last executing test programs:

3m21.580023665s ago: executing program 32 (id=447):
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r0 = socket$packet(0x11, 0x2, 0x300)
getsockopt$packet_int(r0, 0x107, 0x17, 0x0, &(0x7f0000000000))

3m5.825231612s ago: executing program 33 (id=569):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r1}, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000080)={0xc})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002340)={&(0x7f0000003700)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c0000000400000002000000020000060400000002000000f024"], 0x0, 0x38, 0x0, 0x9, 0x3, 0x0, @void, @value}, 0x28)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008000000000000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
r7 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x20241, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)

2m47.078615802s ago: executing program 34 (id=676):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200000000f400850000008600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r2, 0x2)

1m42.272141186s ago: executing program 35 (id=1202):
r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x80)
fchdir(r1)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r2, 0xfffffffffffffffd, 0x58)

1m37.872962679s ago: executing program 36 (id=1249):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000220000001801000020207025000000"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0500000004000000080000000a"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f00000000c0)=@framed, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

1m8.066148979s ago: executing program 9 (id=1517):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0xff0f}], 0x1}, 0x0)
recvmsg(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)

1m7.99231903s ago: executing program 9 (id=1519):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000088500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe2c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9a3359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112b0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01ac69398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ef6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b6214912a57f810200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e92604f8e86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd3536460000000000000000000000000000000000000000001e000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734837ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a6d072034cecc457776c5fa1f33b0203c07052c6bc314b0ac5c63bc2083c9cda0b7480e0b17854ffcc76176ce266bc698f7921b8afe798a7a5ed33ab0374455ee368fda99a0e681bf9426831b193395cb01a7332a50aac841cb7d48a1768a7640a9820631ba775aea28905c3a1ace5f05689ae67e26856816"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124000632f77fbac141416ac14141644089f034d2f87e5fe0c6aab845013f2325f1a39014403048da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)

1m7.790155423s ago: executing program 9 (id=1520):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x6, 0x0, 0x0, 0x40f00, 0x9, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000640)='kmem_cache_free\x00', r0, 0x0, 0x80001}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000c80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca7f8fbc9cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b2cdf41dc10d1e8bf076d83923dd29c0301000000010000003d5d78c07fa1f7e4d5b318e2ec0e0700897a74a0091ff110026e6d2ef831ab7ea0c34f17e3ad6e70af07da5ceb01b7551ef3bb622003b538dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe7bc0476619f28d99cde7a6b73340cc2160a1fe3c184b751c51160fbce841dfebd31a08b32808b80200000000009dd27080e71113610e10d8fb9c2aec61ce63a3462fd50117b89a9ab759b4eeb8cb000067d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6ea0180aabc18cae2ed4b4390af9a9ceafd07ed0030000002cab154ad029a119ca3c972780870014605c83d7d11c3c975d5aec84222fff0d7216fdb0d3a0ec4bfae563858dc06e7c337642d3e5a815212f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a46939868d75211bbae0e7313bff5d4c391ddece00fc772dd6b4d4d0a917b239fe12280fc92c88c5b8dcdcc22ee1747790a8992533ac2a9f5a699593f084419cae0b4183fb01c73f99857399537f5cc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffff7f23877a6b24db0e067345560942fa629fbef2461c96a08707671215c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e42e50adab988dd8e12baf5cc9398c88607a08009c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859adfe38f77b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2499d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc874b2f663ddeef0005b3d96c7aae73835d5a3cda9e90d76c1993e0799d4894ee7f8249dc1e3428d2129369ee1b85afa1a5b6154eb2eea0d0df414b315f65112412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7ade8a5b859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355a500587b603306a5af8d867d80a07f10d82eafb03062e95196d5e3ffea0000000000000be959096ea948cfa8e7194123e918914a71ad5a8521fb9553bc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c63ebb4380b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989177a1bcd1e30280bc586e79a5dd80701018e7d6e97b3ce267dd4e27b6ef206660090bb2164474cef378f97ca33fc03000000000000001547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5c759c3e5468f0000000011d415b6b085fb73a2c7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aac029d15af607ad83532ff181c985f54b39370c06e63055b4d6a36fa98a44e379d28307c9912fb097601f3f88a2ca6fd1f9320cfe7fc8e9f7f15f02e177ce23f43a154b42e26f037e8a01377cbd3f509e6e540c9ba9c2a589c95d8ad67a65e9a44c576dc24452eaa9d819e2b04bdd1c000000070000000000000000000000005333c6199c12dcd926891927a7267c47cf897853d160100b39b613faefe16bed1fc105dddd77ab929b837d4442d13d5a29179a00837918dd7854aa17eb9fbdc2bdc0e98ae2c3f23a6131e2879f04ff01000030b92dd493be66c2242f8184733b80ba28e8ffffff7f00000000bb2f89049c5f6d63d56995747639964217aacfe548bc869098aa8e07e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99040b5d91398e17df85c25ccae973eecc7d187168d5c9cd848d566cc17587641ed01889c927da38d83314480b15e23138c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5d371c61f550e9d86aabda45706bda78ab60200000000000000000000000000000000000000706f78f0a2ea9667fb5b951808545a46830970c2dfae01adbda7d29bf1f7abdaf52e0de6f9d7150808ed086642e64ebf98762b34338b80e41b704c3eefaf0bb5ff070000000000000ea15ccc0d7a830b6eb33b6b61675511d693ef5e3c44bbf71cabc5f45c879e7499f8baae2a1a09cf38da73297764fbc0e723e1cc3abb12e3076982ed32c94a2ce3e6f37c47e983da4ca5c96187db5a2a2e1742bc93a65d7187126126b3a80f17dd2f7dbbe82d104ede9ba6925afc2ee6cb94f56f1363cad635abf8f983292c49c0ebf5005154c7b58a3a2a2ea86d2fd92b8661264f781e3fb02d05a28f3f17b64d0258853d45cb5ebde10cd3d82eeed2f1ed925b7cf400304932c5ed0a362b235ce37e1f17700f7d1fecf8be8a2c5d25a9c60657560d05441387ff158a018d19a286c58684a1d2f624c3eb59d509ee89cc2df52881d005b2e5c27563ba54e4153c132d0366aa660000000000000009c1aaec93ec0f925921fb2e9eb202a29bef28224dbabe723de5c584bc398a8792e493048c87f60a51a391e95921218149403558fd13c649f90b0911d57eeb298b590581eba1ce383b539ab80fd15445987b1bb4eb512545e1ab65fef3103ce10b1ee362b51c72f82edf2f502ddf52567775e34a56d1be892f1e62b08950d517fa6fb1b0ef2edf1b67f8644786116b037d4a36fdd30b000063e58c856ec44cbbc2d370553f832af9480215e09aaa3843fe360b1c293a14627f2cfbe278f31d0abc0f5aaa10926dbbfe8a4b131c13a73d4e6d065c2c0fed3ab8442520ce0e0ad7d2d177377ab197ace3ef8b1c24ceb0bdee84bd6e6317633938dd19dc42de7f8f860eca6d9c74525fcd3497526df4c13e3ba5f0d75365a4542ae9440d2fede416d618cdaaf7e038879c5d177b3876fda4121e00000100000000003edd3d43cc64e0d26b46907b42e08d000000000000903350932d3eef7fdada20c19807066e2c72d0d816eb9fa50be213bf6bbb7ccb9f2e8a153e6ced68f192ebed6e86af0f2cec7335fa8039fd6eb025440bc2a34d071f0a0e6774308a74748b8cd994ed368695aa2c5986aa9200a1306ffa5a71ca69e89a6980612b35fc858f37c2c398515a910a35e22ab0573c10b85df4c2972a2fb8b9c080fbb41a753791df727fdeaded2930376eda31312256191c620cce34d1e3bf40a4a207ab1575b399eb8155781bfc7cb5920b49c039935a888d77041894f60fbbcafa487ee96b368e8769da90b44190e569fe8b923c32c288baaca5c5558b5a78bb43e5d9e47a1d5809bb178184b5672d08e29aecf1f572ac1e6cab7e820751e95999b7532603494d37a2bff35a9eec46dfc8a52433f605ebf151c837b4966b5f3628a406175a87e32c5e4268d3000933b580415b162e2946446b8f02554c8a1225217d69d049685dd06aa8528673a9673a723ac414af77f523ad730d00e8700c213f95c87a94f39f506b9e000000000000000000000000000000000000000000000000000090668ac41a1c2a4f7831e6c6a3e9c68ca2c449482bb70a994e71a7f24873848fbb128c820c1de19cc003dfa65a2b296caeb1253802080e08eeb724c4c7b7e052afa19b0f2cd7a13bda4b5a8f3b8fa3ca70bb756a3d529718d5c79d9bdb89e5d33793533211d76d00a45079eff797476106bf76f1fed952a7c9162b88911b5b00c3d26fd2fb4d7b29d1ce025e102d458efd5cca3f3835ce760359eaa01cb13cb28d60e8942fdc02b6824c00dac62f8a2d4c680ae284a82f09d6641921536814b444e4188d9b2e97eb3b108e7876f0f3f3863147ab694218c7cecc075d52d590dddbb57fc6fedf5ec69d7894a7b5c8109f303dab998815c80534b0bd34c49eea63997e56728a8185a8bb6988a7197b87f5548f5edfdfb3efc907fe561b33a6f7c707f7828c6adaf3b2a39929b4b65253e787d65c08aff5e4a9b2267bd8f803ea38f10a6e9c4a49bf23525e08c12d229211fe4d88cf1440f29accfa50f327ac1fb20d7f164100111bd21fca713b2475f1c997f3000000000080c426bcec79c6bc83ce4e6cbb17c01be69db342192d0a716cc24710d23321441f475ec485d642b61c6bd907071dbbe37c0b78f60fd2ad0d13ca62d9d9aafb01c3920b64cb5e023810e2de4327f90c389ce36d90ff9f3cb9d8cd2260d05a8126943a3df17157470595c68ac8df7fea6d42ecb2cdb65b4f2aef0db2b2de949a6d4ec37f2fd693ae44944041a64fe6336aba1c66b1b95d2edbc40364a049616ae962d75eae619548aa86bd5f0bad56e7ad7de2ee5e6f3b42e3a27094b6b5face99456d9af1926b21d37faf7612d9752cf58e6424decd530b5419e117ec08647566b1bdd75d6a9a1e600aaf0f42ce94b4725d4c2da80150dc34e5975d6904f061ed9a7608959f2d24ee6ec4f2395d16e02f53c746f74b12013f738d76456c3407188eff97f31ca36e5d79e1f1c7c3b688ee21d37ba5ebf4afc2a61f16"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x79, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe06, 0x1000000, &(0x7f0000000100)="b9ff030f6044238cb89e14f088ca1bff430500001100630377fbac141414e000000162079f4b4d2f87e56dca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={0x0, r2}, 0x18)

1m6.933621155s ago: executing program 9 (id=1526):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file0\x00', 0x200008, &(0x7f0000000480)=ANY=[], 0x1, 0x5514, &(0x7f00000079c0)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnbnLTBuI4gP5tcIF+qKjqvlfpDo7RI3TZZcUBegkO0AW5Qi7AGcguR4ggwuMQiFigeLCV6D3JDGPZP2YQLGbGGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4JruqtX85u+Pf21ztrt28vQGAAAAOGdTreb1m2mqf2rOf2lOfWvqRUSUEXFu7D6IDyeZgyaner7+//H11Ys23EbUCfvPGDXHx4j42RwPX6/9LQAAAMD7tV4sZ2m0nl6mfTeILqVJm/Lzr0x5RURU0/tMaeU+73umsPr3PYw/mdLqCaxxprA05TbMlXaR+u9+mLUbHxVFKsqztx0ama3vAABAhwYnRbejEAAAALr0u+8G0I8inpYyD0uBo1Q0y3uTkxoAAADwBhV9NwAAAAC4zOT1t9bj/472/9vl3P/PAwkAAABwubT/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANe0qVbz9WI5a5uz3bWTpzcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAj+/OOAiEQBmGwd31nMvc/rDRoampSBcLH3xgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb373l/8TU+NMMvfaWHoeSdZOja1TY+/cOPrD+Po1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzsz0sKhEAQRMGc8b+Tvv9hJUHPIEIENDyqqEUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAX/e6X/xNT40wyd9pYOh5J1q4aW1eNvQeNowfj7d8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzs3L9v3FQcAPBn+3yhBcQR0A1BCCQGWOj1Wlq6IQZQxMCfgBSl1xJ65UebgVYVIgsbytwFwYgQEihs/R86t1KXsnW4IUjMQfbZOV8SiSOo9iX5fKTn97Xl+H2fT4ry9XMOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDR6fxIn2aYzjuPi2IPtO6tZ/3BPn7m3+Wgpa1kc1Zn00fBqdSfqNpcIAAAAJ0dS1vchhMfp1nLWx528/k/Lc7Ka/8fnx3FZz++t+8u+rP2z9sfvT17eHagzHie76JW14eDs/lRaT2+W8+2Ffz2jld/5/NlLkn8g8UcbL43S/H5G39+//0E7DxfqyBYAOIwzZV8E5d9DWd9vMjEAToxWpfAu6/+k02xOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHUYbYRnyzgKISy1JnHm4fad1YP6e5uPlsp28e7dzfDt5JrZJdIQwpW14eBsrbOZbzdv3b62MhwObtQfvBZCaGr094rpX/tkhpNDaOT+CKaDnYVD/nhcfNhzMYsjEzT4SwkAgGMpLVpW1z9Ot5azY9FiCDs/Tdf/b1biMGP9/+TTiw+qY1Xr/35tM5xD8fRub/36l72bt26/vXZ95erg6uDzd8713+2fv3ThwqVe/qyk54kJAAAA/0+7aNX6P17cv/5/uhKHGev/r37of1MdK1H/H2iy6Nd0JgAAACfbi6///Vd0wPGo3Q5fr6yv3+iPt7v758bbBlL9zxaKVq3/k8WmswIAAADqMNqIptb/L1fiMOP6/3M/v/Jr9ZpJCOFUsf5/ZvWL4eX6pjPX6vh34qbnCAAAQLNOFa26/p/m7//Hu688xCGEt94Yx8XXAM5U/ycffvdLdazq+//n65viXIq74/uR990QWt2mMwIAAOA4e6ZoWbH/Z7q1/Nlvpz9ue/8fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoG7/BAAA//+ObD7G")
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0/../file0\x00', 0x0, 0x0)

1m5.741871553s ago: executing program 9 (id=1538):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r3=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000000)={r3, &(0x7f0000000240), 0x0}, 0x20)

1m4.855368895s ago: executing program 9 (id=1544):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket(0x2, 0x3, 0xff)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg$unix(r2, &(0x7f0000002fc0)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f00000005c0)="05fcae977278a822ace1b0790587365a0d978bed", 0x14}], 0x1}}, {{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000500)="7dcc2c9d4eaf588822e6a9cc8eec13d9754bb76c", 0x14}], 0x1}}], 0x2, 0x0)

1m4.699436898s ago: executing program 37 (id=1544):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket(0x2, 0x3, 0xff)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg$unix(r2, &(0x7f0000002fc0)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f00000005c0)="05fcae977278a822ace1b0790587365a0d978bed", 0x14}], 0x1}}, {{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000500)="7dcc2c9d4eaf588822e6a9cc8eec13d9754bb76c", 0x14}], 0x1}}], 0x2, 0x0)

1m4.441444101s ago: executing program 5 (id=1550):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$int_in(r2, 0x5421, &(0x7f0000000080)=0xfffffffffbfffffe)
connect$vsock_stream(r2, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
shutdown(r2, 0x0)

1m4.356280052s ago: executing program 5 (id=1551):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8000}, [@call={0x85, 0x0, 0x0, 0x75}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x2, 0x2, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

1m4.269271064s ago: executing program 5 (id=1552):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = gettid()
rt_sigtimedwait(&(0x7f0000000080)={[0x3ff]}, 0x0, 0x0, 0x8)
tkill(r2, 0x7)

1m4.005267137s ago: executing program 5 (id=1554):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1001a, &(0x7f0000000280)={[{@quota}, {@nolazytime}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@block_validity}, {@jqfmt_vfsv1}]}, 0x1, 0x436, &(0x7f0000000e80)="$eJzs28tPXNUfAPDvvQP0QfuDX62P0qpoNRIfUGjVLtxoNHFjYqKLukSgDTItpmBiG6JojFvTxL1xaeLCtSvdGHVl4tY/wDRpDJtWV2PuzL3ADMNjcGCq8/kktz3nnjOc8+WeM3PuPUwAXWs4+yeJOBIRv0XEQC1bX2G49t+dlaWpP1eWppKoVN74I6nWu72yNFVULV7Xn2dG0oj0kyRONml34dr1uclyeeZqnh9bvPzu2MK168/MXp68NHNp5srE+fPnzo4//9zEs22JM+vT7aEP5k+dePWtG69NXbjx9k9fJ0X8DXG0yfBWhY9XKm1urrOOrksnPR3sCC0pRUR2uXqr838gSrF28QbilY872jlgT1UqlUr/5sXLFeA/LIlO9wDojOKDPrv/LY59WnrcFW69WLsByuK+kx+1kp5I8zq9Dfe37TQcEReW//oiO2JvnkMAANT5Llv/PN1s/ZfGfevq/S/fGxqMiP9HxLGIuCcijkfEvRHVuvdHxAMttt+4SbJx/ZPe3FVgO5St/17I97bq13/F6i8GS3nuaDX+3uTibHnmTHqwWjgSvQey/PgWbXz/8q+fbVa2fv2XHVn7xVow78fNngP1r5meXJzcfcT1bn0UMdTTLP5kdScgiYgTETG0yzZmn/zq1GZl28e/hTbsM1W+jHiidv2XoyH+QrL1/uTYwSjPnBmrjoqmbfz8y6evb9b+P4q/DbLrf7jp+F+NfzBZv1+70NrPP7BN+W7Hf1/yZjXdl597f3Jx8ep4RN9c/aConp/YmC/qZ/GPnG4+/4/F2m/iZERkg/jBiHgoIh7O+/5IRDwaEae3iPHHlx57Z/fx760s/umWrv9aoi8azzRPlOZ++Lau0cFW4s+u/7lqaiQ/s5P3v530q/XRDAAAAP9OaUQciST9ZjWdpqOjtb+XPx6H0/L8wuJTF+ffuzJd+47AYPSmxZOugXXPQ8fz2/oiP9GQP5s/N/68dKiaH52aL093Onjocv35/B9tmP+Z30ud7h2w53xfC7qX+Q/dy/yH7mX+Q/dqMv8PdaIfwP5r9vn/YQf6Aey/hvlv2w+6iPt/6F7mP3Qv8x+60sKh2P5L8hISGxKR3hXdkNijRKffmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANrj7wAAAP//AKHlGQ==")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
creat(&(0x7f00000000c0)='./file1\x00', 0x4)
mount(&(0x7f0000000180)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x14113e, 0x0)
write$binfmt_script(r0, &(0x7f0000000080), 0x208e24b)
truncate(&(0x7f0000000040)='./file1\x00', 0x6)

