last executing test programs:

25.538666885s ago: executing program 2 (id=1276):
creat(&(0x7f0000000000)='./file1\x00', 0xa6)
renameat2(0xffffffffffffff9c, &(0x7f00000007c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file3\x00', 0x4)
openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x42, 0xce)
r0 = inotify_init1(0x80800)
inotify_add_watch(r0, &(0x7f0000000700)='./file1\x00', 0x2000775)

25.523328835s ago: executing program 2 (id=1277):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r0 = getpgrp(0x0)
r1 = syz_pidfd_open(r0, 0x0)
pidfd_send_signal(r1, 0x19, &(0x7f0000001fc0)={0x19, 0x546d0581, 0xc}, 0x0)

25.510050636s ago: executing program 2 (id=1278):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)

25.267329129s ago: executing program 2 (id=1279):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x1000800, &(0x7f00000002c0)={[{@discard}, {@umask={'umask', 0x3d, 0x5}}, {@umask={'umask', 0x3d, 0x9}}, {@umask={'umask', 0x3d, 0xe}}, {@iocharset={'iocharset', 0x3d, 'maccenteuro'}}, {@discard}, {@iocharset={'iocharset', 0x3d, 'macturkish'}}, {@errors_remount}, {@errors_continue}, {@errors_continue}]}, 0x1, 0x1524, &(0x7f0000002280)="$eJzs3AuYTlXbOPD7XmvtMSbpaZLDsNa6N09yWCZJckiSQ5IkSZJTQtIkryQkhpyShiQkhyE5DCE5TEwa5/P5kJAkTZKE5JSs/yX8vb31fu/7fm/f67u+uX/XtS/rfva+1773cz+HvbeZ+a7zkBqNalZtQETwb8GL/yQDQCwADACA6wAgAICy8WXjL6zPKTH539sJ+3M9kna1K2BXE/c/e+P+Z2/c/+yN+5+9cf+zN+5/9sb9z964/4xlZ5umFbiel+y78P3/7Iy///8PySo15qs1pW7sAhDzz6Zw/7M37v//WcE/sxH3P3vj/mdXsVe7APa/AL//s4Mcf3cN9z974/4zlp1d7fvPV3uBSPZ+Dq72648xxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWPZw2l+hAODy+GrXxRhjjDHGGGOMsT+Pz3G1K2CMMcYYY4wxxtj/PAQBEhQEEAM5IBZyQhwIALgWcsN1EIHrIR5ugDxwI+SFfJAfCkACFIRCoMGABYIQCkMRiMJNUBRuhmJQHEpASXBQChLhFigNt0IZuA3Kwu1QDu6A8lABKkIluBMqw11QBe6GqnAPVIPqUANqwr1QC+6D2nA/1IEHoC48CPXgIagPD0MDeAQawqPQCB6DxvA4NIGm0AyaQ4v/Vv5L0B1ehh7QE5KhF/SGV6AP9IV+0B8GwKswEF6DQfA6pMBgGAJvwFB4E4bBWzAcRsBIeBtGwTswGsbAWBgHqTAeJsC7MBHeg0kwGabAVEiDaTAd3ocZMBNmwQcwGz6EOTAX5sF8SIePYAEshAz4GBbBJ5AJi2EJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQtshW2wHXbAp7ATPoNdsBv2wOewF774F/NP/U1+FwQEFChQocIYjMFYjMU4jMNcmAtzY26MYATjMR7zYB7Mi3kxP+bHBEzAQlgIDRokJCyMhTGKUSyKRbEYFsMSWAIdOkzERCyNt2IZLINlsSyWw3JYHitgBayElbAyVsYqWAWrYlWshtWwBtbAe/Fe7IW1sTbWwTpYF+tevj2FDbABNsSG2AgbYWNsjE2wCTbDZtgCW2BLbImtsBW2wTbYFttiO2yHSZiE7bE9dsAO2BE7YifshJ2xM3bBrtg166UcgC/jy9gTq4le2Bt7Yx9MydEP+2N/fBUH4mv4Gr6OKTgYh+Ab+Aa+icPwJA7HETgSR2Jl8Q6OxjFIYhymYipOwAk4ESfiJJyMk3EqpuE0nI7TcQbOxJn4Ac7GD/FDnItzcT6mYzouwIWYgRm4CE9hJi7GJbgUl+FyXIYrcRWuxDW4FtfgelyPG3EjbsbNuBW34nbcjp+iAsDPcDfuxhTci3txH+7D/bgfD+ABzMIsPIgH8RAewsN4GI/gETyKx/A4HsMTeAJP4ik8jafxLJ7Fc/hCwjcNPy2+OgXEBUooESNiRKyIFXEiTuQSuURukVtERETEi3iRR+QReUVekV/kFwkiQRQShYQRRpAIYwBAREVUFBVFRTFRTJQQJYQTTiSKRFFalBZlRBlRVtwuyok7RHlRQbR2lUQlUVm0cVXE3aKqqCqqieqihqgpaopaopaoLWqLOqKOqCvqinriIVFf9MJ++Ii40JlGYjA2FkOwiWgq5KVPsJZiGLYSrUUb8ZQYgcOxnWjpksSzor0YjR3EX8QYfF50EuOws3hRdBFdRTfxkuguWrkeoqeYhL1EbzEV+4i+op/oL2ZgdfEBzs5ZQ7wuUsRgMUS8Iebjm2KYeEsMFyPESPG2GCXeEaPFGDFWjBOpYryYIN4VE8V7YpKYLKaIqSJNTBPTxftihpgpZokPxGzxoZgj5op5Yr5IFx+JBWKhyBAfi0XiE5EpFoslYqlYJpaLFWKlWCVWizVirVgn1osNYqPYJDaLLWKr2Ca2ix3iU7FTfCZ2id1ij/hc7BVfiH3iS7FffCUOiK9FlvhGHBTfikPiO3FYfC+OiB/EUXFMHBc/ihPiJ3FSnBKnxRlxVvwszolfxHnhBUiUQkqpZCBjZA4ZK3PKOHmNzCWDS8/u9TJe3iDzyBtlXplP5pcFZIIsKAtJLY20kmQoC8siMipvkkXlzbKYLC5LyJLSyVIyUd4iS8tbZRl5mywrb5fl5B2yvKwgK8pK8k5ZWd4lIXJxH9VkdVlD1pT3ymS4T9aW98s68gFZVz4o68mHZH35sGwgH5EN5aOykXxMNpaPyyayqWwmm8sW8gnZUj4pW8nWso18SraVT8t28hmZJJ+V7aW/9BJ5XnaSL8jO8kXZRXaV3eQv8rz0sofsKaEXyN7yFdlH9pX9ZH85QL4qB8rX5CD5ukyRg+UQ+YYcKt+Uw+RbcrgcIUfKt+Uo+Y4cLcfIsXKcTJXj5QT5rpwo35OT5GQ5RU6VaXKa7HdppllS/sP8d/8gf9Cve98oN8nNcovcKrfJ7XKH/FTulDvlLrlL7pF75F65V+6T++R+uV8ekAdklsySB+VBeUgekoflYXlEHpFH5TF5Rv4oT8if5El5Sp6SZ+RZeVaeu/QcgEIllFRKBSpG5VCxKqeKU9eoXOpalVtdpyLqehWvblB51I0qr8qn8qsCKkEVVIWUVkZZRSpUhVURFVU34aUXjCqhSiqnSqlEdcu/kq+KqptVMVX8N/mX60v+O/W1UC1US9VStVKtVBvVRrVVbVU71U4lqSTVXrVXHVQH1VF1VJ1UJ9VZdVZdVBfVTXVT3VV31UP1UMkqWfVWr6g+qq/qp/qrAepVNVANVIPUIJWiUtQQNUQNVUPVMDVMDVfD1Ug1Uo1So9RoNVqNVWNVqkpVE9QENVFNVJPUJDVFTVFpKk1NV9PVDDVDzVKz1Gw1W81Rc9Q8NU+lq3S1QC1QGSpDLVKLVKZarBarpWqpWq6Wq5VqpVqtVqu1aq1ar9arTLVJbVJb1Ba1TW1TO9QOtVPtVLvULrVH7VF71V61T+1T+9V+dUAdUFkqSx1UB9UhdUgdVofVEXVEHVVH1XF1XJ1QJ9RJdVKdVqfVWXVWnVPn1Hl1/sJpXyACEahABTFBTBAbxAZxQVyQK8gV5A5yB5EgEsQH8UGe4MYgb5AvyB8UCBKCgkGhQAcmsIG41PRocFNQNLg5KBYUD0oEJQMXlAoSg1uC0sGtQZngtqBscHtQLrgjKB9UCCoGlYI7g8rBXUGV4O6ganBPUC2oHtQIagb3BrWC+4Lawf1BneCBoG7wYFAveCioHzwcNAgeCRoGjwaNgseCxsHjQZOgadAsaB60+FPn9/5kviddD91TJ+teurd+RffRfXU/3V8P0K/qgfo1PUi/rlP0YD1Ev6GH6jf1MP2WHq5H6JH6bT1Kv6NH6zF6rB6nU/V4PUG/qyfq9/QkPVlP0VN1mp6mp+v39Qw9U8/SH+jZ+kM9R8/V8/R8na4/0gv0Qp2hP9aL9Cc6Uy/WS/RSvUwv1yv0Sr1Kr9Zr9Fq9Tq/XG/RGvUlv1lv0Vr1Nb9c79Kd6p/5M79K79R79ud6rv9D79Jd6v/5KH9Bf6yz9jT6ov9WH9Hf6sP5eH9E/6KP6mD6uf9Qn9E/6pD6lT+sz+qz+WZ/Tv+jz2l84ub/w9W6UUSbGxJhYE2viTJzJZXKZ3Ca3iZiIiTfxJo/JY/KavCa/yW8STIIpZAqZC8iQKWwKm6iJmqKmqClmipkSpoRxxplEk2hKm9KmjCljypqyppwpZ8qb8qaiqWjuNHeau8xd5m5zt7nH3GOqm+qmpqlpaplaprapbeqYOqauqWvqmXqmvqlvGpgGpqFpaBqZRqaxaWyamCammWlmWpgWpqVpaVqZVqaNaWPamramnWlnkkySaW/amw6mg+loOppOppPpbDqbLqaL6Wa6me6mu+lhephkk2x6m96mj+lj+pl+ZoAZYAaagWaQGWRSTIoZYoaYoWaoGWaGmeFmhBl54UTVvGNGmzFmrBlnUk2qmWAmmIlmoplkJpkpZopJM2lmupluZpgZZpaZZWab2WaOmWPmmXkm3aSbBWaByTAZZpFZZDJNpllilphlZplZYVaYVWaVWWPWmHWwzmwwG8wms8lsMVvMNrPN7DA7zE6z0+wyu8wes8fsNXvNPrPP7Df7zQFzwGSZLHPQHDSHzCFz2Bw2R8wRc9QcNcfNcXPCnDAnzUlz2pw2Z02+S9+X3sTanDbOXmNz2Wttbnud/ds4vy1gE2xBW8hqm9fm+01srLXFbHFbwpa0zpayifaW38XlbQVb0Vayd9rK9i5b5XdxLXufrW3vt3XsA7amvfc3cV37oK1nH7P1EQFsU9vQNreN7GO2sX3cNrFNbTPb3La1T9t29hmbZJ+17e1zv4sX2IV2lV1t19i1dpfdbU/bM/aQ/c6etT/bHranHWBftQPta3aQfd2m2MG/i0fat+0o+44dbcfYsXbc7+IpdqpNs9PsdPu+nWFn/i5Otx/Z2TbDzrFz7Tw7/9f4Qk0Z9mO7yH5iM20AS+xSu8wutyvsyv9f61K73m6wG+1O+5ndYrfabXa73XH5RNjutnvs53av/cIetN/a/fYre8Aetln2m1/jC8d32H5vj9gf7FF7zB63P9oT9id1OfvCsf9of7HnrbdASECSFAUUQzkolnJSHF1Duehayk3XUYSup3i6gfLQjZSX8lF+KkAJVJAKkSZDlohCKkxFKEo30eXySlBJclSKEukWKk23Uhm6jcrS7VSO7qDyVIEqUiW6kyrTXVSF7qaqdA9Vo+pUg2rSvVSL7qPadD/VoQeoLj1I9eghqk8PUwN6hBrSo9SIHqPG9Dg1oabUjJpTC3qCWtKT1IpaUxt6itrS09SOnqEkepba03PUgf5CHel56kQvUGd6kbpQV+pGL1F3epl6UE9Kpl7Um16hPtSX+lF/GkCv0kB6jQbR65RCg2kIvUFD6U0aRm/RcBpBI+ltGkXv0GgaQ2NpHKXSeJpA79JEeo8m0WSaQlMpjabRdHqfZtBMmkUf0Gz6kObQXJpH8ymdPqIFtJAy6GNaRJ9QJi2mJbSUltFyWkEraRWtpjW0ltbRetpAG2kTbaYttJW20XbaQZ/STvqMdtFu2kOf0176gvbRl7SfvqID9DVl0Td0kL6lQ/QdHabvfU/6gY7SMTpOP9IJ+olO0ik6TWfoLP1M5+gXOk+eIMRQhDJUYRDGhDnC2DBnGBdeE+YKrw1zh9eFkfD6MD68IcwT3hjmDfOF+cMCYUJYMCwU6tCENqQwDAuHRcJoeFNYNLw5LBYWD0uEJUMXlgoTw1vC0uGtYZnwtrBseHtYLrwjLB9WCB97oFJ4Z1g5vCusEt4dVg3vCauF1cMaYc3w3rBWeF9YO7w/rBM+EJYJHwzrhQ+F9cOHwwbhI2HD8NGwUfhY2Dh8PGwSNg2bhc3DFuETYcvwybBV2DpsEz4Vtg2fDtuFz4RJ4bNh+/C5X9c/uPDvr08Oe4W9w1fCV0Lv75fzovOj6dGPoguiC6MZ0Y+ji6KfRDOji6NLokujy6LLoyuiK6Oroquja6Jro+ui66Mbohuj3tfMAQ6dcNIpF7gYl8PFupwuzl3jcrlrXW53nYu46128u8HlcTe6vC6fy+8KuARX0BVy2hlnHbnQFXZFXNTd5Iq6m10xV9yVcCWdc6VcomvuWrgWrqV70rVyrV0b95R7yj3tnnbPuGfcs669e851cH9xHd3zrpN7wb3gXnRdXFfXzb3kurvxuS++J5Ndb9fb9XF9XD/Xzw1wA9xAN9ANcoNciktxQ9wQN9QNdcPcMDfcDXcj3Ug3yo1yo91oN9aNdaku1U1wE9xEN9FNcpPcFDfFpbk0N91NdzPcDFd55sW9zHFz3Dw3z6W7dLfAXThnzHCL3CKX6TLdErfELXPL3Aq3wq1yq9wat8atc+vcBrfBbXKb3Ba3xW1z29wOt8PtdDvdLn/dxUndXrfP7XP73X53wH3tstw37qD71h1y37nD7nt3xP3gjrpj7rj70Z1wP7mT7pQ77c64s+5nd8794s4771Ij4yMTIu9GJkbei0yKTI5MiUyNpEWmRaZH3o/MiMyMzIp8EJkd+TAyJzI3Mi8yP5Ie+SiyILIwkhH5OLIo8kkkM7I4siSyNLIssjzifcEtoS/si/iov8kX9Tf7Yr64L+FLeudL+UR/iy/tb/Vl/G2+rL/dl/N3+PK+gq/oH/dNfFPfzDf3LfwTvqV/0rfyrX0b/5Rv65/27fwzPsk/69v753wH/xff0T/vO/kXfGf/ou/iu/pu/iXf3b/se/iePtn38r39K76P7+v7+f5+gH/VD/Sv+UH+dZ/iB/sh/g0/1L/ph/m3/HA/wo+MeduPunyJDON8qh/vJ/h3/UT/np/kJ/spfqpP89P8dP++n+Fn+ln+Az/bf+jn+Ll+np/v0/1HfoFf6DP8x36R/8Rn+sWXbyr7FX6lX+VX+zV+rV/n1/sNfqPf5Df7LX6r3+a3+x3+U7/Tf+Z3+d1+j//c7/Vf+H3+S7/ff+UP+K99lv/GH/Tf+kP+O3/Yf++P+B/8UX/MH/c/+hP+J3/Sn/Kn/Rl/1v/sz/lf/Hn+nTXGGGOMsX/K+CtD8ds1F2/n9/qDHPFXG/cGgGu3Fsj66/UXzijX5b047isS2kYA4NmenR+5vFSrlpycfGnbTAlBkbkAl/8n6IIYuBIvhjbwNCRBayj9h/X3FV3P0j+YP3o7QNxf5cTClfjK/F8CYPIfzP/EUyMXlAtPx/8X888FKFbkSk5OuBIvhja/3l9pDWX+Tv35Wv6D+nN+lQrQ6q9ycsGV+Er9ifAkPAdJv9mSMcYYY4wxxhi7qK+o2PHy9efln/j8o+vzBHUlJwdcif/R9TljjDHGGGOMMcauvue7dnvmiaSk1h3/9UGV/1bWPz1oDP9TM/PgDwfeA1x+RAHAvzkhwIWB/E8exeb/yL5SLr11/nbVsjM+gP8drfwzBlf5g4kxxhhjjDH2p7ty0v/bx9XVKogxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuG/hN/TuxqHyNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2/AAAA//9IVQM5")
mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000240)='./file0\x00')
lstat(&(0x7f0000000280)='./file0\x00', &(0x7f0000000400))

