   35.868037][  T875] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.881022][   T19] uclogic 0003:5543:0781.0002: hidraw0: USB HID v0.07 Device [HID 5543:0781] on usb-dummy_hcd.4-1/input2
[   35.881937][  T877] loop2: detected capacity change from 0 to 512
[   35.903050][  T202] usb 1-1: USB disconnect, device number 2
[   35.915131][  T877] EXT4-fs: Invalid commit interval 2147483647, must be smaller than 21474836
[   35.966071][  T294] usb 4-1: USB disconnect, device number 2
[   35.983057][  T877] loop2: detected capacity change from 0 to 512
[   36.006409][   T19] usb 5-1: USB disconnect, device number 4
[   36.028172][  T877] EXT4-fs: Ignoring removed i_version option
[   36.049996][  T877] EXT4-fs: Ignoring removed mblk_io_submit option
[   36.065086][  T877] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   36.105600][  T877] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2818: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   36.124750][  T877] EXT4-fs (loop2): 1 truncate cleaned up
[   36.134595][  T877] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   36.173475][  T284] EXT4-fs (loop2): unmounting filesystem.
[   36.316124][  T894] syz.3.247 (894) used greatest stack depth: 21376 bytes left
[   36.564625][   T19] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   36.680342][  T935] device syzkaller0 entered promiscuous mode
[   36.757049][   T19] usb 2-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[   36.769608][   T19] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   36.790467][   T19] usb 2-1: Product: syz
[   36.799088][  T941] loop4: detected capacity change from 0 to 1024
[   36.810976][   T19] usb 2-1: Manufacturer: syz
[   36.815804][   T19] usb 2-1: SerialNumber: syz
[   36.826915][  T941] EXT4-fs (loop4): Test dummy encryption mode enabled
[   36.832844][   T19] r8152-cfgselector 2-1: config 0 descriptor??
[   36.853615][  T941] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   36.878808][  T941] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[   36.897164][  T941] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[   36.915919][  T287] EXT4-fs (loop4): unmounting filesystem.
[   36.932582][  T959] loop3: detected capacity change from 0 to 512
[   36.977480][  T959] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   36.993903][  T959] ext4 filesystem being mounted at /46/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   37.013329][  T959] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #2: comm syz.3.276: corrupted inode contents
[   37.034456][  T959] EXT4-fs error (device loop3): ext4_dirty_inode:6120: inode #2: comm syz.3.276: mark_inode_dirty error
[   37.054339][  T959] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #2: comm syz.3.276: corrupted inode contents
[   37.066520][  T959] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.276: mark_inode_dirty error
[   37.140071][  T285] EXT4-fs (loop3): unmounting filesystem.
[   37.158300][  T979] netlink: 96 bytes leftover after parsing attributes in process `syz.2.283'.
[   37.202720][  T985] loop2: detected capacity change from 0 to 1024
[   37.237338][  T985] EXT4-fs (loop2): Test dummy encryption mode enabled
[   37.278615][   T19] r8152-cfgselector 2-1: Unknown version 0x0000
[   37.287193][  T985] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   37.317752][   T19] r8152-cfgselector 2-1: USB disconnect, device number 2
[   37.408202][  T284] EXT4-fs (loop2): unmounting filesystem.
[   37.478003][ T1006] loop2: detected capacity change from 0 to 256
[   37.565634][ T1010] netlink: 'syz.4.298': attribute type 12 has an invalid length.
[   37.626549][ T1015] loop3: detected capacity change from 0 to 256
[   37.756276][ T1029] process 'syz.0.307' launched './file1' with NULL argv: empty string added
[   37.818741][ T1035] I/O error, dev loop9, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[   37.830037][ T1035] EXT4-fs (loop9): unable to read superblock
[   37.886334][ T1041] netlink: 96 bytes leftover after parsing attributes in process `syz.0.313'.
[   37.892283][ T1047] loop2: detected capacity change from 0 to 1024
[   37.943388][ T1047] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   38.015018][  T284] EXT4-fs error (device loop2): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[   38.025963][  T284] EXT4-fs error (device loop2): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[   38.038130][  T284] EXT4-fs error (device loop2): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[   38.049296][  T284] EXT4-fs error (device loop2): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[   38.060894][  T284] EXT4-fs error (device loop2): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[   38.088420][  T284] EXT4-fs error (device loop2): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[   38.114976][  T284] EXT4-fs error (device loop2): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[   38.135128][  T401] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   38.143220][  T284] EXT4-fs error (device loop2): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[   38.167817][  T284] EXT4-fs error (device loop2): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[   38.188909][  T284] EXT4-fs error (device loop2): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[   38.297652][  T284] EXT4-fs (loop2): unmounting filesystem.
[   38.315753][  T401] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   38.338996][  T401] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   38.348851][  T401] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   38.362077][  T401] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   38.376773][  T401] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   38.387801][  T401] usb 4-1: config 0 descriptor??
[   38.500192][   T28] kauditd_printk_skb: 37 callbacks suppressed
[   38.500208][   T28] audit: type=1400 audit(1749263640.061:263): avc:  denied  { read } for  pid=1084 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   38.528092][   T28] audit: type=1400 audit(1749263640.061:264): avc:  denied  { open } for  pid=1084 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   38.551489][   T28] audit: type=1400 audit(1749263640.061:265): avc:  denied  { mounton } for  pid=1084 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   38.595429][ T1084] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.602568][ T1084] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.610458][ T1084] device bridge_slave_0 entered promiscuous mode
[   38.619750][ T1084] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.626967][ T1084] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.634893][ T1084] device bridge_slave_1 entered promiscuous mode
[   38.703408][ T1084] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.710481][ T1084] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.714647][  T294] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   38.717805][ T1084] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.732191][ T1084] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.762532][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   38.770580][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.777985][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.789848][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   38.799468][  T401] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   38.805260][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   38.807417][  T401] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[   38.816202][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.823951][  T401] plantronics 0003:047F:FFFF.0003: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[   38.829706][  T304] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.850672][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   38.872811][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   38.882101][  T304] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.889224][  T304] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.904652][  T294] usb 1-1: Using ep0 maxpacket: 16
[   38.914776][  T294] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   38.926196][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   38.927237][  T294] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[   38.944197][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   38.944239][  T294] usb 1-1: config 0 interface 0 has no altsetting 0
[   38.959197][  T294] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[   38.965825][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   38.968571][  T294] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   38.976510][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   38.994865][  T294] usb 1-1: config 0 descriptor??
[   39.017390][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   39.026635][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   39.037377][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   39.046607][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   39.057554][ T1084] device veth0_vlan entered promiscuous mode
[   39.065017][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   39.072560][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   39.085860][    T8] device bridge_slave_1 left promiscuous mode
[   39.092015][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.099898][    T8] device bridge_slave_0 left promiscuous mode
[   39.106314][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.114744][    T8] device veth1_macvtap left promiscuous mode
[   39.120841][    T8] device veth0_vlan left promiscuous mode
[   39.217771][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   39.226328][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   39.236523][ T1084] device veth1_macvtap entered promiscuous mode
[   39.248526][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   39.256727][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   39.269527][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   39.291301][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   39.313542][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   39.322910][ T1092] netlink: 'syz.4.335': attribute type 4 has an invalid length.