1m3.586281344s ago: executing program 5 (id=1556):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
rmdir(&(0x7f0000000200)='./bus\x00')

1m3.386214067s ago: executing program 5 (id=1557):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xb, 0x7, 0x200008, 0x8, 0x5, 0xffffffffffffffff, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffffffffffffff86dd6060626000102c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa11000001"], 0x0)
syz_emit_ethernet(0x138, &(0x7f0000000000)=ANY=[], 0x0)

1m3.307510317s ago: executing program 38 (id=1557):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xb, 0x7, 0x200008, 0x8, 0x5, 0xffffffffffffffff, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffffffffffffff86dd6060626000102c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa11000001"], 0x0)
syz_emit_ethernet(0x138, &(0x7f0000000000)=ANY=[], 0x0)

47.233179879s ago: executing program 8 (id=1730):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000090000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r3}, 0x10)
syz_clone(0x8001000, 0x0, 0x0, 0x0, 0x0, 0x0)

47.021685593s ago: executing program 8 (id=1735):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x1000, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0xff0f}], 0x1}, 0x0)
recvmsg(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)

47.021315033s ago: executing program 8 (id=1737):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r0}, 0x18)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000080)}], 0x1, 0x0, 0xf}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x110e22fff6)
ioctl$TUNGETVNETLE(r1, 0x40047451, &(0x7f0000000180))

46.906658664s ago: executing program 8 (id=1741):
ioctl$UI_SET_FFBIT(0xffffffffffffffff, 0x4004556b, 0x51)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000d40)={[{@test_dummy_encryption}]}, 0x1, 0x246, &(0x7f0000000ac0)="$eJzs3DFoJFUcBvBvZnc9c7fIqY0gqCAiGghnJ9icjcKJHIeIoMKJiI1yEWKCXWJlY6G1SiqbIHZGS0kTbBTBKmqK2AgaLAwWiqzMTiJJXGNgkx3J/H4wuzM78+b/htnv7TbzArTWxSSXk3SSTCfpJSn2H3BPvVzc3VyeWr+eDAZP/VIMj6u3a3vtLiRZSvJwkrWyyCvdZGH1ua3fNh6//+353n0frj47NdGL3LW9tfnkzgdX3/rkykMLX33z09Uil9M/cF0nrxjxWbdIbjuNYv8TRbfpHnAc1974+Nsq97cnuXeY/17K1Dfvnbmb1np58P1/a/vuz1/fOcm+AidvMOhVv4FLA6B1yiT9FOVMknq9LGdm6v/w33XOl6/Ozr0+/fLs/I2Xmh6pgJPSTzYf++zcpxcO5f/HTp1/4Cx54sBWlf+nr618X63vdJrqE9CEKv/TLyw+EPmH1pF/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aC/5h7PtxSP2HSP/5Wn1C2jW/vwDAO0yONf0E8hAU5oefwAAAAAAAAAAAAAAAAAAgH9anlq/vrdMquYX7yXbjybpjqrf2Z2A7Obh6/lfi+qwvxV1s7E8f/eYJxjTRw0/fX3LD83W//KuZusv3kiW3kxyqds99P37c5Bi7Anwbv2P/b2jJuibgEeeabb+HyvN1r+ykXxejT+XRo0/Ze4Yvo8ef/rV/Ruz/mu/j3kCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJuavAAAA///41m/U")
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet6_tcp(0xa, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x1, 0x0, 0x4e20}, 0xfffffffffffffd54)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x163)
mount$incfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB='defcontext='])

46.613071558s ago: executing program 8 (id=1743):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000100)=0x1800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r1)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000080)=@ethtool_link_settings={0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20, 0xfd, [0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0xffffffff]}})

45.158240989s ago: executing program 8 (id=1757):
timer_create(0x0, 0x0, &(0x7f0000000000))
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xe, 0x4, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000040000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000500)='hrtimer_start\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000500)='hrtimer_start\x00', r2}, 0x10)
timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)

45.040749951s ago: executing program 39 (id=1757):
timer_create(0x0, 0x0, &(0x7f0000000000))
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xe, 0x4, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000040000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000500)='hrtimer_start\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000500)='hrtimer_start\x00', r2}, 0x10)
timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)

40.99483366s ago: executing program 0 (id=1803):
getpid()
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x34, &(0x7f0000000040), 0x4)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f00000003c0)=[{0x6, 0x6, 0x2, 0x2}]})
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r0, &(0x7f0000000040)=ANY=[], 0x6)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)

40.92823127s ago: executing program 0 (id=1806):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r2}, 0x10)
io_setup(0x3, &(0x7f0000000340))

40.681798304s ago: executing program 0 (id=1811):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000680))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7, 0x13, r2, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x6], 0x0, 0x8340})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

40.386562688s ago: executing program 0 (id=1814):
mkdir(&(0x7f0000000180)='./file0\x00', 0x334)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)='devtmpfs\x00', 0x0, 0x0)
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0)
openat$incfs(r0, &(0x7f0000000000)='.log\x00', 0x600000, 0x19)
mount$overlay(0x0, &(0x7f0000001340)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r1 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r1, 0x0, 0x11)

40.26897068s ago: executing program 0 (id=1817):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
pwritev(r0, &(0x7f0000000080), 0x0, 0x7, 0x0)

39.390189322s ago: executing program 0 (id=1820):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000100)={'vlan0\x00', 0x400})
close(r2)

39.001000238s ago: executing program 40 (id=1820):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000100)={'vlan0\x00', 0x400})
close(r2)

13.692001483s ago: executing program 1 (id=2049):
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0006, &(0x7f00000003c0)={[{@prjquota}, {@noload}, {@errors_remount}, {@resgid={'resgid', 0x3d, 0xee00}}, {@min_batch_time={'min_batch_time', 0x3d, 0x5}}, {@usrjquota}, {@nombcache}, {@noquota}, {@grpquota}, {@norecovery}, {@quota}, {@orlov}]}, 0x0, 0x464, &(0x7f0000000a40)="$eJzs3MtvVNUfAPDvnU7L+9f+EEUQtIpG4qOl5SELY6LRRBNNTHSBcVXbQiqFGloTIUTRBS4NiXvj0v/AuNKNUVcmbnVvSIhhA7oac19laGdKh850KvP5JBfOmXtvzvnec8/MuedwCaBnDad/JBHbI+L3iBjMs7cfMJz/dfP6xcm/r1+cTKJWe+uvJDvuxvWLk+Wh5Xnb8kytVuQ3NSj38rsRE7Oz0+eK/OjCmQ9G589feHbmzMSp6VPTZ8ePHz9yeP/AsfGj9adV7jbONK4bez+e27fn1XeuvDF54sp7P+9+oW5/fRztMpxf3YaeaHdhXbajLp1Uu1gRWtIXEWlz9Wf9fzD6YsvivsF45bOuVg7oqFqtVmv0+1y4VAPuYUl0uwZAd5Q/9Onzb7mt09BjQ7j2Yv4AlMZ9s9jyPdVssmGgeDba0aHyhyPixKV/vkq3yNphoEMlAQDkvk/HP880Gv9V4oE8kQ1I/lesoQxFxP8jYmdE3BcRuyLi/ojs2N0R8WCL5S9dIVk2/kzi6t1Hd2fp+O/5Ym3r9vHf4lLTUF+R25HF35+cnJmdPpRfk0pE/6aTM8n02Apl/PDyb18021c//ku3tPxyLFjU42p1yQTd1MTCxFpirnft04i91UbxJ1Eu4yQRsSci9i47e8uqyph56pt9zfbdOf4VtGGdqfZ1xJN5+1+KJfGXkqbrk2PPHRs/Oro5ZqcPjZZ3xXK//Hr5zWblryn+Nkjbf2vD+38x/qFkc8T8+Quns/Xa+dbLuPzH502fKe/2/h9I3s7S5dPSRxMLC+fGIgaS16vLPh+/dW6ZL49P4z94oHH/3xm3rsRDEZHexPsj4uGIeKSo+6MR8VhEHFgh/p9eevz91uNfYVa+jdL4p+7U/lHf/q0n+k7/+F3r8ZfS9j+SpQ4Wn6zm+2+1FVzLtQMAAID/ikpEbI+kMrKYrlRGRvJ/w78rtlZm5+YXnj459+HZqfwdgaHor5QzXYN186FjxdxwmR9fkj9czBt/2bcly49Mzs1OdTt46HHbmvT/1J993a4d0HHe14Lepf9D79L/oXfp/9C79H/oXY36/ydNjx75tqOVAdaV33/oXfo/9C79H3pXw/7/2vrXA1hXTd+Nr6zplX+Jez4RlQ1Rjc4korohqpElqqv+zyxaSNQG8/6ffrKp4THd/mYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoj38DAAD//45i4LM=")
fsopen(0x0, 0x1)
chdir(&(0x7f0000000040)='./file0\x00')
symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, 0x0)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

13.596217144s ago: executing program 1 (id=2051):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r2}, 0x10)
io_setup(0x3, &(0x7f0000000340))

13.432494477s ago: executing program 1 (id=2056):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r2}, 0x10)
r3 = dup(r1)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r3}})

13.299466719s ago: executing program 1 (id=2058):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000003480)={0x2020}, 0x2020)

13.252105959s ago: executing program 1 (id=2059):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000540)='inet_sock_set_state\x00', r2}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)

12.934059884s ago: executing program 1 (id=2060):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r0}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
ioctl$EVIOCGRAB(r2, 0x40044590, &(0x7f0000000200)=0x7ffffffc)
close(r2)

12.284843973s ago: executing program 41 (id=2060):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r0}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
ioctl$EVIOCGRAB(r2, 0x40044590, &(0x7f0000000200)=0x7ffffffc)
close(r2)

9.950973766s ago: executing program 4 (id=2090):
r0 = open(&(0x7f0000000140)='./file0\x00', 0x149442, 0x0)
ftruncate(r0, 0x200002)
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000000080)={{{@in6=@mcast1, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x20, 0x0, 0x0, 0xee00}, {}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@dev, 0x0, 0x32}, 0x0, @in=@remote, 0x0, 0x4, 0x0, 0x0, 0xfffffffd}}, 0xe8)
connect$pppl2tp(r2, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x4, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x32)
sendfile(r2, r1, 0x0, 0x80001d00c0d0)

9.819357079s ago: executing program 4 (id=2091):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001040)=@newsa={0x138, 0x10, 0x713, 0xffffff84, 0x0, {{@in6=@remote, @in=@multicast1}, {@in6=@remote, 0x0, 0x32}, @in=@multicast1, {0x0, 0x1, 0x0, 0x0, 0x3}, {}, {}, 0x0, 0x0, 0xa, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}, 0x1, 0xe}, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000200)=0x7ffffffc)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
r5 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r4, 0x4004af07, &(0x7f0000000240)=r5)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000040)={0x1, r5})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000000bc0)={0x2, 0x0, [{0x8000000, 0x7b, &(0x7f00000001c0)=""/123}, {0x0, 0x0, 0x0}]})
ioctl$VHOST_SET_VRING_ERR(r4, 0x4008af22, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf, @void, @value}, 0x94)
unshare(0x64000600)
ioctl$PPPIOCSMAXCID(r3, 0x40047451, &(0x7f0000000200)=0x2)
ioctl$PPPIOCSFLAGS1(r3, 0x40047459, 0x0)
pwritev(r3, &(0x7f0000000140)=[{&(0x7f0000000700)='\x00!G', 0x3}], 0x1, 0x5, 0xfffffffc)

5.853306376s ago: executing program 4 (id=2119):
socket$packet(0x11, 0xa, 0x300)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'veth1_to_hsr\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r0, &(0x7f00000000c0)="3f031c000302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000318110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
syz_emit_ethernet(0x39e, &(0x7f0000000a40)=ANY=[@ANYBLOB="0180c20000000000000000008100290086dd6001870003641100fc010000000000000000000000000000ff020000000000000000000000000001670000000000"], 0x0)

4.932213389s ago: executing program 4 (id=2127):
open$dir(0x0, 0x880, 0x2)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x654a, 0x4)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e24, @local}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0xfffe, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)

2.701835781s ago: executing program 7 (id=2142):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='task_rename\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r3, &(0x7f00000006c0), &(0x7f0000000000), 0x2}, 0x20)

2.446137635s ago: executing program 7 (id=2145):
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x1048c, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
symlinkat(&(0x7f0000000380)='./file8/file0\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file6\x00')
renameat2(0xffffffffffffff9c, &(0x7f0000000b80)='./file6\x00', 0xffffffffffffff9c, &(0x7f0000000bc0)='./file0\x00', 0x2)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)

2.324581526s ago: executing program 7 (id=2146):
setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
syz_emit_ethernet(0x9a, &(0x7f0000000180)={@link_local, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010700", 0x64, 0x11, 0x0, @private1, @mcast2, {[], {0x0, 0xe22, 0x64, 0x0, @wg=@response={0x2, 0x2, 0x1, "bb577147f8c63bab95cc025f2c123662d48c6e01d8630bf2addfd0edf624317d", "8ab859c3d9fe9a2f9edb8e36339e135d", {"1f142a168a75d33e838bef40d2fcff6c", "b8d91538c6c53fafd6fea68a0e45b49f"}}}}}}}}, 0x0)

2.164324519s ago: executing program 7 (id=2147):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f00000002c0)={'batadv_slave_1\x00', <r2=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10)
getsockopt$XDP_STATISTICS(r0, 0x11b, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x30)

1.882785403s ago: executing program 7 (id=2149):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syzkaller0\x00', <r1=>0x0})
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f00000000c0)={r1, 0x2, 0x6}, 0xfffffffffffffdd9)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xe, 0x4, 0x4, 0x8, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000140)={r2, &(0x7f00000007c0), &(0x7f00000000c0)=""/79}, 0x20)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x89a1, &(0x7f0000000040)={'syzkaller0\x00'})

1.690481035s ago: executing program 2 (id=2150):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r2}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})

1.671520076s ago: executing program 7 (id=2151):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143441, 0x98)
pwritev2(r2, 0x0, 0x0, 0xe7b, 0x0, 0x0)
syz_usb_connect(0x0, 0x8c6, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201500236e47e2082055c2955d4010203010902b408048006a00309047f0e01ff2dde700a2401010080020102081305"], &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
syz_usb_connect$uac1(0x6, 0x0, 0x0, 0x0)

1.597526127s ago: executing program 3 (id=2153):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
msync(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)

1.473980339s ago: executing program 2 (id=2154):
r0 = epoll_create1(0x0)
r1 = creat(&(0x7f00000001c0)='./bus\x00', 0x4e)
close(r1)
r2 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r3 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
mount$9p_fd(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000180), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0])
syz_memcpy_off$KVM_EXIT_MMIO(r2, 0x20, &(0x7f0000000080)="7479842a2ed704dc5d3e2740d91385ca362ec6ae943f88b3", 0x0, 0x18)

1.454515959s ago: executing program 3 (id=2155):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r0, r2}, 0x10)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000300)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1b}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x9, 0x28, 0x68, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0x8, 0x2, 0x0, 0x40}}}}}}, 0x0)