25.21952258s ago: executing program 2 (id=1281):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)

25.093395492s ago: executing program 2 (id=1285):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)

25.093326652s ago: executing program 32 (id=1285):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)

3.853007364s ago: executing program 0 (id=1954):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000100)={&(0x7f0000000240)=""/126, 0x200000, 0x0, 0x2}, 0x20)

3.825315004s ago: executing program 0 (id=1956):
syz_open_procfs(0x0, &(0x7f0000000000)='net/vlan/vlan0\x00')
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r0, 0x8982, &(0x7f0000002800)={0x1, 'vlan0\x00'})
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./bus\x00', 0x20008c0, &(0x7f0000000300)={[{@fat=@allow_utime={'allow_utime', 0x3d, 0xff}}, {@shortname_mixed}, {@iocharset={'iocharset', 0x3d, 'cp874'}}, {@shortname_lower}, {@rodir}, {@numtail}, {@shortname_win95}, {@fat=@sys_immutable}, {@numtail}, {@shortname_winnt}, {@numtail}, {@shortname_win95}, {@utf8}, {@uni_xlate}]}, 0x7e, 0x364, &(0x7f0000000400)="$eJzs3U1oHOUbAPBnO5vdtNB/cvhDUbCM3gQNbcWDnhJKCsW9qCx+HMTFpiq7UcjiYnLINl7Eo+BRT9486MFDzyIo4s2DVytIVTxoD0LB4sh+z2Z306QYa/D3OyxPnvd95n0nM+xMJtk3Ly5H/dJcXL5x43rMzxeiuHx+OW4WYjGSGLgSk0pTcgDA0XAzy+K3rGefJYVDnhIAcMi61/+XT+Yyb32xV//M1R8Ajrz+z//Hh4kp1/f5WcWvH9q0AIBDNPH8/4Gx5tL4r/qLub8KAACOqqefe/6JlUrEU2k6H7H+dqvaqsbjo/aVy/FqNGItzsRC3Iro3Sh0Xgrd1wsXK6tn0jRtx4+LUe1UtKoR6+1WtXensJJ068txNhZisV/fv9vIsiy58Gll9WzaFRFX2t3xY73Qqs7Fif74352ItTgXafx/oj7iYmX1XNrfQHV9UN+O2Bk9t+jMfykW4puX4nREXIpO7eC2prK6fTZNz2eVsfpWtdzt1zPzCQgAAAAAAAAAAAAAAAAAAAAAANyRpXRocbj+TTZav2dpaUp7d32cXn1/faCd3vpAWTmLLPv1zYer7yQxtj7Q7vV5WtViHLu7uw4AAAAAAAAAAAAAAAAAAAD/Gs3NUtQajbWN5uZWPR+0N5qbxyKik3ntq48/Px6TfW4TFPtj5JrSfmqrXsuSQecs6fc5FrnypDP4YIMfXR3OOD9EebgXU6dRnt3UaJy8/4f3R5n7ksGW/xz1SWL6Dia7ppEP1v/Xm9JBvlHD4Nxt+lzLsmxW+fYLk1VRiCge/MDtHWSd4Mvrr9zzSPPUo93MZ1nPgw8tPHPtvQ9/rtcanZGjewRLG81bWb3W/3r6yTY7SHLnTyF6QSF/JhRnlZe26rWd8aZa8u0vz9777tf7Gz3LZ96Y0ifp7c4nu5tKvaAzzV1Nx6eNNRcHPQStOzlwpz5Yrl3d/v6n/Vbl3iSmLdTx++m/8V0IAAAAAAAAAAAAAAAAAACIsY/HDzL9D/vO7VX12JOHPzMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+OeM/v9/LtiZyOwn+KMdk03ltY1mROlu7yYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP9xfwUAAP//oHptow==")
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')

3.612219567s ago: executing program 0 (id=1969):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x145f, 0x212, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0xfffe, 0x0, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x10}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='\x00\"\a\x00\x00'], 0x0}, 0x0)

3.148953033s ago: executing program 3 (id=1988):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22, 0x0, @rand_addr, 0x99f}, 0x1c)
connect$inet6(r0, &(0x7f0000000340)={0x2, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x37}}}, 0x1c)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000000000)=[{&(0x7f0000000080)="580000001500add427323b472545b45602117fffffff81000e224e217f000001925aa80020007b00090080007f001b01e809000000ff0000f03ac71006000000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)

3.095605594s ago: executing program 3 (id=1991):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x3d, &(0x7f0000000000)='cgroup\x00\x8d\f\xf3\xcd\xc6X$\x01n-Hg\x144-.\xe2\x053\xe2\xf4\xbf[\xe9\xdddU\x91\x9d,\t\x8d\xc3@\x86,\x7f\xe2Z\xe8L\x80\xdbe~c\xbc\x9b\xcf\x9b\x1cH\x95\xf3'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000014c0)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="0200"], 0x10)
socketpair(0xa, 0x1, 0x6, &(0x7f0000000440))

3.095453534s ago: executing program 3 (id=1993):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x2, 0x2, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

3.042868995s ago: executing program 3 (id=1994):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x9, &(0x7f0000000000)={[{@nombcache}, {@jqfmt_vfsv0}, {@abort}, {}, {@noquota}, {@usrjquota, 0x2e}], [], 0x2e}, 0x6, 0x48d, &(0x7f0000000980)="$eJzs3EtvG1UbAOB3xnV6/5qv3wV6AQIFEXFJmrRAF2xAIHWDhARIZRnStCpNG9QEiVYVTREqS9RfACyR+AWsYIOAFYgtSGyQEFKFuqGwGjT2TOpcHGzHjil+HsntOTNnfM47M8c+MyfjAAbWSP5PErErIr4fithTzy4vMFL/79bNy9O/37w8nUSWvfRrUiv3283L02XRcrudRWY0jUjfTeLAGvXOX7x0dmp2duZCkR9fOPfG+PzFS4+fOTd1eub0zPnJY8eOHpl46snJJ7oS5+68rfvfnju47/ir11+YPnH9ta8+yZfvKtY3xlE33PJ7b2+yfCRGlu/LBg9F/JRlWct1/N3tbkgnW/rYENpSiYj8cFXz/h97ohK3D96eeP6dvjYO6Kksy7Ktq5ZWysRiBvyDJdF0VbqpDQE2WflFn1//lq9NHH703Y1n6hdAedy3ild9zZZIizLVFde33TQSEScW//ggf8Wa9yEAALrrs3z889ha4780/t9Q7l9Rnxsajoh/R8TeiPhPRPw3Iv4XUSt7V0Tc3Wb9Iyvyq8c/3zabXumKfPz3dDG3dXv8N1SLvzBcKXK7a/FXk1NnZmcOF/tkNKpb8/zEOnV8/tx37y9lti1f1zj+y195/eVYsC79ZcuKG3QnpxamuhB6zY2rS4GuGP8mSzMBSUTsi4j9Hbx/vs/OPPLxwWbr/zr+dXRhnin7KOLh+vFfjBXxl5L15yfHt8XszOHx8qxY7etvrr3YrP4Nxd8FN65G7Fh1/kdj/MNJ43ztfPt1XPvhvabXNJ2e/0PJy7X0ULHsramFhQsTEUPJ4urlk7e3LfNl+Tz+0UNrxZ/W3uPDYrsDEZGfxPdExL0RcV/R9vsj4oGIOLRO/F8+++DrncffW3n8J9s6/u0nKme/+LRZ/a0d/6O11GixpJXPv1YbuJF9BwAAAHeKtPY38Ek6tpRO07GxiFdq93Z3pLNz8wuPnpp78/zJ+t/KD0c1Le90pQ33QyeKe8NlfnJF/kjtvnGWZdn2Wn5sem62V3PqQGt2Nun/uZ8r/W4d0HNtzaM1e6INuCO11f9XPy0E3ME8rw2Dq9X+X+1xO4DN5/sfBtda/f9KxK0+NAXYZL7/YXDp/zC49H8YXPo/DKSNPNe/XmLv8Y43zzZUe/n7Kh1u/mNP9sZ6iUqnm29t42cOepCIdM1V1YjoS3vaSqS9qyI/+drbKj+QrRa+0umJ3XZi2cfEUD8+mwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrhzwAAAP//dNfhIw==")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
lsetxattr$trusted_overlay_upper(0x0, 0x0, 0x0, 0x361, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
lsetxattr$security_ima(&(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x0, 0x0, 0x3)

2.397922184s ago: executing program 3 (id=1994):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x9, &(0x7f0000000000)={[{@nombcache}, {@jqfmt_vfsv0}, {@abort}, {}, {@noquota}, {@usrjquota, 0x2e}], [], 0x2e}, 0x6, 0x48d, &(0x7f0000000980)="$eJzs3EtvG1UbAOB3xnV6/5qv3wV6AQIFEXFJmrRAF2xAIHWDhARIZRnStCpNG9QEiVYVTREqS9RfACyR+AWsYIOAFYgtSGyQEFKFuqGwGjT2TOpcHGzHjil+HsntOTNnfM47M8c+MyfjAAbWSP5PErErIr4fithTzy4vMFL/79bNy9O/37w8nUSWvfRrUiv3283L02XRcrudRWY0jUjfTeLAGvXOX7x0dmp2duZCkR9fOPfG+PzFS4+fOTd1eub0zPnJY8eOHpl46snJJ7oS5+68rfvfnju47/ir11+YPnH9ta8+yZfvKtY3xlE33PJ7b2+yfCRGlu/LBg9F/JRlWct1/N3tbkgnW/rYENpSiYj8cFXz/h97ohK3D96eeP6dvjYO6Kksy7Ktq5ZWysRiBvyDJdF0VbqpDQE2WflFn1//lq9NHH703Y1n6hdAedy3ild9zZZIizLVFde33TQSEScW//ggf8Wa9yEAALrrs3z889ha4780/t9Q7l9Rnxsajoh/R8TeiPhPRPw3Iv4XUSt7V0Tc3Wb9Iyvyq8c/3zabXumKfPz3dDG3dXv8N1SLvzBcKXK7a/FXk1NnZmcOF/tkNKpb8/zEOnV8/tx37y9lti1f1zj+y195/eVYsC79ZcuKG3QnpxamuhB6zY2rS4GuGP8mSzMBSUTsi4j9Hbx/vs/OPPLxwWbr/zr+dXRhnin7KOLh+vFfjBXxl5L15yfHt8XszOHx8qxY7etvrr3YrP4Nxd8FN65G7Fh1/kdj/MNJ43ztfPt1XPvhvabXNJ2e/0PJy7X0ULHsramFhQsTEUPJ4urlk7e3LfNl+Tz+0UNrxZ/W3uPDYrsDEZGfxPdExL0RcV/R9vsj4oGIOLRO/F8+++DrncffW3n8J9s6/u0nKme/+LRZ/a0d/6O11GixpJXPv1YbuJF9BwAAAHeKtPY38Ek6tpRO07GxiFdq93Z3pLNz8wuPnpp78/zJ+t/KD0c1Le90pQ33QyeKe8NlfnJF/kjtvnGWZdn2Wn5sem62V3PqQGt2Nun/uZ8r/W4d0HNtzaM1e6INuCO11f9XPy0E3ME8rw2Dq9X+X+1xO4DN5/sfBtda/f9KxK0+NAXYZL7/YXDp/zC49H8YXPo/DKSNPNe/XmLv8Y43zzZUe/n7Kh1u/mNP9sZ6iUqnm29t42cOepCIdM1V1YjoS3vaSqS9qyI/+drbKj+QrRa+0umJ3XZi2cfEUD8+mwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrhzwAAAP//dNfhIw==")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
lsetxattr$trusted_overlay_upper(0x0, 0x0, 0x0, 0x361, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
lsetxattr$security_ima(&(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x0, 0x0, 0x3)

2.352298935s ago: executing program 1 (id=1998):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x2000048, &(0x7f0000000240)={[{@errors_remount}, {@journal_dev={'journal_dev', 0x3d, 0x1}}, {@delalloc}]}, 0x1, 0x429, &(0x7f0000000740)="$eJzs3M1rXFUbAPDn3nzxNu2bWOtXW3XaIAbUpElUCLipqCgILnTnQkKTlGLalCZiW1y0IrgqblzpypX9A9y4EMS9K8GV7qUQpLiWK3fmXjNN5qaZJOMknd8Ppj3n3hPOee6ZM3PuOTMTQM+q5f8kEYcj4reIGGlk7y1Qa/z3191PzuWPJLLs3T+Terk8XxYt/264yIynEelnSZxoUe/Ktesfzi0tLVwp8pOrFy9Prly7/sKFi3PnF84vXJqZfenM9Mzsy7Mzexbrrbsnf13++p2/vzj9+/Crtz54LW/v4eJccxx7pRa1e69lk2f2urIuO9KUTvq72BDa0hcReXcN1Mf/SPTFeueNxOufdrVxQEdlWZYNVZ++kbUyEC0PAwdNYjBDjyrf6Mt7+07cB+9na2cbN0Cb4++PtCgztOH+di/VIuLq+5//kD+iQ+sQAADNfsznP8+3mv+k8WhTuf8Xe0OjEfFQRByNiIcj4lhEPBJRL/tYRDxeVdGN2y0P1zbkN89/0js7j+7+8vnfKy3nv+XsL0b7ityRevwDyeKFpYUzxTVJYmAoz09tUccvb93+tupc8/wvf+T1l3PBoh13+jcs0M3Prc7tJuZmazcjjrec/yblTsDNJCKeiIjjO6zj+7PZV1Xn7h9/Z2XfRDzbsv/Xd+6S9f3JPLtxf3Ky/nyYLJ8Vm538+PJ8Vf1txJ/uPtrN8v4/tHX8o0nzfu1K+3V8N3pqrercTp//g8l79fRgcezq3OrqlamIweTtzcen1/+2zJfl8/jHx1qP/6OxfiVO5P0YEU9GxFMR8XTR9lMRcToixraI/42xNxd2Hn9n5fHPt9X/7Sey7Kefq+rfXv+/WE+NF0e28/q33Qbu5toBAADAQZHWPwOfpBP/ptN0YqLxGf5jcShdWl5ZfW5x+aNL843Pyo/GQFqudI00rYdOFWvDZX56Q36mWDf+su9/9fzEueWlykUx4D8xXDH+c3/0dbt1QMdVf1+rI3tOwD7i+5rQu4x/6F2N8b/Y7WYAXeD9H3rX1uO/6iesgAeB93/oXcY/9C7jH3qX8Q89aTff63+gE4Nt/IiAxIFMlD8rsl/as78SXX5hAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2CP/BAAA//9TS9nx")
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000000100)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f00000005c0)=""/188, 0xbc)
lseek(r0, 0xfffffffffffffff8, 0x1)

1.863501522s ago: executing program 5 (id=2001):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000240)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2ad, &(0x7f00000007c0)="$eJzs3b9rO2UYAPDn0jQJOiSCkwge6OD05dvv6pIiLRQzKRnUQYttQZogtFDwB8ZOri6Ori6C4OY/4eJ/ILgKbhYsnNzlrklqGpPatP74fJa+fe953nve69uWDvf03eeHxwdpHJ1/8lO0WknUutGNiyQ6UYvKZzGj+0UAAP9mF1kWv2Zjq+QlEdFaX1kAwBqt/Pv/u7WXBACs2RtvvvXadq+383qatmJ3+PlZP//LPv84vr59FO/HIA7jcbTjMiK7Mh7vZlk2qqe5Trw0HJ3188zhOz+U62//ElHkb0U7OsXUbP5eb2crHZvKH+V1PFXev5vnP4l2PDvn/nu9nSdz8qPfiJdfnKr/UbTjx/figxjEQVHEOD9qEZ9upemr2Ze/ffx2Xl6en4zO+s0ibiLbuOcvDQAAAAAAAAAAAAAAAAAAAAAA/2GPyt45zSj69+RTZf+djcv8k81IK53Z/jzj/KRa6Fp/oFEWX1X9eR6naZqVgZP8ejxXj/rD7BoAAAAAAAAAAAAAAAAAAAD+WU4//Oh4fzA4PLmTQdUNoHqt/7brdKdmXojFwc3JvWrlcMHKsVHFJBELy8g3sXTNv5dtD2736J65qeZvvl16na//eu/lYHOJmL85qE7X8X4y/xk2o5ppVYfk++mYRix5r8ZNl7KVjl9j7qX2yntvPF0MRgtiIllU2Cs/j59cOZNc30WjeKpz0zfLwVT6bExr+fOcf6f8SXLVrSO52x9CAAAAAAAAAAAAAAAAAABAYfLS75yL5wtTa1lzbWUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL2a/P//FQajMnmJ4EacnD7wFgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgf+CMAAP//SfdjDw==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
truncate(&(0x7f0000000140)='./file2\x00', 0x5c00)

1.746052844s ago: executing program 5 (id=2002):
sendmsg$IEEE802154_SCAN_REQ(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x44, 0x0, 0x20, 0x0, 0x25dfdbfc, {}, [@IEEE802154_ATTR_DURATION={0x5, 0x15, 0xfc}, @IEEE802154_ATTR_CHANNELS={0x8, 0x14, 0x17}, @IEEE802154_ATTR_CHANNELS={0x8, 0x14, 0x15}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x12}, @IEEE802154_ATTR_CHANNELS={0x8, 0x14, 0x8}, @IEEE802154_ATTR_CHANNELS={0x8, 0x14, 0xe}]}, 0x44}, 0x1, 0x0, 0x0, 0x20040011}, 0x80)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e00000008000000000018000380140003801000018004000300080001"], 0x44}}, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)={0x38, r1, 0x7, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}]}, 0x38}}, 0x0)