[   39.337930][ T1092] netlink: 'syz.4.335': attribute type 4 has an invalid length.
[   39.363722][ T1096] loop5: detected capacity change from 0 to 1024
[   39.400035][ T1092] syz.4.335 (1092) used greatest stack depth: 20800 bytes left
[   39.408139][ T1096] EXT4-fs: Ignoring removed i_version option
[   39.419960][  T294] hid (null): bogus close delimiter
[   39.448176][ T1096] EXT4-fs error (device loop5): ext4_map_blocks:745: inode #3: block 1: comm syz.5.330: lblock 1 mapped to illegal pblock 1 (length 1)
[   39.476926][ T1096] Quota error (device loop5): write_blk: dquota write failed
[   39.488279][ T1096] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[   39.498578][ T1096] EXT4-fs error (device loop5): ext4_acquire_dquot:6789: comm syz.5.330: Failed to acquire dquot type 0
[   39.513033][ T1104] loop4: detected capacity change from 0 to 4096
[   39.515048][ T1096] EXT4-fs error (device loop5): ext4_free_blocks:6210: comm syz.5.330: Freeing blocks not in datazone - block = 0, count = 4096
[   39.534100][ T1096] EXT4-fs error (device loop5): ext4_read_inode_bitmap:140: comm syz.5.330: Invalid inode bitmap blk 0 in block_group 0
[   39.535943][ T1104] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   39.548194][ T1096] EXT4-fs error (device loop5) in ext4_free_inode:362: Corrupt filesystem
[   39.555974][   T43] EXT4-fs error (device loop5): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:2: lblock 1 mapped to illegal pblock 1 (length 1)
[   39.578975][ T1096] EXT4-fs (loop5): 1 orphan inode deleted
[   39.584766][   T43] Quota error (device loop5): remove_tree: Can't read quota data block 1
[   39.585948][ T1096] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   39.601618][   T43] EXT4-fs error (device loop5): ext4_release_dquot:6825: comm kworker/u4:2: Failed to release dquot type 0
[   39.632146][  T294] usb 1-1: USB disconnect, device number 3
[   39.638424][ T1104] EXT4-fs (loop4): re-mounted. Quota mode: writeback.
[   39.651238][ T1104] EXT4-fs (loop4): re-mounted. Quota mode: writeback.
[   39.652205][ T1096] EXT4-fs (loop5): re-mounted. Quota mode: writeback.
[   39.667403][  T287] EXT4-fs (loop4): unmounting filesystem.
[   39.669337][ T1096] EXT4-fs error (device loop5): ext4_search_dir:1549: inode #2: block 16: comm syz.5.330: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[   39.705692][ T1096] EXT4-fs error (device loop5): ext4_search_dir:1549: inode #2: block 16: comm syz.5.330: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[   39.725639][ T1096] EXT4-fs error (device loop5): ext4_search_dir:1549: inode #2: block 16: comm syz.5.330: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[   39.752814][ T1084] EXT4-fs (loop5): unmounting filesystem.
[   39.772500][   T28] audit: type=1400 audit(1749263641.331:266): avc:  denied  { mounton } for  pid=1109 comm="syz.5.340" path="/1/file0" dev="incremental-fs" ino=24 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   39.795936][   T28] audit: type=1400 audit(1749263641.331:267): avc:  denied  { read } for  pid=1109 comm="syz.5.340" name="file0" dev="incremental-fs" ino=25 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   39.804636][   T19] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   39.819123][   T28] audit: type=1400 audit(1749263641.331:268): avc:  denied  { open } for  pid=1109 comm="syz.5.340" path="/1/file0/file0" dev="incremental-fs" ino=25 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   39.851595][   T28] audit: type=1400 audit(1749263641.331:269): avc:  denied  { write } for  pid=1109 comm="syz.5.340" path="/1/file0/file0" dev="incremental-fs" ino=25 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   39.966573][ T1118] loop5: detected capacity change from 0 to 512
[   39.986281][ T1118] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   39.995807][ T1118] ext4 filesystem being mounted at /5/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   40.011810][ T1118] EXT4-fs error (device loop5): ext4_do_update_inode:5255: inode #2: comm syz.5.344: corrupted inode contents
[   40.023810][ T1118] EXT4-fs error (device loop5): ext4_dirty_inode:6120: inode #2: comm syz.5.344: mark_inode_dirty error
[   40.035088][   T19] usb 2-1: Using ep0 maxpacket: 8
[   40.035496][ T1118] EXT4-fs error (device loop5): ext4_do_update_inode:5255: inode #2: comm syz.5.344: corrupted inode contents
[   40.041495][   T19] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[   40.052450][ T1118] EXT4-fs error (device loop5): __ext4_ext_dirty:202: inode #2: comm syz.5.344: mark_inode_dirty error
[   40.060985][   T19] usb 2-1: config 179 has no interface number 0
[   40.078623][   T19] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[   40.088444][ T1118] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   40.089750][   T19] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[   40.100238][ T1118] EXT4-fs error (device loop5): ext4_do_update_inode:5255: inode #2: comm syz.5.344: corrupted inode contents
[   40.110319][   T19] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[   40.110352][   T19] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[   40.110389][   T19] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[   40.122379][ T1118] EXT4-fs error (device loop5): ext4_dirty_inode:6120: inode #2: comm syz.5.344: mark_inode_dirty error
[   40.133959][   T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   40.146758][ T1118] EXT4-fs error (device loop5): ext4_do_update_inode:5255: inode #2: comm syz.5.344: corrupted inode contents
[   40.157411][ T1102] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[   40.203389][ T1118] EXT4-fs error (device loop5): ext4_do_update_inode:5255: inode #2: comm syz.5.344: corrupted inode contents
[   40.215415][ T1118] EXT4-fs error (device loop5): ext4_setent:3695: inode #2: comm syz.5.344: mark_inode_dirty error
[   40.235408][ T1084] EXT4-fs (loop5): unmounting filesystem.
[   40.458534][ T1102] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   40.468066][ T1102] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   40.534608][  T294] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   40.697235][    T6] usb 2-1: USB disconnect, device number 3
[   40.703116][    C0] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[   40.703155][    C0] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[   40.726590][  T294] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   40.750960][  T294] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   40.783866][  T294] usb 6-1: New USB device found, idVendor=056a, idProduct=0336, bcdDevice= 0.00
[   40.798996][  T294] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   40.818579][  T294] usb 6-1: config 0 descriptor??