467.868153ms ago: executing program 6 (id=2156):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000080), &(0x7f0000000280)=@tcp6, 0x1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r2, 0x40087703, 0x100000001)
mmap(&(0x7f0000701000/0x4000)=nil, 0x4000, 0x200000a, 0x12, r2, 0x2546c000)
ioctl$ASHMEM_SET_NAME(r2, 0x40087708, &(0x7f0000000540)='\x00\x00\x03\x06\x00\x00\x00\x05\x00x\x92\x12\xac\x06^\xbewV\xf3\"\xc4\x04\xbb\x0642\x9c\x1a\xd1\xcb{\xb0\xd6\x1e\x00gQ\xca\x0eU\xf7\xb7\x8c\xc1\xc6\xbb\xc5\x1c\xf7\xaf\x95\x83=~\x16\xf8\x14\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn(Q=v-<\r\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80\xc0\xb4a \x15\x9a\x9a|c\xfc\"\xee\xc4\x93Q\x82\x16\xbf\xe3c\x8d \x0f\xb1\xe9\xf2o \x00\x00\x00\x00\x00\x00\x00H\xaf\t\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafdd\xf1\xdbjE\x01\xd1sD\x89\x94&\\U\f\x18\x99]\xaba\xe93\x01\xa23\xc9hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\xec^\x84\x19\x9f_D\xbdt/\'\xf6\xc3\x8c\xb8\vS\xcc\xb0\x1b7\xe3-\'\x02\x16\xf5\xe6\x93\x02E\n\xe8\x00\x00\x8c\xed\x11\xf7\xf2J\xf6\x90A@\x01\x13\xc7`g\xcb\xd7\xdb\x1e\xb2\xc9\xfd\xf7xqg\xa9\x96\xf8/0Xd\xcf\xb9\xa2\x1d\x13\x8fC\xd2&\xd8\x9d\x8b\xe0E\xd2\xc6\x1a\xf3\xa8\x0e\xba\xecOv$\xc8\"\a\xd7T\xfb\xfc\xfauT\xf8\x9e\x86\xef.\xf6<\xbfB\xe7\x80\x1a\a\t+x_B=\xe7\xa5\x89\xfb\xa2\xc6\x97\xeb\xdecY{\x0e\xc2\x00\x00\x00\x00\x00\x00\x00\a\xf4\x88\x06\xe3\xcb\xc8\xe0\xcc\vE\x18\"\x87\xa0\xa9:\xceY\xf0\xa2\xe0\x9d\x8c\x8e\x11\xb7\x98\xa5\xda$\x94D\xb4\xf25\x01\x00+\xfa\xa9 \xe1\x13Y\x86\xd8\xbfH\xc6\x9c\x8cs4\r\xcd\xd1\x83JT\xf9\xa2\x83?\xb3\x0f\xc6&\x1d\xa3\xc4\xc3\xd2\xfd\xad\xa35o\xe8\xcd^/\xd8\xf4[n\x9fJ\xf4\n\x92c\xaa\xddT&L<+\x19R\a\xfc\xf2\x17\xb8$\xa9]\xc2\\\xda<\xc8d.w\x9c\xaf4\xbb\xe8Co\xb3\xd8\x82\x92\xba+\x99PXB\xdc\xbay\xa0s<\x92k\vJTRW\xc26\x06\x10\x92\xc7\xa55\x00\x00\x00\x00\x00\x00\x88\x19\xf7\xdd\xa8\xef\xa0\x98\xcd\x81\x10>\xc7{\x84\xb9\xc0B\xe1\t\x00\xbaQj\x81\xc8\xf8\x146%Z\x83H\xabF\x18<\x86h\x01=\xbei\xc4\t\x8e/\x12\a\xdf\xe7zU\x1d\x15\x0e\xc1?\xeau\xb4\x84x\x00\x00X\xf4\xe9\x1f\xcd\x05\x0fz_\x8d,^\xde\xfd\xb9\xbed\xed\xa1\xf5\xc6(p\xb4;\x0e\x18\xf7/A\xfd\x92\xd0}ur\xaag\xdb&e$\f\rrT\xd8\x88~\x13\xc22t\xf6\xf4Fs\xc1\x05\xfa\x99\x15\x87\x14\x13$\t\xa8?\xee\xd4W\x8e\xe1\xcc\xc3U\x84\xc6]:\x9a|W\xec\x84\x18\bb\x82\x8f\xc0\xab\xe3\xc2\t\x1f\x9b\x1a\xff\xbb\x88\xce7\x15\x90\xf2\xd0la\x9d\x82\xb4\xad\\\x8d\a\x99\x17\x85\x9a\x05\xb1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0e\xff\xbe\x12\xee\x17\x85\xb3\xd7\xa4 \xeaD\x0f\xbf\xff\x97\'|')
ioctl$ASHMEM_SET_NAME(r2, 0x40087708, &(0x7f0000000300)='\x00\x00\x00\v\x00\x00\x00\x01\x00x\x92\x12\xbc\x00\x00\xbb\x0642\x9c\x1a\xd1\xcbx\xb0\xd6\x1e\x10gQ\xca\x0e;\xf7\'\x8c\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn\x05\x00\x00\x00-<\r\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80\xc0\xb4a \xac\xc4K\x03\xfa\x13Vz\xbf\xe3c\x8d \x0f\xb1\xe9\xf2oci(\xcb\x82\x05\xfe[H\xaf\x01\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafd%\xf1\xdbjE\x01\xd1sD5hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\x851Y9OB\xdeB\xe1\x02-&\"1hS\x92\xe4$-\x02\x00\xe4\x8e\"\x85\xc9x\xef\x81E.r\x89\xe5\x00\x9e\x97\x96\xb8j\x81\xf0\xdca\xfb\xa6\xff\xff\xff\xff\x00\x00\x00\x00d\xf0\xf1j\x11\x12\xc0\xbb\xfdq~#\xf7\xa8\"$,\xf4\x84|\x89o\x00<\xa6-\xb0\xd3\x80\xbe\xcf\a\x00\xfc\xa6\xb1\x05\x94\x84l\xbfA\xeb\xd8\t\x00\x00\x00CvNhx461\x04N<\xedV\xcet\xaa~\xf3j\x94\xec\x92\x86uY\xf6\xb5\t?,~\xa67\\\xb9\xc9K\xf8\x9d\x96\xc0\xb5\xc7wF\x99\x12\x97T\x90.\x9c\xe3\x9a\xf1\xb9\x9c\x13\xbc\x19\xde/\xaahB\t\x97\a03\xcd\xb3\xc8\xd5l\x14!\xf9Xg2\x1d\xeeB\xccT\x0e\xd8\xef\xc8\xe9\xb4\xf3l\xc3\xf2\x998\xc8\xc2|2\xee\xb4W\x99f.\xeb\xe9\x05\xcbkz3+\xdd\xe1*8\x95@0t0\xad\xe3#\xd7\x19\xe7Q\xdfmI\xe5\x1e\xe4\x87\xc9\x8f\xa7\xe0\xd9v\xf6\x01\x9d\x8f`,\x1a8\x81I\x86l\x8f2\r:\xc1\x02\xd6Z%\xa7Ks\x8bUolS\x05\xbe\x97\x1fGe\x94\xa6\xa3\xab\xdb\r\x17\xff[\xb1\x00\xff\x7f\x00\x00\x00\x00')

466.531684ms ago: executing program 2 (id=2157):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x408, 0xcd, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f0000000800)=""/163}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r2}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

464.941184ms ago: executing program 3 (id=2158):
mkdir(&(0x7f0000000540)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r0 = open(&(0x7f0000000040)='./file0\x00', 0x400, 0x43)
mknodat$loop(r0, &(0x7f00000002c0)='./file1\x00', 0x10, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
rename(&(0x7f0000000580)='./file1\x00', &(0x7f00000005c0)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)

463.839273ms ago: executing program 6 (id=2159):
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b0000000500000008040000cd00000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x10)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r2, 0x29, 0x30, 0x0, 0x5000)

433.737894ms ago: executing program 2 (id=2160):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r2}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})

398.362934ms ago: executing program 3 (id=2161):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x8, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$vsock_stream(0x28, 0x1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000003f64ecb21ed7d74b542e43ae9f57f61af1c5b6016901992307df92d7c26b05a7da0582d208fd1f57c41cee38c7023e71dc864ab49f7894dd5ee29721d0625ee50c8aeca9b5090d85ff1c5df40229f0981507171aec7dc97abd981893d51a27e8a1033fa344fa3c6c27705648a66a47e0a1bc8fcede095704453c77f6c5370191ab55c423aae05729e69c987cf5f9aa2fd88c9e2114f53b9f82157c197397e43647b083db79f1f2"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x20c9, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000440)={0x0, r3}, 0x10)

377.297794ms ago: executing program 6 (id=2162):
r0 = inotify_init()
r1 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r2 = inotify_add_watch(r0, &(0x7f0000000240)='./file0\x00', 0x8c7)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
write$binfmt_elf32(r1, &(0x7f0000000040)=ANY=[@ANYRES64=r2], 0x69)
close(r1)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)

301.014846ms ago: executing program 4 (id=2163):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000020000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r2, 0x800448d4, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
dup3(r4, r3, 0x0)

245.587807ms ago: executing program 2 (id=2164):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0a000000070000000300000001"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

224.942707ms ago: executing program 3 (id=2165):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0}, 0x18)
ptrace$getregset(0x4204, r0, 0x1, &(0x7f0000000740)={0x0})

197.518137ms ago: executing program 6 (id=2166):
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x0, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000c00)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
lookup_dcookie(0x7, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_emit_ethernet(0x4e, &(0x7f0000000080)={@random="6d56bf006eb2", @random="e130aeaaba30", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "6410a6", 0x18, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}, @mcast2, {[@routing={0x84, 0x2, 0x0, 0x0, 0x0, [@private2]}]}}}}}, 0x0)

164.713908ms ago: executing program 2 (id=2167):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001fff000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}}, 0x0)

94.914938ms ago: executing program 3 (id=2168):
r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802)
r1 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = timerfd_create(0x0, 0x0)
timerfd_settime(r2, 0x0, &(0x7f0000000080)={{}, {0x0, 0x3938700}}, 0x0)
readv(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)=""/33, 0x21}], 0x1)
write$evdev(r0, &(0x7f0000000000), 0xaa6f50)
write$uinput_user_dev(r0, 0x0, 0x0)

89.900619ms ago: executing program 6 (id=2169):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={<r0=>0xffffffffffffffff})
r1 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
fchdir(r2)
close_range(r0, 0xffffffffffffffff, 0x0)
r3 = getpid()
r4 = syz_pidfd_open(r3, 0x0)
setns(r4, 0x24020000)

56.895469ms ago: executing program 4 (id=2170):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdir(&(0x7f0000000400)='./file0\x00', 0x101)
pipe2$9p(&(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r4}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r3}, 0x10)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

0s ago: executing program 6 (id=2171):
syz_open_procfs(0x0, &(0x7f00000002c0)='net/ip6_flowlabel\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="09000000070000000080000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0, <r1=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000020d0039000000000000b4a518110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER_AVC(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x14, 0x453, 0x10, 0x70bd2b, 0x25dfdbfe, "08e5a20b"}, 0x14}}, 0x48480)

kernel console output (not intermixed with test programs):