1.591559216s ago: executing program 5 (id=2003):
r0 = socket$inet(0x2, 0x2, 0x1)
setsockopt$sock_int(r0, 0x1, 0x5, &(0x7f0000000440)=0x1, 0x4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x2, 0x4e20, @local}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000140)='\b\x00', 0x2}, {&(0x7f0000000040)="96b414bbbcc9", 0x6}], 0x2, &(0x7f0000000080)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @multicast2, @private=0xa010101}}}], 0x20}, 0x24048004)

1.575319507s ago: executing program 5 (id=2004):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000940)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_kthread_work_queue_work\x00', r1}, 0x10)
socketpair(0x11, 0xa, 0x0, &(0x7f0000001080))

1.538730607s ago: executing program 5 (id=2005):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x0, &(0x7f0000000080)={[{@barrier_val={'barrier', 0x3d, 0x7}}]}, 0xc1, 0x7b7, &(0x7f00000007c0)="$eJzs3ctrXNcZAPDvjl6W7FYqFFp3JSi0AuNR5ap2C124dFEKNRjadW0xGgtXI43RjIwlBLYpgWwCScgikGy8zsPZZZvHNvkvsgg2TiKLKGQRJtzRHWlkzciSo5kR6PeDq3vOfeicb859nJlzmQngxBpP/+QizkbEq0nEaLY8iYiBeqo/4vLWdpvra4V0SqJW+/fXSX2bjfW1QjTtkzqdZX4dEZ+8FHEuly44tavcysrq/EypVFzK8pPVhVuTlZXV8zcXZuaKc8XFi1PT0xcu/enSxaOL9dvPV888fu0fv3//8vf//9XDVz5N4nKcydY1x3FUxmM8e00G0pdwl78fdWE9lvS6AryQ9NTs2zrL42yMRl891cZwN2sGAHTK3YioAQAnTOL+DwAnTONzgI31tUJj6u0nEt315G9bQ5Mb2djm5nb8/dmY3an6OOjIRrJrZCSJiLEjKH88It7+8L/vplN0aBwSoJV79yPi+tj43ut/sueZhcP6w34ra0P12fgzi13/oHs+Svs/f27V/8tt93+iRf9nqMW5+yKef/7nHh1BMW2l/b+/Nj3bttkUf2asL8v9rN7nG0hu3CwV02vbzyNiIgaG0vxUfdPWT0FNPP3habvym/t/37z+v3fS8tP5zha5R/1Du/eZnanO/NS4G57cj/hNf6v4k+32T9r0f68esIx//uXlt9qtS+NP421Me+PvrNqDiN+1bP+dtkz2fT5xsn44TDYOihY++OLNkXbl77T/UH2elt94L9ANafuP7B//WNL8vGbl8GV89mD043brmo//1vG3Pv4Hk//U04PZsjsz1erSVMRg8q+9yy/s7NvIN7ZP45/4bevzv93xn8uejb2+ndtf/+Ov3sv+Vcv46+61i7+z0vhnD9X++yRq2T7PrHq4Od/XrvyDtf90PTWRLTnI9e85NW0knt94AAAAAAAAAAAAAAAAAAAAAAAAAHAEchFxJpJcfjudy+XzW7/h/csYyZXKleq5G+Xlxdmo/1b2WAzkGl91Odr0fahT2ffhN/IXnsn/MSJ+ERFvDA3X8/lCuTTb6+ABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIHN69+//301n+fzWui+Hel07AKBjTvW6AgBA17n/A8DJc7j7/3DH6gEAdM+h3//Xks5UBADomgPf/693th4AQPcY/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDDrl65kk6179bXCml+9vbK8nz59vnZYmU+v7BcyBfKS7fyc+XyXKmYL5QX2v6je1uzUrl8azoWl+9MVouV6mRlZfXaQnl5sXrt5sLMXPFacaBrkQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAwVVWVudnSqXiksS+ieHjUY1jk+iPY1GNI0vU+rbOh+NRn/5oLBnsWTWarxLDPbo6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABx/PwYAAP//eUchiw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x20)
sendfile(r0, r0, 0x0, 0x7a680000)
read$eventfd(r0, &(0x7f00000004c0), 0x8)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f0000000100)={0x17c04, 0xffffffffffffffff, 0x0, 0x7ffe, 0x6, 0x9})

1.389353129s ago: executing program 3 (id=1994):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x9, &(0x7f0000000000)={[{@nombcache}, {@jqfmt_vfsv0}, {@abort}, {}, {@noquota}, {@usrjquota, 0x2e}], [], 0x2e}, 0x6, 0x48d, &(0x7f0000000980)="$eJzs3EtvG1UbAOB3xnV6/5qv3wV6AQIFEXFJmrRAF2xAIHWDhARIZRnStCpNG9QEiVYVTREqS9RfACyR+AWsYIOAFYgtSGyQEFKFuqGwGjT2TOpcHGzHjil+HsntOTNnfM47M8c+MyfjAAbWSP5PErErIr4fithTzy4vMFL/79bNy9O/37w8nUSWvfRrUiv3283L02XRcrudRWY0jUjfTeLAGvXOX7x0dmp2duZCkR9fOPfG+PzFS4+fOTd1eub0zPnJY8eOHpl46snJJ7oS5+68rfvfnju47/ir11+YPnH9ta8+yZfvKtY3xlE33PJ7b2+yfCRGlu/LBg9F/JRlWct1/N3tbkgnW/rYENpSiYj8cFXz/h97ohK3D96eeP6dvjYO6Kksy7Ktq5ZWysRiBvyDJdF0VbqpDQE2WflFn1//lq9NHH703Y1n6hdAedy3ild9zZZIizLVFde33TQSEScW//ggf8Wa9yEAALrrs3z889ha4780/t9Q7l9Rnxsajoh/R8TeiPhPRPw3Iv4XUSt7V0Tc3Wb9Iyvyq8c/3zabXumKfPz3dDG3dXv8N1SLvzBcKXK7a/FXk1NnZmcOF/tkNKpb8/zEOnV8/tx37y9lti1f1zj+y195/eVYsC79ZcuKG3QnpxamuhB6zY2rS4GuGP8mSzMBSUTsi4j9Hbx/vs/OPPLxwWbr/zr+dXRhnin7KOLh+vFfjBXxl5L15yfHt8XszOHx8qxY7etvrr3YrP4Nxd8FN65G7Fh1/kdj/MNJ43ztfPt1XPvhvabXNJ2e/0PJy7X0ULHsramFhQsTEUPJ4urlk7e3LfNl+Tz+0UNrxZ/W3uPDYrsDEZGfxPdExL0RcV/R9vsj4oGIOLRO/F8+++DrncffW3n8J9s6/u0nKme/+LRZ/a0d/6O11GixpJXPv1YbuJF9BwAAAHeKtPY38Ek6tpRO07GxiFdq93Z3pLNz8wuPnpp78/zJ+t/KD0c1Le90pQ33QyeKe8NlfnJF/kjtvnGWZdn2Wn5sem62V3PqQGt2Nun/uZ8r/W4d0HNtzaM1e6INuCO11f9XPy0E3ME8rw2Dq9X+X+1xO4DN5/sfBtda/f9KxK0+NAXYZL7/YXDp/zC49H8YXPo/DKSNPNe/XmLv8Y43zzZUe/n7Kh1u/mNP9sZ6iUqnm29t42cOepCIdM1V1YjoS3vaSqS9qyI/+drbKj+QrRa+0umJ3XZi2cfEUD8+mwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrhzwAAAP//dNfhIw==")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
lsetxattr$trusted_overlay_upper(0x0, 0x0, 0x0, 0x361, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
lsetxattr$security_ima(&(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x0, 0x0, 0x3)

1.052617935s ago: executing program 1 (id=2009):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r1}, 0x10)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000b00)=@base={0x6, 0x4, 0x70be, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

1.031829345s ago: executing program 4 (id=2008):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x4, 0x6}, 0x4)
close(r1)

983.345585ms ago: executing program 1 (id=2010):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x40, 0x4, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
getrusage(0x0, &(0x7f0000000740))
link(0x0, &(0x7f0000000340)='./file0\x00')

978.904336ms ago: executing program 4 (id=2011):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000006c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x43}}, 0x10)
setsockopt$inet_udp_int(r0, 0x11, 0x67, &(0x7f0000000000)=0x507, 0x4)
sendmmsg$inet(r0, &(0x7f0000000600)=[{{&(0x7f0000000c00)={0x2, 0x4e20, @multicast2}, 0x10, 0x0}}], 0x1, 0x2000c044)
sendto$inet(r0, &(0x7f00000000c0)="8689d46205a34100bf2bbe11a5ce7839edaf02afe39ead95913e9c4f8cf31440606769ebdf12cfacae8e8c03f5db079da7d9ecda75e2a7d49d5cbcb370c4d789390a328ba42c9c60cf2154d1b659aa709e8980a522cfb72f23ad87fb7019706ccae98cfe7c4fd23e8297b8cabc46ede1ac3da78f1b488c6357e7edfcd417df6660af20a54ecdcb02f689ae15ee655d4b7b1ea733e88ee9f53669388dff487c1c49953f3bc142112bd4b582b29b35d43962ed245c2cd5d5df40a3e0ed6beaf3b641e84b0f0dfa121a9efe05269f9f4a0e9bcbf43c7a90a711f453668c730c3badedca687b71a9c27bab9e724cc4a4918713031596ea6fd01124f973f257ccd9665aee7df4a9d64f079d176abc00000000d7af3e2dd4396f72373fb0a787a6129ca41181f5087fb843212550b58e3707d5a0399de36c2503836cbe2133de4f574e9e05c96788b0de1bd13e390445433d96737b964fa8af2ac4b2f0f9390ca93d8d3d810044d024359e067c4553230ab748947d33f8fc115ce9a49e6571c45a05d786cbd49342c236537dbbeec666b07baab917252113a5b9a77283189b518f356debe42d80cf2d0687b9c64d0253a6a09286fded6e4f8557b8fb4f25ca4fb138af8945c74bbc98748eaaa030be5317646f195e6e085ac6ddb29542e3581961259987241f7e7061526a7afec8962e74215fea43703a4e543ee9d1a3c3f5f2a41977ece8fdadcf89ce331ce59bebae5f53513d0e10485d7ddbda60513bf339602510b3a23ea29a0d5d03a61e34d12942ea4a847c884b27b5344a456d02a55f8929cc567e7c792c01fab7a7b32780a14c361000609b817dd91507b04d875279527946fdb8fb92a512485e234d092c28f1d0a0498731ccc0eb10515d510e8945839307b46512ceca6f495fdd2c6ae5eb2ef3b2a40ebdc7edf0048e3fb5e3d97a9ea5113a6b70d20ad5c43f0df95d88c0f121a1884da21a21f0ba47420f8391a97921cc51871dbb272e43710fe71d5e342c3afd10608a8b02f00e8fbd8d570b6faace86c494ecea8913233391e7b7cec3d571bb3032181ed58e1b513e511f79ee562c8cde9b3b74c2e95dcde7fadb5a666bdc0c1684794620ce8cf0c0aee8e90b3ef6e7160d3f055cb4d1ced32e4edc15e7d102952d3237e6c02c591a95a182bf190c0124abc7f1225332ff1c5e1b94e4e9bf02c1a18bd7bfce20707f7298da322560bc1a4cf298d46f5bf8ff41da21e25aa17f65f9ee43ca890b5ef6a3ccf3efedf3ca60a9acef1352ad0c43e6cf375108cf0974ce89a99adba7e6a3f8949dc573440fafe0e3abdd0066057a2d868e8386080f18a421568d8e7a89536a4173861bd55245c8fcf7dcba18edce36d2e85b9630fbc218db9ebd16abb11ac06fdbf2bc3e6394d4c6e7ae71813d30772d487743a2856348fee09989ce03331e7848770fc91e62191c20fe5f4a73c5dae467dd612bdb63b1e50921d38271305d7412103d5a6214d6d534d1d530b9169f882b6926bbd338f0282a8bd9a44603934e5249e83f1d0947b39f82a7843d2b6f796d8abf7ff3e66cfd4519324d71cebbf6580dffc10d555e479e9acaa12c3c59e3732c181aa4223d0fcdac514e9d7c7963c2634964520286b028f60a4ae612b8e6049315139e884cbffd6836253094ad023329183496cf663366ad4d7f7f5f1bd2db9b0d33f106c041fba4494c7da404d45d8955e5459ca4a62862721ec1fa534fd95e262c5814426816e60000000000000000001aa4fb6f40ec24f42f6949cc28d2a0d4eb61cb1664627582d962523586539445b81e9759321652280ecb", 0xffe3, 0x6000000000000000, 0x0, 0x0)

939.439846ms ago: executing program 4 (id=2012):
r0 = socket$inet(0x2, 0x2, 0x1)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000200), 0x12)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22051, r1, 0x0)
sendmsg$inet(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000001180)="0800e4c8ec1a9b25", 0x8}, {0x0}], 0x2, &(0x7f00000001c0)=ANY=[], 0x30}, 0x4000)

904.794907ms ago: executing program 4 (id=2013):
r0 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0)
io_setup(0x2, &(0x7f0000000000)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000600)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x8, r0, &(0x7f0000000100)="64bcca0454401b9fccaa788bfae142acaa4f0926e7c1d9501f3a68d84d9b4ba7bc94", 0x22}])

661.38795ms ago: executing program 4 (id=2014):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000002c7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
syz_read_part_table(0x403d, &(0x7f0000000000)="$eJzs0DFKxEAYBeA3ihAFS8FyjiCRWNqlsfQEigYs7BQ7G72X4DUsPIKdtUI2xTYLYSFbfV/zP5gZ5vH310lKktrW28fnelYf7mvbdfVpuKsX59mBkvRXY2rynpLDJAdzHt4cf/8sXW5xv0cbj5ppnpxmb4plTH/7a7cuP1c7HGeS17e5X399DC9bdQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCfHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw5kAAAAAIT5W+fRfgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI0CAAD//77BETc=")
kcmp(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff)

605.554181ms ago: executing program 5 (id=2015):
r0 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0xfffffeffffff7ffe, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000800)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f00000018c0)="72da", 0x2}], 0x1}}, {{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000280)="afef", 0x2}], 0x1}}], 0x2, 0x4000800)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000240)={&(0x7f0000b95000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x1001, 0x0, 0x0}, &(0x7f0000000180)=0x40)

565.607551ms ago: executing program 0 (id=2016):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000580)={[{@resgid}, {@noauto_da_alloc}, {@dioread_nolock}, {@test_dummy_encryption}, {@nobarrier}, {@nodelalloc}, {@minixdf}, {@init_itable}]}, 0x1, 0xbb3, &(0x7f00000017c0)="$eJzs3M9rHOUbAPBnJj/b5vvdVESsl0ZEWhC3aSXFFsFWKl48CHoVGtJNCdn+IInUpDls9B8Q9Sx4EdSi9GDPvSh49aL1avEgFImNgohGZn8ksdlN0nSTaZvPB97M++4zs+/z7LA785bdBrBjDWR/0oh9EXE6iSjUH08jorva642o1PZbmJ8d+WN+diSJxcXXf00iiYjb87MjjedK6ts99UFvRHz3UhKPvLt63snpmfHhcrk0UR8fmjp38dDk9MyzY+eGz5bOls4fPvr80JGho4PHhtpW658/nbj2+5Ov/Fz567O/r/z2wSdJnIi+emxlHe0yEANLr8lKnREx3O7JctJRr2dlnUnnOgelW5wUAAAtpSvu4R6LQnTE8s1bIb7+PtfkAAAAgLZY7IhYBAAAAB5yyfrr/+o/FAAAAAAPqsb3AG7Pz440Wq5fSNhmt05GRH+t/oV6q0U6o1Ld9kZXROy+ncTKn7UmtcPu2UBE3Pzx2JdZiy36HfJaKnMR8Xiz859U6++v/op7df1pRAy2Yf6BO8YPUv0n2jB/3vUDsDNdP1m7kK2+/qVL9z/R5PrX2eTatRl5X/8a938Lq+7/luvvaHH/99oG57j86UeXWsWy+l+49vIXjZbNn23vqai7cGsu4onOZvUnS/UnLeo/vcE5Cv9cKrWK5V3/4scRB6J5/Q3J2v8/0aHRsXJpsPa36Rxz3w593mr+vOvPzv/uFvWvd/4vbnCON0+dutoqtn796S/dyRvVXnf9kbeHp6YmDkd0J6+ufvzI2rk09mk8R1b/wafWfv83qz/7TKjUX4dsLTBX32bjd+6Y88Url79aq/5s7Zfn+T+zyfP/3gbnePqb9w+2iq1c/2Ytm/9mUlsLAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBDGhF9kaTFpX6aFosReyLi0didli9MTj0zeuGt82eyWER/dKWjY+XSYEQUauMkGx+u9pfHR+4YPxcReyPiw8Ku6rg4cqF8Ju/iAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWLInIvoiSYsRkUbEQiFNi8W8swIAAADarn+Tx/W0OQ8AAABg62x2/Q8AAAA8OKz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2GJ791+/kURE5fiuast012NduWYGbLU07wSA3HTknQCQm868EwByc5drfLcL8BBK1on3toz0tD0XAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO5fB/Zdv5FEROX4rmrLdNdjXU2P2L+N2QFbKc07ASA3HWsFO7cvD2D7eYvDztV8jQ/sJMk68d7lfSr/jfRsWU4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3H/6qi1JixGRVvtpWixG/C8i+qMrGR0rlwYj4v8R8UOhqycb9+SdNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG03OT0zPlwulyZ0dHTy7ST3Rxq1Tt6fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5GFyemZ8uFwuTUzmnQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQt8npmfHhcrk0sYHO1bvZeUUn7xoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMjPvwEAAP//kbEJ9g==")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0185879, 0x0)