[   40.885467][  T202] usb 4-1: USB disconnect, device number 3
[   40.949334][ T1149] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.958983][ T1149] bridge0: port 1(bridge_slave_0) entered disabled state
[   40.967871][ T1149] device bridge_slave_0 entered promiscuous mode
[   40.975340][ T1149] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.982469][ T1149] bridge0: port 2(bridge_slave_1) entered disabled state
[   40.990444][ T1149] device bridge_slave_1 entered promiscuous mode
[   41.034374][  T294] usbhid 6-1:0.0: can't add hid device: -71
[   41.045051][  T294] usbhid: probe of 6-1:0.0 failed with error -71
[   41.055710][  T294] usb 6-1: USB disconnect, device number 2
[   41.101403][ T1149] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.108496][ T1149] bridge0: port 2(bridge_slave_1) entered forwarding state
[   41.115781][ T1149] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.122795][ T1149] bridge0: port 1(bridge_slave_0) entered forwarding state
[   41.146175][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   41.153887][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.161501][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.195813][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   41.214937][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.222021][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[   41.233987][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   41.242541][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.249628][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[   41.264272][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   41.272626][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   41.295552][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   41.325806][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   41.336785][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   41.359184][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   41.376050][   T10] device bridge_slave_1 left promiscuous mode
[   41.388152][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.404160][   T10] device bridge_slave_0 left promiscuous mode
[   41.410674][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.420810][   T10] device veth1_macvtap left promiscuous mode
[   41.427780][   T10] device veth0_vlan left promiscuous mode
[   41.484203][ T1198] serio: Serial port ptm0
[   41.549050][ T1187] device dummy0 entered promiscuous mode
[   41.570106][ T1187] device dummy0 left promiscuous mode
[   41.600344][ T1149] device veth0_vlan entered promiscuous mode
[   41.612342][ T1200] netlink: 4 bytes leftover after parsing attributes in process `syz.0.379'.
[   41.625432][ T1200] device veth3 entered promiscuous mode
[   41.643381][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   41.653500][ T1149] device veth1_macvtap entered promiscuous mode
[   41.677766][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   41.686399][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   41.716811][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   41.729373][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   41.848470][ T1221] bridge0: port 3(vlan2) entered blocking state
[   41.861235][ T1221] bridge0: port 3(vlan2) entered disabled state
[   41.984057][ T1240] device wireguard0 entered promiscuous mode
[   42.055577][ T1233] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.062640][ T1233] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.070801][ T1233] device bridge_slave_0 entered promiscuous mode
[   42.082161][ T1233] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.089374][ T1233] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.097282][ T1233] device bridge_slave_1 entered promiscuous mode
[   42.191517][ T1233] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.198637][ T1233] bridge0: port 2(bridge_slave_1) entered forwarding state
[   42.205983][ T1233] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.213031][ T1233] bridge0: port 1(bridge_slave_0) entered forwarding state
[   42.224264][ T1265] xt_hashlimit: size too large, truncated to 1048576
[   42.291981][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   42.305210][ T1271] syz.1.410[1271] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   42.305294][ T1271] syz.1.410[1271] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   42.374650][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.393791][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.418243][ T1274] loop3: detected capacity change from 0 to 256
[   42.431385][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   42.447479][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.454677][  T304] bridge0: port 1(bridge_slave_0) entered forwarding state
[   42.484273][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   42.492876][  T304] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.499961][  T304] bridge0: port 2(bridge_slave_1) entered forwarding state
[   42.523211][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   42.553708][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   42.635795][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   42.671207][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   42.706827][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   42.722250][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   42.733212][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   42.756403][ T1233] device veth0_vlan entered promiscuous mode
[   42.773776][ T1289] KVM: debugfs: duplicate directory 1289-4
[   42.797818][ T1233] device veth1_macvtap entered promiscuous mode
[   42.815324][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   42.835630][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   42.852783][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   42.863536][   T10] device bridge_slave_1 left promiscuous mode
[   42.869873][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.880044][   T10] device bridge_slave_0 left promiscuous mode
[   42.887645][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.896348][   T10] device veth1_macvtap left promiscuous mode
[   42.902408][   T10] device veth0_vlan left promiscuous mode
[   43.104652][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   43.139290][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   43.886055][   T10] device bridge_slave_1 left promiscuous mode
[   43.892228][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.945015][   T10] device bridge_slave_0 left promiscuous mode
[   43.951180][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.035450][   T10] device veth1_macvtap left promiscuous mode
[   44.041522][   T10] device veth0_vlan left promiscuous mode
[   48.068933][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   48.077668][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   48.175140][   T28] kauditd_printk_skb: 19 callbacks suppressed
[   48.175155][   T28] audit: type=1400 audit(1749263649.741:289): avc:  denied  { setopt } for  pid=1328 comm="syz.5.435" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   48.326467][ T1343] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.333576][ T1343] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.341467][ T1343] device bridge_slave_0 entered promiscuous mode
[   48.348817][ T1343] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.364569][ T1343] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.372097][ T1343] device bridge_slave_1 entered promiscuous mode
[   48.422890][   T28] audit: type=1400 audit(1749263649.981:290): avc:  denied  { mounton } for  pid=1350 comm="syz.5.441" path="/proc/8/task" dev="proc" ino=21185 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[   48.511069][ T1343] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.518173][ T1343] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.525519][ T1343] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.532563][ T1343] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.568565][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   48.577929][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.586460][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.614740][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   48.623013][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.630121][  T304] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.637877][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   48.646234][  T304] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.653308][  T304] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.660934][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   48.675345][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   48.699626][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   48.719061][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   48.727593][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   48.735934][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   48.744415][ T1343] device veth0_vlan entered promiscuous mode
[   48.758597][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   48.769239][ T1343] device veth1_macvtap entered promiscuous mode
[   48.782487][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   48.796937][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   48.845133][   T28] audit: type=1400 audit(1749263650.411:291): avc:  denied  { bind } for  pid=1365 comm="syz.7.445" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   48.918972][ T1372] loop6: detected capacity change from 0 to 1024
[   48.922967][ T1375] loop7: detected capacity change from 0 to 1024
[   48.927939][ T1372] EXT4-fs: Ignoring removed nobh option
[   48.933763][ T1375] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[   48.948114][ T1372] EXT4-fs: Ignoring removed bh option
[   48.954185][ T1375] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[   48.971157][ T1372] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   48.993160][ T1343] EXT4-fs (loop7): unmounting filesystem.
[   49.014071][ T1372] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   49.035234][ T1383] loop7: detected capacity change from 0 to 512
[   49.037697][ T1385] syz.3.452[1385] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   49.049929][ T1385] syz.3.452[1385] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   49.063431][ T1149] EXT4-fs (loop6): unmounting filesystem.
[   49.067561][ T1383] EXT4-fs error (device loop7): ext4_orphan_get:1426: comm syz.7.451: bad orphan inode 11
[   49.100906][ T1383] ext4_test_bit(bit=10, block=4) = 1
[   49.101539][ T1388] syz.6.453[1388] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   49.106488][ T1383] is_bad_inode(inode)=0
[   49.106808][ T1388] syz.6.453[1388] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   49.118563][ T1383] NEXT_ORPHAN(inode)=2080374784
[   49.139414][ T1383] max_ino=32
[   49.149301][ T1383] i_nlink=0
[   49.152517][ T1383] EXT4-fs (loop7): 1 truncate cleaned up
[   49.241087][ T1383] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[   49.273621][ T1393] loop5: detected capacity change from 0 to 512
[   49.289483][ T1393] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   49.300134][ T1343] EXT4-fs (loop7): unmounting filesystem.