.7.1118" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  272.171264][  T297] udevd[297]: symlink '../../loop7' '/dev/disk/by-label/SYZKALLER.tmp-b7:7' failed: Read-only file system
[  272.192955][   T24] audit: type=1400 audit(2000000047.710:1661): avc:  denied  { setopt } for  pid=3548 comm="syz.7.1118" lport=5 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  272.228258][  T297] udevd[297]: symlink '../../loop7' '/dev/disk/by-uuid/1DE1-D756.tmp-b7:7' failed: Read-only file system
[  272.337724][ T3549] xt_hashlimit: size too large, truncated to 1048576
[  273.124288][  T452] usb 7-1: new full-speed USB device number 4 using dummy_hcd
[  273.421202][ T3579] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1129'.
[  273.484571][  T452] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  273.498478][  T452] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  273.510398][  T452] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 512, setting to 64
[  273.664925][  T297] udevd[297]: symlink '../../loop5' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  273.681639][ T3597] device dummy0 entered promiscuous mode
[  273.684480][  T452] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  273.688586][ T3597] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1137'.
[  273.709648][ T3597] device dummy0 left promiscuous mode
[  273.715049][  T452] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.724042][  T452] usb 7-1: Product: syz
[  273.728674][  T452] usb 7-1: Manufacturer: syz
[  273.729428][ T3592] EXT4-fs error (device loop5): ext4_expand_extra_isize_ea:2765: inode #11: comm syz.5.1135: corrupted xattr block 95
[  273.733417][  T452] usb 7-1: SerialNumber: syz
[  273.747113][ T3592] EXT4-fs error (device loop5): ext4_validate_block_bitmap:429: comm syz.5.1135: bg 0: block 7: invalid block bitmap
[  273.774461][ T3592] EXT4-fs error (device loop5) in ext4_mb_clear_bb:5645: Corrupt filesystem
[  273.783389][ T3592] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2930: inode #11: comm syz.5.1135: corrupted xattr block 95
[  273.796045][ T3592] EXT4-fs warning (device loop5): ext4_evict_inode:303: xattr delete (err -117)
[  273.805671][ T3592] EXT4-fs (loop5): 1 orphan inode deleted
[  273.811693][ T3592] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  273.879946][  T358] udevd[358]: symlink '../../loop5' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  274.007384][ T3569] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  274.014903][ T3569] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  274.353775][ T3615] input: syz0 as /devices/virtual/input/input25
[  274.759899][ T3569] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  274.817228][ T3569] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  275.234614][  T452] cdc_ncm 7-1:1.0: MAC-Address: 42:42:42:42:42:42
[  275.241137][  T452] cdc_ncm 7-1:1.0: dwNtbInMaxSize=16 is too small. Using 2048
[  275.257286][  T452] cdc_ncm 7-1:1.0: setting rx_max = 2048
[  275.434229][   T24] kauditd_printk_skb: 81 callbacks suppressed
[  275.434262][   T24] audit: type=1326 audit(2000000050.990:1743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3620 comm="syz.7.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f7404a34929 code=0x7ffc0000
[  275.474815][  T452] cdc_ncm 7-1:1.0: setting tx_max = 88
[  275.501878][  T452] cdc_ncm 7-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.6-1, CDC NCM, 42:42:42:42:42:42
[  275.545511][   T24] audit: type=1326 audit(2000000051.030:1744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3618 comm="syz.7.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f74049d0b19 code=0x7ffc0000
[  275.587854][  T452] usb 7-1: USB disconnect, device number 4
[  275.605209][  T452] cdc_ncm 7-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.6-1, CDC NCM
[  275.620735][   T24] audit: type=1326 audit(2000000051.040:1745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3618 comm="syz.7.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7404a34929 code=0x7ffc0000
[  275.645572][   T24] audit: type=1326 audit(2000000051.040:1746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3618 comm="syz.7.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7404a34929 code=0x7ffc0000
[  275.732340][   T24] audit: type=1400 audit(2000000051.240:1747): avc:  denied  { read } for  pid=134 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[  277.126473][   T24] audit: type=1400 audit(2000000052.690:1748): avc:  denied  { create } for  pid=3642 comm="syz.6.1153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  277.258559][   T24] audit: type=1400 audit(2000000052.730:1749): avc:  denied  { write } for  pid=3642 comm="syz.6.1153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  277.334788][   T24] audit: type=1400 audit(2000000052.730:1750): avc:  denied  { nlmsg_write } for  pid=3642 comm="syz.6.1153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  277.355823][   T24] audit: type=1400 audit(2000000052.760:1751): avc:  denied  { create } for  pid=3644 comm="syz.5.1154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  277.376255][   T24] audit: type=1400 audit(2000000052.760:1752): avc:  denied  { connect } for  pid=3644 comm="syz.5.1154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  278.459580][ T3699] Illegal XDP return value 4294967274, expect packet loss!
[  278.727572][  T297] udevd[297]: symlink '../../loop6' '/dev/disk/by-label/syzkaller.tmp-b7:6' failed: Read-only file system
[  278.764092][ T3719] EXT4-fs error (device loop6): ext4_free_branches:1026: inode #11: comm syz.6.1187: invalid indirect mapped block 4294967295 (level 1)
[  278.822009][ T3719] EXT4-fs (loop6): Remounting filesystem read-only
[  278.832084][ T3719] EXT4-fs error (device loop6): ext4_free_branches:1026: inode #11: comm syz.6.1187: invalid indirect mapped block 4294967295 (level 1)
[  278.869977][ T3719] EXT4-fs (loop6): 2 truncates cleaned up
[  278.876665][ T3719] EXT4-fs (loop6): mounted filesystem without journal. Opts: noauto_da_alloc,errors=remount-ro,bsdgroups,
[  278.916817][ T3724] EXT4-fs (loop7): Ignoring removed nomblk_io_submit option
[  278.952793][  T297] udevd[297]: symlink '../../loop6' '/dev/disk/by-label/syzkaller.tmp-b7:6' failed: Read-only file system
[  278.995123][ T3719] EXT4-fs error (device loop6): ext4_check_dx_root:2229: inode #2: comm syz.6.1187: Corrupt dir, invalid name_len for '.', running e2fsck is recommended
[  279.011363][  T354] udevd[354]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  279.053685][  T297] udevd[297]: symlink '../../loop6' '/dev/disk/by-label/syzkaller.tmp-b7:6' failed: Read-only file system
[  279.067781][ T3719] EXT4-fs (loop6): Remounting filesystem read-only
[  279.080551][ T3724] EXT4-fs (loop7): mounted filesystem without journal. Opts: usrjquota=,bsddf,sysvgroups,discard,noblock_validity,noquota,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue
[  279.113468][  T358] udevd[358]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  279.236692][ T2417] EXT4-fs error (device loop7): ext4_ext_check_inode:500: inode #11: comm syz-executor: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  279.260526][  T297] udevd[297]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:6' failed: Read-only file system
[  279.272524][ T2417] EXT4-fs error (device loop7): ext4_ext_check_inode:500: inode #11: comm syz-executor: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  279.759765][ T3760] netlink: 'syz.6.1205': attribute type 15 has an invalid length.
[  280.160298][ T3778] input: syz0 as /devices/virtual/input/input26
[  281.038168][    T7] device bridge_slave_1 left promiscuous mode
[  281.061362][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  281.085076][    T7] device bridge_slave_0 left promiscuous mode
[  281.098097][   T24] kauditd_printk_skb: 39 callbacks suppressed
[  281.098128][   T24] audit: type=1400 audit(2000000056.660:1792): avc:  denied  { map_create } for  pid=3782 comm="syz.0.1213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  281.154321][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  281.212436][    T7] device veth1_macvtap left promiscuous mode
[  281.233080][   T24] audit: type=1400 audit(2000000056.690:1793): avc:  denied  { bpf } for  pid=3782 comm="syz.0.1213" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  281.257083][    T7] device veth0_vlan left promiscuous mode
[  281.365197][   T24] audit: type=1400 audit(2000000056.690:1794): avc:  denied  { map_read map_write } for  pid=3782 comm="syz.0.1213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  281.511378][   T24] audit: type=1400 audit(2000000056.760:1795): avc:  denied  { read write } for  pid=1814 comm="syz-executor" name="loop5" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  281.629413][   T24] audit: type=1400 audit(2000000056.760:1796): avc:  denied  { open } for  pid=1814 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  281.703630][   T24] audit: type=1400 audit(2000000056.760:1797): avc:  denied  { ioctl } for  pid=1814 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=120 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  281.786780][   T24] audit: type=1400 audit(2000000056.820:1798): avc:  denied  { perfmon } for  pid=3784 comm="syz.0.1214" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  281.834993][   T24] audit: type=1400 audit(2000000056.830:1799): avc:  denied  { prog_load } for  pid=3785 comm="syz.5.1215" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  281.889577][   T24] audit: type=1400 audit(2000000056.830:1800): avc:  denied  { prog_run } for  pid=3785 comm="syz.5.1215" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  281.921673][   T24] audit: type=1326 audit(2000000056.910:1801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3789 comm="syz.5.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd946bf3929 code=0x7ffc0000
[  281.975602][ T3770] bridge0: port 1(bridge_slave_0) entered blocking state
[  281.983299][ T3770] bridge0: port 1(bridge_slave_0) entered disabled state
[  281.991812][ T3770] device bridge_slave_0 entered promiscuous mode
[  282.031857][ T3770] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.056705][ T3770] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.077219][  T297] udevd[297]: symlink '../../loop5' '/dev/disk/by-label/SYZKALLER.tmp-b7:5' failed: Read-only file system
[  282.099277][ T3770] device bridge_slave_1 entered promiscuous mode
[  282.120933][  T297] udevd[297]: symlink '../../loop5' '/dev/disk/by-uuid/1DC8-C73B.tmp-b7:5' failed: Read-only file system
[  282.422902][ T3770] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.430080][ T3770] bridge0: port 2(bridge_slave_1) entered forwarding state
[  282.437541][ T3770] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.444671][ T3770] bridge0: port 1(bridge_slave_0) entered forwarding state
[  282.506057][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  282.529915][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[  282.564336][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.576673][ T3819] hub 8-0:1.0: USB hub found
[  282.589077][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  282.599042][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.606201][  T304] bridge0: port 1(bridge_slave_0) entered forwarding state
[  282.624686][ T3819] hub 8-0:1.0: 1 port detected
[  282.647614][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  282.658191][  T304] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.665328][  T304] bridge0: port 2(bridge_slave_1) entered forwarding state
[  282.746839][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  282.778896][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  282.828741][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  282.855464][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  282.869405][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  282.880960][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  282.890993][ T3770] device veth0_vlan entered promiscuous mode
[  282.920430][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  282.930940][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  282.942195][ T3770] device veth1_macvtap entered promiscuous mode
[  282.958310][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  282.967282][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  282.977200][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  283.004957][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  283.014177][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  283.185392][ T3839] exfat: Deprecated parameter 'utf8'
[  283.192089][ T3839] exfat: Deprecated parameter 'namecase'
[  283.205209][ T3839] exfat: Deprecated parameter 'utf8'
[  283.255577][ T3839] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  283.271829][  T297] udevd[297]: symlink '../../loop6' '/dev/disk/by-uuid/1234-1234.tmp-b7:6' failed: Read-only file system
[  283.332665][  T297] udevd[297]: symlink '../../loop6' '/dev/disk/by-uuid/1234-1234.tmp-b7:6' failed: Read-only file system
[  284.605797][ T3894] hub 8-0:1.0: USB hub found
[  284.611859][ T3894] hub 8-0:1.0: 1 port detected
[  284.836988][  T304] device bridge_slave_1 left promiscuous mode
[  284.908518][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[  285.045441][  T304] device bridge_slave_0 left promiscuous mode
[  285.234367][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[  285.286730][  T304] device veth1_macvtap left promiscuous mode
[  285.292868][  T304] device veth0_vlan left promiscuous mode
[  285.552824][ T3903] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1262'.
[  285.567351][ T3904] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1262'.
[  285.824739][ T3886] bridge0: port 1(bridge_slave_0) entered blocking state
[  285.852548][ T3886] bridge0: port 1(bridge_slave_0) entered disabled state
[  285.873496][ T3886] device bridge_slave_0 entered promiscuous mode
[  285.920777][ T3886] bridge0: port 2(bridge_slave_1) entered blocking state
[  285.950368][ T3886] bridge0: port 2(bridge_slave_1) entered disabled state
[  285.976964][ T3886] device bridge_slave_1 entered promiscuous mode
[  286.334180][ T3886] bridge0: port 2(bridge_slave_1) entered blocking state
[  286.342622][ T3886] bridge0: port 2(bridge_slave_1) entered forwarding state
[  286.350762][ T3886] bridge0: port 1(bridge_slave_0) entered blocking state
[  286.358674][ T3886] bridge0: port 1(bridge_slave_0) entered forwarding state
[  286.414121][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  286.427113][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[  286.445944][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[  286.475528][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  286.489795][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[  286.497117][  T304] bridge0: port 1(bridge_slave_0) entered forwarding state
[  286.509300][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  286.519324][   T24] kauditd_printk_skb: 142 callbacks suppressed
[  286.519357][   T24] audit: type=1400 audit(2000000062.080:1944): avc:  denied  { name_bind } for  pid=3930 comm="syz.8.1273" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  286.519971][  T304] bridge0: port 2(bridge_slave_1) entered blocking state
[  286.536435][   T24] audit: type=1400 audit(2000000062.100:1945): avc:  denied  { node_bind } for  pid=3930 comm="syz.8.1273" saddr=224.0.0.2 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  286.547952][  T304] bridge0: port 2(bridge_slave_1) entered forwarding state
[  286.554699][ T3929] tipc: Started in network mode
[  286.593055][ T3929] tipc: Own node identity ac14140f, cluster identity 4711
[  286.607868][ T3929] tipc: New replicast peer: 10.1.1.2
[  286.620380][ T3929] tipc: Enabled bearer <udp:syz0>, priority 10
[  286.649191][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  286.685120][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  286.694844][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  286.721057][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  286.731899][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  286.752768][ T3886] device veth0_vlan entered promiscuous mode
[  286.765765][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  286.776305][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  286.795447][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  286.795972][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  286.801971][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  286.845101][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  286.857084][ T3886] device veth1_macvtap entered promiscuous mode
[  286.867984][   T24] audit: type=1400 audit(2000000062.430:1946): avc:  denied  { create } for  pid=3934 comm="syz.0.1276" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  286.898966][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  286.914893][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  286.928328][   T24] audit: type=1400 audit(2000000062.430:1947): avc:  denied  { setopt } for  pid=3934 comm="syz.0.1276" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  286.956067][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  286.973646][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  286.984687][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  287.034694][   T24] audit: type=1400 audit(2000000062.600:1948): avc:  denied  { create } for  pid=3944 comm="syz.8.1279" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  287.094849][   T24] audit: type=1400 audit(2000000062.600:1949): avc:  denied  { write } for  pid=3944 comm="syz.8.1279" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  287.145205][   T24] audit: type=1400 audit(2000000062.620:1950): avc:  denied  { setopt } for  pid=3943 comm="syz.0.1280" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  287.166943][   T24] audit: type=1400 audit(2000000062.620:1951): avc:  denied  { write } for  pid=3943 comm="syz.0.1280" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  287.258477][   T24] audit: type=1400 audit(2000000062.810:1952): avc:  denied  { shutdown } for  pid=3944 comm="syz.8.1279" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  287.380498][ T3948] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF
[  287.407390][  T297] udevd[297]: symlink '../../loop5' '/dev/disk/by-uuid/1DE1-D756.tmp-b7:5' failed: Read-only file system
[  287.419423][ T3948] FAT-fs (loop5): Filesystem has been set read-only
[  287.420133][   T24] audit: type=1400 audit(2000000062.990:1953): avc:  denied  { mount } for  pid=3959 comm="syz.8.1285" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  287.547533][  T358] udevd[358]: symlink '../../loop4' '/dev/disk/by-uuid/76b65be2-f6da-4727-8c75-0525a5b65a09.tmp-b7:4' failed: Read-only file system
[  287.576350][  T297] udevd[297]: symlink '../../loop5' '/dev/disk/by-uuid/1DE1-D756.tmp-b7:5' failed: Read-only file system
[  287.580872][ T3963] SELinux: security_context_str_to_sid(ÿ) failed for (dev incremental-fs, type incremental-fs) errno=-22
[  287.602944][ T3968] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  287.613084][ T3968] ext4 filesystem being mounted at /156/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  287.663808][  T358] udevd[358]: symlink '../../loop4' '/dev/disk/by-uuid/76b65be2-f6da-4727-8c75-0525a5b65a09.tmp-b7:4' failed: Read-only file system
[  287.744275][  T305] tipc: 32-bit node address hash set to f1414ac
[  287.971014][ T3993] netlink: 'syz.0.1300': attribute type 4 has an invalid length.
[  288.354407][ T4011] SELinux: failed to load policy
[  289.359678][ T4043] input: syz0 as /devices/virtual/input/input27
[  291.431120][ T4046] input: syz0 as /devices/virtual/input/input28
[  292.061355][ T4060] syz.8.1326[4060] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  292.061471][ T4060] syz.8.1326[4060] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  292.228845][   T24] kauditd_printk_skb: 32 callbacks suppressed
[  292.228885][   T24] audit: type=1400 audit(2000000067.790:1986): avc:  denied  { bind } for  pid=4063 comm="syz.9.1327" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  292.292936][   T24] audit: type=1400 audit(2000000067.840:1987): avc:  denied  { write } for  pid=4063 comm="syz.9.1327" path="socket:[29356]" dev="sockfs" ino=29356 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  292.343334][   T24] audit: type=1400 audit(2000000067.900:1988): avc:  denied  { map } for  pid=4066 comm="syz.5.1330" path="socket:[29366]" dev="sockfs" ino=29366 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  292.673787][   T24] audit: type=1400 audit(2000000067.950:1989): avc:  denied  { read accept } for  pid=4066 comm="syz.5.1330" path="socket:[29366]" dev="sockfs" ino=29366 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  293.064967][ T4079] input: syz0 as /devices/virtual/input/input29
[  293.734285][   T24] audit: type=1400 audit(2000000069.290:1990): avc:  denied  { setopt } for  pid=4083 comm="syz.8.1335" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  293.786654][   T24] audit: type=1400 audit(2000000069.350:1991): avc:  denied  { connect } for  pid=4074 comm="syz.4.1322" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  294.954302][ T4109] hub 9-0:1.0: USB hub found
[  294.982953][ T4109] hub 9-0:1.0: 1 port detected
[  295.352277][ T4129] hub 8-0:1.0: USB hub found
[  295.358306][ T4129] hub 8-0:1.0: 1 port detected
[  296.110891][   T24] audit: type=1400 audit(2000000071.670:1992): avc:  denied  { setopt } for  pid=4137 comm="syz.8.1355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  296.148803][ T4134] 9pnet: p9_errstr2errno: server reported unknown error �@í΂Í(Íë…èo/X¬
¬
D=ƒ
[  296.224420][   T24] audit: type=1400 audit(2000000071.700:1993): avc:  denied  { read } for  pid=4137 comm="syz.8.1355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  296.473765][ T4147] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1359'.
[  296.561884][ T4156] input: syz0 as /devices/virtual/input/input30
[  297.587673][ T4165] netlink: 96 bytes leftover after parsing attributes in process `syz.8.1365'.
[  297.917618][ T4171] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4171 comm=syz.8.1367
[  298.646374][ T4189] netem: change failed
[  298.725005][ T4192] tmpfs: Unknown parameter ''
[  298.796031][ T4194] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1377'.
[  299.456034][ T4210] syz.9.1383[4210] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  299.456157][ T4210] syz.9.1383[4210] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  299.470871][ T4210] input: syz0 as /devices/virtual/input/input31
[  299.502772][   T24] audit: type=1400 audit(2000000075.060:1994): avc:  denied  { mount } for  pid=4211 comm="syz.8.1384" name="/" dev="configfs" ino=13586 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  300.366245][ T4222] overlayfs: failed to resolve './file1': -2
[  300.392336][   T24] audit: type=1400 audit(2000000075.090:1995): avc:  denied  { search } for  pid=4211 comm="syz.8.1384" name="/" dev="configfs" ino=13586 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  300.570996][   T24] audit: type=1400 audit(2000000076.130:1996): avc:  denied  { bind } for  pid=4234 comm="syz.0.1392" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  300.607916][   T24] audit: type=1400 audit(2000000076.160:1997): avc:  denied  { listen } for  pid=4234 comm="syz.0.1392" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  300.641683][   T24] audit: type=1400 audit(2000000076.160:1998): avc:  denied  { write } for  pid=4234 comm="syz.0.1392" path="socket:[28363]" dev="sockfs" ino=28363 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  300.738986][ T4244] syz.0.1394[4244] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  300.739087][ T4244] syz.0.1394[4244] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  300.773051][   T24] audit: type=1326 audit(2000000076.330:1999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4243 comm="syz.8.1396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6f6c5e929 code=0x7ffc0000