503.806943ms ago: executing program 1 (id=2017):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f00000002c0), &(0x7f0000000300)=r1}, 0x20)
rt_sigaction(0xd, 0x0, 0x0, 0x0, 0x0)

463.351173ms ago: executing program 1 (id=2018):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000080)={0x0, 0x0})
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000600)=ANY=[@ANYBLOB="29000000000000000006"])

318.254885ms ago: executing program 4 (id=2019):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mlock2(&(0x7f000000e000/0x1000)=nil, 0x1000, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)

119.204838ms ago: executing program 0 (id=2020):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r1}, 0x10)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000b00)=@base={0x6, 0x4, 0x70be, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

119.087468ms ago: executing program 1 (id=2021):
r0 = io_uring_setup(0x30df, &(0x7f0000000000)={0x0, 0x54cd, 0x2, 0x0, 0x5})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902240001000000000904000001030100000921000000012201000905810308"], 0x0)
syz_usb_ep_write(r1, 0x81, 0x41, &(0x7f00000002c0)="b9425b44651dd23241963599000000110000004a16941ff5f4b4f1f0add7fcf2b877fceafffffffffff1ffdf4cd9f5d3969890522c77157d88010000003a5bd553")
close_range(r0, 0xffffffffffffffff, 0x0)

0s ago: executing program 0 (id=2022):
timer_create(0xfffffffffffffffc, 0x0, &(0x7f0000001400))
timer_create(0xfffffffc, 0x0, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f000006b000)={{}, {0x0, 0x989680}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
unshare(0x42000000)

kernel console output (not intermixed with test programs):