[   49.322490][ T1393] EXT4-fs error (device loop5): ext4_orphan_get:1400: inode #15: comm syz.5.455: casefold flag without casefold feature
[   49.354282][ T1393] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.455: couldn't read orphan inode 15 (err -117)
[   49.417424][ T1393] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   49.463121][ T1390] loop3: detected capacity change from 0 to 32768
[   49.486454][ T1390]  loop3: p1 p3 < >
[   49.506830][ T1233] EXT4-fs (loop5): unmounting filesystem.
[   49.615564][ T1336] I/O error, dev loop3, sector 3072 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   49.615604][  T285] __loop_clr_fd: partition scan of loop3 failed (rc=-16)
[   49.625498][ T1316] I/O error, dev loop3, sector 2056 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   49.650745][ T1336] I/O error, dev loop3, sector 3072 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   49.664642][ T1316] I/O error, dev loop3, sector 2056 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   49.674137][ T1336] Buffer I/O error on dev loop3p3, logical block 0, async page read
[   49.683024][  T202] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   49.694790][ T1316] Buffer I/O error on dev loop3p1, logical block 1, async page read
[   49.704964][ T1336] I/O error, dev loop3, sector 3072 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   49.713184][ T1398] loop6: detected capacity change from 0 to 40427
[   49.727344][ T1336] Buffer I/O error on dev loop3p3, logical block 0, async page read
[   49.741701][ T1398] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[   49.759536][   T28] audit: type=1400 audit(1749263651.321:292): avc:  denied  { mounton } for  pid=1408 comm="syz.3.460" path="/74/file0" dev="tmpfs" ino=412 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[   49.764818][ T1336] I/O error, dev loop3, sector 3072 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   49.786367][ T1398] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[   49.831207][ T1398] F2FS-fs (loop6): invalid crc value
[   49.834941][ T1336] Buffer I/O error on dev loop3p3, logical block 0, async page read
[   49.844829][ T1336] I/O error, dev loop3, sector 3072 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   49.854805][ T1336] Buffer I/O error on dev loop3p3, logical block 0, async page read
[   49.863057][ T1336] I/O error, dev loop3, sector 3072 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   49.872807][ T1336] Buffer I/O error on dev loop3p3, logical block 0, async page read
[   49.887992][  T202] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   49.899108][ T1398] F2FS-fs (loop6): Found nat_bits in checkpoint
[   49.912031][ T1336] udevd[1336]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[   49.926540][ T1316] udevd[1316]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   49.936425][  T202] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   49.950415][  T202] usb 8-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   49.964226][ T1336] udevd[1336]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[   49.975995][ T1316] udevd[1316]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   49.989431][  T202] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   50.012240][ T1398] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[   50.016190][  T202] usb 8-1: config 0 descriptor??
[   50.023064][ T1398] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   50.087631][ T1426] bridge0: port 3(vlan2) entered blocking state
[   50.093978][ T1426] bridge0: port 3(vlan2) entered disabled state
[   50.104494][ T1398] syz.6.457: attempt to access beyond end of device
[   50.104494][ T1398] loop6: rw=34817, sector=77824, nr_sectors = 2080 limit=40427
[   50.464414][   T28] audit: type=1400 audit(1749263652.021:293): avc:  denied  { watch } for  pid=1440 comm="syz.5.474" path="/10/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[   50.487574][  T294] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   50.498919][   T28] audit: type=1400 audit(1749263652.031:294): avc:  denied  { associate } for  pid=1440 comm="syz.5.474" name="/" dev="cgroup2" ino=1 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 srawcon="system_u:object_r:fsadm_exec_t:s0"
[   50.541242][ T1447] syz.5.476[1447] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   50.541336][ T1447] syz.5.476[1447] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   50.596562][ T1451] loop3: detected capacity change from 0 to 512
[   50.622071][ T1451] EXT4-fs (loop3): Test dummy encryption mode enabled
[   50.637024][  T202] usb 8-1: language id specifier not provided by device, defaulting to English
[   50.647882][ T1451] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   50.664680][ T1451] EXT4-fs error (device loop3): ext4_orphan_get:1426: comm syz.3.478: bad orphan inode 131083
[   50.676072][ T1451] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   50.684770][  T294] usb 1-1: Using ep0 maxpacket: 8
[   50.694208][  T294] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[   50.705146][ T1457] device syzkaller0 entered promiscuous mode
[   50.713711][  T294] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   50.715296][ T1451] overlayfs: upper fs needs to support d_type.
[   50.729370][  T294] usb 1-1: config 0 descriptor??
[   50.755211][  T285] EXT4-fs error (device loop3): ext4_readdir:263: inode #2: block 13: comm syz-executor: path /81/bus: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[   50.783101][ T1462] netlink: 'syz.5.483': attribute type 2 has an invalid length.
[   50.841513][  T202] uclogic 0003:256C:006D.0005: failed retrieving Huion firmware version: -71
[   50.855151][  T202] uclogic 0003:256C:006D.0005: failed probing parameters: -71
[   50.862672][  T202] uclogic: probe of 0003:256C:006D.0005 failed with error -71
[   50.885222][  T202] usb 8-1: USB disconnect, device number 2
[   50.914074][  T285] EXT4-fs (loop3): unmounting filesystem.
[   50.946261][  T294] asix 1-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[   51.164658][    T6] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   51.179133][ T1482] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.186316][ T1482] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.193882][ T1482] device bridge_slave_0 entered promiscuous mode
[   51.201510][ T1482] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.208960][ T1482] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.216848][ T1482] device bridge_slave_1 entered promiscuous mode
[   51.290543][ T1482] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.297635][ T1482] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.304978][ T1482] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.312025][ T1482] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.345284][    T6] usb 7-1: Using ep0 maxpacket: 32
[   51.360327][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   51.367851][    T6] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   51.380147][    T6] usb 7-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   51.380320][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.404617][    T6] usb 7-1: config 0 interface 0 has no altsetting 0
[   51.411416][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.412937][    T6] usb 7-1: New USB device found, idVendor=056a, idProduct=00ed, bcdDevice=13.00
[   51.427858][    T6] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   51.440771][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   51.448077][    T6] usb 7-1: config 0 descriptor??