[  300.882798][   T24] audit: type=1326 audit(2000000076.330:2000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4243 comm="syz.8.1396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6f6c5e929 code=0x7ffc0000
[  300.910807][   T24] audit: type=1326 audit(2000000076.370:2001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4243 comm="syz.8.1396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7fb6f6c5e929 code=0x7ffc0000
[  300.935449][   T24] audit: type=1326 audit(2000000076.370:2002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4243 comm="syz.8.1396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6f6c5e929 code=0x7ffc0000
[  300.959874][   T24] audit: type=1326 audit(2000000076.370:2003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4243 comm="syz.8.1396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6f6c5e929 code=0x7ffc0000
[  301.015095][ T4253] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=4253 comm=syz.8.1397
[  302.436966][ T4268] EXT4-fs error (device loop9): ext4_orphan_get:1421: comm syz.9.1403: bad orphan inode 11
[  302.467660][  T297] udevd[297]: symlink '../../loop9' '/dev/disk/by-label/syzkaller.tmp-b7:9' failed: Read-only file system
[  302.497756][ T4268] ext4_test_bit(bit=10, block=4) = 1
[  302.537145][ T4268] is_bad_inode(inode)=0
[  302.568430][ T4268] NEXT_ORPHAN(inode)=2080374784
[  302.590911][ T4268] max_ino=32
[  302.602057][ T4268] i_nlink=0
[  302.614367][ T4268] EXT4-fs (loop9): 1 truncate cleaned up
[  302.637654][ T4268] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue
[  302.696883][  T297] udevd[297]: symlink '../../loop9' '/dev/disk/by-label/syzkaller.tmp-b7:9' failed: Read-only file system
[  303.781602][ T4337] SELinux: security_context_str_to_sid(u) failed for (dev incremental-fs, type incremental-fs) errno=-22
[  304.044301][  T385] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  304.941304][   T24] kauditd_printk_skb: 39 callbacks suppressed
[  304.941338][   T24] audit: type=1400 audit(2000000080.500:2043): avc:  denied  { relabelfrom } for  pid=4352 comm="syz.5.1439" name="" dev="pipefs" ino=30213 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  304.992467][ T4353] SELinux:  Context system_u:object_r:systemd_logind_var_run_t:s0 is not valid (left unmapped).
[  305.015602][   T24] audit: type=1400 audit(2000000080.550:2044): avc:  denied  { mac_admin } for  pid=4352 comm="syz.5.1439" capability=33  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  305.037976][   T24] audit: type=1400 audit(2000000080.570:2045): avc:  denied  { relabelto } for  pid=4352 comm="syz.5.1439" name="" dev="pipefs" ino=30213 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1 trawcon="system_u:object_r:systemd_logind_var_run_t:s0"
[  305.099042][   T24] audit: type=1326 audit(2000000080.660:2046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4360 comm="syz.5.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd946bf3929 code=0x7ffc0000
[  305.143720][   T24] audit: type=1326 audit(2000000080.680:2047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4360 comm="syz.5.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd946bf3929 code=0x7ffc0000
[  305.169329][   T24] audit: type=1326 audit(2000000080.690:2048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4360 comm="syz.5.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd946bf3929 code=0x7ffc0000
[  305.193643][   T24] audit: type=1326 audit(2000000080.690:2049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4360 comm="syz.5.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd946bf3929 code=0x7ffc0000
[  305.218318][  T385] usb 10-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  305.231181][  T385] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  305.245124][  T385] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  305.255440][   T24] audit: type=1326 audit(2000000080.690:2050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4360 comm="syz.5.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd946bf3929 code=0x7ffc0000
[  305.279434][  T385] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  305.294284][   T24] audit: type=1326 audit(2000000080.690:2051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4360 comm="syz.5.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd946bf3929 code=0x7ffc0000
[  305.319265][   T24] audit: type=1326 audit(2000000080.690:2052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4360 comm="syz.5.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd946bf3929 code=0x7ffc0000
[  305.394559][  T385] usb 10-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  305.403776][  T385] usb 10-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  305.426129][  T385] usb 10-1: Manufacturer: syz
[  305.437911][  T385] usb 10-1: config 0 descriptor??
[  305.916945][  T385] appleir 0003:05AC:8243.0009: unknown main item tag 0x0
[  305.937278][  T385] appleir 0003:05AC:8243.0009: No inputs registered, leaving
[  305.945126][  T451] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  306.046219][  T385] appleir 0003:05AC:8243.0009: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.9-1/input0
[  307.138111][  T451] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  307.158843][ T4404] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1459'.
[  307.161187][  T451] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  307.912906][  T451] usb 6-1: config 1 has no interface number 0
[  307.919122][  T451] usb 6-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  307.930075][  T451] usb 6-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  308.174761][  T451] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  308.183880][  T451] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  308.211272][  T451] usb 6-1: Product: syz
[  308.212056][    T7] tipc: Subscription rejected, illegal request
[  308.221118][  T451] usb 6-1: Manufacturer: syz
[  308.226875][  T451] usb 6-1: SerialNumber: syz
[  308.477628][  T385] usb 10-1: USB disconnect, device number 2
[  309.514964][  T451] cdc_ncm 6-1:1.1: bind() failure
[  309.869385][   T25] usb 6-1: USB disconnect, device number 4
[  312.005293][ T4508] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1500'.
[  312.490114][ T4515] hub 8-0:1.0: USB hub found
[  312.496257][ T4515] hub 8-0:1.0: 1 port detected
[  312.724223][   T24] kauditd_printk_skb: 137 callbacks suppressed
[  312.724254][   T24] audit: type=1400 audit(2000000088.160:2190): avc:  denied  { read } for  pid=4506 comm="syz.5.1499" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  313.249348][   T24] audit: type=1326 audit(2000000088.810:2191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4524 comm="syz.8.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6f6c5e929 code=0x7ffc0000
[  313.283433][   T24] audit: type=1326 audit(2000000088.840:2192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4524 comm="syz.8.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7fb6f6c5e929 code=0x7ffc0000
[  313.308553][   T24] audit: type=1326 audit(2000000088.840:2193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4524 comm="syz.8.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6f6c5e929 code=0x7ffc0000
[  313.397359][   T24] audit: type=1326 audit(2000000088.840:2194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4524 comm="syz.8.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb6f6c5e929 code=0x7ffc0000
[  313.430045][   T24] audit: type=1326 audit(2000000088.840:2195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4524 comm="syz.8.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6f6c5e929 code=0x7ffc0000
[  313.473954][   T24] audit: type=1326 audit(2000000088.840:2196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4524 comm="syz.8.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb6f6c5e929 code=0x7ffc0000
[  313.532189][   T24] audit: type=1326 audit(2000000088.840:2197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4524 comm="syz.8.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6f6c5e929 code=0x7ffc0000
[  313.600270][   T24] audit: type=1326 audit(2000000088.840:2198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4524 comm="syz.8.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb6f6c5e929 code=0x7ffc0000
[  313.653377][  T297] udevd[297]: symlink '../../loop8' '/dev/disk/by-label/syzkaller.tmp-b7:8' failed: Read-only file system
[  313.695296][   T24] audit: type=1326 audit(2000000088.840:2199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4524 comm="syz.8.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6f6c5e929 code=0x7ffc0000
[  313.745741][ T4544] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue
[  313.766234][ T4544] ext4 filesystem being mounted at /92/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  313.806628][  T297] udevd[297]: symlink '../../loop8' '/dev/disk/by-label/syzkaller.tmp-b7:8' failed: Read-only file system
[  315.070149][ T4574] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  315.077336][    T7] Bluetooth: hci0: Frame reassembly failed (-84)
[  315.626544][ T4586] syz.5.1530[4586] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  315.626704][ T4586] syz.5.1530[4586] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  315.804004][ T4577] F2FS-fs (loop9): invalid crc value
[  315.874802][  T297] udevd[297]: symlink '../../loop9' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:9' failed: Read-only file system
[  315.892413][  T546] kernel write not supported for file bpf-prog (pid: 546 comm: kworker/0:8)
[  315.912924][ T4577] F2FS-fs (loop9): Found nat_bits in checkpoint
[  315.985931][  T297] udevd[297]: symlink '../../loop9' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:9' failed: Read-only file system
[  316.064456][ T4577] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  316.136160][  T297] udevd[297]: symlink '../../loop9' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:9' failed: Read-only file system
[  316.225989][ T3886] attempt to access beyond end of device
[  316.225989][ T3886] loop9: rw=524288, want=45072, limit=40427
[  316.237781][ T3886] attempt to access beyond end of device
[  316.237781][ T3886] loop9: rw=0, want=45072, limit=40427
[  316.252672][ T4557] F2FS-fs (loop8): Test dummy encryption mode enabled
[  316.275556][ T4557] F2FS-fs (loop8): invalid crc value
[  316.296495][ T4608] syz.5.1536[4608] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  316.296779][ T4608] syz.5.1536[4608] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  316.334355][  T358] udevd[358]: symlink '../../loop8' '/dev/disk/by-uuid/36fde3fc-a519-493c-8baa-e32931e9a89c.tmp-b7:8' failed: Read-only file system
[  316.362864][ T4557] F2FS-fs (loop8): Found nat_bits in checkpoint
[  316.376410][ T4608] syz.5.1536[4608] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  316.376597][ T4608] syz.5.1536[4608] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  316.429662][  T297] udevd[297]: symlink '../../loop8' '/dev/disk/by-uuid/36fde3fc-a519-493c-8baa-e32931e9a89c.tmp-b7:8' failed: Read-only file system
[  316.454005][ T4557] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  316.483394][ T3886] attempt to access beyond end of device
[  316.483394][ T3886] loop9: rw=2049, want=45104, limit=40427
[  316.523589][  T297] udevd[297]: symlink '../../loop8' '/dev/disk/by-uuid/36fde3fc-a519-493c-8baa-e32931e9a89c.tmp-b7:8' failed: Read-only file system
[  316.554621][ T4615] SELinux: security_context_str_to_sid(system_u) failed for (dev incremental-fs, type incremental-fs) errno=-22
[  316.734824][ T4617] exfat: Deprecated parameter 'utf8'
[  316.740704][ T4617] exfat: Deprecated parameter 'utf8'
[  316.852005][  T297] udevd[297]: symlink '../../loop5' '/dev/disk/by-uuid/1234-1234.tmp-b7:5' failed: Read-only file system
[  316.868147][ T4617] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x23a77120, utbl_chksum : 0xe619d30d)
[  316.955282][  T297] udevd[297]: symlink '../../loop5' '/dev/disk/by-uuid/1234-1234.tmp-b7:5' failed: Read-only file system
[  317.080144][ T4621] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1543'.
[  317.084317][  T546] Bluetooth: hci0: command 0x1003 tx timeout
[  317.124433][ T4575] Bluetooth: hci0: sending frame failed (-49)
[  317.185366][   T49] device bridge_slave_1 left promiscuous mode
[  317.194385][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  317.219800][   T49] device bridge_slave_0 left promiscuous mode
[  317.229279][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  317.247088][   T49] device veth1_macvtap left promiscuous mode
[  317.253209][   T49] device veth0_vlan left promiscuous mode
[  317.599850][ T4631] EXT4-fs (loop8): 1 orphan inode deleted
[  317.612925][ T4631] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue
[  317.632708][ T4631] ext4 filesystem being mounted at /94/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  317.682134][ T4631] EXT4-fs (loop8): re-mounted. Opts: (null)
[  317.734749][ T4636] bridge0: port 1(bridge_slave_0) entered blocking state
[  317.741962][ T4636] bridge0: port 1(bridge_slave_0) entered disabled state
[  317.750917][ T4636] device bridge_slave_0 entered promiscuous mode
[  317.759203][ T4636] bridge0: port 2(bridge_slave_1) entered blocking state
[  317.766644][ T4636] bridge0: port 2(bridge_slave_1) entered disabled state
[  317.775024][ T4636] device bridge_slave_1 entered promiscuous mode
[  317.819089][   T24] kauditd_printk_skb: 76 callbacks suppressed
[  317.819123][   T24] audit: type=1326 audit(2000000093.380:2276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4648 comm="syz.5.1552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd946bf3929 code=0x7ffc0000
[  317.855464][   T24] audit: type=1326 audit(2000000093.380:2277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4648 comm="syz.5.1552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd946bf3929 code=0x7ffc0000
[  317.887705][   T24] audit: type=1326 audit(2000000093.410:2278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4648 comm="syz.5.1552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fd946bf3929 code=0x7ffc0000
[  317.911605][   T24] audit: type=1326 audit(2000000093.410:2279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4648 comm="syz.5.1552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd946bf3929 code=0x7ffc0000
[  317.957091][   T24] audit: type=1326 audit(2000000093.410:2280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4648 comm="syz.5.1552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd946bf3929 code=0x7ffc0000
[  317.981441][   T24] audit: type=1326 audit(2000000093.420:2281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4648 comm="syz.5.1552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7fd946bf3929 code=0x7ffc0000
[  318.020660][ T4636] bridge0: port 2(bridge_slave_1) entered blocking state
[  318.027800][ T4636] bridge0: port 2(bridge_slave_1) entered forwarding state
[  318.034340][   T24] audit: type=1326 audit(2000000093.510:2282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4648 comm="syz.5.1552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd946bf3929 code=0x7ffc0000
[  318.035319][ T4636] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.059551][   T24] audit: type=1326 audit(2000000093.510:2283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4648 comm="syz.5.1552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd946bf3929 code=0x7ffc0000
[  318.066008][ T4636] bridge0: port 1(bridge_slave_0) entered forwarding state
[  318.099810][ T4655] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  318.119090][ T4655] EXT4-fs (loop5): 1 truncate cleaned up
[  318.128236][ T4655] EXT4-fs (loop5): mounted filesystem without journal. Opts: quota,nolazytime,barrier=0x0000000000000003,debug_want_extra_isize=0x0000000000000080,block_validity,jqfmt=vfsv1,,errors=continue
[  318.218750][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  318.227266][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  318.234912][   T24] audit: type=1400 audit(2000000093.790:2284): avc:  denied  { mounton } for  pid=4654 comm="syz.5.1554" path="/251/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bus" dev="loop5" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  318.270505][ T4655] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5932: Corrupt filesystem
[  318.289131][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  318.289380][ T4655] EXT4-fs error (device loop5): ext4_setattr:5647: inode #15: comm syz.5.1554: mark_inode_dirty error
[  318.307737][ T4655] EXT4-fs error (device loop5) in ext4_setattr:5706: Corrupt filesystem
[  318.329548][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  318.338569][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.345695][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  318.369147][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  318.377776][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  318.378152][ T1814] EXT4-fs error (device loop5): ext4_map_blocks:630: inode #2: block 13: comm syz-executor: lblock 0 mapped to illegal pblock 13 (length 1)
[  318.384901][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  318.409060][ T1814] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5932: Corrupt filesystem
[  318.409594][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  318.419038][ T1814] EXT4-fs error (device loop5): ext4_dirty_inode:6142: inode #2: comm syz-executor: mark_inode_dirty error
[  318.428082][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  318.465287][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  318.481683][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  318.490866][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  318.499557][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  318.516044][ T4636] device veth0_vlan entered promiscuous mode
[  318.533154][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  318.545396][ T4636] device veth1_macvtap entered promiscuous mode
[  318.563057][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  318.581462][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  318.591128][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  318.714711][ T4663] xt_bpf: check failed: parse error
[  318.763301][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  319.162666][ T4680] hub 8-0:1.0: USB hub found
[  319.168136][ T4680] hub 8-0:1.0: 1 port detected
[  319.179863][ T4673] hub 8-0:1.0: USB hub found
[  319.184739][ T4673] hub 8-0:1.0: 1 port detected
[  319.248164][ T4670] bridge0: port 1(bridge_slave_0) entered blocking state
[  319.255665][ T4670] bridge0: port 1(bridge_slave_0) entered disabled state
[  319.263917][ T4670] device bridge_slave_0 entered promiscuous mode
[  319.275371][ T4670] bridge0: port 2(bridge_slave_1) entered blocking state
[  319.282705][ T4670] bridge0: port 2(bridge_slave_1) entered disabled state
[  319.291567][ T4670] device bridge_slave_1 entered promiscuous mode
[  319.448847][  T813] Bluetooth: hci0: command 0x1001 tx timeout
[  319.455024][ T4575] Bluetooth: hci0: sending frame failed (-49)
[  319.483969][ T4670] bridge0: port 2(bridge_slave_1) entered blocking state
[  319.491070][ T4670] bridge0: port 2(bridge_slave_1) entered forwarding state
[  319.498492][ T4670] bridge0: port 1(bridge_slave_0) entered blocking state
[  319.505576][ T4670] bridge0: port 1(bridge_slave_0) entered forwarding state
[  319.549054][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  319.557325][ T2442] bridge0: port 1(bridge_slave_0) entered disabled state
[  319.566391][ T2442] bridge0: port 2(bridge_slave_1) entered disabled state
[  319.579608][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  319.588392][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  319.598586][ T2442] bridge0: port 1(bridge_slave_0) entered blocking state
[  319.605711][ T2442] bridge0: port 1(bridge_slave_0) entered forwarding state
[  319.619739][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  319.628876][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  319.637881][ T2442] bridge0: port 2(bridge_slave_1) entered blocking state
[  319.644986][ T2442] bridge0: port 2(bridge_slave_1) entered forwarding state
[  319.671048][  T304] tipc: Disabling bearer <udp:syz0>
[  319.677795][  T304] tipc: Left network mode
[  319.723064][ T4670] device veth0_vlan entered promiscuous mode
[  319.759716][ T4670] device veth1_macvtap entered promiscuous mode
[  319.789194][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  319.808508][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  319.817343][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  319.817446][   T24] audit: type=1326 audit(2000000095.380:2285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4683 comm="syz.1.1564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61987a4929 code=0x7ffc0000
[  319.827946][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  319.858215][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  319.866982][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  319.876047][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  319.886730][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  319.895483][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  319.917505][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  319.930948][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  319.939887][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  319.951797][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  319.961355][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  319.970601][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  319.992329][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  320.005575][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  320.014963][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  320.026667][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  320.034834][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  320.088845][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  320.130728][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  320.196933][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  320.328835][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  320.415003][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  320.706949][ T4718] hub 8-0:1.0: USB hub found
[  320.712858][ T4718] hub 8-0:1.0: 1 port detected
[  320.886480][  T304] device bridge_slave_1 left promiscuous mode
[  320.917905][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[  321.074596][  T304] device bridge_slave_0 left promiscuous mode
[  321.099794][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[  321.187094][  T304] device veth1_macvtap left promiscuous mode
[  321.356476][  T304] device veth0_vlan left promiscuous mode
[  321.374062][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  321.484381][   T25] Bluetooth: hci0: command 0x1009 tx timeout
[  321.581196][ T4734] APIC base relocation is unsupported by KVM
[  321.967531][ T4749] hub 8-0:1.0: USB hub found