-1: new full-speed USB device number 4 using dummy_hcd
[   58.340468][ T2543] loop3: detected capacity change from 0 to 40427
[   58.347756][ T2543] F2FS-fs (loop3): heap/no_heap options were deprecated
[   58.355867][ T2543] F2FS-fs (loop3): invalid crc value
[   58.362736][ T2543] F2FS-fs (loop3): Found nat_bits in checkpoint
[   58.417885][ T2543] F2FS-fs (loop3): Start checkpoint disabled!
[   58.424811][ T2543] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[   58.443567][  T310] playstation 0003:054C:0DF2.000F: unknown main item tag 0x0
[   58.461302][  T310] playstation 0003:054C:0DF2.000F: unknown main item tag 0x0
[   58.479194][  T310] playstation 0003:054C:0DF2.000F: unknown main item tag 0x0
[   58.488006][  T287] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 8 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   58.509965][  T310] playstation 0003:054C:0DF2.000F: unknown main item tag 0x0
[   58.524074][  T310] playstation 0003:054C:0DF2.000F: unknown main item tag 0x0
[   58.524598][ T1379] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   58.542505][  T310] playstation 0003:054C:0DF2.000F: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.1-1/input0
[   58.542752][   T10] kworker/u4:1: attempt to access beyond end of device
[   58.542752][   T10] loop3: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[   58.556759][   T28] audit: type=1400 audit(1749203094.836:5691): avc:  denied  { read write } for  pid=2503 comm="syz.4.943" name="lp0" dev="devtmpfs" ino=1026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[   58.568565][ T1379] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[   58.631756][   T28] audit: type=1400 audit(1749203094.866:5692): avc:  denied  { open } for  pid=2503 comm="syz.4.943" path="/dev/usb/lp0" dev="devtmpfs" ino=1026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[   58.633483][ T1379] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   58.681927][ T1379] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   58.690030][ T1379] usb 3-1: Product: syz
[   58.694469][ T1379] usb 3-1: Manufacturer: syz
[   58.699094][ T1379] usb 3-1: SerialNumber: syz
[   58.858717][  T315] Bluetooth: hci0: Frame reassembly failed (-84)
[   58.863733][  T310] playstation 0003:054C:0DF2.000F: Failed to retrieve feature with reportID 32: -71
[   58.876754][  T310] playstation 0003:054C:0DF2.000F: Failed to retrieve DualSense firmware info: -71
[   58.886859][  T310] playstation 0003:054C:0DF2.000F: Failed to get firmware info from DualSense
[   58.896164][  T310] playstation 0003:054C:0DF2.000F: Failed to create dualsense.
[   58.905575][  T310] playstation: probe of 0003:054C:0DF2.000F failed with error -71
[   58.915420][  T310] usb 2-1: USB disconnect, device number 9
[   58.944943][ T2561] fido_id[2561]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[   59.111034][ T1379] usb 3-1: 0:2 : does not exist
[   59.314239][ T2563] netlink: 20 bytes leftover after parsing attributes in process `syz.0.966'.
[   59.410761][ T2571] blk_print_req_error: 3 callbacks suppressed
[   59.410779][ T2571] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   59.426489][ T2571] FAT-fs (loop3): unable to read boot sector
[   59.533130][ T1379] usb 3-1: USB disconnect, device number 4
[   59.595779][ T2569] loop0: detected capacity change from 0 to 40427
[   59.604959][ T2569] F2FS-fs (loop0): invalid crc value
[   59.618485][ T2569] F2FS-fs (loop0): Found nat_bits in checkpoint
[   59.692809][ T2569] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   59.694768][ T2591] loop1: detected capacity change from 0 to 128
[   59.722475][ T1799] udevd[1799]: incorrect ext4 checksum on /dev/loop1
[   59.731429][ T2591] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm.
[   59.744008][ T1921] udevd[1921]: incorrect ext4 checksum on /dev/loop1
[   59.795767][ T2595] netlink: 4 bytes leftover after parsing attributes in process `syz.1.979'.
[   59.830299][ T2569] syz.0.969: attempt to access beyond end of device
[   59.830299][ T2569] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   59.832729][ T2597] loop1: detected capacity change from 0 to 512
[   59.865636][ T2597] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   59.880948][ T2597] EXT4-fs (loop1): 1 truncate cleaned up
[   59.896326][ T2597] EXT4-fs warning (device loop1): ext4_group_add:1743: No reserved GDT blocks, can't resize
[   60.044485][ T2605] loop0: detected capacity change from 0 to 512
[   60.055122][ T2605] EXT4-fs (loop0): Test dummy encryption mode enabled
[   60.063242][ T2605] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   60.076866][ T2605] EXT4-fs error (device loop0): ext4_orphan_get:1426: comm syz.0.983: bad orphan inode 131083
[   60.120377][ T2611] loop2: detected capacity change from 0 to 512
[   60.148775][ T2611] ext4 filesystem being mounted at /184/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.170500][ T2618] loop0: detected capacity change from 0 to 512
[   60.216592][ T2618] EXT4-fs (loop0): 1 orphan inode deleted
[   60.223285][ T2618] ext4 filesystem being mounted at /212/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.232309][   T10] __quota_error: 1 callbacks suppressed
[   60.232325][   T10] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   60.252232][   T10] EXT4-fs error (device loop0): ext4_release_dquot:6825: comm kworker/u4:1: Failed to release dquot type 1
[   60.287022][ T2630] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   60.298597][ T2630] FAT-fs (loop5): unable to read boot sector
[   60.486447][ T2646] loop2: detected capacity change from 0 to 512
[   60.495449][ T2646] EXT4-fs (loop2): Test dummy encryption mode enabled
[   60.503187][ T2646] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   60.514350][ T2646] EXT4-fs error (device loop2): ext4_orphan_get:1426: comm syz.2.998: bad orphan inode 131083
[   60.531925][ T1379] usb 2-1: new full-speed USB device number 10 using dummy_hcd
[   60.666830][  T304] usb 5-1: USB disconnect, device number 8
[   60.682376][  T304] usblp0: removed
[   60.733177][ T1379] usb 2-1: config 0 has an invalid interface number: 41 but max is 0
[   60.760034][ T2656] loop4: detected capacity change from 0 to 512
[   60.763202][ T1379] usb 2-1: config 0 has no interface number 0
[   60.777229][ T1379] usb 2-1: config 0 interface 41 has no altsetting 0
[   60.789792][ T2656] ext4 filesystem being mounted at /177/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.792279][ T1379] usb 2-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[   60.814133][ T1379] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   60.822363][ T1379] usb 2-1: Product: syz
[   60.826554][ T1379] usb 2-1: Manufacturer: syz
[   60.831165][ T1379] usb 2-1: SerialNumber: syz
[   60.838863][ T1379] usb 2-1: config 0 descriptor??
[   60.861912][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[   60.868000][  T654] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   60.898604][ T2662] loop3: detected capacity change from 0 to 1024
[   60.905612][ T2662] EXT4-fs: Ignoring removed orlov option
[   60.911364][ T2662] EXT4-fs: Ignoring removed nomblk_io_submit option
[   60.923702][ T2664] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   60.934347][   T28] audit: type=1400 audit(1749203097.206:5694): avc:  denied  { relabelto } for  pid=2663 comm="syz.0.1004" name="216" dev="tmpfs" ino=1143 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[   60.962238][   T28] audit: type=1400 audit(1749203097.226:5695): avc:  denied  { associate } for  pid=2663 comm="syz.0.1004" name="216" dev="tmpfs" ino=1143 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:fsadm_exec_t:s0"
[   61.012578][   T28] audit: type=1400 audit(1749203097.286:5696): avc:  denied  { write } for  pid=284 comm="syz-executor" name="216" dev="tmpfs" ino=1143 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[   61.046689][   T28] audit: type=1400 audit(1749203097.286:5697): avc:  denied  { remove_name } for  pid=284 comm="syz-executor" name="binderfs" dev="tmpfs" ino=1147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[   61.078053][   T28] audit: type=1400 audit(1749203097.286:5698): avc:  denied  { rmdir } for  pid=284 comm="syz-executor" name="216" dev="tmpfs" ino=1143 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[   61.104525][   T28] audit: type=1400 audit(1749203097.356:5699): avc:  denied  { rename } for  pid=2661 comm="syz.3.1005" name="file0" dev="loop3" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   61.127411][   T28] audit: type=1400 audit(1749203097.356:5700): avc:  denied  { unlink } for  pid=2661 comm="syz.3.1005" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   61.211430][   T28] audit: type=1400 audit(1749203097.476:5701): avc:  denied  { getopt } for  pid=2681 comm="syz.4.1014" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   61.502017][  T304] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[   61.581928][   T19] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   61.678111][ T1379] CoreChips 2-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffb9
[   61.690357][  T304] usb 5-1: Using ep0 maxpacket: 32
[   61.695961][ T1379] CoreChips: probe of 2-1:0.41 failed with error -71
[   61.703845][  T304] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   61.715531][ T1379] usb 2-1: USB disconnect, device number 10
[   61.721886][  T304] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   61.731634][  T304] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[   61.741060][  T304] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   61.751311][  T304] usb 5-1: config 0 descriptor??
[   61.763135][   T19] usb 3-1: config index 0 descriptor too short (expected 3133, got 61)
[   61.771591][   T19] usb 3-1: config 0 has an invalid interface number: 156 but max is 1
[   61.779939][   T19] usb 3-1: config 0 has an invalid descriptor of length 12, skipping remainder of the config
[   61.790526][   T19] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2
[   61.799565][   T19] usb 3-1: config 0 has no interface number 0
[   61.805838][   T19] usb 3-1: config 0 interface 156 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[   61.815782][   T19] usb 3-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[   61.827290][   T19] usb 3-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[   61.837162][   T19] usb 3-1: config 0 interface 156 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   61.850328][   T19] usb 3-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[   61.859434][   T19] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   61.868254][   T19] usb 3-1: config 0 descriptor??
[   61.874836][   T19] usb 3-1: MIDIStreaming interface descriptor not found
[   61.977471][ T2702] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1022'.
[   61.986640][ T2702] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1022'.
[   62.070642][ T2706] binder: 2705:2706 ioctl 40046205 0 returned -22
[   62.084022][  T287] usb 3-1: USB disconnect, device number 5
[   62.160888][  T304] savu 0003:1E7D:2D5A.0010: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0
[   62.245116][  T310] kernel write not supported for file [eventfd] (pid: 310 comm: kworker/1:3)
[   62.338848][ T2728] x_tables: ip6_tables: CT target: only valid in raw table, not ./file0
[   62.436310][  T304] usb 5-1: USB disconnect, device number 9
[   62.673430][ T2760] loop2: detected capacity change from 0 to 1024
[   62.801435][ T2780] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=2780 comm=syz.1.1054
[   62.956155][ T2801] overlayfs: conflicting lowerdir path
[   62.962615][ T2801] overlayfs: overlay with incompat feature 'volatile' cannot be mounted
[   63.061881][ T1379] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[   63.076396][ T2814] loop2: detected capacity change from 0 to 2048
[   63.182017][  T287] usb 2-1: new full-speed USB device number 11 using dummy_hcd
[   63.194647][ T2812] loop3: detected capacity change from 0 to 40427
[   63.213389][ T2812] F2FS-fs (loop3): invalid crc value
[   63.234370][ T2812] F2FS-fs (loop3): Found nat_bits in checkpoint
[   63.253258][ T1379] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   63.273035][ T1379] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   63.284718][ T1379] usb 1-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[   63.288991][ T2812] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   63.295681][ T1379] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   63.321581][ T1379] usb 1-1: config 0 descriptor??
[   63.387102][  T287] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   63.408420][  T287] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[   63.429512][  T287] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 1024, setting to 64
[   63.454270][ T2812] syz.3.1071: attempt to access beyond end of device
[   63.454270][ T2812] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   63.468138][  T287] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 512, setting to 64
[   63.481095][  T287] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   63.490543][  T287] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   63.499048][  T287] usb 2-1: Product: syz
[   63.516077][  T287] usb 2-1: Manufacturer: syz
[   63.520866][  T287] usb 2-1: SerialNumber: syz
[   63.542028][ T2792] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[   63.550135][  T287] cdc_mbim 2-1:1.0: skipping garbage
[   63.764148][ T2792] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[   63.774850][ T2792] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[   63.785952][ T2854] loop4: detected capacity change from 0 to 1024
[   63.795083][ T2854] EXT4-fs: Ignoring removed orlov option
[   63.800914][ T2854] EXT4-fs: Ignoring removed nomblk_io_submit option
[   63.824492][ T2854] EXT4-fs mount: 23 callbacks suppressed
[   63.824508][ T2854] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   63.887113][  T285] EXT4-fs (loop4): unmounting filesystem.
[   64.014965][   T28] audit: type=1326 audit(1749203100.286:5702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2819 comm="syz.2.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb2158e929 code=0x7fc00000
[   64.132402][ T1379] hid-led: probe of 0003:27B8:01ED.0011 failed with error -71
[   64.150146][ T1379] usb 1-1: USB disconnect, device number 9
[   64.222058][  T310] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[   64.388938][ T2792] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[   64.396279][ T2792] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[   64.403768][  T287] cdc_mbim 2-1:1.0: setting tx_max = 40
[   64.410448][  T287] cdc_mbim 2-1:1.0: cdc-wdm0: USB WDM device
[   64.416622][  T310] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[   64.427347][  T287] cdc_mbim 2-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.1-1, CDC MBIM, 02:ec:6f:44:32:fa
[   64.438071][  T310] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   64.447603][  T310] usb 5-1: config 0 descriptor??
[   64.611452][  T287] usb 2-1: USB disconnect, device number 11
[   64.617783][  T287] cdc_mbim 2-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.1-1, CDC MBIM
[   64.773154][ T2899] SELinux:  Context Ü is not valid (left unmapped).
[   65.064572][  T310] usb 5-1: Cannot set autoneg
[   65.071293][  T310] MOSCHIP usb-ethernet driver: probe of 5-1:0.0 failed with error -71
[   65.085626][  T310] usb 5-1: USB disconnect, device number 10
[   65.117924][ T2916] input: syz0 as /devices/virtual/input/input9
[   65.129091][ T2916] input: failed to attach handler leds to device input9, error: -6
[   65.454601][   T28] kauditd_printk_skb: 8 callbacks suppressed
[   65.454617][   T28] audit: type=1400 audit(1749203101.726:5711): avc:  denied  { read } for  pid=2933 comm="syz.2.1121" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   65.534531][   T28] audit: type=1400 audit(1749203101.806:5712): avc:  denied  { read } for  pid=2938 comm="syz.0.1123" name="usbmon0" dev="devtmpfs" ino=159 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   65.558611][   T28] audit: type=1400 audit(1749203101.806:5713): avc:  denied  { open } for  pid=2938 comm="syz.0.1123" path="/dev/usbmon0" dev="devtmpfs" ino=159 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   65.695369][ T2946] loop2: detected capacity change from 0 to 512
[   65.724004][ T2946] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #15: comm syz.2.1136: pblk 0 bad header/extent: invalid magic - magic 7973, entries 1402, max 27648(0), depth 25964(25964)
[   65.760467][ T2946] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.1136: couldn't read orphan inode 15 (err -117)
[   65.774172][ T2946] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   65.823713][ T2947] loop4: detected capacity change from 0 to 40427
[   65.828365][  T282] EXT4-fs (loop2): unmounting filesystem.
[   65.837486][ T2947] F2FS-fs (loop4): invalid crc value
[   65.850030][ T2956] loop3: detected capacity change from 0 to 256
[   65.876019][ T2947] F2FS-fs (loop4): Found nat_bits in checkpoint
[   65.953204][ T2947] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   65.956855][  T310] kernel read not supported for file /usbmon0 (pid: 310 comm: kworker/1:3)
[   66.060724][   T28] audit: type=1326 audit(1749203102.326:5714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2974 comm="syz.0.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58b18e929 code=0x7ffc0000
[   66.077500][ T2947] syz.4.1125: attempt to access beyond end of device
[   66.077500][ T2947] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   66.106470][   T28] audit: type=1326 audit(1749203102.366:5715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2974 comm="syz.0.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58b18e929 code=0x7ffc0000
[   66.169924][   T28] audit: type=1326 audit(1749203102.376:5716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2974 comm="syz.0.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa58b18e929 code=0x7ffc0000
[   66.241687][   T28] audit: type=1326 audit(1749203102.376:5717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2974 comm="syz.0.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58b18e929 code=0x7ffc0000
[   66.306259][   T28] audit: type=1326 audit(1749203102.376:5718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2974 comm="syz.0.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58b18e929 code=0x7ffc0000
[   66.360842][   T28] audit: type=1326 audit(1749203102.376:5719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2974 comm="syz.0.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa58b18e929 code=0x7ffc0000
[   66.390339][   T28] audit: type=1326 audit(1749203102.376:5720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2974 comm="syz.0.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58b18e929 code=0x7ffc0000
[   66.414705][ T2989] loop4: detected capacity change from 0 to 512
[   66.425345][ T2989] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   66.447670][ T2989] EXT4-fs (loop4): 1 truncate cleaned up
[   66.453555][ T2989] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   66.474156][  T285] EXT4-fs (loop4): unmounting filesystem.
[   66.521933][  T287] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[   66.629295][ T2987] loop2: detected capacity change from 0 to 40427
[   66.640419][ T2987] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   66.658492][ T2987] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   66.670093][ T2987] F2FS-fs (loop2): invalid crc value
[   66.682620][ T2987] F2FS-fs (loop2): Found nat_bits in checkpoint
[   66.720031][  T287] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   66.732157][  T287] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   66.742764][  T287] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[   66.754072][  T287] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   66.764700][ T2987] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   66.771960][ T2987] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   66.771987][   T24] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[   66.788877][  T287] usb 4-1: config 0 descriptor??
[   66.894394][ T3024] loop1: detected capacity change from 0 to 16
[   66.901427][ T3024] erofs: (device loop1): mounted with root inode @ nid 36.
[   66.902067][  T102] udevd[102]: worker [338] terminated by signal 33 (Unknown signal 33)
[   66.925749][  T102] udevd[102]: worker [338] failed while handling '/devices/virtual/block/loop2'
[   66.981917][   T24] usb 5-1: Using ep0 maxpacket: 32
[   66.991661][   T24] usb 5-1: config 0 has an invalid interface number: 67 but max is 0
[   67.001477][   T24] usb 5-1: config 0 has no interface number 0
[   67.010050][   T24] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[   67.019926][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   67.029337][   T24] usb 5-1: Product: syz
[   67.034245][   T24] usb 5-1: Manufacturer: syz
[   67.042891][   T24] usb 5-1: SerialNumber: syz
[   67.062880][   T24] usb 5-1: config 0 descriptor??
[   67.072563][   T24] smsc95xx v2.0.0
[   67.129555][ T3052] syz.0.1163 uses obsolete (PF_INET,SOCK_PACKET)
[   67.214294][  T287] savu 0003:1E7D:2D5A.0012: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.3-1/input0
[   67.250880][  T102] udevd[102]: worker [1921] terminated by signal 33 (Unknown signal 33)
[   67.261401][  T102] udevd[102]: worker [1921] failed while handling '/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:1E7D:2D5A.0012/hidraw/hidraw0'
[   67.297120][ T3066] syz.1.1167 (3066) used greatest stack depth: 21344 bytes left
[   67.438946][ T3090] loop2: detected capacity change from 0 to 128
[   67.450633][ T3090] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   67.455257][  T102] udevd[102]: worker [306] terminated by signal 33 (Unknown signal 33)
[   67.459874][ T3090] ext4 filesystem being mounted at /246/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   67.467886][  T102] udevd[102]: worker [306] failed while handling '/devices/virtual/block/loop2'
[   67.492288][  T282] EXT4-fs (loop2): unmounting filesystem.
[   67.502405][  T304] usb 4-1: USB disconnect, device number 8
[   67.670405][ T3106] syz.2.1186[3106] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   67.670475][ T3106] syz.2.1186[3106] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   67.791892][   T19] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[   67.951966][ T1379] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[   67.976521][ T3108] loop0: detected capacity change from 0 to 1024
[   67.983414][ T3108] EXT4-fs: Ignoring removed i_version option
[   67.984230][   T19] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   67.993244][ T3108] EXT4-fs error (device loop0): ext4_map_blocks:635: inode #3: block 2: comm syz.0.1187: lblock 2 mapped to illegal pblock 2 (length 1)
[   68.000670][   T19] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   68.022189][ T3108] EXT4-fs error (device loop0): ext4_map_blocks:635: inode #3: block 48: comm syz.0.1187: lblock 0 mapped to illegal pblock 48 (length 1)
[   68.027427][   T19] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   68.039639][ T3108] EXT4-fs error (device loop0): ext4_acquire_dquot:6789: comm syz.0.1187: Failed to acquire dquot type 0
[   68.054667][   T19] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   68.066299][ T3111] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1188'.
[   68.072069][   T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   68.082471][ T3108] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5916: Corrupt filesystem
[   68.090465][   T19] usb 2-1: config 0 descriptor??
[   68.098659][   T24] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000034: -71
[   68.114269][ T3111] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1188'.
[   68.114516][   T24] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_DATA
[   68.124534][ T3108] EXT4-fs error (device loop0): ext4_evict_inode:279: inode #11: comm syz.0.1187: mark_inode_dirty error
[   68.133797][   T24] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[   68.148098][ T3108] EXT4-fs warning (device loop0): ext4_evict_inode:282: couldn't mark inode dirty (err -117)
[   68.166070][ T3108] EXT4-fs (loop0): 1 orphan inode deleted