[   51.464170][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.471281][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.491731][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   51.506532][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.513628][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.529704][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   51.537889][   T28] audit: type=1400 audit(1749263653.111:295): avc:  denied  { setopt } for  pid=1500 comm="syz.7.496" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   51.545115][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   51.575358][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   51.599389][ T1482] device veth0_vlan entered promiscuous mode
[   51.610124][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   51.631677][ T1482] device veth1_macvtap entered promiscuous mode
[   51.642999][ T1506] device pim6reg1 entered promiscuous mode
[   51.651208][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   51.660484][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   51.670840][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   51.677373][ T1476] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   51.687669][ T1476] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   51.698689][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   51.711931][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   51.727667][ T1476] loop6: detected capacity change from 0 to 2048
[   51.751666][ T1510] loop7: detected capacity change from 0 to 512
[   51.761241][   T28] audit: type=1400 audit(1749263653.331:296): avc:  denied  { add_name } for  pid=1482 comm="syz-executor" name="syz8" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[   51.793119][   T28] audit: type=1400 audit(1749263653.351:297): avc:  denied  { associate } for  pid=1482 comm="syz-executor" name="syz8" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   51.820672][ T1510] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[   51.841913][ T1476]  loop6: p2 p3 p7
[   51.845841][ T1510] ext4 filesystem being mounted at /12/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   51.919997][ T1471] usb 7-1: USB disconnect, device number 2
[   51.986135][   T43] device bridge_slave_1 left promiscuous mode
[   51.992377][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.000652][   T43] device bridge_slave_0 left promiscuous mode
[   52.007128][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.015690][   T43] device veth1_macvtap left promiscuous mode
[   52.021938][   T43] device veth0_vlan left promiscuous mode
[   52.084317][ T1343] EXT4-fs (loop7): unmounting filesystem.
[   52.084706][ T1526] loop8: detected capacity change from 0 to 16
[   52.102945][   T28] audit: type=1400 audit(1749263653.661:298): avc:  denied  { mounton } for  pid=1525 comm="syz.8.504" path="/3/file0" dev="cgroup" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[   52.126655][ T1526] erofs: (device loop8): erofs_read_inode: unsupported chunk format ffff of nid 36
[   52.144677][ T1467] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   52.161941][  T294] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[   52.172136][  T294] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[   52.183743][  T294] asix: probe of 1-1:0.0 failed with error -71
[   52.191109][  T294] usb 1-1: USB disconnect, device number 4
[   52.361368][ T1467] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   52.372894][ T1467] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   52.383471][ T1467] usb 6-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[   52.392763][ T1467] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   52.402020][ T1467] usb 6-1: config 0 descriptor??
[   52.514046][ T1554] loop6: detected capacity change from 0 to 128
[   52.523031][ T1554] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[   52.532085][ T1554] ext4 filesystem being mounted at /22/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   52.544236][ T1554] syz.6.516 (pid 1554) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[   52.562754][ T1149] EXT4-fs (loop6): unmounting filesystem.
[   52.565011][ T1469] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[   52.586377][ T1558] netlink: 16 bytes leftover after parsing attributes in process `syz.6.517'.
[   52.598597][ T1558] netlink: 16 bytes leftover after parsing attributes in process `syz.6.517'.
[   52.607880][ T1558] Zero length message leads to an empty skb
[   52.718851][ T1569] netlink: 4 bytes leftover after parsing attributes in process `syz.0.532'.
[   52.729533][ T1569] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.739697][ T1569] device bridge_slave_1 left promiscuous mode
[   52.745998][ T1569] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.754863][ T1469] usb 9-1: Using ep0 maxpacket: 16
[   52.761380][ T1469] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 8
[   52.785527][ T1469] usb 9-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[   52.801632][ T1469] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   52.809941][ T1469] usb 9-1: Product: syz
[   52.814155][ T1469] usb 9-1: Manufacturer: syz
[   52.831292][ T1469] usb 9-1: SerialNumber: syz
[   52.839186][ T1469] usb 9-1: config 0 descriptor??
[   52.849706][ T1469] ftdi_sio 9-1:0.0: FTDI USB Serial Device converter detected
[   52.864471][ T1469] usb 9-1: Detected FT232R
[   53.050705][ T1469] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[   53.185638][   T28] audit: type=1400 audit(1749263654.751:299): avc:  denied  { getopt } for  pid=1589 comm="syz.0.530" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   53.262263][ T1469] ftdi_sio 9-1:0.0: GPIO initialisation failed: -71
[   53.271714][ T1469] usb 9-1: FTDI USB Serial Device converter now attached to ttyUSB0
[   53.300013][ T1469] usb 9-1: USB disconnect, device number 2
[   53.315139][ T1469] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[   53.329782][ T1469] ftdi_sio 9-1:0.0: device disconnected
[   53.434898][ T1471] usb 6-1: USB disconnect, device number 3
[   53.652828][ T1606] netlink: 'syz.7.537': attribute type 4 has an invalid length.
[   53.665863][ T1606] netlink: 'syz.7.537': attribute type 4 has an invalid length.
[   53.785537][   T28] audit: type=1400 audit(1749263655.351:300): avc:  denied  { append } for  pid=1612 comm="syz.7.540" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   53.808314][    T6] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   53.816094][ T1615] af_packet: tpacket_rcv: packet too big, clamped from 112 to 4294967272. macoff=96
[   53.845868][ T1618] xt_NFQUEUE: number of total queues is 0
[   53.939663][   T43] Bluetooth: hci0: Frame reassembly failed (-84)
[   54.005677][    T6] usb 1-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=c6.98
[   54.011287][ T1636] netlink: 16 bytes leftover after parsing attributes in process `syz.7.549'.
[   54.019294][    T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   54.040430][    T6] usb 1-1: config 0 descriptor??
[   54.053570][    T6] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[   54.065736][    T6] ftdi_sio ttyUSB0: unknown device type: 0xc698
[   54.142753][ T1650] loop7: detected capacity change from 0 to 8192
[   54.156325][   T28] audit: type=1400 audit(1749263655.721:301): avc:  denied  { watch watch_reads } for  pid=1649 comm="syz.7.556" path="/30/file0/file0" dev="loop7" ino=1048624 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1
[   54.259091][ T1469] usb 1-1: USB disconnect, device number 5
[   54.265648][ T1469] ftdi_sio 1-1:0.0: device disconnected
[   54.376929][ T1659] netlink: 76 bytes leftover after parsing attributes in process `syz.5.560'.
[   54.494662][    T6] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   54.686050][    T6] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   54.702812][    T6] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   54.712762][    T6] usb 8-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[   54.722065][    T6] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   54.734386][    T6] usb 8-1: config 0 descriptor??
[   54.788701][ T1679] loop6: detected capacity change from 0 to 128
[   54.836610][   T28] audit: type=1400 audit(1749263656.401:302): avc:  denied  { mounton } for  pid=1678 comm="syz.6.568" path="/34/file0/bus" dev="loop6" ino=1048626 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=file permissive=1
[   54.865487][   T28] audit: type=1400 audit(1749263656.421:303): avc:  denied  { map } for  pid=1678 comm="syz.6.568" path="/34/file0/bus" dev="devtmpfs" ino=124 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   54.972754][ T1149] FAT-fs (loop6): error, invalid access to FAT (entry 0xffff0000)
[   54.980756][ T1149] FAT-fs (loop6): Filesystem has been set read-only
[   54.987774][ T1149] FAT-fs (loop6): error, corrupted directory (invalid entries)
[   54.995513][ T1149] FAT-fs (loop6): error, corrupted directory (invalid entries)
[   55.246898][ T1703] serio: Serial port tty20
[   55.269521][ T1700] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.276751][ T1700] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.284373][ T1700] device bridge_slave_0 entered promiscuous mode
[   55.293369][ T1700] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.307421][ T1700] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.321951][ T1700] device bridge_slave_1 entered promiscuous mode
[   55.377230][ T1716] syz.5.584[1716] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   55.377305][ T1716] syz.5.584[1716] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   55.391168][ T1716] syz.5.584[1716] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   55.402754][ T1716] syz.5.584[1716] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   55.417093][ T1716] netlink: 96 bytes leftover after parsing attributes in process `syz.5.584'.