[  321.979414][ T4749] hub 8-0:1.0: 1 port detected
[  322.708435][ T4755] fuse: root generation should be zero
[  322.827405][ T4751] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4751 comm=syz.3.1592
[  322.922737][ T4764] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4764 comm=syz.3.1596
[  322.937944][ T4764] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4764 comm=syz.3.1596
[  322.966726][ T4759] syz.4.1591[4759] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  322.966858][ T4759] syz.4.1591[4759] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  322.980522][   T24] kauditd_printk_skb: 34 callbacks suppressed
[  322.980558][   T24] audit: type=1326 audit(2000000098.550:2320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4765 comm="syz.8.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6f6c5e929 code=0x7ffc0000
[  323.045365][   T24] audit: type=1400 audit(2000000098.600:2321): avc:  denied  { ioctl } for  pid=4760 comm="syz.1.1595" path="/dev/ppp" dev="devtmpfs" ino=153 ioctlcmd=0x7459 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  323.070235][   T24] audit: type=1326 audit(2000000098.600:2322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4765 comm="syz.8.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7fb6f6c5e929 code=0x7ffc0000
[  323.093886][   T24] audit: type=1326 audit(2000000098.600:2323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4765 comm="syz.8.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6f6c5e929 code=0x7ffc0000
[  323.118041][   T24] audit: type=1326 audit(2000000098.600:2324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4765 comm="syz.8.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6f6c5e929 code=0x7ffc0000
[  323.233348][   T24] audit: type=1326 audit(2000000098.790:2325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4773 comm="syz.8.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6f6c5e929 code=0x7ffc0000
[  323.258475][   T24] audit: type=1326 audit(2000000098.790:2326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4773 comm="syz.8.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6f6c5e929 code=0x7ffc0000
[  323.311674][   T24] audit: type=1326 audit(2000000098.790:2327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4773 comm="syz.8.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb6f6c5e929 code=0x7ffc0000
[  323.336903][   T24] audit: type=1326 audit(2000000098.790:2328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4773 comm="syz.8.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6f6c5e929 code=0x7ffc0000
[  323.362131][   T24] audit: type=1326 audit(2000000098.790:2329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4773 comm="syz.8.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb6f6c5e929 code=0x7ffc0000
[  323.680840][ T4782] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue
[  323.730227][ T3770] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  323.747307][ T3770] EXT4-fs error (device loop8) in ext4_mb_clear_bb:5645: Corrupt filesystem
[  323.770782][  T297] udevd[297]: symlink '../../loop8' '/dev/disk/by-label/syzkaller.tmp-b7:8' failed: Read-only file system
[  323.778633][  T358] udevd[358]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  323.819009][  T297] udevd[297]: symlink '../../loop8' '/dev/disk/by-label/syzkaller.tmp-b7:8' failed: Read-only file system
[  323.905800][  T358] udevd[358]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  323.963931][ T4807] syz.3.1614[4807] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  323.964050][ T4807] syz.3.1614[4807] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  324.008258][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  324.088165][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  324.308656][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  324.405680][ T4822] syz.4.1615[4822] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  324.406441][ T4822] syz.4.1615[4822] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  325.551728][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  325.680474][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  325.857286][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  326.459001][ T4818] F2FS-fs (loop8): fault_injection options not supported
[  326.486300][ T4818] F2FS-fs (loop8): invalid crc value
[  326.516392][ T4818] F2FS-fs (loop8): Found nat_bits in checkpoint
[  326.629808][ T4818] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  326.715634][ T3770] attempt to access beyond end of device
[  326.715634][ T3770] loop8: rw=2049, want=45104, limit=40427
[  327.569776][ T4891] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1647'.
[  327.718674][ T4908] device veth1_macvtap left promiscuous mode
[  327.726172][ T4908] device macsec0 entered promiscuous mode
[  327.737375][ T4906] bridge: RTM_NEWNEIGH with invalid ether address
[  327.914350][  T385] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  327.933952][ T4915] ªªªªªª: renamed from vlan0
[  328.046012][ T4925] EXT4-fs (loop8): Ignoring removed orlov option
[  328.052474][ T4925] EXT4-fs (loop8): Ignoring removed nomblk_io_submit option
[  328.099368][ T4930] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4930 comm=syz.1.1664
[  328.115411][ T4925] EXT4-fs (loop8): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,data_err=ignore,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue
[  328.145574][   T24] kauditd_printk_skb: 73 callbacks suppressed
[  328.145607][   T24] audit: type=1400 audit(2000000103.710:2403): avc:  denied  { setattr } for  pid=4924 comm="syz.8.1662" name="file0" dev="loop8" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  328.175228][  T385] usb 4-1: Using ep0 maxpacket: 32
[  328.294454][  T385] usb 4-1: config 0 has an invalid interface number: 151 but max is 0
[  328.303329][  T385] usb 4-1: config 0 has no interface number 0
[  329.519704][ T4938] F2FS-fs (loop4): Invalid SB checksum offset: 0
[  329.720934][ T4938] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  329.731835][ T4938] F2FS-fs (loop4): invalid crc value
[  329.740532][ T4938] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  329.794373][  T385] usb 4-1: New USB device found, idVendor=0403, idProduct=e548, bcdDevice=ad.d6
[  330.458019][ T4952] hub 8-0:1.0: USB hub found
[  330.463937][ T4952] hub 8-0:1.0: 1 port detected
[  330.764266][  T385] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  330.772323][  T385] usb 4-1: Product: syz
[  330.776622][  T385] usb 4-1: Manufacturer: syz
[  330.781315][  T385] usb 4-1: SerialNumber: syz
[  330.787462][  T385] usb 4-1: config 0 descriptor??
[  330.925689][  T358] udevd[358]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  330.984100][ T4957] sch_fq: defrate 0 ignored.
[  331.030558][  T385] usb 4-1: can't set config #0, error -71
[  331.039623][  T385] usb 4-1: USB disconnect, device number 3
[  331.093338][  T358] udevd[358]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  331.114508][ T4938] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  331.167761][ T4938] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  331.170395][   T24] audit: type=1326 audit(2000000106.730:2404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4960 comm="syz.0.1672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02388dd929 code=0x7ffc0000
[  331.188706][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  331.257986][   T24] audit: type=1326 audit(2000000106.730:2405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4960 comm="syz.0.1672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02388dd929 code=0x7ffc0000
[  331.297310][   T24] audit: type=1326 audit(2000000106.780:2406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4960 comm="syz.0.1672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7f02388dd929 code=0x7ffc0000
[  331.322199][   T24] audit: type=1326 audit(2000000106.780:2407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4960 comm="syz.0.1672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02388dd929 code=0x7ffc0000
[  331.349922][ T4975] bridge0: port 3(syz_tun) entered blocking state
[  331.364284][ T4975] bridge0: port 3(syz_tun) entered disabled state
[  331.387354][ T4975] device syz_tun entered promiscuous mode
[  331.393019][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  331.397538][ T4975] bridge0: port 3(syz_tun) entered blocking state
[  331.411283][ T4975] bridge0: port 3(syz_tun) entered forwarding state
[  331.419638][   T24] audit: type=1326 audit(2000000106.780:2408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4960 comm="syz.0.1672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02388dd929 code=0x7ffc0000
[  331.511019][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  331.584856][ T4983] kvm: emulating exchange as write
[  331.594579][   T24] audit: type=1107 audit(2000000107.150:2409): pid=4985 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  331.656588][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  331.752998][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  331.905391][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  332.121569][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  332.277067][   T24] audit: type=1326 audit(2000000107.840:2410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5024 comm="syz.0.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02388dd929 code=0x7ffc0000
[  332.322229][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  332.374707][   T24] audit: type=1326 audit(2000000107.840:2411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5024 comm="syz.0.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02388dd929 code=0x7ffc0000
[  332.444304][   T24] audit: type=1326 audit(2000000107.840:2412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5024 comm="syz.0.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f02388dd929 code=0x7ffc0000
[  332.474806][ T5034] EXT4-fs (loop8): Test dummy encryption mode enabled
[  332.481769][ T5034] EXT4-fs (loop8): Test dummy encryption mode enabled
[  332.523974][ T5034] EXT4-fs (loop8): mounted filesystem without journal. Opts: test_dummy_encryption=v1,test_dummy_encryption=v1,,errors=continue
[  332.547912][ T5040] bridge: RTM_NEWNEIGH with invalid ether address
[  332.555169][ T5034] ext4 filesystem being mounted at /139/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  333.778097][ T5055] ÿÿÿÿÿÿ: renamed from vlan1
[  333.889978][ T5065] netlink: 'syz.1.1718': attribute type 16 has an invalid length.
[  333.908400][ T5065] netlink: 'syz.1.1718': attribute type 17 has an invalid length.
[  333.963584][ T5065] device veth0_vlan left promiscuous mode
[  333.979800][ T5065] device veth0_vlan entered promiscuous mode
[  334.006346][ T5065] device veth1_macvtap entered promiscuous mode
[  334.081369][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  334.100310][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  334.121248][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  334.130172][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  334.139713][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  334.149608][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  334.159537][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  334.179789][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  334.198842][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  334.229205][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  334.247103][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): ÿÿÿÿÿÿ: link becomes ready
[  334.266149][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  334.277875][ T5057] SELinux:  Context system_u:object_r:dhcpd_exec_t:s0 is not valid (left unmapped).
[  334.287364][   T24] kauditd_printk_skb: 5 callbacks suppressed
[  334.287397][   T24] audit: type=1400 audit(2000000109.850:2418): avc:  denied  { watch_reads } for  pid=5072 comm="syz.3.1720" path="/25/file0" dev="tmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  334.381214][   T24] audit: type=1400 audit(2000000109.890:2419): avc:  denied  { relabelto } for  pid=5056 comm="syz.0.1715" name="" dev="pipefs" ino=34051 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1 trawcon="system_u:object_r:dhcpd_exec_t:s0"
[  334.618837][   T24] audit: type=1400 audit(2000000110.180:2420): avc:  denied  { ioctl } for  pid=5085 comm="syz.1.1726" path="socket:[33183]" dev="sockfs" ino=33183 ioctlcmd=0x48ca scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  334.674976][   T24] audit: type=1400 audit(2000000110.210:2421): avc:  denied  { setopt } for  pid=5085 comm="syz.1.1726" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  334.697114][    T5] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  334.737378][ T5092] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1728'.
[  335.034489][   T24] audit: type=1400 audit(2000000110.590:2422): avc:  denied  { name_bind } for  pid=5112 comm="syz.4.1738" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  335.094363][    T5] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  335.103156][    T5] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  335.116760][    T5] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  335.141081][ T5117] EXT4-fs (loop8): Test dummy encryption mode enabled
[  335.151107][ T5117] EXT4-fs (loop8): mounted filesystem without journal. Opts: test_dummy_encryption,,errors=continue
[  335.164480][ T5117] ext4 filesystem being mounted at /147/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  335.187962][ T5117] SELinux: security_context_str_to_sid($YJòp’µ²È+Ýdaõ¹­ß6¿ÿíùÞ}®>;5ыܵ½µùäÎWßúäÊC_}óÓÕ—Ó?p]'¯ñY·Hn;�bÿE·ép×ÞøøÛ*÷·'¹w˜ÿ^ÊÔ7ï�¹›ÖzyðýkûîÏ_ß9ɾ'o0èU¿�K uÊ$ýåL’z½,gfêÿðßuΗ¯Îν>ýòìü�—š©€“ÒO6ûìܧåÿÇN�à,yâÀV•ÿ§¯­|_­ïtšêЄ*ÿÓ/,>ù‡Ö‘h/ù‡ö’h/ù‡ö’h/ù‡ö’h/ù‡³íÅ#ö#ÿåiõhÖþü) failed for (dev incremental-fs, type incremental-fs) errno=-22
[  335.221459][   T24] audit: type=1400 audit(2000000110.790:2423): avc:  denied  { remove_name } for  pid=5116 comm="syz.8.1741" name=".index" dev="loop8" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  335.245216][   T24] audit: type=1400 audit(2000000110.790:2424): avc:  denied  { rmdir } for  pid=5116 comm="syz.8.1741" name=".index" dev="loop8" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  335.294377][    T5] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  335.312056][    T5] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  335.320262][    T5] usb 4-1: Product: syz
[  335.325691][    T5] usb 4-1: Manufacturer: syz
[  335.330432][    T5] usb 4-1: SerialNumber: syz
[  335.357251][ T3770] EXT4-fs error (device loop8): ext4_readdir:223: inode #11: comm syz-executor: path /147/mnt/lost+found: directory fails checksum at offset 0
[  335.375509][ T3770] EXT4-fs error (device loop8): ext4_readdir:223: inode #11: comm syz-executor: path /147/mnt/lost+found: directory fails checksum at offset 10240
[  335.392321][ T3770] EXT4-fs error (device loop8): ext4_readdir:223: inode #11: comm syz-executor: path /147/mnt/lost+found: directory fails checksum at offset 11264
[  335.408341][ T3770] EXT4-fs error (device loop8): ext4_empty_dir:3077: inode #11: comm syz-executor: Directory block failed checksum
[  335.457738][ T3770] EXT4-fs error (device loop8): ext4_readdir:223: inode #11: comm syz-executor: path /147/mnt/lost+found: directory fails checksum at offset 0
[  335.473837][ T3770] EXT4-fs error (device loop8): ext4_readdir:223: inode #11: comm syz-executor: path /147/mnt/lost+found: directory fails checksum at offset 10240
[  335.490022][ T3770] EXT4-fs error (device loop8): ext4_readdir:223: inode #11: comm syz-executor: path /147/mnt/lost+found: directory fails checksum at offset 11264
[  335.670237][ T3770] EXT4-fs error (device loop8): ext4_empty_dir:3077: inode #11: comm syz-executor: Directory block failed checksum
[  335.863924][ T3770] EXT4-fs error (device loop8): ext4_readdir:223: inode #11: comm syz-executor: path /147/mnt/lost+found: directory fails checksum at offset 0
[  335.943405][ T3770] EXT4-fs error (device loop8): ext4_readdir:223: inode #11: comm syz-executor: path /147/mnt/lost+found: directory fails checksum at offset 10240
[  336.348413][  T358] udevd[358]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  336.363585][   T24] audit: type=1400 audit(2000000111.930:2425): avc:  denied  { create } for  pid=5136 comm="syz.0.1749" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  336.386401][   T24] audit: type=1400 audit(2000000111.940:2426): avc:  denied  { write } for  pid=5136 comm="syz.0.1749" path="socket:[33256]" dev="sockfs" ino=33256 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  336.394567][    T5] usb 4-1: 0:2 : does not exist
[  336.566963][    T5] usb 4-1: USB disconnect, device number 4
[  336.707873][ T5151] netem: change failed
[  336.727395][ T3770] bridge0: port 3(syz_tun) entered disabled state
[  336.752436][ T3770] device syz_tun left promiscuous mode
[  336.762933][ T3770] bridge0: port 3(syz_tun) entered disabled state
[  337.201663][ T5169] hub 8-0:1.0: USB hub found
[  337.207654][ T5169] hub 8-0:1.0: 1 port detected
[  337.889491][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  338.021114][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  338.189198][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  338.226156][  T304] device bridge_slave_1 left promiscuous mode
[  338.232690][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[  338.245311][  T304] device bridge_slave_0 left promiscuous mode
[  338.251696][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[  338.284129][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  338.298031][  T304] device veth1_macvtap left promiscuous mode
[  338.314599][  T304] device veth0_vlan left promiscuous mode
[  338.539708][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  338.620112][ T5168] bridge0: port 1(bridge_slave_0) entered blocking state
[  338.627649][ T5168] bridge0: port 1(bridge_slave_0) entered disabled state
[  338.636070][ T5168] device bridge_slave_0 entered promiscuous mode
[  338.643986][ T5168] bridge0: port 2(bridge_slave_1) entered blocking state
[  338.652791][ T5168] bridge0: port 2(bridge_slave_1) entered disabled state
[  338.661053][ T5168] device bridge_slave_1 entered promiscuous mode
[  338.778102][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  338.800440][ T5168] bridge0: port 2(bridge_slave_1) entered blocking state
[  338.807667][ T5168] bridge0: port 2(bridge_slave_1) entered forwarding state
[  338.815106][ T5168] bridge0: port 1(bridge_slave_0) entered blocking state
[  338.822277][ T5168] bridge0: port 1(bridge_slave_0) entered forwarding state
[  338.873884][   T24] audit: type=1400 audit(2000000114.430:2427): avc:  denied  { setopt } for  pid=5208 comm="syz.1.1777" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  338.910092][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  338.925801][ T2442] bridge0: port 1(bridge_slave_0) entered disabled state
[  338.944669][ T2442] bridge0: port 2(bridge_slave_1) entered disabled state
[  338.965715][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  338.982644][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  339.012538][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  339.035187][ T2442] bridge0: port 1(bridge_slave_0) entered blocking state
[  339.042300][ T2442] bridge0: port 1(bridge_slave_0) entered forwarding state
[  339.062556][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  339.101812][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  339.126058][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  339.135256][ T2442] bridge0: port 2(bridge_slave_1) entered blocking state
[  339.138392][ T5219] IPv4: Oversized IP packet from 127.202.26.0
[  339.142457][ T2442] bridge0: port 2(bridge_slave_1) entered forwarding state
[  339.206854][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  339.248103][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  339.259830][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  339.310512][  T358] udevd[358]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  339.315488][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  339.350122][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  339.370586][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  339.432827][ T5223] erofs: (device loop4): mounted with root inode @ nid 36.
[  339.492646][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  339.501494][ T5223] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=46
[  339.501964][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  339.565099][ T5168] device veth0_vlan entered promiscuous mode
[  339.577527][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  339.585643][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  339.600711][ T5223] overlayfs: failed to get redirect (-117)
[  339.607867][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  339.624378][   T24] kauditd_printk_skb: 1 callbacks suppressed
[  339.624412][   T24] audit: type=1400 audit(2000000115.190:2429): avc:  denied  { relabelfrom } for  pid=5236 comm="syz.1.1789" name="NETLINK" dev="sockfs" ino=33666 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  339.658835][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  339.678965][   T24] audit: type=1400 audit(2000000115.190:2430): avc:  denied  { relabelto } for  pid=5236 comm="syz.1.1789" name="NETLINK" dev="sockfs" ino=33666 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=netlink_netfilter_socket permissive=1
[  339.680673][ T5168] device veth1_macvtap entered promiscuous mode
[  339.806985][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  339.815231][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  339.826672][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  340.017058][ T5249] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1794'.
[  340.304648][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  340.371628][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  340.875574][   T24] audit: type=1326 audit(2000000116.440:2431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5262 comm="syz.3.1798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e57ab929 code=0x7ffc0000
[  341.065028][   T24] audit: type=1326 audit(2000000116.500:2432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5262 comm="syz.3.1798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e57ab929 code=0x7ffc0000
[  341.132201][   T24] audit: type=1326 audit(2000000116.520:2433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5262 comm="syz.3.1798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff4e57ab929 code=0x7ffc0000
[  341.190907][   T24] audit: type=1326 audit(2000000116.520:2434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5262 comm="syz.3.1798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e57ab929 code=0x7ffc0000
[  341.218349][   T24] audit: type=1326 audit(2000000116.520:2435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5262 comm="syz.3.1798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e57ab929 code=0x7ffc0000
[  341.252192][   T24] audit: type=1326 audit(2000000116.520:2436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5262 comm="syz.3.1798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff4e57ab929 code=0x7ffc0000
[  341.277154][   T24] audit: type=1326 audit(2000000116.520:2437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5262 comm="syz.3.1798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e57ab929 code=0x7ffc0000