[   68.172265][ T3108] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   68.180896][   T24] smsc95xx: probe of 5-1:0.67 failed with error -71
[   68.187819][ T1379] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   68.191300][ T1799] udevd[1799]: failed to send result of seq 7576 to main daemon: Connection refused
[   68.210222][   T24] usb 5-1: USB disconnect, device number 11
[   68.222234][ T1379] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   68.232469][  T308] EXT4-fs error (device loop0): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:3: lblock 1 mapped to illegal pblock 1 (length 1)
[   68.247198][  T308] EXT4-fs error (device loop0): ext4_release_dquot:6825: comm kworker/u4:3: Failed to release dquot type 0
[   68.260453][ T1379] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   68.270084][ T1379] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[   68.271298][  T284] EXT4-fs (loop0): unmounting filesystem.
[   68.278517][ T1379] usb 3-1: Product: syz
[   68.284978][  T284] EXT4-fs error (device loop0): __ext4_get_inode_loc:4509: comm syz-executor: Invalid inode table block 1 in block_group 0
[   68.288448][ T1379] usb 3-1: Manufacturer: syz
[   68.301778][  T284] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5916: Corrupt filesystem
[   68.315756][  T284] EXT4-fs error (device loop0): ext4_quota_off:7095: inode #3: comm syz-executor: mark_inode_dirty error
[   68.316899][ T1379] hub 3-1:4.0: USB hub found
[   68.340757][ T3118] input: syz1 as /devices/virtual/input/input10
[   68.363074][ T3120] loop0: detected capacity change from 0 to 256
[   68.372523][ T3120] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[   68.435988][  T284] syz-executor (284) used greatest stack depth: 21248 bytes left
[   68.492017][  T632] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[   68.517291][ T1379] hub 3-1:4.0: config failed, hub has too many ports! (err -19)
[   68.536161][   T19] plantronics 0003:047F:FFFF.0013: No inputs registered, leaving
[   68.544862][   T19] plantronics 0003:047F:FFFF.0013: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[   68.642315][ T3125] loop4: detected capacity change from 0 to 128
[   68.652407][ T3125] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   68.661262][ T3125] ext4 filesystem being mounted at /203/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   68.675052][  T632] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30
[   68.691927][  T632] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[   68.707557][  T285] EXT4-fs (loop4): unmounting filesystem.
[   68.714301][  T632] usb 4-1: New USB device found, idVendor=056a, idProduct=00b0, bcdDevice= 0.00
[   68.733400][  T632] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   68.753484][  T632] usb 4-1: config 0 descriptor??
[   68.796323][ T3127] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.803793][ T3127] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.811501][ T3127] device bridge_slave_0 entered promiscuous mode
[   68.822025][ T3127] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.829110][ T3127] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.837225][ T3127] device bridge_slave_1 entered promiscuous mode
[   68.853046][ T1379] usb 2-1: USB disconnect, device number 12
[   68.861970][   T19] usb 3-1: USB disconnect, device number 6
[   68.953728][ T1621] device bridge_slave_1 left promiscuous mode
[   68.960006][ T1621] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.967723][ T1621] device bridge_slave_0 left promiscuous mode
[   68.974011][ T1621] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.982610][ T1621] device veth1_macvtap left promiscuous mode
[   68.988694][ T1621] device veth0_vlan left promiscuous mode
[   69.103916][ T3127] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.111036][ T3127] bridge0: port 2(bridge_slave_1) entered forwarding state
[   69.118477][ T3127] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.125561][ T3127] bridge0: port 1(bridge_slave_0) entered forwarding state
[   69.159940][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   69.173419][  T632] wacom 0003:056A:00B0.0014: unknown main item tag 0x0
[   69.180334][  T632] wacom 0003:056A:00B0.0014: unknown main item tag 0x0
[   69.189431][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.196947][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.204473][  T632] wacom 0003:056A:00B0.0014: Unknown device_type for 'HID 056a:00b0'. Assuming pen.
[   69.232775][  T632] wacom 0003:056A:00B0.0014: hidraw0: USB HID v0.00 Device [HID 056a:00b0] on usb-dummy_hcd.3-1/input0
[   69.251263][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   69.261023][  T632] input: Wacom Intuos3 4x5 Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:056A:00B0.0014/input/input11
[   69.273579][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.280633][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   69.290762][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   69.299675][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.306778][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   69.314718][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   69.334511][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   69.357536][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   69.376352][ T3127] device veth0_vlan entered promiscuous mode
[   69.389674][ T3154] loop2: detected capacity change from 0 to 256
[   69.389961][  T632] usb 4-1: USB disconnect, device number 9
[   69.403025][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   69.414279][ T3148] loop4: detected capacity change from 0 to 40427
[   69.422939][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   69.430646][ T3148] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   69.433202][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   69.439370][ T3148] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   69.456978][ T3148] F2FS-fs (loop4): invalid crc value
[   69.468191][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   69.480303][ T3148] F2FS-fs (loop4): Found nat_bits in checkpoint
[   69.488588][ T3127] device veth1_macvtap entered promiscuous mode
[   69.507201][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   69.536742][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   69.568066][ T3148] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   69.575249][ T3148] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   69.750265][ T3183] loop0: detected capacity change from 0 to 1024
[   69.782448][ T3183] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   69.805669][ T3127] EXT4-fs (loop0): unmounting filesystem.
[   69.876937][ T3202] device veth0 entered promiscuous mode
[   69.884898][ T3201] device veth0 left promiscuous mode
[   69.933004][ T3210] loop3: detected capacity change from 0 to 512
[   69.944517][ T3210] EXT4-fs (loop3): unsupported inode size: 22272
[   69.952143][ T3210] EXT4-fs (loop3): blocksize: 1024
[   69.971039][ T3220] loop0: detected capacity change from 0 to 256
[   69.987031][ T3220] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xfb920961, utbl_chksum : 0xe619d30d)
[   70.030406][ T3225] loop2: detected capacity change from 0 to 128
[   70.036561][ T3227] loop3: detected capacity change from 0 to 512
[   70.037099][ T3225] EXT4-fs: Ignoring removed nobh option
[   70.043531][ T3227] EXT4-fs: Ignoring removed i_version option
[   70.056228][ T3228] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1239'.
[   70.056232][ T3227] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   70.077364][ T3227] EXT4-fs (loop3): 1 truncate cleaned up
[   70.078158][ T3225] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   70.088463][ T3227] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   70.112082][ T3225] ext4 filesystem being mounted at /270/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   70.173519][  T282] EXT4-fs (loop2): unmounting filesystem.
[   70.186712][ T3197] loop1: detected capacity change from 0 to 40427
[   70.194338][ T3197] F2FS-fs (loop1): fault_injection options not supported
[   70.217119][ T3197] F2FS-fs (loop1): invalid crc value
[   70.251908][  T632] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[   70.340260][ T3197] F2FS-fs (loop1): Found nat_bits in checkpoint
[   70.417489][ T3249] loop0: detected capacity change from 0 to 1024
[   70.447648][ T3249] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   70.456643][  T632] usb 5-1: Using ep0 maxpacket: 16
[   70.463667][  T283] EXT4-fs (loop3): unmounting filesystem.
[   70.470609][  T632] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[   70.493860][ T3127] EXT4-fs (loop0): unmounting filesystem.
[   70.499865][  T632] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   70.511274][  T632] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[   70.521102][ T3197] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   70.521977][  T632] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   70.551891][  T632] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   70.559928][  T632] usb 5-1: Product: syz
[   70.566687][  T632] usb 5-1: Manufacturer: syz
[   70.571648][  T632] usb 5-1: SerialNumber: syz
[   70.572037][  T286] syz-executor: attempt to access beyond end of device
[   70.572037][  T286] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   70.674915][ T3257] loop3: detected capacity change from 0 to 40427
[   70.682709][ T3257] F2FS-fs (loop3): fault_injection options not supported
[   70.690588][ T3257] F2FS-fs (loop3): invalid crc value
[   70.697431][ T3257] F2FS-fs (loop3): Found nat_bits in checkpoint
[   70.746013][ T3257] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   70.762791][ T3257] syz.3.1249: attempt to access beyond end of device
[   70.762791][ T3257] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   70.785019][  T283] syz-executor: attempt to access beyond end of device
[   70.785019][  T283] loop3: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[   70.879336][   T28] kauditd_printk_skb: 22 callbacks suppressed
[   70.879355][   T28] audit: type=1326 audit(1749203107.146:5740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3276 comm="syz.1.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f687818e929 code=0x7ffc0000
[   70.912240][   T28] audit: type=1326 audit(1749203107.186:5741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3276 comm="syz.1.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f687818e929 code=0x7ffc0000
[   70.936068][   T28] audit: type=1326 audit(1749203107.186:5742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3276 comm="syz.1.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f687818e929 code=0x7ffc0000
[   70.961408][   T28] audit: type=1326 audit(1749203107.186:5743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3276 comm="syz.1.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f687818e929 code=0x7ffc0000
[   70.991100][   T28] audit: type=1326 audit(1749203107.186:5744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3276 comm="syz.1.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f687818e929 code=0x7ffc0000
[   71.014690][   T28] audit: type=1326 audit(1749203107.186:5745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3276 comm="syz.1.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f687818e929 code=0x7ffc0000
[   71.015609][  T632] usb 5-1: 0:2 : does not exist
[   71.038645][   T28] audit: type=1326 audit(1749203107.186:5746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3276 comm="syz.1.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f687818e929 code=0x7ffc0000
[   71.067297][   T28] audit: type=1326 audit(1749203107.186:5747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3276 comm="syz.1.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f687818e929 code=0x7ffc0000
[   71.090943][   T28] audit: type=1326 audit(1749203107.186:5748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3276 comm="syz.1.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f687818e929 code=0x7ffc0000
[   71.115713][   T28] audit: type=1326 audit(1749203107.226:5749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3276 comm="syz.1.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f687818e929 code=0x7ffc0000
[   71.511936][ T1379] usb 4-1: new full-speed USB device number 10 using dummy_hcd
[   71.618935][  T632] usb 5-1: USB disconnect, device number 12
[   71.703058][ T1379] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   71.714138][ T1379] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[   71.747498][ T1379] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 1024, setting to 64
[   71.758509][ T1379] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 512, setting to 64
[   71.770942][ T1379] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   71.780137][ T1379] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   71.788311][ T1379] usb 4-1: Product: syz
[   71.792575][ T1379] usb 4-1: Manufacturer: syz
[   71.797192][ T1379] usb 4-1: SerialNumber: syz
[   71.803103][ T3303] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[   71.813143][ T3331] loop2: detected capacity change from 0 to 256
[   71.813919][ T1379] cdc_mbim 4-1:1.0: skipping garbage
[   71.822869][ T3331] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[   71.957319][  T315] tipc: Disabling bearer <udp:syz2>
[   71.972768][  T315] tipc: Left network mode
[   72.014939][ T3303] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[   72.027749][ T3303] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[   72.133034][ T3353] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.140242][ T3353] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.148291][ T3353] device bridge_slave_0 entered promiscuous mode
[   72.158846][ T3353] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.166240][ T3353] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.174292][ T3353] device bridge_slave_1 entered promiscuous mode
[   72.254648][ T3353] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.261772][ T3353] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.269138][ T3353] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.276243][ T3353] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.304723][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   72.312684][ T1621] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.320242][ T1621] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.330022][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   72.338697][ T1621] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.345778][ T1621] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.355027][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   72.363559][ T1621] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.370647][ T1621] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.387621][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   72.397918][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   72.417113][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   72.430294][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   72.438920][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   72.446823][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   72.457824][ T3353] device veth0_vlan entered promiscuous mode
[   72.470095][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   72.479952][ T3353] device veth1_macvtap entered promiscuous mode
[   72.492154][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   72.503486][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   72.563245][  T315] device bridge_slave_1 left promiscuous mode
[   72.569413][  T315] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.577842][  T315] device bridge_slave_0 left promiscuous mode
[   72.584219][  T315] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.593349][  T315] device veth1_macvtap left promiscuous mode
[   72.599590][  T315] device veth0_vlan left promiscuous mode
[   72.649148][ T3303] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[   72.656566][ T3303] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[   72.664705][ T1379] cdc_mbim 4-1:1.0: setting tx_max = 40
[   72.670807][ T1379] cdc_mbim 4-1:1.0: cdc-wdm0: USB WDM device
[   72.764614][ T3380] loop5: detected capacity change from 0 to 256
[   72.773330][ T1379] cdc_mbim 4-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.3-1, CDC MBIM, 5a:8e:7c:12:10:e3
[   72.873097][ T1379] usb 4-1: USB disconnect, device number 10
[   72.879232][ T1379] cdc_mbim 4-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.3-1, CDC MBIM
[   73.071953][  T287] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   73.099825][ T3395] input: syz0 as /devices/virtual/input/input14
[   73.248062][ T3418] loop4: detected capacity change from 0 to 512
[   73.254932][ T3418] EXT4-fs: Ignoring removed nomblk_io_submit option
[   73.263005][  T287] usb 6-1: Using ep0 maxpacket: 16
[   73.269578][  T287] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   73.280642][ T3418] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   73.288737][ T3418] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c000e128, mo2=0002]
[   73.297443][ T3418] EXT4-fs (loop4): orphan cleanup on readonly fs
[   73.301902][  T287] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   73.304210][ T3418] EXT4-fs warning (device loop4): ext4_enable_quotas:7041: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   73.320270][  T287] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[   73.328512][ T3418] EXT4-fs (loop4): Cannot turn on quotas: error -22
[   73.346967][  T287] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[   73.357107][  T287] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[   73.361953][ T3418] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1318: bg 0: block 40: padding at end of block bitmap is not set
[   73.367101][  T287] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[   73.401977][  T287] usb 6-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[   73.420556][ T3418] EXT4-fs (loop4): Remounting filesystem read-only
[   73.425454][  T287] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   73.429663][ T3418] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6170: Corrupt filesystem
[   73.446081][ T3425] netlink: 'syz.0.1320': attribute type 4 has an invalid length.
[   73.454270][ T3418] EXT4-fs (loop4): Remounting filesystem read-only
[   73.457483][  T287] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   73.477378][ T3418] EXT4-fs (loop4): 1 truncate cleaned up
[   73.489864][  T287] usb 6-1: SerialNumber: syz
[   73.494634][ T3418] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   73.503158][ T3428] loop3: detected capacity change from 0 to 256
[   73.513233][  T287] cdc_acm 6-1:1.0: Control and data interfaces are not separated!
[   73.526766][  T287] cdc_acm: probe of 6-1:1.0 failed with error -12
[   73.534671][ T3418] EXT4-fs (loop4): shut down requested (0)
[   73.557129][  T285] EXT4-fs (loop4): unmounting filesystem.
[   73.577623][ T3434] loop3: detected capacity change from 0 to 2048
[   73.701330][ T3432] loop0: detected capacity change from 0 to 40427
[   73.709550][ T3432] F2FS-fs (loop0): invalid crc value
[   73.725775][ T3432] F2FS-fs (loop0): Found nat_bits in checkpoint
[   73.742227][   T39] usb 6-1: USB disconnect, device number 2
[   73.814028][ T3432] F2FS-fs (loop0): Start checkpoint disabled!
[   73.836045][ T3432] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[   73.944178][ T1621] kworker/u4:5: attempt to access beyond end of device
[   73.944178][ T1621] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[   74.350225][ T3455] loop0: detected capacity change from 0 to 40427
[   74.365462][ T3455] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   74.384686][ T3455] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   74.397708][ T3456] loop1: detected capacity change from 0 to 512
[   74.412247][ T3455] F2FS-fs (loop0): invalid crc value
[   74.466415][ T3455] F2FS-fs (loop0): Found nat_bits in checkpoint
[   74.570233][ T3455] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   74.581769][ T3455] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   74.594415][ T3456] EXT4-fs: Ignoring removed i_version option
[   74.612943][ T3456] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   74.676705][ T3449] loop3: detected capacity change from 0 to 131072
[   74.683576][ T3456] EXT4-fs (loop1): 1 truncate cleaned up
[   74.684775][ T3449] F2FS-fs (loop3): invalid crc value
[   74.695130][ T3456] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   74.705152][ T3449] F2FS-fs (loop3): Found nat_bits in checkpoint
[   74.742947][ T3449] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   75.022275][ T3483] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1343'.
[   75.185676][ T3506] loop0: detected capacity change from 0 to 256
[   75.202190][ T3506] exfat: Deprecated parameter 'utf8'
[   75.228015][ T3506] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[   75.273960][ T3516] syz.5.1358[3516] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   75.274052][ T3516] syz.5.1358[3516] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   75.387746][ T3533] loop3: detected capacity change from 0 to 512
[   75.413630][ T3533] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   75.421670][ T3512] loop4: detected capacity change from 0 to 40427
[   75.430373][ T3533] EXT4-fs (loop3): invalid journal inode
[   75.430519][ T3512] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   75.436452][ T3533] EXT4-fs (loop3): can't get journal size
[   75.445241][ T3512] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   75.459508][ T3512] F2FS-fs (loop4): invalid crc value
[   75.465193][ T3533] EXT4-fs (loop3): 1 truncate cleaned up
[   75.470861][ T3533] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   75.482643][ T3512] F2FS-fs (loop4): Found nat_bits in checkpoint
[   75.516787][  T283] EXT4-fs (loop3): unmounting filesystem.
[   75.543289][ T3512] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   75.550518][ T3512] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   75.603061][ T3512] syz.4.1356: attempt to access beyond end of device
[   75.603061][ T3512] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   75.710106][  T286] EXT4-fs (loop1): unmounting filesystem.
[   75.930444][ T3584] loop0: detected capacity change from 0 to 256
[   75.939720][ T3584] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d)
[   75.952283][ T3584] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186)
[   76.808471][ T3595] loop0: detected capacity change from 0 to 512
[   76.815051][   T19] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[   76.838435][ T3595] EXT4-fs: Ignoring removed i_version option
[   76.838782][ T3595] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   76.840680][ T3595] EXT4-fs (loop0): 1 truncate cleaned up
[   76.861336][ T3595] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   76.886817][ T3605] loop5: detected capacity change from 0 to 512
[   76.915503][ T3605] EXT4-fs (loop5): 1 orphan inode deleted
[   76.915533][ T3605] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   76.915691][ T3605] ext4 filesystem being mounted at /18/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.952034][  T315] __quota_error: 34 callbacks suppressed
[   76.952053][  T315] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   76.952095][  T315] EXT4-fs error (device loop5): ext4_release_dquot:6825: comm kworker/u4:4: Failed to release dquot type 1
[   76.996009][ T3353] EXT4-fs (loop5): unmounting filesystem.
[   77.012997][   T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   77.013044][   T19] usb 4-1: New USB device found, idVendor=145f, idProduct=0212, bcdDevice= 0.00
[   77.013071][   T19] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   77.013787][   T19] usb 4-1: config 0 descriptor??
[   77.288051][ T3127] EXT4-fs (loop0): unmounting filesystem.
[   77.304907][   T28] audit: type=1400 audit(1749203113.576:5783): avc:  denied  { mount } for  pid=3613 comm="syz.0.1398" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[   77.328422][   T28] audit: type=1400 audit(1749203113.596:5784): avc:  denied  { unmount } for  pid=3127 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[   77.445723][ T3598] loop1: detected capacity change from 0 to 40427