[   55.526451][   T43] device bridge_slave_1 left promiscuous mode
[   55.532631][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.562455][   T43] device bridge_slave_0 left promiscuous mode
[   55.568698][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.578997][   T43] device veth1_macvtap left promiscuous mode
[   55.587085][   T43] device veth0_vlan left promiscuous mode
[   55.616593][ T1731] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   55.748690][ T1513] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   55.753952][ T1471] usb 8-1: USB disconnect, device number 3
[   55.758450][ T1513] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   55.773468][ T1513] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   55.782083][ T1513] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   55.790585][ T1513] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.797643][ T1513] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.806813][ T1513] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   55.814701][ T1513] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   55.823113][ T1513] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   55.831531][ T1513] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.831610][   T28] audit: type=1400 audit(1749263657.401:304): avc:  denied  { name_bind } for  pid=1737 comm="syz.0.593" src=19996 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[   55.838594][ T1513] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.864148][ T1700] device veth0_vlan entered promiscuous mode
[   55.873147][   T28] audit: type=1400 audit(1749263657.441:305): avc:  denied  { node_bind } for  pid=1737 comm="syz.0.593" saddr=10.1.1.1 src=19996 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[   55.896995][ T1513] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   55.905752][ T1513] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   55.914020][ T1513] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   55.922090][ T1513] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   55.929908][ T1513] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   55.938700][ T1513] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   55.953822][ T1700] device veth1_macvtap entered promiscuous mode
[   55.966392][ T1513] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   55.976471][ T1513] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   55.988289][ T1513] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   55.994786][ T1630] Bluetooth: hci0: command 0x1003 tx timeout
[   55.997699][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   56.063483][ T1752] netlink: 79 bytes leftover after parsing attributes in process `syz.9.599'.
[   56.087748][   T28] audit: type=1400 audit(1749263657.651:306): avc:  denied  { map } for  pid=1748 comm="syz.8.598" path="/dev/ashmem" dev="devtmpfs" ino=269 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   56.134062][   T28] audit: type=1400 audit(1749263657.691:307): avc:  denied  { append } for  pid=1756 comm="syz.8.601" name="001" dev="devtmpfs" ino=179 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   56.424658][ T1471] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[   56.464608][ T1469] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[   56.615750][ T1471] usb 10-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[   56.625002][ T1471] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   56.633693][ T1471] usb 10-1: config 0 descriptor??
[   56.654622][ T1469] usb 9-1: Using ep0 maxpacket: 16
[   56.660823][ T1469] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   56.671817][ T1469] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   56.681653][ T1469] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   56.694478][ T1469] usb 9-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   56.703574][ T1469] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   56.712615][ T1469] usb 9-1: config 0 descriptor??
[   56.893658][ T1776] device ipip0 entered promiscuous mode
[   57.121471][ T1469] microsoft 0003:045E:07DA.0008: unknown main item tag 0x7
[   57.129084][ T1469] microsoft 0003:045E:07DA.0008: unknown main item tag 0x2
[   57.137950][ T1469] microsoft 0003:045E:07DA.0008: No inputs registered, leaving
[   57.146052][ T1469] microsoft 0003:045E:07DA.0008: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.8-1/input0
[   57.157557][ T1469] microsoft 0003:045E:07DA.0008: no inputs found
[   57.164209][ T1469] microsoft 0003:045E:07DA.0008: could not initialize ff, continuing anyway
[   57.306171][ T1813] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   57.343491][  T401] usb 9-1: USB disconnect, device number 3
[   57.348564][ T1819] loop5: detected capacity change from 0 to 512
[   57.367146][ T1819] EXT4-fs error (device loop5): ext4_init_orphan_info:586: comm syz.5.629: inode #0: comm syz.5.629: iget: illegal inode #
[   57.381037][ T1819] EXT4-fs (loop5): get orphan inode failed
[   57.381228][ T1817] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[   57.387509][ T1819] EXT4-fs (loop5): mount failed
[   57.714665][  T294] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   57.895674][  T294] usb 6-1: config 1 has an invalid descriptor of length 141, skipping remainder of the config
[   57.906313][  T294] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[   57.916385][  T294] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   57.931286][  T294] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   57.939608][  T294] usb 6-1: SerialNumber: syz
[   58.044120][ T1471] usb 10-1: Cannot set autoneg
[   58.051470][ T1471] MOSCHIP usb-ethernet driver: probe of 10-1:0.0 failed with error -71
[   58.061248][ T1471] usb 10-1: USB disconnect, device number 2
[   58.153118][  T294] usb 6-1: 0:2 : does not exist
[   58.169268][  T294] usb 6-1: USB disconnect, device number 4
[   58.589320][   T28] audit: type=1400 audit(1749263660.151:308): avc:  denied  { bind } for  pid=1848 comm="syz.9.642" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   58.608916][   T28] audit: type=1400 audit(1749263660.151:309): avc:  denied  { listen } for  pid=1848 comm="syz.9.642" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   58.630973][   T28] audit: type=1400 audit(1749263660.151:310): avc:  denied  { accept } for  pid=1848 comm="syz.9.642" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   58.741395][ T1855] loop9: detected capacity change from 0 to 8192
[   58.755274][ T1855] FAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   58.839393][   T28] audit: type=1400 audit(1749263660.401:311): avc:  denied  { remount } for  pid=1854 comm="syz.9.645" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   58.944599][  T401] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   58.957740][ T1857] loop8: detected capacity change from 0 to 32768
[   58.975795][ T1857]  loop8: p1 p3 < >
[   59.137521][  T401] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   59.146693][  T401] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   59.154758][  T401] usb 6-1: Product: syz
[   59.159035][  T401] usb 6-1: Manufacturer: syz
[   59.163698][  T401] usb 6-1: SerialNumber: syz
[   59.221655][ T1871] netlink: 12 bytes leftover after parsing attributes in process `syz.9.651'.
[   59.434642][ T1630] Bluetooth: hci0: command 0x1003 tx timeout
[   59.434775][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   59.474197][ T1887] netlink: 96 bytes leftover after parsing attributes in process `syz.0.657'.
[   59.687653][ T1901] syz.0.662[1901] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   59.687710][ T1901] syz.0.662[1901] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   59.700781][ T1901] syz.0.662[1901] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   59.712159][ T1901] syz.0.662[1901] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   59.725798][ T1901] netlink: 96 bytes leftover after parsing attributes in process `syz.0.662'.