[  341.305974][   T24] audit: type=1326 audit(2000000116.520:2438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5262 comm="syz.3.1798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e57ab929 code=0x7ffc0000
[  341.419709][ T5290] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  341.469451][  T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkalle\x81.tmp-b7:1' failed: Read-only file system
[  341.484581][  T451] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  341.619361][  T358] udevd[358]: symlink '../../loop2' '/dev/disk/by-uuid/1234-1234.tmp-b7:2' failed: Read-only file system
[  341.644111][ T5299] incfs: ino conflict with backing FS 1
[  341.670693][ T5299] incfs: Unexpected inode type
[  342.675708][  T451] usb 4-1: config 220 has an invalid interface number: 76 but max is 2
[  342.686754][  T451] usb 4-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  342.704252][  T451] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  342.724820][  T451] usb 4-1: config 220 has no interface number 2
[  342.731289][  T451] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  342.804163][  T451] usb 4-1: config 220 interface 0 has no altsetting 0
[  342.830973][  T451] usb 4-1: config 220 interface 76 has no altsetting 0
[  342.838438][  T451] usb 4-1: config 220 interface 1 has no altsetting 0
[  343.097119][ T5324] hub 8-0:1.0: USB hub found
[  343.102853][ T5324] hub 8-0:1.0: 1 port detected
[  343.728878][  T451] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  343.738098][  T451] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  343.746184][  T451] usb 4-1: Product: syz
[  343.750832][  T451] usb 4-1: Manufacturer: syz
[  343.755494][  T451] usb 4-1: SerialNumber: syz
[  344.176616][    T7] device bridge_slave_1 left promiscuous mode
[  344.197852][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  344.206512][    T7] device bridge_slave_0 left promiscuous mode
[  344.212821][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  344.224862][    T7] device veth1_macvtap left promiscuous mode
[  344.229059][ T5344] xt_bpf: check failed: parse error
[  344.244638][  T451] uvcvideo: Found UVC 7.01 device syz (8086:0b07)
[  344.251160][  T451] uvcvideo: No valid video chain found.
[  344.284555][  T451] usb 4-1: selecting invalid altsetting 0
[  344.374880][  T451] usb 4-1: USB disconnect, device number 5
[  344.415108][ T5351] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1835'.
[  344.460375][ T5342] netem: change failed
[  344.615311][ T5336] bridge0: port 1(bridge_slave_0) entered blocking state
[  344.635965][ T5336] bridge0: port 1(bridge_slave_0) entered disabled state
[  344.643484][ T5363] syz.1.1839[5363] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  344.643651][ T5363] syz.1.1839[5363] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  344.665141][ T5336] device bridge_slave_0 entered promiscuous mode
[  344.725197][ T5336] bridge0: port 2(bridge_slave_1) entered blocking state
[  344.743635][ T5336] bridge0: port 2(bridge_slave_1) entered disabled state
[  344.765300][ T5336] device bridge_slave_1 entered promiscuous mode
[  345.216726][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  345.234866][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  345.274144][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  345.284033][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  345.333281][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[  345.340492][  T304] bridge0: port 1(bridge_slave_0) entered forwarding state
[  345.388589][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  345.427259][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  345.444882][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  345.463583][  T304] bridge0: port 2(bridge_slave_1) entered blocking state
[  345.470840][  T304] bridge0: port 2(bridge_slave_1) entered forwarding state
[  345.515759][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  345.560763][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  345.638100][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  345.676432][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  345.686406][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  345.713236][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  345.738643][ T5336] device veth0_vlan entered promiscuous mode
[  345.766290][ T5382] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1846'.
[  345.781133][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  345.805431][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  345.820879][ T5336] device veth1_macvtap entered promiscuous mode
[  345.876290][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  345.898380][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  345.929270][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  345.973922][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  345.999659][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  346.076343][   T24] kauditd_printk_skb: 20 callbacks suppressed
[  346.076377][   T24] audit: type=1400 audit(2000000121.640:2459): avc:  denied  { map } for  pid=5390 comm="syz.3.1850" path="socket:[36056]" dev="sockfs" ino=36056 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  346.305459][   T24] audit: type=1400 audit(2000000121.860:2460): avc:  denied  { bind } for  pid=5399 comm="syz.2.1853" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  346.374665][   T24] audit: type=1326 audit(2000000121.930:2461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5401 comm="syz.7.1854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4fadc929 code=0x7ffc0000
[  346.452656][   T24] audit: type=1326 audit(2000000121.930:2462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5401 comm="syz.7.1854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4fadc929 code=0x7ffc0000
[  346.511477][   T24] audit: type=1326 audit(2000000121.930:2463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5401 comm="syz.7.1854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7f5f4fadc929 code=0x7ffc0000
[  346.562539][   T24] audit: type=1326 audit(2000000121.930:2464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5401 comm="syz.7.1854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4fadc929 code=0x7ffc0000
[  346.640782][   T24] audit: type=1326 audit(2000000121.930:2465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5401 comm="syz.7.1854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4fadc929 code=0x7ffc0000
[  347.272713][ T5433] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1868'.
[  347.446456][   T24] audit: type=1326 audit(2000000123.010:2466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5442 comm="syz.7.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4fadc929 code=0x7ffc0000
[  347.592197][   T24] audit: type=1326 audit(2000000123.040:2467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5442 comm="syz.7.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5f4fadc929 code=0x7ffc0000
[  348.107562][   T24] audit: type=1326 audit(2000000123.040:2468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5442 comm="syz.7.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4fadc929 code=0x7ffc0000
[  349.684433][ T5476] EXT4-fs (loop7): Test dummy encryption mode enabled
[  349.691338][ T5476] EXT4-fs (loop7): Test dummy encryption mode enabled
[  349.772941][ T5476] EXT4-fs (loop7): mounted filesystem without journal. Opts: test_dummy_encryption=v1,test_dummy_encryption=v1,,errors=continue
[  349.800041][ T5476] ext4 filesystem being mounted at /12/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  351.391207][   T24] kauditd_printk_skb: 12 callbacks suppressed
[  351.391241][   T24] audit: type=1400 audit(2000000126.950:2481): avc:  denied  { rename } for  pid=5518 comm="syz.4.1898" name="file0" dev="tmpfs" ino=1197 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  352.151705][ T5516] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1901'.
[  352.438845][ T5527] serio: Serial port ptm0
[  352.550656][   T24] audit: type=1326 audit(2000000128.110:2482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5532 comm="syz.2.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f1bfc6929 code=0x7ffc0000
[  352.583997][   T24] audit: type=1326 audit(2000000128.110:2483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5532 comm="syz.2.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f1f1bfc6929 code=0x7ffc0000
[  352.614068][   T24] audit: type=1326 audit(2000000128.110:2484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5532 comm="syz.2.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f1bfc6929 code=0x7ffc0000
[  352.638230][   T24] audit: type=1326 audit(2000000128.110:2485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5532 comm="syz.2.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f1f1bfc6929 code=0x7ffc0000
[  352.663194][   T24] audit: type=1326 audit(2000000128.110:2486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5532 comm="syz.2.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f1bfc6929 code=0x7ffc0000
[  352.688661][   T24] audit: type=1326 audit(2000000128.110:2487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5532 comm="syz.2.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f1f1bfc6929 code=0x7ffc0000
[  352.713005][   T24] audit: type=1326 audit(2000000128.110:2488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5532 comm="syz.2.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[  352.744566][   T24] audit: type=1326 audit(2000000128.110:2489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5532 comm="syz.2.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f1bfc6929 code=0x7ffc0000
[  352.769671][   T24] audit: type=1326 audit(2000000128.140:2490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5532 comm="syz.2.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f1bfc6929 code=0x7ffc0000
[  352.855728][ T5542] device syzkaller0 entered promiscuous mode
[  353.071819][ T5553] EXT4-fs (loop7): Test dummy encryption mode enabled
[  353.092291][ T5553] EXT4-fs (loop7): Test dummy encryption mode enabled
[  353.109278][ T5553] EXT4-fs (loop7): mounted filesystem without journal. Opts: test_dummy_encryption=v1,test_dummy_encryption=v1,,errors=continue
[  353.126575][ T5553] ext4 filesystem being mounted at /16/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  354.258104][ T5573] hub 8-0:1.0: USB hub found
[  354.264413][ T5573] hub 8-0:1.0: 1 port detected
[  355.010771][ T5571] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  355.067887][ T5571] EXT4-fs (loop4): 1 truncate cleaned up
[  355.073876][ T5571] EXT4-fs (loop4): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000002e,min_batch_time=0x0000000000000fff,inode_readahead_blks=0x0000000000000080,stripe=0x0000000000004000,errors=remount-ro,minixdf,
[  355.330333][ T5590] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[  355.339712][   T15] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  355.354614][ T5590] ext4 filesystem being mounted at /19/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  355.599419][  T657] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  355.614464][   T15] usb 4-1: Using ep0 maxpacket: 16
[  355.627630][ T5599] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  355.734410][   T15] usb 4-1: config 0 has no interfaces?
[  355.740165][   T15] usb 4-1: New USB device found, idVendor=046d, idProduct=c08a, bcdDevice= 0.00
[  355.751174][   T15] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  355.769272][   T15] usb 4-1: config 0 descriptor??
[  355.984316][  T657] usb 3-1: config 0 has an invalid interface number: 47 but max is 0
[  355.992654][  T657] usb 3-1: config 0 has no interface number 0
[  355.999244][  T657] usb 3-1: config 0 interface 47 has no altsetting 0
[  356.006366][  T657] usb 3-1: New USB device found, idVendor=7d15, idProduct=31b2, bcdDevice=57.4b
[  356.015773][  T657] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  356.022537][   T15] usb 4-1: USB disconnect, device number 6
[  356.051763][  T657] usb 3-1: config 0 descriptor??
[  356.095811][  T657] usb-storage 3-1:0.47: USB Mass Storage device detected
[  356.418504][  T452] usb 3-1: USB disconnect, device number 7
[  356.460744][   T24] kauditd_printk_skb: 112 callbacks suppressed
[  356.460778][   T24] audit: type=1400 audit(2000000132.020:2603): avc:  denied  { read } for  pid=5623 comm="syz.4.1939" name="binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  356.491585][   T24] audit: type=1400 audit(2000000132.020:2604): avc:  denied  { open } for  pid=5623 comm="syz.4.1939" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  356.516531][   T24] audit: type=1400 audit(2000000132.040:2605): avc:  denied  { ioctl } for  pid=5623 comm="syz.4.1939" path="/dev/binderfs/binder0" dev="binder" ino=10 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  356.576264][   T24] audit: type=1400 audit(2000000132.140:2606): avc:  denied  { set_context_mgr } for  pid=5623 comm="syz.4.1939" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  356.634438][  T451] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  356.699122][   T24] audit: type=1326 audit(2000000132.260:2607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5634 comm="syz.3.1944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e57ab929 code=0x7ffc0000
[  356.758318][   T24] audit: type=1326 audit(2000000132.290:2608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5634 comm="syz.3.1944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7ff4e57ab929 code=0x7ffc0000
[  356.784740][   T24] audit: type=1326 audit(2000000132.290:2609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5634 comm="syz.3.1944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e57ab929 code=0x7ffc0000
[  356.832707][   T24] audit: type=1326 audit(2000000132.290:2610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5634 comm="syz.3.1944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7ff4e57ab929 code=0x7ffc0000
[  356.864964][   T24] audit: type=1326 audit(2000000132.290:2611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5634 comm="syz.3.1944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e57ab929 code=0x7ffc0000
[  356.890371][   T24] audit: type=1326 audit(2000000132.290:2612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5634 comm="syz.3.1944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff4e57ab929 code=0x7ffc0000
[  356.929075][  T451] usb 2-1: Using ep0 maxpacket: 16
[  357.064420][  T451] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  357.254373][  T451] usb 2-1: New USB device found, idVendor=0b57, idProduct=2bbd, bcdDevice=e7.cc
[  357.273803][  T451] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  357.283911][  T451] usb 2-1: Product: syz
[  357.288793][  T451] usb 2-1: Manufacturer: syz
[  357.317414][  T451] usb 2-1: SerialNumber: syz
[  357.324840][  T451] usb 2-1: config 0 descriptor??
[  357.366954][  T451] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  357.577599][ T5673] netlink: 64 bytes leftover after parsing attributes in process `syz.7.1962'.
[  357.790727][  T657] usb 2-1: USB disconnect, device number 4
[  359.574377][ T5681] device veth1_macvtap left promiscuous mode
[  359.584669][ T5681] device macsec0 entered promiscuous mode
[  359.660045][ T5689] bridge: RTM_NEWNEIGH with invalid ether address
[  360.887283][   T15] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  361.134215][   T15] usb 4-1: Using ep0 maxpacket: 16
[  361.264369][   T15] usb 4-1: config 0 has an invalid interface number: 180 but max is 0
[  361.277821][   T15] usb 4-1: config 0 has no interface number 0
[  361.291981][   T15] usb 4-1: config 0 interface 180 has no altsetting 0
[  361.347981][ T5723] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  361.464365][   T15] usb 4-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=e8.1f
[  361.476263][   T24] kauditd_printk_skb: 28 callbacks suppressed
[  361.476297][   T24] audit: type=1326 audit(2000000137.040:2641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5729 comm="syz.2.1985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f1bfc6929 code=0x7ffc0000
[  361.484305][   T15] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  361.536218][   T24] audit: type=1326 audit(2000000137.080:2642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5729 comm="syz.2.1985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f1f1bfc6929 code=0x7ffc0000
[  361.549007][   T15] usb 4-1: Product: syz
[  361.574366][   T15] usb 4-1: Manufacturer: syz
[  361.579197][   T15] usb 4-1: SerialNumber: syz
[  361.594154][   T24] audit: type=1326 audit(2000000137.080:2643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5729 comm="syz.2.1985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f1f1bfc6963 code=0x7ffc0000
[  361.599068][   T15] usb 4-1: config 0 descriptor??
[  361.644724][ T5735] syz.1.1987[5735] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  361.644845][ T5735] syz.1.1987[5735] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  361.654153][   T24] audit: type=1400 audit(2000000137.100:2644): avc:  denied  { unmount } for  pid=279 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  361.728395][   T24] audit: type=1400 audit(2000000137.190:2645): avc:  denied  { ioctl } for  pid=5733 comm="syz.7.1988" path="socket:[35638]" dev="sockfs" ino=35638 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  361.788033][   T24] audit: type=1326 audit(2000000137.260:2646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5736 comm="syz.7.1989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4fadc929 code=0x7ffc0000
[  361.883856][   T24] audit: type=1326 audit(2000000137.260:2647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5736 comm="syz.7.1989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4fadc929 code=0x7ffc0000
[  361.933854][   T24] audit: type=1326 audit(2000000137.260:2648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5736 comm="syz.7.1989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5f4fadc929 code=0x7ffc0000
[  361.993307][   T24] audit: type=1326 audit(2000000137.260:2649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5736 comm="syz.7.1989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4fadc929 code=0x7ffc0000
[  362.034619][   T24] audit: type=1326 audit(2000000137.270:2650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5736 comm="syz.7.1989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4fadc929 code=0x7ffc0000
[  362.397336][   T15] usb 4-1: USB disconnect, device number 7
[  364.554420][  T813] usb 4-1: new low-speed USB device number 8 using dummy_hcd
[  364.860689][ T5781] EXT4-fs error (device loop7): ext4_xattr_inode_iget:404: comm syz.7.2005: inode #1: comm syz.7.2005: iget: illegal inode #
[  364.894878][ T5781] EXT4-fs error (device loop7): ext4_xattr_inode_iget:409: comm syz.7.2005: error while reading EA inode 1 err=-117
[  364.918757][ T5781] EXT4-fs error (device loop7): ext4_xattr_inode_iget:404: comm syz.7.2005: inode #1: comm syz.7.2005: iget: illegal inode #
[  364.932916][  T813] usb 4-1: config 0 has no interfaces?
[  364.938597][  T813] usb 4-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[  364.958244][  T813] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  364.968665][ T5781] EXT4-fs error (device loop7): ext4_xattr_inode_iget:409: comm syz.7.2005: error while reading EA inode 1 err=-117
[  364.994663][ T5781] EXT4-fs (loop7): 1 orphan inode deleted
[  365.000501][ T5781] EXT4-fs (loop7): mounted filesystem without journal. Opts: grpjquota=,stripe=0x0000000000000003,norecovery,noinit_itable,init_itable=0x0000000000000001,minixdf,usrjquota=,debug_want_extra_isize=0x000000000000005c,errors=continue,dioread_lock,noblock_validity,noquota,,errors=continue
[  365.105100][  T813] usb 4-1: config 0 descriptor??
[  365.347416][ T5766] udc-core: couldn't find an available UDC or it's busy
[  365.379627][ T5766] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  365.397400][   T15] usb 4-1: USB disconnect, device number 8
[  366.040924][    T9] Bluetooth: hci0: Frame reassembly failed (-84)
[  366.447788][ T5816] FAT-fs (loop7): bogus logical sector size 0
[  366.517009][ T5816] FAT-fs (loop7): Can't find a valid FAT filesystem
[  366.680112][ T5821] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[  367.278978][   T24] kauditd_printk_skb: 43 callbacks suppressed
[  367.279014][   T24] audit: type=1326 audit(2000000142.840:2694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5829 comm="syz.1.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61987a4929 code=0x7ffc0000
[  367.327599][  T813] kernel write not supported for file bpf-prog (pid: 813 comm: kworker/1:8)
[  367.347536][   T24] audit: type=1326 audit(2000000142.840:2695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5829 comm="syz.1.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61987a4929 code=0x7ffc0000
[  367.403174][   T24] audit: type=1326 audit(2000000142.840:2696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5829 comm="syz.1.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f61987a4929 code=0x7ffc0000
[  367.488757][   T24] audit: type=1326 audit(2000000142.840:2697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5829 comm="syz.1.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61987a4929 code=0x7ffc0000
[  367.556369][   T24] audit: type=1326 audit(2000000142.840:2698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5829 comm="syz.1.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61987a4929 code=0x7ffc0000
[  367.636250][   T24] audit: type=1326 audit(2000000142.840:2699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5829 comm="syz.1.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f61987a4929 code=0x7ffc0000
[  367.680778][   T24] audit: type=1400 audit(2000000142.890:2700): avc:  denied  { mounton } for  pid=5837 comm="syz.3.2028" path=2F38312FE91F7189591E9233614B dev="tmpfs" ino=432 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[  367.740553][   T24] audit: type=1326 audit(2000000142.940:2701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5829 comm="syz.1.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61987a4929 code=0x7ffc0000
[  367.884515][   T24] audit: type=1326 audit(2000000142.940:2702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5829 comm="syz.1.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61987a4929 code=0x7ffc0000
[  367.953465][   T24] audit: type=1400 audit(2000000142.960:2703): avc:  denied  { execute } for  pid=5840 comm="syz.3.2029" name="file0" dev="tmpfs" ino=438 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  368.344248][  T813] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  368.814384][  T813] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  369.045180][  T813] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  369.072058][  T813] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  369.117476][  T813] usb 4-1: Product: syz
[  369.140733][  T813] usb 4-1: Manufacturer: syz
[  369.168513][  T813] usb 4-1: SerialNumber: syz
[  369.620393][  T813] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 9 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  369.820269][  T452] usb 4-1: USB disconnect, device number 9
[  370.020225][ T5863] usblp0: removed
[  370.031356][ T5922] xt_bpf: check failed: parse error
[  370.058084][ T5924] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2069'.
[  370.146962][  T959] device bridge_slave_1 left promiscuous mode
[  370.161645][  T959] bridge0: port 2(bridge_slave_1) entered disabled state