[   77.447436][ T3598] F2FS-fs (loop1): invalid crc value
[   77.464704][ T3598] F2FS-fs (loop1): Found nat_bits in checkpoint
[   77.488023][   T19] uclogic 0003:145F:0212.0015: interface is invalid, ignoring
[   77.509530][ T3598] F2FS-fs (loop1): Start checkpoint disabled!
[   77.510045][ T3598] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[   77.567503][ T3629] 9pnet_virtio: no channels available for device syz
[   77.592234][ T1621] kworker/u4:5: attempt to access beyond end of device
[   77.592234][ T1621] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[   77.700315][   T39] usb 4-1: USB disconnect, device number 11
[   77.793737][ T3631] loop0: detected capacity change from 0 to 40427
[   77.801594][ T3631] F2FS-fs (loop0): invalid crc value
[   77.809679][ T3631] F2FS-fs (loop0): Found nat_bits in checkpoint
[   77.813456][ T3647] loop1: detected capacity change from 0 to 512
[   77.855816][ T3631] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   77.862009][ T3647] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   77.883221][ T3647] ext4 filesystem being mounted at /277/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   77.921594][ T3127] syz-executor: attempt to access beyond end of device
[   77.921594][ T3127] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   77.961180][  T286] EXT4-fs (loop1): unmounting filesystem.
[   77.977687][ T3653] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   78.104340][ T3671] loop0: detected capacity change from 0 to 256
[   78.117806][ T3671] FAT-fs (loop0): Directory bread(block 64) failed
[   78.124599][ T3671] FAT-fs (loop0): Directory bread(block 65) failed
[   78.131219][ T3671] FAT-fs (loop0): Directory bread(block 66) failed
[   78.138171][ T3671] FAT-fs (loop0): Directory bread(block 67) failed
[   78.144888][ T3671] FAT-fs (loop0): Directory bread(block 68) failed
[   78.151506][ T3671] FAT-fs (loop0): Directory bread(block 69) failed
[   78.158214][ T3671] FAT-fs (loop0): Directory bread(block 70) failed
[   78.164854][ T3671] FAT-fs (loop0): Directory bread(block 71) failed
[   78.171485][ T3671] FAT-fs (loop0): Directory bread(block 72) failed
[   78.178169][ T3671] FAT-fs (loop0): Directory bread(block 73) failed
[   78.239538][ T3677] hub 9-0:1.0: USB hub found
[   78.244768][ T3677] hub 9-0:1.0: 1 port detected
[   78.249973][   T28] audit: type=1400 audit(1749203114.526:5785): avc:  denied  { append } for  pid=3678 comm="syz.5.1425" name="001" dev="devtmpfs" ino=164 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   78.338190][ T3692] loop0: detected capacity change from 0 to 512
[   78.361018][ T3692] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   78.370199][ T3692] ext4 filesystem being mounted at /76/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.403835][ T3127] EXT4-fs (loop0): unmounting filesystem.
[   78.502028][ T3680] loop5: detected capacity change from 0 to 40427
[   78.519364][ T3680] F2FS-fs (loop5): invalid crc value
[   78.527692][ T3680] F2FS-fs (loop5): Found nat_bits in checkpoint
[   78.551466][   T28] audit: type=1400 audit(1749203114.816:5786): avc:  denied  { shutdown } for  pid=3724 comm="syz.0.1445" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   78.572799][ T3680] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   78.874692][   T28] audit: type=1400 audit(1749203115.146:5787): avc:  denied  { setopt } for  pid=3777 comm="syz.4.1470" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   78.944537][   T28] audit: type=1400 audit(1749203115.206:5788): avc:  denied  { remount } for  pid=3781 comm="syz.4.1472" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[   79.065764][   T28] audit: type=1400 audit(1749203115.336:5789): avc:  denied  { create } for  pid=3794 comm="syz.0.1478" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   79.104980][ T3799] loop5: detected capacity change from 0 to 512
[   79.132940][   T28] audit: type=1400 audit(1749203115.356:5790): avc:  denied  { read write } for  pid=3353 comm="syz-executor" name="loop5" dev="devtmpfs" ino=123 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   79.159039][   T28] audit: type=1400 audit(1749203115.356:5791): avc:  denied  { open } for  pid=3353 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=123 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   79.188137][ T3799] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   79.197445][ T3799] ext4 filesystem being mounted at /32/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.263631][ T3353] EXT4-fs (loop5): unmounting filesystem.
[   79.286131][ T3782] loop3: detected capacity change from 0 to 40427
[   79.293302][ T3782] F2FS-fs (loop3): Wrong NAT boundary, start(2560) end(3584) blocks(83968)
[   79.302697][ T3782] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   79.312856][ T3782] F2FS-fs (loop3): Fix alignment : done, start(4096) end(16896) block(12288)
[   79.333794][ T3782] F2FS-fs (loop3): invalid crc value
[   79.356577][ T3782] F2FS-fs (loop3): Found nat_bits in checkpoint
[   79.486193][ T3782] F2FS-fs (loop3): Start checkpoint disabled!
[   79.512959][ T3782] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[   79.521925][ T3782] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[   79.648956][ T3835] loop5: detected capacity change from 0 to 40427
[   79.656559][ T3835] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[   79.664435][ T3835] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[   79.673768][ T3835] F2FS-fs (loop5): invalid crc value
[   79.681760][ T3835] F2FS-fs (loop5): Found nat_bits in checkpoint
[   79.723441][ T3835] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[   79.730712][ T3835] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   79.923469][ T3866] loop3: detected capacity change from 0 to 256
[   79.937797][ T3866] exfat: Deprecated parameter 'utf8'
[   79.951921][   T39] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[   79.964503][ T3866] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[   80.021400][ T3869] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1507'.
[   80.131875][   T39] usb 2-1: Using ep0 maxpacket: 8
[   80.138171][   T39] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[   80.150489][   T39] usb 2-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[   80.159878][   T39] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   80.167981][   T39] usb 2-1: Product: syz
[   80.172428][   T39] usb 2-1: Manufacturer: syz
[   80.177071][   T39] usb 2-1: SerialNumber: syz
[   80.183144][   T39] usb 2-1: config 0 descriptor??
[   80.396540][  T632] usb 2-1: USB disconnect, device number 13
[   80.541904][   T39] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   80.573130][ T3887] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1514'.
[   80.637154][ T3891] loop3: detected capacity change from 0 to 2048
[   80.653522][ T3891] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   80.672516][  T283] EXT4-fs (loop3): unmounting filesystem.
[   80.733694][   T39] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   80.745200][   T39] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[   80.754677][   T39] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.763693][   T39] usb 6-1: config 0 descriptor??
[   80.869941][ T3916] loop3: detected capacity change from 0 to 512
[   80.894341][ T3916] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   80.903450][ T3916] ext4 filesystem being mounted at /320/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.923819][ T3916] EXT4-fs error (device loop3): ext4_get_first_dir_block:3594: inode #12: comm syz.3.1527: directory missing '.'
[   80.929768][ T3920] loop1: detected capacity change from 0 to 2048
[   80.946324][  T283] EXT4-fs (loop3): unmounting filesystem.
[   80.954373][ T3920] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   80.965642][ T3924] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1529'.
[   80.977840][  T286] EXT4-fs (loop1): unmounting filesystem.
[   81.107796][ T3948] loop3: detected capacity change from 0 to 512
[   81.134767][ T3948] EXT4-fs (loop3): 1 orphan inode deleted
[   81.140600][ T3948] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   81.149857][ T3948] ext4 filesystem being mounted at /328/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.162798][ T1621] EXT4-fs error (device loop3): ext4_release_dquot:6825: comm kworker/u4:5: Failed to release dquot type 1
[   81.183979][   T39] usbhid 6-1:0.0: can't add hid device: -71
[   81.189973][   T39] usbhid: probe of 6-1:0.0 failed with error -71
[   81.211631][  T283] EXT4-fs (loop3): unmounting filesystem.
[   81.218813][   T39] usb 6-1: USB disconnect, device number 3
[   81.228265][ T3954] hub 9-0:1.0: USB hub found
[   81.233217][ T3954] hub 9-0:1.0: 1 port detected
[   81.387500][ T3957] loop3: detected capacity change from 0 to 40427
[   81.394771][ T3957] F2FS-fs (loop3): fault_injection options not supported
[   81.403683][ T3957] F2FS-fs (loop3): invalid crc value
[   81.410189][ T3957] F2FS-fs (loop3): Found nat_bits in checkpoint
[   81.457382][ T3957] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   81.512549][  T283] syz-executor: attempt to access beyond end of device
[   81.512549][  T283] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   81.650705][ T3980] loop1: detected capacity change from 0 to 40427
[   81.657867][ T3980] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[   81.665152][ T3980] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   81.674095][ T3980] F2FS-fs (loop1): fault_injection options not supported
[   81.681241][ T3980] F2FS-fs (loop1): fault_type options not supported
[   81.688726][ T3980] F2FS-fs (loop1): invalid crc value
[   81.696553][ T3980] F2FS-fs (loop1): Found nat_bits in checkpoint
[   81.736548][ T4009] SELinux:  policydb version 0 does not match my version range 15-33
[   81.745258][ T4009] SELinux: failed to load policy
[   81.759909][ T4011] loop5: detected capacity change from 0 to 256
[   81.771631][ T4011] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011d5f, chksum : 0x09863542, utbl_chksum : 0x000cd30d)
[   81.784992][ T3980] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   81.792570][ T3980] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   81.814715][ T4021] loop3: detected capacity change from 0 to 128
[   81.829285][ T4021] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   81.839146][  T286] syz-executor: attempt to access beyond end of device
[   81.839146][  T286] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   81.839358][ T4021] ext4 filesystem being mounted at /334/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.884517][  T283] EXT4-fs (loop3): unmounting filesystem.
[   81.932311][ T4034] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1577'.
[   81.972393][   T28] kauditd_printk_skb: 105 callbacks suppressed
[   81.972410][   T28] audit: type=1400 audit(2000000000.590:5896): avc:  denied  { create } for  pid=4041 comm="syz.1.1580" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   81.999780][   T28] audit: type=1400 audit(2000000000.590:5897): avc:  denied  { setopt } for  pid=4041 comm="syz.1.1580" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   82.043712][   T28] audit: type=1400 audit(2000000000.660:5898): avc:  denied  { mounton } for  pid=4051 comm="syz.3.1585" path="/342/file0" dev="tmpfs" ino=1813 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   82.044747][ T4052] 9pnet: p9_errstr2errno: server reported unknown error �@í΂Í(ááí«Qÿ0x0000000000000004
[   82.079649][ T4050] raw_sendmsg: syz.1.1584 forgot to set AF_INET. Fix it!
[   82.115863][   T28] audit: type=1400 audit(2000000000.730:5899): avc:  denied  { append } for  pid=4058 comm="syz.1.1588" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   82.226094][   T28] audit: type=1400 audit(2000000000.840:5900): avc:  denied  { getopt } for  pid=4067 comm="syz.3.1592" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   82.281212][   T28] audit: type=1400 audit(2000000000.890:5901): avc:  denied  { map } for  pid=4072 comm="syz.3.1594" path="/dev/kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   82.304602][   T28] audit: type=1400 audit(2000000000.890:5902): avc:  denied  { execute } for  pid=4072 comm="syz.3.1594" path="/dev/kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   82.382784][   T28] audit: type=1400 audit(2000000001.000:5903): avc:  denied  { create } for  pid=4075 comm="syz.4.1595" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[   82.387191][ T4078] loop3: detected capacity change from 0 to 512
[   82.412659][ T4078] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   82.428324][   T28] audit: type=1400 audit(2000000001.040:5904): avc:  denied  { connect } for  pid=4081 comm="syz.1.1597" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   82.452456][ T4082] loop1: detected capacity change from 0 to 512
[   82.460989][ T4078] EXT4-fs error (device loop3): ext4_quota_enable:6993: comm syz.3.1596: Bad quota inum: 29696, type: 1
[   82.470748][ T4082] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   82.474957][ T4089] syz.4.1600[4089] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   82.480809][ T4089] syz.4.1600[4089] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   82.481553][ T4078] EXT4-fs warning (device loop3): ext4_enable_quotas:7041: Failed to enable quota tracking (type=1, err=-117, ino=29696). Please run e2fsck to fix.
[   82.498883][ T4082] EXT4-fs (loop1): orphan cleanup on readonly fs
[   82.504563][ T4078] EXT4-fs (loop3): mount failed
[   82.519896][ T4082] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1597: bg 0: block 248: padding at end of block bitmap is not set
[   82.545803][ T4082] Quota error (device loop1): write_blk: dquota write failed
[   82.554360][ T4082] EXT4-fs error (device loop1): ext4_acquire_dquot:6789: comm syz.1.1597: Failed to acquire dquot type 1
[   82.566680][ T4082] EXT4-fs (loop1): 1 truncate cleaned up
[   82.572726][ T4082] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   82.586801][ T4082] syz.1.1597 (4082) used greatest stack depth: 20976 bytes left
[   82.597776][  T286] EXT4-fs (loop1): unmounting filesystem.
[   82.629915][ T4094] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1603'.
[   82.801312][ T4100] loop0: detected capacity change from 0 to 40427
[   82.810696][ T4100] F2FS-fs (loop0): fault_injection options not supported
[   82.821166][ T4100] F2FS-fs (loop0): invalid crc value
[   82.860463][ T4100] F2FS-fs (loop0): Found nat_bits in checkpoint
[   82.897351][ T4100] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   82.915867][ T3127] syz-executor: attempt to access beyond end of device
[   82.915867][ T3127] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   82.951899][   T19] usb 5-1: new full-speed USB device number 13 using dummy_hcd
[   83.012956][ T4116] loop5: detected capacity change from 0 to 512
[   83.013323][ T4116] EXT4-fs: Ignoring removed mblk_io_submit option
[   83.043332][ T4116] EXT4-fs error (device loop5): ext4_get_branch:178: inode #13: block 2: comm syz.5.1612: invalid block
[   83.062219][ T4116] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.1612: invalid indirect mapped block 10 (level 1)
[   83.083174][ T4116] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.1612: invalid indirect mapped block 8 (level 1)
[   83.083491][ T4116] EXT4-fs (loop5): 1 truncate cleaned up
[   83.083523][ T4116] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   83.088421][ T4115] loop1: detected capacity change from 0 to 8192
[   83.123922][ T3353] EXT4-fs (loop5): unmounting filesystem.
[   83.153072][   T19] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   83.166044][   T19] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   83.167189][   T19] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   83.186463][   T19] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[   83.186490][   T19] usb 5-1: Product: syz
[   83.186507][   T19] usb 5-1: Manufacturer: syz
[   83.190365][   T19] hub 5-1:4.0: USB hub found
[   83.392846][   T19] hub 5-1:4.0: config failed, hub has too many ports! (err -19)
[   83.576430][ T4151] usb usb8: usbfs: process 4151 (syz.3.1626) did not claim interface 0 before use
[   83.599112][ T4153] loop3: detected capacity change from 0 to 512
[   83.610682][ T4153] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.1627: casefold flag without casefold feature
[   83.623776][ T4153] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1627: couldn't read orphan inode 15 (err -117)
[   83.636283][ T4153] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   83.666595][ T4163] I/O error, dev loop11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   83.667132][  T283] EXT4-fs (loop3): unmounting filesystem.
[   83.676054][ T4163] F2FS-fs (loop11): Unable to read 1th superblock
[   83.688802][ T4163] I/O error, dev loop11, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   83.698365][ T4163] F2FS-fs (loop11): Unable to read 2th superblock
[   83.706937][ T4163] I/O error, dev loop11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   83.716350][ T4163] F2FS-fs (loop11): Unable to read 1th superblock
[   83.723026][  T287] usb 5-1: USB disconnect, device number 13
[   83.727766][ T4163] I/O error, dev loop11, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   83.740317][ T4163] F2FS-fs (loop11): Unable to read 2th superblock
[   83.988833][ T4196] loop3: detected capacity change from 0 to 1024
[   83.993396][ T4198] device batadv_slave_1 entered promiscuous mode
[   84.003866][ T4196] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   84.004030][ T4197] device batadv_slave_1 left promiscuous mode
[   84.031253][  T283] EXT4-fs (loop3): unmounting filesystem.
[   84.050390][ T4206] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1650'.
[   84.134622][ T4210] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4210 comm=syz.1.1651
[   84.153964][ T4212] loop4: detected capacity change from 0 to 1024
[   84.173799][ T4212] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   84.182832][ T4212] ext4 filesystem being mounted at /276/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   84.194175][ T4212] EXT4-fs (loop4): unmounting filesystem.
[   84.227087][ T4222] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   84.237606][ T4222] SELinux: failed to load policy
[   84.242662][   T39] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   84.270737][ T4226] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1658'.
[   84.279957][ T4226] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1658'.
[   84.289781][ T4226] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1658'.
[   84.316203][ T4233] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1661'.
[   84.422276][ T4245] loop4: detected capacity change from 0 to 1024
[   84.433722][ T4245] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   84.452719][   T39] usb 6-1: Using ep0 maxpacket: 16
[   84.461200][   T39] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[   84.471399][   T39] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   84.472559][  T285] EXT4-fs (loop4): unmounting filesystem.
[   84.481965][   T39] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[   84.498036][   T39] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   84.513705][   T39] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   84.521739][   T39] usb 6-1: Product: syz
[   84.525994][   T39] usb 6-1: Manufacturer: syz
[   84.530600][   T39] usb 6-1: SerialNumber: syz
[   84.666032][ T4262] loop3: detected capacity change from 0 to 1024
[   84.673059][ T4262] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   84.703812][ T4262] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   84.714574][ T4262] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #11: comm syz.3.1671: missing EA_INODE flag
[   84.726532][ T4262] EXT4-fs (loop3): Remounting filesystem read-only
[   84.733617][ T4262] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.1671: error while reading EA inode 11 err=-117
[   84.746600][ T4262] EXT4-fs (loop3): Remounting filesystem read-only
[   84.753271][ T4262] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #11: comm syz.3.1671: missing EA_INODE flag
[   84.765135][ T4262] EXT4-fs (loop3): Remounting filesystem read-only
[   84.771795][ T4262] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.1671: error while reading EA inode 11 err=-117
[   84.784611][ T4262] EXT4-fs (loop3): Remounting filesystem read-only
[   84.799482][  T283] EXT4-fs (loop3): unmounting filesystem.
[   84.926595][ T4266] loop3: detected capacity change from 0 to 40427
[   84.933871][ T4266] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[   84.940919][ T4266] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   84.949374][   T39] usb 6-1: 0:2 : does not exist
[   84.949713][ T4266] F2FS-fs (loop3): fault_injection options not supported
[   84.961581][ T4266] F2FS-fs (loop3): fault_type options not supported
[   84.969251][ T4266] F2FS-fs (loop3): invalid crc value
[   84.976255][ T4266] F2FS-fs (loop3): Found nat_bits in checkpoint
[   85.012333][ T4266] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[   85.019535][ T4266] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   85.057275][  T283] syz-executor: attempt to access beyond end of device
[   85.057275][  T283] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   85.187887][ T4281] netlink: '+}[@': attribute type 13 has an invalid length.
[   85.200879][ T4281] gretap0: refused to change device tx_queue_len
[   85.207652][ T4281] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   85.238577][ T4283] loop3: detected capacity change from 0 to 512
[   85.245327][ T4283] EXT4-fs: Ignoring removed nomblk_io_submit option
[   85.252959][ T4283] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   85.275600][ T4283] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #16: comm syz.3.1678: corrupted inode contents
[   85.277825][ T4289] loop1: detected capacity change from 0 to 512
[   85.288057][ T4283] EXT4-fs error (device loop3): ext4_dirty_inode:6120: inode #16: comm syz.3.1678: mark_inode_dirty error
[   85.294974][ T4289] EXT4-fs (loop1): Test dummy encryption mode enabled
[   85.305979][ T4283] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #16: comm syz.3.1678: corrupted inode contents
[   85.312597][ T4289] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   85.325317][ T4283] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #16: comm syz.3.1678: mark_inode_dirty error
[   85.336588][ T4289] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[   85.346967][ T4283] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #16: comm syz.3.1678: corrupted inode contents
[   85.355203][ T4289] System zones: 1-12
[   85.367560][ T4283] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[   85.380052][ T4289] EXT4-fs (loop1): 1 truncate cleaned up
[   85.380165][ T4283] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #16: comm syz.3.1678: corrupted inode contents
[   85.385776][ T4289] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   85.408232][ T4283] EXT4-fs error (device loop3): ext4_truncate:4314: inode #16: comm syz.3.1678: mark_inode_dirty error
[   85.422078][ T4283] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[   85.429884][ T4289] EXT4-fs (loop1): Online defrag not supported for encrypted files
[   85.440113][ T4283] EXT4-fs (loop3): 1 truncate cleaned up
[   85.445969][ T4283] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   85.455690][ T1621] EXT4-fs error (device loop3): ext4_release_dquot:6825: comm kworker/u4:5: Failed to release dquot type 1
[   85.467976][ T4283] ext4 filesystem being mounted at /380/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.497018][  T283] EXT4-fs (loop3): unmounting filesystem.
[   85.506858][  T286] EXT4-fs (loop1): unmounting filesystem.
[   85.574642][   T39] usb 6-1: USB disconnect, device number 4
[   85.603643][ T4294] loop4: detected capacity change from 0 to 40427
[   85.620164][ T4294] F2FS-fs (loop4): invalid crc value
[   85.626742][ T4294] F2FS-fs (loop4): Found nat_bits in checkpoint