[   60.177092][  T401] cdc_ncm 6-1:1.0: MAC-Address: 42:42:42:42:42:42
[   60.183586][  T401] cdc_ncm 6-1:1.0: setting rx_max = 16384
[   60.244623][ T1122] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[   60.379455][ T1471] kernel write not supported for file bpf-map (pid: 1471 comm: kworker/1:14)
[   60.381805][  T401] cdc_ncm 6-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.5-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[   60.413959][   T28] audit: type=1400 audit(1749263661.971:312): avc:  denied  { read } for  pid=141 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[   60.435183][ T1122] usb 9-1: Using ep0 maxpacket: 16
[   60.442625][ T1122] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   60.459804][  T401] usb 6-1: USB disconnect, device number 5
[   60.472512][  T401] cdc_ncm 6-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.5-1, CDC NCM (NO ZLP)
[   60.483266][ T1122] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[   60.493337][   T28] audit: type=1400 audit(1749263662.001:313): avc:  denied  { search } for  pid=141 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   60.516698][ T1122] usb 9-1: config 0 interface 0 has no altsetting 0
[   60.524695][ T1122] usb 9-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[   60.533891][ T1122] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   60.542267][   T28] audit: type=1400 audit(1749263662.001:314): avc:  denied  { read } for  pid=141 comm="dhcpcd" name="n15" dev="tmpfs" ino=3429 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   60.568920][ T1122] usb 9-1: config 0 descriptor??
[   60.576374][  T202] ==================================================================
[   60.584467][  T202] BUG: KASAN: use-after-free in __list_del_entry_valid+0xa6/0x130
[   60.592294][  T202] Read of size 8 at addr ffff888131de0cf0 by task kworker/0:2/202
[   60.600113][  T202] 
[   60.602444][  T202] CPU: 0 PID: 202 Comm: kworker/0:2 Not tainted 6.1.138-syzkaller-00056-g7af56ffc913d #0
[   60.612255][  T202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   60.622410][  T202] Workqueue: events kernfs_notify_workfn
[   60.628165][  T202] Call Trace:
[   60.631449][  T202]  <TASK>
[   60.634376][  T202]  __dump_stack+0x21/0x24
[   60.638708][  T202]  dump_stack_lvl+0xee/0x150
[   60.643295][  T202]  ? __cfi_dump_stack_lvl+0x8/0x8
[   60.648317][  T202]  ? __list_del_entry_valid+0xa6/0x130
[   60.653765][  T202]  print_address_description+0x71/0x210
[   60.659330][  T202]  print_report+0x4a/0x60
[   60.663652][  T202]  kasan_report+0x122/0x150
[   60.668148][  T202]  ? __list_del_entry_valid+0xa6/0x130
[   60.673597][  T202]  __asan_report_load8_noabort+0x14/0x20
[   60.679241][  T202]  __list_del_entry_valid+0xa6/0x130
[   60.684534][  T202]  process_one_work+0x4b9/0xc40
[   60.689384][  T202]  worker_thread+0xa29/0x11f0
[   60.694063][  T202]  kthread+0x281/0x320
[   60.698121][  T202]  ? __cfi_worker_thread+0x10/0x10
[   60.703219][  T202]  ? __cfi_kthread+0x10/0x10
[   60.707800][  T202]  ret_from_fork+0x1f/0x30
[   60.712216][  T202]  </TASK>
[   60.715226][  T202] 
[   60.717541][  T202] Allocated by task 401:
[   60.721768][  T202]  kasan_set_track+0x4b/0x70
[   60.726347][  T202]  kasan_save_alloc_info+0x25/0x30
[   60.731453][  T202]  __kasan_kmalloc+0x95/0xb0
[   60.736034][  T202]  __kmalloc_node+0xb2/0x1e0
[   60.740619][  T202]  kvmalloc_node+0x294/0x480
[   60.745206][  T202]  alloc_netdev_mqs+0x8d/0xf90
[   60.749978][  T202]  alloc_etherdev_mqs+0x37/0x40
[   60.754826][  T202]  usbnet_probe+0x20c/0x2780
[   60.759419][  T202]  usb_probe_interface+0x610/0xaf0
[   60.764526][  T202]  really_probe+0x2cb/0x960
[   60.769044][  T202]  __driver_probe_device+0x198/0x280
[   60.774327][  T202]  driver_probe_device+0x54/0x3e0
[   60.779347][  T202]  __device_attach_driver+0x2e9/0x4a0
[   60.784712][  T202]  bus_for_each_drv+0x183/0x210
[   60.789550][  T202]  __device_attach+0x2a2/0x400
[   60.794302][  T202]  device_initial_probe+0x1a/0x20
[   60.799340][  T202]  bus_probe_device+0xc0/0x1f0
[   60.804093][  T202]  device_add+0xb4d/0xef0
[   60.808417][  T202]  usb_set_configuration+0x19c2/0x1f10
[   60.813873][  T202]  usb_generic_driver_probe+0x91/0x150
[   60.819320][  T202]  usb_probe_device+0x159/0x270
[   60.824164][  T202]  really_probe+0x2cb/0x960
[   60.828660][  T202]  __driver_probe_device+0x198/0x280
[   60.833941][  T202]  driver_probe_device+0x54/0x3e0
[   60.838993][  T202]  __device_attach_driver+0x2e9/0x4a0
[   60.844392][  T202]  bus_for_each_drv+0x183/0x210
[   60.849244][  T202]  __device_attach+0x2a2/0x400
[   60.854005][  T202]  device_initial_probe+0x1a/0x20
[   60.859024][  T202]  bus_probe_device+0xc0/0x1f0
[   60.863774][  T202]  device_add+0xb4d/0xef0
[   60.868092][  T202]  usb_new_device+0xa70/0x1520
[   60.872846][  T202]  hub_event+0x2a5d/0x4680
[   60.877256][  T202]  process_one_work+0x71f/0xc40
[   60.882092][  T202]  worker_thread+0xa29/0x11f0
[   60.886752][  T202]  kthread+0x281/0x320
[   60.890807][  T202]  ret_from_fork+0x1f/0x30
[   60.895226][  T202] 
[   60.897533][  T202] Freed by task 401:
[   60.901406][  T202]  kasan_set_track+0x4b/0x70
[   60.906005][  T202]  kasan_save_free_info+0x31/0x50
[   60.911019][  T202]  ____kasan_slab_free+0x132/0x180
[   60.916131][  T202]  __kasan_slab_free+0x11/0x20
[   60.920879][  T202]  slab_free_freelist_hook+0xc2/0x190
[   60.926240][  T202]  __kmem_cache_free+0xb7/0x1b0
[   60.931078][  T202]  kfree+0x6f/0xf0
[   60.934788][  T202]  kvfree+0x35/0x40
[   60.938588][  T202]  netdev_freemem+0x3f/0x60
[   60.943076][  T202]  netdev_release+0x7f/0xb0
[   60.947566][  T202]  device_release+0xa4/0x1d0
[   60.952139][  T202]  kobject_put+0x19d/0x280
[   60.956560][  T202]  put_device+0x1f/0x30
[   60.960702][  T202]  free_netdev+0x392/0x490
[   60.965101][  T202]  usbnet_disconnect+0x25a/0x3b0
[   60.970038][  T202]  usb_unbind_interface+0x223/0x8d0
[   60.975229][  T202]  device_release_driver_internal+0x508/0x820
[   60.981350][  T202]  device_release_driver+0x19/0x20