[  370.180751][  T959] device bridge_slave_0 left promiscuous mode
[  370.188382][  T959] bridge0: port 1(bridge_slave_0) entered disabled state
[  370.201925][  T959] device veth1_macvtap left promiscuous mode
[  370.224853][  T959] device veth0_vlan left promiscuous mode
[  370.595304][ T5917] bridge0: port 1(bridge_slave_0) entered blocking state
[  370.602484][ T5917] bridge0: port 1(bridge_slave_0) entered disabled state
[  370.616822][ T5947] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5947 comm=syz.3.2077
[  370.631019][ T5917] device bridge_slave_0 entered promiscuous mode
[  370.640312][ T5917] bridge0: port 2(bridge_slave_1) entered blocking state
[  370.660231][ T5917] bridge0: port 2(bridge_slave_1) entered disabled state
[  370.671272][ T5917] device bridge_slave_1 entered promiscuous mode
[  370.938677][  T959] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  370.959128][  T959] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  371.003382][  T959] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  371.014331][  T959] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  371.022893][  T959] bridge0: port 1(bridge_slave_0) entered blocking state
[  371.030018][  T959] bridge0: port 1(bridge_slave_0) entered forwarding state
[  371.039965][  T959] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  371.049210][  T959] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  371.058398][  T959] bridge0: port 2(bridge_slave_1) entered blocking state
[  371.065531][  T959] bridge0: port 2(bridge_slave_1) entered forwarding state
[  371.084199][  T959] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  371.100074][  T959] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  371.110036][  T959] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  371.120466][  T959] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  371.150502][ T5962] netlink: 96 bytes leftover after parsing attributes in process `syz.7.2083'.
[  371.193095][  T959] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  371.220672][ T5917] device veth0_vlan entered promiscuous mode
[  371.227851][  T959] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  371.245192][  T959] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  371.253684][  T959] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  371.264332][  T813] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  371.293375][  T959] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  371.316337][ T5917] device veth1_macvtap entered promiscuous mode
[  371.355556][  T959] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  371.375050][  T959] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  371.389917][ T5964] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2084'.
[  371.410383][  T959] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  371.420905][  T959] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  371.510875][  T813] usb 4-1: Using ep0 maxpacket: 16
[  371.634376][  T813] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  371.654288][  T813] usb 4-1: New USB device found, idVendor=056e, idProduct=00ff, bcdDevice= 0.00
[  371.671923][  T813] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  371.722230][  T813] usb 4-1: config 0 descriptor??
[  372.228412][  T813] elecom 0003:056E:00FF.000A: hidraw0: USB HID v0.09 Device [HID 056e:00ff] on usb-dummy_hcd.3-1/input0
[  372.455278][    T5] usb 4-1: USB disconnect, device number 10
[  372.855755][ T5995] bridge: RTM_NEWNEIGH with invalid ether address
[  372.962307][   T24] kauditd_printk_skb: 53 callbacks suppressed
[  372.962346][   T24] audit: type=1400 audit(2000000148.520:2757): avc:  denied  { write } for  pid=5992 comm="syz.7.2094" path="socket:[38168]" dev="sockfs" ino=38168 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  373.133171][   T24] audit: type=1400 audit(2000000148.690:2758): avc:  denied  { relabelfrom } for  pid=6003 comm="syz.7.2099" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  373.187256][   T24] audit: type=1400 audit(2000000148.720:2759): avc:  denied  { relabelto } for  pid=6003 comm="syz.7.2099" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  373.366366][   T24] audit: type=1400 audit(2000000148.930:2760): avc:  denied  { write } for  pid=6010 comm="syz.7.2102" name="event0" dev="devtmpfs" ino=255 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  373.504894][ T6014] netlink: 'syz.2.2103': attribute type 13 has an invalid length.
[  373.634973][ T6014] bridge0: port 2(bridge_slave_1) entered disabled state
[  373.642426][ T6014] bridge0: port 1(bridge_slave_0) entered disabled state
[  373.783570][ T6015] netlink: 52 bytes leftover after parsing attributes in process `syz.2.2103'.
[  375.268392][   T24] audit: type=1400 audit(2000000150.830:2761): avc:  denied  { name_bind } for  pid=6033 comm="syz.2.2109" src=766 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hi_reserved_port_t tclass=udp_socket permissive=1
[  375.334272][   T24] audit: type=1400 audit(2000000150.880:2762): avc:  denied  { bind } for  pid=6035 comm="syz.2.2110" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  375.465969][   T24] audit: type=1400 audit(2000000151.030:2763): avc:  denied  { setopt } for  pid=6042 comm="syz.2.2113" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  375.524412][   T24] audit: type=1400 audit(2000000151.090:2764): avc:  denied  { write } for  pid=6042 comm="syz.2.2113" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  376.260984][   T24] audit: type=1400 audit(2000000151.800:2765): avc:  denied  { create } for  pid=6054 comm="syz.7.2118" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  376.275809][ T6058] hub 8-0:1.0: USB hub found
[  376.303433][ T6058] hub 8-0:1.0: 1 port detected
[  376.309995][   T24] audit: type=1400 audit(2000000151.810:2766): avc:  denied  { write } for  pid=6054 comm="syz.7.2118" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  377.715066][ T6086] tipc: Started in network mode
[  377.723259][ T6086] tipc: Own node identity ac14140f, cluster identity 4711
[  377.743529][ T6086] tipc: New replicast peer: 255.255.0.10
[  377.761615][ T6086] tipc: Enabled bearer <udp:ree>, priority 10
[  377.966548][   T24] kauditd_printk_skb: 10 callbacks suppressed
[  377.966599][   T24] audit: type=1400 audit(2000000153.530:2777): avc:  denied  { getopt } for  pid=6090 comm="syz.2.2134" lport=141 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  378.075848][   T24] audit: type=1400 audit(2000000153.630:2778): avc:  denied  { create } for  pid=6094 comm="syz.2.2136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  378.173861][   T24] audit: type=1400 audit(2000000153.630:2779): avc:  denied  { setopt } for  pid=6094 comm="syz.2.2136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  378.270394][   T24] audit: type=1400 audit(2000000153.630:2780): avc:  denied  { bind } for  pid=6094 comm="syz.2.2136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  378.381143][   T24] audit: type=1326 audit(2000000153.780:2781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6098 comm="syz.2.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f1bfc6929 code=0x7ffc0000
[  378.495662][ T6106] syz.6.2140[6106] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  378.497770][ T6106] syz.6.2140[6106] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  378.554433][ T6108] syz.6.2140[6108] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  378.568817][   T24] audit: type=1326 audit(2000000153.780:2782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6098 comm="syz.2.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f1f1bfc6929 code=0x7ffc0000
[  378.614442][ T6109] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6109 comm=syz.6.2140
[  378.675856][ T6108] syz.6.2140[6108] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  378.804224][   T24] audit: type=1326 audit(2000000153.780:2783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6098 comm="syz.2.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f1f1bfc6963 code=0x7ffc0000
[  378.814260][  T452] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  378.864232][   T24] audit: type=1326 audit(2000000153.810:2784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6098 comm="syz.2.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f1f1bfc53df code=0x7ffc0000
[  378.984280][  T305] tipc: 32-bit node address hash set to f1414ac
[  378.990877][   T24] audit: type=1326 audit(2000000153.830:2785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6098 comm="syz.2.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f1f1bfc69b7 code=0x7ffc0000
[  379.054231][   T24] audit: type=1326 audit(2000000153.850:2786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6098 comm="syz.2.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1f1bfc5290 code=0x7ffc0000
[  379.234227][  T452] usb 3-1: Using ep0 maxpacket: 8
[  379.354442][  T452] usb 3-1: config 0 has no interfaces?
[  379.360021][  T452] usb 3-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00
[  379.394956][  T452] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  379.434990][  T452] usb 3-1: config 0 descriptor??
[  379.721811][   T15] usb 3-1: USB disconnect, device number 8
[  380.389565][ T6135] device pim6reg1 entered promiscuous mode
[  380.408231][ T6137] EXT4-fs warning (device loop6): dx_probe:860: inode #2: comm syz.6.2152: dx entry: limit 1024 != root limit 124
[  380.461580][ T6137] EXT4-fs warning (device loop6): dx_probe:946: inode #2: comm syz.6.2152: Corrupt directory, running e2fsck is recommended
[  380.545350][ T6137] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -117
[  380.588611][ T6137] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2219: inode #15: comm syz.6.2152: corrupted in-inode xattr
[  380.603523][    T5] kernel read not supported for file [userfaultfd] (pid: 5 comm: kworker/0:0)
[  380.644239][  T813] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  380.652362][ T6137] EXT4-fs (loop6): Remounting filesystem read-only
[  380.675115][ T6137] EXT4-fs error (device loop6): ext4_orphan_get:1400: comm syz.6.2152: couldn't read orphan inode 15 (err -117)
[  380.708846][ T6137] EXT4-fs (loop6): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,data_err=abort,init_itable,auto_da_alloc,grpjquota=.nouid32,errors=remount-ro,jqfmt=vfsv1,grpid,,
[  380.787143][ T6137] EXT4-fs warning (device loop6): dx_probe:860: inode #2: comm syz.6.2152: dx entry: limit 1024 != root limit 124
[  380.809498][ T6137] EXT4-fs warning (device loop6): dx_probe:946: inode #2: comm syz.6.2152: Corrupt directory, running e2fsck is recommended
[  380.846479][ T6137] EXT4-fs warning (device loop6): dx_probe:860: inode #2: comm syz.6.2152: dx entry: limit 1024 != root limit 124
[  380.876738][ T6137] EXT4-fs warning (device loop6): dx_probe:946: inode #2: comm syz.6.2152: Corrupt directory, running e2fsck is recommended
[  380.894198][  T813] usb 8-1: Using ep0 maxpacket: 32
[  380.929849][ T6148] EXT4-fs warning (device loop6): dx_probe:860: inode #2: comm syz.6.2152: dx entry: limit 1024 != root limit 124
[  380.954290][ T6148] EXT4-fs warning (device loop6): dx_probe:946: inode #2: comm syz.6.2152: Corrupt directory, running e2fsck is recommended
[  380.995182][ T6137] EXT4-fs warning (device loop6): dx_probe:860: inode #2: comm syz.6.2152: dx entry: limit 1024 != root limit 124
[  381.030168][ T6137] EXT4-fs warning (device loop6): dx_probe:946: inode #2: comm syz.6.2152: Corrupt directory, running e2fsck is recommended
[  381.054318][  T813] usb 8-1: unable to get BOS descriptor or descriptor too short
[  381.072511][ T6149] EXT4-fs warning (device loop6): dx_probe:860: inode #2: comm syz.6.2152: dx entry: limit 1024 != root limit 124
[  381.088663][ T6148] EXT4-fs warning (device loop6): dx_probe:860: inode #2: comm syz.6.2152: dx entry: limit 1024 != root limit 124
[  381.111101][ T6149] EXT4-fs error (device loop6): ext4_readdir:263: inode #2: block 3: comm syz.6.2152: path /17/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[  381.164326][  T813] usb 8-1: config 128 has an invalid interface number: 127 but max is 3
[  381.183262][ T6149] EXT4-fs (loop6): Remounting filesystem read-only
[  381.189955][  T813] usb 8-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config
[  381.217947][  T813] usb 8-1: config 128 has 1 interface, different from the descriptor's value: 4
[  381.247446][  T813] usb 8-1: config 128 has no interface number 0
[  381.253811][  T813] usb 8-1: config 128 interface 127 altsetting 14 has an invalid endpoint with address 0x0, skipping
[  381.295281][  T813] usb 8-1: config 128 interface 127 has no altsetting 0
[  381.534633][  T813] usb 8-1: string descriptor 0 read error: -22
[  381.541742][  T813] usb 8-1: New USB device found, idVendor=0582, idProduct=295c, bcdDevice=d4.55
[  381.614209][  T813] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  381.654612][ T6160] device pim6reg1 entered promiscuous mode
[  381.840264][ T5168] ------------[ cut here ]------------
[  381.846462][ T5168] WARNING: CPU: 0 PID: 5168 at fs/inode.c:304 drop_nlink+0xc5/0x110
[  381.855806][ T5168] Modules linked in:
[  381.859903][ T5168] CPU: 0 PID: 5168 Comm: syz-executor Not tainted 5.10.238-syzkaller-00282-gd76d4cd0623a #0
[  381.870155][ T5168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  381.880447][ T5168] RIP: 0010:drop_nlink+0xc5/0x110
[  381.904231][ T5168] Code: 1b 48 8d bb b8 04 00 00 be 08 00 00 00 e8 a3 23 f2 ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 2b 31 b8 ff <0f> 0b eb 86 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 5e ff ff ff 4c
[  381.935070][ T5168] RSP: 0018:ffffc90000bd7b68 EFLAGS: 00010293
[  381.942307][   T15] usb 8-1: USB disconnect, device number 2
[  381.950157][ T5168] RAX: ffffffff81ab62e5 RBX: ffff8881137187a0 RCX: ffff888127ece2c0
[  381.959753][ T5168] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  381.969646][ T5168] RBP: ffffc90000bd7b90 R08: 0000000000000004 R09: 0000000000000003
[  381.978308][ T5168] R10: fffff5200017af5c R11: 1ffff9200017af5c R12: dffffc0000000000
[  381.986952][ T5168] R13: 1ffff110226e30fd R14: ffff8881137187e8 R15: 0000000000000000
[  381.995670][ T5168] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  382.007835][ T5168] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  382.014595][ T5168] CR2: 0000001b2f61eff8 CR3: 0000000111d1d000 CR4: 00000000003506b0
[  382.024837][ T5168] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  382.033221][ T5168] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  382.041659][ T5168] Call Trace:
[  382.045651][ T5168]  shmem_rmdir+0x5b/0x90
[  382.050050][ T5168]  vfs_rmdir+0x1b3/0x3e0
[  382.054593][ T5168]  incfs_kill_sb+0xfe/0x210
[  382.061768][ T5168]  deactivate_locked_super+0xa0/0x100
[  382.067317][ T5168]  deactivate_super+0xaf/0xe0
[  382.074353][ T5168]  cleanup_mnt+0x446/0x500
[  382.078961][ T5168]  __cleanup_mnt+0x19/0x20
[  382.083477][ T5168]  task_work_run+0x127/0x190
[  382.088274][ T5168]  do_exit+0xa27/0x2470
[  382.092625][ T5168]  ? put_task_struct+0x90/0x90
[  382.098165][ T5168]  ? __fdget_pos+0x1f7/0x380
[  382.103847][ T5168]  ? ksys_write+0x1da/0x240
[  382.108720][ T5168]  ? __ia32_sys_read+0x90/0x90
[  382.113641][ T5168]  do_group_exit+0x141/0x310
[  382.118408][ T5168]  __x64_sys_exit_group+0x3f/0x40
[  382.123613][ T5168]  do_syscall_64+0x31/0x40
[  382.128238][ T5168]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  382.134314][ T5168] RIP: 0033:0x7f1f1bfc6929
[  382.138951][ T5168] Code: Unable to access opcode bytes at RIP 0x7f1f1bfc68ff.
[  382.146586][ T5168] RSP: 002b:00007ffc1d304bd8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  382.155652][ T5168] RAX: ffffffffffffffda RBX: 00007f1f1c048997 RCX: 00007f1f1bfc6929
[  382.163878][ T5168] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  382.172136][ T5168] RBP: 0000000000000016 R08: 00007ffc1d302976 R09: 00007ffc1d305e90
[  382.180314][ T5168] R10: 000000000000000a R11: 0000000000000246 R12: 00007ffc1d305e90
[  382.188672][ T5168] R13: 00007f1f1c048925 R14: 000055556216b4a8 R15: 00007ffc1d308050
[  382.197095][ T5168] ---[ end trace 01ad8e93c19d880f ]---
[  382.202865][ T5168] ==================================================================
[  382.211002][ T5168] BUG: KASAN: null-ptr-deref in ihold+0x20/0x60
[  382.217295][ T5168] Write of size 4 at addr 0000000000000170 by task syz-executor/5168
[  382.225383][ T5168] 
[  382.227774][ T5168] CPU: 0 PID: 5168 Comm: syz-executor Tainted: G        W         5.10.238-syzkaller-00282-gd76d4cd0623a #0
[  382.239693][ T5168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  382.249799][ T5168] Call Trace:
[  382.253250][ T5168]  __dump_stack+0x21/0x24
[  382.257761][ T5168]  dump_stack_lvl+0x169/0x1d8
[  382.262493][ T5168]  ? thaw_kernel_threads+0x220/0x220
[  382.267840][ T5168]  ? show_regs_print_info+0x18/0x18
[  382.273094][ T5168]  ? _raw_spin_lock+0x8e/0xe0
[  382.277846][ T5168]  ? _raw_spin_trylock_bh+0x130/0x130
[  382.283730][ T5168]  ? ihold+0x20/0x60
[  382.287685][ T5168]  kasan_report+0xd8/0x130
[  382.292162][ T5168]  ? ihold+0x20/0x60
[  382.296110][ T5168]  kasan_check_range+0x280/0x290
[  382.301115][ T5168]  __kasan_check_write+0x14/0x20
[  382.306100][ T5168]  ihold+0x20/0x60
[  382.309877][ T5168]  vfs_rmdir+0x247/0x3e0
[  382.314184][ T5168]  incfs_kill_sb+0xfe/0x210
[  382.318750][ T5168]  deactivate_locked_super+0xa0/0x100
[  382.324168][ T5168]  deactivate_super+0xaf/0xe0
[  382.328900][ T5168]  cleanup_mnt+0x446/0x500
[  382.333370][ T5168]  __cleanup_mnt+0x19/0x20
[  382.337832][ T5168]  task_work_run+0x127/0x190
[  382.342471][ T5168]  do_exit+0xa27/0x2470
[  382.346695][ T5168]  ? put_task_struct+0x90/0x90
[  382.351507][ T5168]  ? __fdget_pos+0x1f7/0x380
[  382.356350][ T5168]  ? ksys_write+0x1da/0x240
[  382.361015][ T5168]  ? __ia32_sys_read+0x90/0x90
[  382.365838][ T5168]  do_group_exit+0x141/0x310
[  382.370486][ T5168]  __x64_sys_exit_group+0x3f/0x40
[  382.375569][ T5168]  do_syscall_64+0x31/0x40
[  382.380137][ T5168]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  382.386083][ T5168] RIP: 0033:0x7f1f1bfc6929
[  382.390539][ T5168] Code: Unable to access opcode bytes at RIP 0x7f1f1bfc68ff.
[  382.397944][ T5168] RSP: 002b:00007ffc1d304bd8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  382.406420][ T5168] RAX: ffffffffffffffda RBX: 00007f1f1c048997 RCX: 00007f1f1bfc6929
[  382.414446][ T5168] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  382.422479][ T5168] RBP: 0000000000000016 R08: 00007ffc1d302976 R09: 00007ffc1d305e90
[  382.430590][ T5168] R10: 000000000000000a R11: 0000000000000246 R12: 00007ffc1d305e90
[  382.438629][ T5168] R13: 00007f1f1c048925 R14: 000055556216b4a8 R15: 00007ffc1d308050
[  382.446764][ T5168] ==================================================================
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  382.454975][ T5168] Disabling lock debugging due to kernel taint
[  382.577283][ T5168] BUG: kernel NULL pointer dereference, address: 0000000000000170
[  382.585280][ T5168] #PF: supervisor write access in kernel mode
[  382.591387][ T5168] #PF: error_code(0x0002) - not-present page
[  382.597431][ T5168] PGD 11f54c067 P4D 11f54c067 PUD 0 
[  382.602809][ T5168] Oops: 0002 [#1] PREEMPT SMP KASAN
[  382.608100][ T5168] CPU: 0 PID: 5168 Comm: syz-executor Tainted: G    B   W         5.10.238-syzkaller-00282-gd76d4cd0623a #0
[  382.619918][ T5168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  382.631117][ T5168] RIP: 0010:ihold+0x26/0x60
[  382.635847][ T5168] Code: 00 00 00 00 55 48 89 e5 41 56 53 48 89 fb e8 41 29 b8 ff 48 8d bb 70 01 00 00 be 04 00 00 00 e8 90 1b f2 ff 41 be 01 00 00 00 <f0> 44 0f c1 b3 70 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 c1
[  382.657383][ T5168] RSP: 0018:ffffc90000bd7ba8 EFLAGS: 00010246
[  382.663859][ T5168] RAX: ffff888127ece200 RBX: 0000000000000000 RCX: 0000000000000282
[  382.672096][ T5168] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000ffffffff
[  382.680325][ T5168] RBP: ffffc90000bd7bb8 R08: 0000000000000004 R09: 0000000000000003
[  382.688826][ T5168] R10: fffffbfff0d8e448 R11: 1ffffffff0d8e448 R12: 1ffff11021ff30f4
[  382.696848][ T5168] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000
[  382.704873][ T5168] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  382.714140][ T5168] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  382.720775][ T5168] CR2: 0000000000000170 CR3: 0000000120eeb000 CR4: 00000000003506b0
[  382.728794][ T5168] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  382.736827][ T5168] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  382.744836][ T5168] Call Trace:
[  382.748180][ T5168]  vfs_rmdir+0x247/0x3e0
[  382.752574][ T5168]  incfs_kill_sb+0xfe/0x210
[  382.757138][ T5168]  deactivate_locked_super+0xa0/0x100
[  382.762671][ T5168]  deactivate_super+0xaf/0xe0
[  382.767405][ T5168]  cleanup_mnt+0x446/0x500
[  382.771889][ T5168]  __cleanup_mnt+0x19/0x20
[  382.776374][ T5168]  task_work_run+0x127/0x190
[  382.781030][ T5168]  do_exit+0xa27/0x2470
[  382.785249][ T5168]  ? put_task_struct+0x90/0x90
[  382.790066][ T5168]  ? __fdget_pos+0x1f7/0x380
[  382.794709][ T5168]  ? ksys_write+0x1da/0x240
[  382.799359][ T5168]  ? __ia32_sys_read+0x90/0x90
[  382.804184][ T5168]  do_group_exit+0x141/0x310
[  382.808850][ T5168]  __x64_sys_exit_group+0x3f/0x40
[  382.813938][ T5168]  do_syscall_64+0x31/0x40
[  382.818434][ T5168]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  382.824365][ T5168] RIP: 0033:0x7f1f1bfc6929
[  382.829356][ T5168] Code: Unable to access opcode bytes at RIP 0x7f1f1bfc68ff.
[  382.836763][ T5168] RSP: 002b:00007ffc1d304bd8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  382.845242][ T5168] RAX: ffffffffffffffda RBX: 00007f1f1c048997 RCX: 00007f1f1bfc6929
[  382.853348][ T5168] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  382.861360][ T5168] RBP: 0000000000000016 R08: 00007ffc1d302976 R09: 00007ffc1d305e90
[  382.869377][ T5168] R10: 000000000000000a R11: 0000000000000246 R12: 00007ffc1d305e90
[  382.877502][ T5168] R13: 00007f1f1c048925 R14: 000055556216b4a8 R15: 00007ffc1d308050
[  382.885611][ T5168] Modules linked in:
[  382.889565][ T5168] CR2: 0000000000000170
[  382.893779][ T5168] ---[ end trace 01ad8e93c19d8810 ]---
[  382.899286][ T5168] RIP: 0010:ihold+0x26/0x60
[  382.903828][ T5168] Code: 00 00 00 00 55 48 89 e5 41 56 53 48 89 fb e8 41 29 b8 ff 48 8d bb 70 01 00 00 be 04 00 00 00 e8 90 1b f2 ff 41 be 01 00 00 00 <f0> 44 0f c1 b3 70 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 c1
[  382.923484][ T5168] RSP: 0018:ffffc90000bd7ba8 EFLAGS: 00010246
[  382.929599][ T5168] RAX: ffff888127ece200 RBX: 0000000000000000 RCX: 0000000000000282
[  382.937613][ T5168] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000ffffffff
[  382.945774][ T5168] RBP: ffffc90000bd7bb8 R08: 0000000000000004 R09: 0000000000000003
[  382.953806][ T5168] R10: fffffbfff0d8e448 R11: 1ffffffff0d8e448 R12: 1ffff11021ff30f4
[  382.961827][ T5168] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000
[  382.969862][ T5168] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  382.978866][ T5168] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  382.985495][ T5168] CR2: 0000000000000170 CR3: 0000000120eeb000 CR4: 00000000003506b0
[  382.993523][ T5168] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  383.001541][ T5168] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  383.009555][ T5168] Kernel panic - not syncing: Fatal exception
[  383.015851][ T5168] Kernel Offset: disabled
[  383.020219][ T5168] Rebooting in 86400 seconds..