[   60.986455][  T202]  bus_remove_device+0x2ee/0x350
[   60.991379][  T202]  device_del+0x6a4/0xeb0
[   60.995711][  T202]  usb_disable_device+0x3a8/0x750
[   61.000726][  T202]  usb_disconnect+0x31e/0x860
[   61.005392][  T202]  hub_event+0x1bd5/0x4680
[   61.009802][  T202]  process_one_work+0x71f/0xc40
[   61.014637][  T202]  worker_thread+0xd2e/0x11f0
[   61.019302][  T202]  kthread+0x281/0x320
[   61.023359][  T202]  ret_from_fork+0x1f/0x30
[   61.027765][  T202] 
[   61.030079][  T202] Last potentially related work creation:
[   61.035777][  T202]  kasan_save_stack+0x3a/0x60
[   61.040444][  T202]  __kasan_record_aux_stack+0xb6/0xc0
[   61.045805][  T202]  kasan_record_aux_stack_noalloc+0xb/0x10
[   61.051607][  T202]  insert_work+0x51/0x300
[   61.055933][  T202]  __queue_work+0x9b1/0xd30
[   61.060428][  T202]  queue_work_on+0xd2/0x140
[   61.064923][  T202]  usbnet_link_change+0x176/0x1a0
[   61.069941][  T202]  usbnet_probe+0x1d55/0x2780
[   61.074628][  T202]  usb_probe_interface+0x610/0xaf0
[   61.079732][  T202]  really_probe+0x2cb/0x960
[   61.084231][  T202]  __driver_probe_device+0x198/0x280
[   61.089508][  T202]  driver_probe_device+0x54/0x3e0
[   61.094527][  T202]  __device_attach_driver+0x2e9/0x4a0
[   61.099894][  T202]  bus_for_each_drv+0x183/0x210
[   61.104732][  T202]  __device_attach+0x2a2/0x400
[   61.109484][  T202]  device_initial_probe+0x1a/0x20
[   61.114504][  T202]  bus_probe_device+0xc0/0x1f0
[   61.119277][  T202]  device_add+0xb4d/0xef0
[   61.123598][  T202]  usb_set_configuration+0x19c2/0x1f10
[   61.129049][  T202]  usb_generic_driver_probe+0x91/0x150
[   61.134500][  T202]  usb_probe_device+0x159/0x270
[   61.139345][  T202]  really_probe+0x2cb/0x960
[   61.143842][  T202]  __driver_probe_device+0x198/0x280
[   61.149120][  T202]  driver_probe_device+0x54/0x3e0
[   61.154136][  T202]  __device_attach_driver+0x2e9/0x4a0
[   61.159503][  T202]  bus_for_each_drv+0x183/0x210
[   61.164343][  T202]  __device_attach+0x2a2/0x400
[   61.169098][  T202]  device_initial_probe+0x1a/0x20
[   61.174112][  T202]  bus_probe_device+0xc0/0x1f0
[   61.178883][  T202]  device_add+0xb4d/0xef0
[   61.183203][  T202]  usb_new_device+0xa70/0x1520
[   61.187958][  T202]  hub_event+0x2a5d/0x4680
[   61.192366][  T202]  process_one_work+0x71f/0xc40
[   61.197200][  T202]  worker_thread+0xa29/0x11f0
[   61.201863][  T202]  kthread+0x281/0x320
[   61.205918][  T202]  ret_from_fork+0x1f/0x30
[   61.210329][  T202] 
[   61.212639][  T202] The buggy address belongs to the object at ffff888131de0000
[   61.212639][  T202]  which belongs to the cache kmalloc-4k of size 4096
[   61.226675][  T202] The buggy address is located 3312 bytes inside of
[   61.226675][  T202]  4096-byte region [ffff888131de0000, ffff888131de1000)
[   61.240107][  T202] 
[   61.242417][  T202] The buggy address belongs to the physical page:
[   61.248808][  T202] page:ffffea0004c77800 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x131de0
[   61.259042][  T202] head:ffffea0004c77800 order:3 compound_mapcount:0 compound_pincount:0
[   61.267352][  T202] flags: 0x4000000000010200(slab|head|zone=1)
[   61.273416][  T202] raw: 4000000000010200 0000000000000000 dead000000000001 ffff888100043380
[   61.281985][  T202] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000
[   61.290548][  T202] page dumped because: kasan: bad access detected
[   61.296952][  T202] page_owner tracks the page as allocated
[   61.302650][  T202] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 284, tgid 284 (syz-executor), ts 23190332914, free_ts 0
[   61.322954][  T202]  post_alloc_hook+0x1f5/0x210
[   61.327712][  T202]  prep_new_page+0x1c/0x110
[   61.332206][  T202]  get_page_from_freelist+0x2c6e/0x2ce0
[   61.337745][  T202]  __alloc_pages+0x19e/0x3a0
[   61.342346][  T202]  alloc_slab_page+0x6e/0xf0
[   61.346935][  T202]  new_slab+0x98/0x3d0
[   61.350997][  T202]  ___slab_alloc+0x6f6/0xb50
[   61.355670][  T202]  __slab_alloc+0x5e/0xa0
[   61.360003][  T202]  __kmem_cache_alloc_node+0x203/0x2c0
[   61.365494][  T202]  kmalloc_trace+0x29/0xb0
[   61.369906][  T202]  ipv6_add_dev+0x614/0x1230
[   61.374487][  T202]  addrconf_notify+0x6d5/0xe40
[   61.379244][  T202]  raw_notifier_call_chain+0xa1/0x110
[   61.384617][  T202]  call_netdevice_notifiers+0x111/0x190
[   61.390171][  T202]  register_netdevice+0x10e2/0x14a0
[   61.395357][  T202]  veth_newlink+0x7a0/0xbe0
[   61.399853][  T202] page_owner free stack trace missing
[   61.405206][  T202] 
[   61.407516][  T202] Memory state around the buggy address:
[   61.413138][  T202]  ffff888131de0b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   61.421197][  T202]  ffff888131de0c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   61.429253][  T202] >ffff888131de0c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   61.437293][  T202]                                                              ^
[   61.444991][  T202]  ffff888131de0d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   61.453069][  T202]  ffff888131de0d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   61.461118][  T202] ==================================================================
[   61.469172][  T202] Disabling lock debugging due to kernel taint
[   61.521603][   T28] audit: type=1400 audit(1749263662.001:315): avc:  denied  { open } for  pid=141 comm="dhcpcd" path="/run/udev/data/n15" dev="tmpfs" ino=3429 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   61.557125][   T28] audit: type=1400 audit(1749263662.001:316): avc:  denied  { getattr } for  pid=141 comm="dhcpcd" path="/run/udev/data/n15" dev="tmpfs" ino=3429 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   61.581415][   T28] audit: type=1400 audit(1749263662.111:317): avc:  denied  { read } for  pid=1925 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=494 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   61.898484][ T1122] hid (null): bogus close delimiter
[   62.105005][ T1122] usb 9-1: USB disconnect, device number 4