[   85.655614][ T4294] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   85.700578][  T285] syz-executor: attempt to access beyond end of device
[   85.700578][  T285] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   85.891902][  T287] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[   85.936923][ T4341] loop4: detected capacity change from 0 to 512
[   85.953913][ T4341] ext4 filesystem being mounted at /293/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.097094][  T287] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   86.112889][  T287] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[   86.138281][  T287] usb 2-1: New USB device found, idVendor=12d1, idProduct=1c1f, bcdDevice=ef.18
[   86.166671][  T287] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.183631][  T287] usb 2-1: Product: syz
[   86.192062][  T287] usb 2-1: Manufacturer: syz
[   86.202010][  T287] usb 2-1: SerialNumber: syz
[   86.213617][  T287] usb 2-1: config 0 descriptor??
[   86.270216][ T4355] loop4: detected capacity change from 0 to 4096
[   86.277163][ T4355] EXT4-fs: Ignoring removed orlov option
[   86.284604][ T4355] EXT4-fs (loop4): Test dummy encryption mode enabled
[   86.297134][ T4355] EXT4-fs error (device loop4): ext4_get_first_dir_block:3603: inode #12: block 80: comm syz.4.1706: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   86.317615][ T4355] EXT4-fs (loop4): Remounting filesystem read-only
[   86.324443][ T4355] EXT4-fs error (device loop4): ext4_get_first_dir_block:3605: inode #12: comm syz.4.1706: directory missing '..'
[   86.336803][ T4355] EXT4-fs (loop4): Remounting filesystem read-only
[   86.387432][ T4361] bridge0: port 3(vlan2) entered blocking state
[   86.398114][ T4361] bridge0: port 3(vlan2) entered disabled state
[   86.411500][ T4361] device vlan2 entered promiscuous mode
[   86.423709][ T4361] device vlan1 entered promiscuous mode
[   86.436348][ T4361] bridge0: port 3(vlan2) entered blocking state
[   86.442863][ T4361] bridge0: port 3(vlan2) entered forwarding state
[   86.518442][ T4304] netlink: 43 bytes leftover after parsing attributes in process `syz.1.1686'.
[   86.536827][   T39] usb 2-1: USB disconnect, device number 14
[   86.837740][ T4408] loop0: detected capacity change from 0 to 128
[   86.896431][ T3127] FAT-fs (loop0): error, invalid access to FAT (entry 0x05000006)
[   86.907179][ T3127] FAT-fs (loop0): Filesystem has been set read-only
[   86.953589][ T4426] loop3: detected capacity change from 0 to 256
[   86.983666][ T4432] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1741'.
[   87.000403][ T4432] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1741'.
[   87.013126][ T4426] FAT-fs (loop3): Directory bread(block 64) failed
[   87.020839][ T4436] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1743'.
[   87.023319][ T4426] FAT-fs (loop3): Directory bread(block 65) failed
[   87.030103][   T28] kauditd_printk_skb: 116 callbacks suppressed
[   87.030119][   T28] audit: type=1400 audit(2000000005.630:6019): avc:  denied  { write } for  pid=4434 comm="syz.0.1743" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   87.043927][ T4426] FAT-fs (loop3): Directory bread(block 66) failed
[   87.063445][   T28] audit: type=1400 audit(2000000005.630:6020): avc:  denied  { nlmsg_write } for  pid=4434 comm="syz.0.1743" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   87.096584][ T4426] FAT-fs (loop3): Directory bread(block 67) failed
[   87.103845][ T4426] FAT-fs (loop3): Directory bread(block 68) failed
[   87.110400][ T4426] FAT-fs (loop3): Directory bread(block 69) failed
[   87.117421][ T4426] FAT-fs (loop3): Directory bread(block 70) failed
[   87.126269][ T4426] FAT-fs (loop3): Directory bread(block 71) failed
[   87.133156][ T4426] FAT-fs (loop3): Directory bread(block 72) failed
[   87.144451][ T4426] FAT-fs (loop3): Directory bread(block 73) failed
[   87.182602][   T28] audit: type=1400 audit(2000000005.800:6021): avc:  denied  { read } for  pid=4445 comm="syz.4.1748" name="usbmon0" dev="devtmpfs" ino=159 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   87.206690][   T28] audit: type=1400 audit(2000000005.820:6022): avc:  denied  { open } for  pid=4445 comm="syz.4.1748" path="/dev/usbmon0" dev="devtmpfs" ino=159 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   87.239588][   T28] audit: type=1400 audit(2000000005.840:6023): avc:  denied  { create } for  pid=4441 comm="syz.5.1746" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   87.261094][   T28] audit: type=1400 audit(2000000005.840:6024): avc:  denied  { connect } for  pid=4441 comm="syz.5.1746" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   87.281317][ T4450] loop5: detected capacity change from 0 to 1024
[   87.283470][   T28] audit: type=1400 audit(2000000005.840:6025): avc:  denied  { write } for  pid=4445 comm="syz.4.1748" name="usbmon0" dev="devtmpfs" ino=159 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   87.312685][ T4450] EXT4-fs: Ignoring removed i_version option
[   87.314657][   T28] audit: type=1400 audit(2000000005.840:6026): avc:  denied  { setopt } for  pid=4441 comm="syz.5.1746" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   87.345872][   T28] audit: type=1400 audit(2000000005.960:6027): avc:  denied  { mounton } for  pid=4449 comm="syz.5.1750" path="/79/bus/bus" dev="loop5" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   87.372690][   T28] audit: type=1400 audit(2000000005.990:6028): avc:  denied  { unmount } for  pid=3353 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[   87.434242][ T4466] FAT-fs (loop7): bogus number of reserved sectors
[   87.440898][ T4466] FAT-fs (loop7): Can't find a valid FAT filesystem
[   87.461982][   T39] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[   87.501951][   T19] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[   87.600174][ T4497] I/O error, dev loop11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   87.609717][ T4497] FAT-fs (loop11): unable to read boot sector
[   87.644765][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   87.656594][   T39] usb 2-1: New USB device found, idVendor=145f, idProduct=0212, bcdDevice= 0.00
[   87.668280][   T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   87.684164][   T39] usb 2-1: config 0 descriptor??
[   87.691905][   T19] usb 5-1: Using ep0 maxpacket: 8
[   87.710603][   T19] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[   87.720675][   T19] usb 5-1: config 179 has no interface number 0
[   87.730237][   T19] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[   87.771990][   T19] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[   87.792034][   T19] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[   87.834701][   T19] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[   87.876824][   T19] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[   87.891275][   T19] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[   87.910767][   T19] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   87.927641][ T4510] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1776'.
[   87.928162][ T4446] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[   87.956876][ T4516] loop5: detected capacity change from 0 to 512
[   87.994608][ T4516] EXT4-fs warning (device loop5): dx_probe:869: inode #2: comm syz.5.1778: Unimplemented hash flags: 0x0001
[   88.042081][ T4516] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.1778: Corrupt directory, running e2fsck is recommended
[   88.082887][ T4524] loop0: detected capacity change from 0 to 256
[   88.084522][ T4516] EXT4-fs error (device loop5): ext4_readdir:263: inode #2: block 3: comm syz.5.1778: path /91/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=4294967295, rec_len=7, size=1024 fake=0
[   88.113629][   T39] uclogic 0003:145F:0212.0016: interface is invalid, ignoring
[   88.189466][   T39] usb 5-1: USB disconnect, device number 14
[   88.189517][    C0] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[   88.204112][    C0] dummy_hcd dummy_hcd.4: timer fired with no URBs pending?
[   88.226108][ T4535] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1786'.
[   88.296996][ T4541] SELinux:  Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[   88.338732][  T287] usb 2-1: USB disconnect, device number 15
[   88.534930][ T4564] loop3: detected capacity change from 0 to 512
[   88.541620][ T4564] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   88.594637][ T4564] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1799'.
[   88.615221][ T4568] loop3: detected capacity change from 0 to 512
[   88.622241][ T4568] EXT4-fs (loop3): Test dummy encryption mode enabled
[   88.629030][ T4568] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   88.640233][ T4568] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[   88.648575][ T4568] System zones: 1-12
[   88.653744][ T4568] EXT4-fs (loop3): 1 truncate cleaned up
[   88.664526][ T4568] EXT4-fs (loop3): Online defrag not supported for encrypted files
[   88.874516][ T4585] loop5: detected capacity change from 0 to 256
[   88.881277][ T4585] FAT-fs (loop5): Unrecognized mount option "ÿÿ" or missing value
[   88.982655][ T4605] loop1: detected capacity change from 0 to 128
[   88.983796][ T4603] loop4: detected capacity change from 0 to 512
[   88.997159][ T4605] ext4 filesystem being mounted at /330/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   89.032768][ T4603] EXT4-fs (loop4): orphan cleanup on readonly fs
[   89.039292][ T4603] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[   89.048271][ T4603] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[   89.065095][ T4603] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #13: comm syz.4.1817: attempt to clear invalid blocks 2 len 1
[   89.081986][ T4603] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.1817: invalid indirect mapped block 1819239214 (level 0)
[   89.096501][ T4603] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.1817: invalid indirect mapped block 1819239214 (level 1)
[   89.112347][ T4603] EXT4-fs (loop4): 1 truncate cleaned up
[   89.125491][ T4603] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[   89.131871][   T19] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[   89.135299][ T4603] EXT4-fs error (device loop4): __ext4_remount:6598: comm syz.4.1817: Abort forced by user
[   89.153478][ T4603] EXT4-fs (loop4): Remounting filesystem read-only
[   89.160155][ T4603] EXT4-fs (loop4): re-mounted. Quota mode: writeback.
[   89.173070][ T4603] EXT4-fs error (device loop4): ext4_lookup:1855: inode #2: comm syz.4.1817: 'file1' linked to parent dir
[   89.198658][ T4621] input: syz1 as /devices/virtual/input/input15
[   89.231635][ T4629] loop4: detected capacity change from 0 to 512
[   89.242232][ T4629] EXT4-fs: Ignoring removed nomblk_io_submit option
[   89.249540][ T4629] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   89.275948][ T4636] loop1: detected capacity change from 0 to 2048
[   89.285847][ T4629] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #16: comm syz.4.1828: corrupted inode contents
[   89.298244][ T4629] EXT4-fs error (device loop4): ext4_dirty_inode:6120: inode #16: comm syz.4.1828: mark_inode_dirty error
[   89.311424][ T4636] ext4 filesystem being mounted at /333/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   89.311495][ T4629] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #16: comm syz.4.1828: corrupted inode contents
[   89.325269][ T4636] fs-verity (loop1, inode 13): Unknown hash algorithm number: 3
[   89.343281][   T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   89.350930][ T4629] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #16: comm syz.4.1828: mark_inode_dirty error
[   89.360109][   T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   89.372300][ T4629] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #16: comm syz.4.1828: corrupted inode contents
[   89.377275][   T19] usb 4-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[   89.388516][ T4629] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[   89.406909][   T19] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   89.407286][ T4629] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #16: comm syz.4.1828: corrupted inode contents
[   89.427281][   T19] usb 4-1: config 0 descriptor??
[   89.441077][ T4629] EXT4-fs error (device loop4): ext4_truncate:4314: inode #16: comm syz.4.1828: mark_inode_dirty error
[   89.453252][ T4629] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[   89.469295][ T4629] EXT4-fs (loop4): 1 truncate cleaned up
[   89.475591][ T4629] ext4 filesystem being mounted at /313/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.486438][  T315] EXT4-fs error (device loop4): ext4_release_dquot:6825: comm kworker/u4:4: Failed to release dquot type 1
[   89.557132][ T4649] loop4: detected capacity change from 0 to 2048
[   89.581323][ T4649] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[   89.584789][ T4645] loop5: detected capacity change from 0 to 40427
[   89.598016][ T4649] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 65793 with max blocks 1 with error 28
[   89.604172][ T4645] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[   89.615475][ T4649] EXT4-fs (loop4): This should not happen!! Data will be lost
[   89.615475][ T4649] 
[   89.624910][ T4645] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[   89.635022][ T4649] EXT4-fs (loop4): Total free blocks count 0
[   89.643326][ T4645] F2FS-fs (loop5): invalid crc value
[   89.652012][ T4649] EXT4-fs (loop4): Free/Dirty block details
[   89.658054][ T4649] EXT4-fs (loop4): free_blocks=4096
[   89.661398][ T4645] F2FS-fs (loop5): Found nat_bits in checkpoint
[   89.663652][ T4649] EXT4-fs (loop4): dirty_blocks=32
[   89.675469][ T4649] EXT4-fs (loop4): Block reservation details
[   89.681490][ T4649] EXT4-fs (loop4): i_reserved_data_blocks=2
[   89.709227][ T4645] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[   89.716530][ T4645] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   89.907704][ T4680] loop5: detected capacity change from 0 to 512
[   89.914630][ T4680] EXT4-fs: Ignoring removed nomblk_io_submit option
[   89.921719][ T4680] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   89.936464][ T4680] EXT4-fs error (device loop5): ext4_do_update_inode:5255: inode #16: comm syz.5.1848: corrupted inode contents
[   89.949105][ T4680] EXT4-fs error (device loop5): ext4_dirty_inode:6120: inode #16: comm syz.5.1848: mark_inode_dirty error
[   89.961110][ T4680] EXT4-fs error (device loop5): ext4_do_update_inode:5255: inode #16: comm syz.5.1848: corrupted inode contents
[   89.973625][ T4680] EXT4-fs error (device loop5): __ext4_ext_dirty:202: inode #16: comm syz.5.1848: mark_inode_dirty error
[   89.991939][ T4680] EXT4-fs error (device loop5): ext4_do_update_inode:5255: inode #16: comm syz.5.1848: corrupted inode contents
[   90.004398][ T4680] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[   90.013510][ T4680] EXT4-fs error (device loop5): ext4_do_update_inode:5255: inode #16: comm syz.5.1848: corrupted inode contents
[   90.026898][ T4680] EXT4-fs error (device loop5): ext4_truncate:4314: inode #16: comm syz.5.1848: mark_inode_dirty error
[   90.038718][ T4680] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[   90.048531][ T4680] EXT4-fs (loop5): 1 truncate cleaned up
[   90.054646][ T4680] ext4 filesystem being mounted at /109/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   90.055164][   T19] hid-led 0003:1D34:000A.0017: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.3-1/input0
[   90.103920][   T19] hid-led 0003:1D34:000A.0017: Dream Cheeky Webmail Notifier initialized
[   90.214910][ T4702] loop5: detected capacity change from 0 to 1024
[   90.227585][ T4702] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   90.262374][  T304] usb 4-1: USB disconnect, device number 12
[   90.289319][ T4702] EXT4-fs error (device loop5): ext4_expand_extra_isize_ea:2748: inode #12: comm syz.5.1857: corrupted in-inode xattr
[   90.325253][ T4702] EXT4-fs (loop5): Remounting filesystem read-only
[   90.515619][ T4712] loop1: detected capacity change from 0 to 256
[   90.543873][ T4719] x_tables: duplicate underflow at hook 4
[   90.577122][ T4723] loop1: detected capacity change from 0 to 512
[   90.593969][ T4723] ext4 filesystem being mounted at /347/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   90.614836][ T4723] EXT4-fs (loop1): re-mounted. Quota mode: writeback.
[   90.678121][ T4739] tipc: Started in network mode
[   90.683393][ T4739] tipc: Node identity -:, cluster identity 4711
[   90.689915][ T4739] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[   90.726599][ T4747] loop1: detected capacity change from 0 to 512
[   90.736144][ T4747] EXT4-fs (loop1): orphan cleanup on readonly fs
[   90.743192][ T4747] EXT4-fs error (device loop1): ext4_orphan_get:1426: comm syz.1.1876: bad orphan inode 13
[   90.754127][ T4747] ext4_test_bit(bit=12, block=18) = 1
[   90.759777][ T4747] is_bad_inode(inode)=0
[   90.764281][ T4747] NEXT_ORPHAN(inode)=2130706432
[   90.766758][ T4750] loop4: detected capacity change from 0 to 2048
[   90.769384][ T4747] max_ino=32
[   90.779274][ T4747] i_nlink=1
[   90.786527][ T4747] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[   90.804824][ T4747] EXT4-fs (loop1): re-mounted. Quota mode: writeback.
[   90.847878][ T4752] loop3: detected capacity change from 0 to 256
[   90.877198][ T4752] FAT-fs (loop3): Directory bread(block 64) failed
[   90.888165][ T4752] FAT-fs (loop3): Directory bread(block 65) failed
[   90.903438][ T4752] FAT-fs (loop3): Directory bread(block 66) failed
[   90.915481][ T4752] FAT-fs (loop3): Directory bread(block 67) failed
[   90.931169][ T4752] FAT-fs (loop3): Directory bread(block 68) failed
[   90.939488][ T4752] FAT-fs (loop3): Directory bread(block 69) failed
[   90.947331][ T4752] FAT-fs (loop3): Directory bread(block 70) failed
[   90.954180][ T4752] FAT-fs (loop3): Directory bread(block 71) failed
[   90.960901][ T4752] FAT-fs (loop3): Directory bread(block 72) failed
[   90.968709][ T4752] FAT-fs (loop3): Directory bread(block 73) failed
[   90.982609][ T4767] binder: 4766:4767 ioctl c0306201 2000000003c0 returned -14
[   91.027537][ T4773] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1886'.
[   91.057268][ T4775] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1887'.
[   91.134994][ T4783] I/O error, dev loop11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   91.144539][   T19] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   91.160852][ T4783] FAT-fs (loop11): unable to read boot sector
[   91.181966][   T19] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   91.221937][   T19] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   91.247071][ T4790] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1893'.
[   91.305529][ T4794] loop5: detected capacity change from 0 to 512
[   91.322369][   T19] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   91.332869][ T4794] EXT4-fs (loop5): orphan cleanup on readonly fs
[   91.345529][ T4794] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[   91.361974][   T19] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   91.371104][ T4794] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[   91.397804][ T4794] EXT4-fs error (device loop5): ext4_clear_blocks:883: inode #13: comm syz.5.1894: attempt to clear invalid blocks 2 len 1
[   91.414239][ T4794] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.1894: invalid indirect mapped block 1819239214 (level 0)
[   91.432999][ T4794] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.1894: invalid indirect mapped block 1819239214 (level 1)
[   91.447826][  T304] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   91.455795][ T4794] EXT4-fs (loop5): 1 truncate cleaned up
[   91.468179][ T4794] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[   91.477846][ T4794] EXT4-fs error (device loop5): __ext4_remount:6598: comm syz.5.1894: Abort forced by user
[   91.488446][ T4794] EXT4-fs (loop5): Remounting filesystem read-only
[   91.495164][ T4794] EXT4-fs (loop5): re-mounted. Quota mode: writeback.
[   91.504998][ T4794] EXT4-fs error (device loop5): ext4_lookup:1855: inode #2: comm syz.5.1894: 'file1' linked to parent dir
[   91.536202][  T304] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   91.572293][  T304] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   91.610432][ T4807] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1900'.
[   91.632105][  T304] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   91.662266][ T4755] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   91.691990][  T304] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   91.700493][ T4809] xt_hashlimit: size too large, truncated to 1048576
[   91.778538][ T4805] loop3: detected capacity change from 0 to 40427
[   91.785816][ T4805] F2FS-fs (loop3): fault_injection options not supported
[   91.793839][ T4805] F2FS-fs (loop3): invalid crc value
[   91.806747][ T4814] loop1: detected capacity change from 0 to 16
[   91.814219][ T4814] erofs: (device loop1): mounted with root inode @ nid 36.
[   91.826748][ T4805] F2FS-fs (loop3): Found nat_bits in checkpoint
[   91.833244][   T39] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   91.923067][ T4805] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   91.995692][  T283] syz-executor: attempt to access beyond end of device
[   91.995692][  T283] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   92.032522][   T39] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   92.052228][   T39] usb 6-1: New USB device found, idVendor=145f, idProduct=0212, bcdDevice= 0.00
[   92.071140][   T39] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   92.092358][   T39] usb 6-1: config 0 descriptor??
[   92.155401][ T4818] loop4: detected capacity change from 0 to 512
[   92.169905][ T4818] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   92.235225][ T4818] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1903'.
[   92.299226][ T4827] loop1: detected capacity change from 0 to 512
[   92.312551][   T28] kauditd_printk_skb: 1795 callbacks suppressed
[   92.312569][   T28] audit: type=1400 audit(2000000010.920:7823): avc:  denied  { read write } for  pid=4823 comm="syz.3.1904" name="ppp" dev="devtmpfs" ino=158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   92.348958][   T28] audit: type=1400 audit(2000000010.920:7824): avc:  denied  { open } for  pid=4823 comm="syz.3.1904" path="/dev/ppp" dev="devtmpfs" ino=158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   92.365581][ T4831] loop4: detected capacity change from 0 to 128
[   92.378926][   T28] audit: type=1400 audit(2000000010.920:7825): avc:  denied  { ioctl } for  pid=4823 comm="syz.3.1904" path="/dev/ppp" dev="devtmpfs" ino=158 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   92.404519][ T4834] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1911'.
[   92.409407][ T4827] EXT4-fs (loop1): orphan cleanup on readonly fs
[   92.432886][ T4827] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[   92.451211][ T4827] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[   92.466385][ T4827] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #13: comm syz.1.1908: attempt to clear invalid blocks 2 len 1
[   92.479838][ T4827] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.1908: invalid indirect mapped block 1819239214 (level 0)
[   92.496684][ T4827] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.1908: invalid indirect mapped block 1819239214 (level 1)
[   92.511266][ T4845] incfs: Options parsing error. -22
[   92.512900][   T39] uclogic 0003:145F:0212.0018: interface is invalid, ignoring
[   92.516787][ T4846] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1917'.
[   92.533960][ T4845] incfs: mount failed -22
[   92.539525][ T4827] EXT4-fs (loop1): 1 truncate cleaned up
[   92.577199][ T4827] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[   92.588001][ T4851] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1919'.
[   92.597247][ T4827] EXT4-fs error (device loop1): __ext4_remount:6598: comm syz.1.1908: Abort forced by user
[   92.608896][ T4851] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1919'.
[   92.640267][ T4827] EXT4-fs (loop1): Remounting filesystem read-only
[   92.648783][ T4827] EXT4-fs (loop1): re-mounted. Quota mode: writeback.
[   92.659795][ T4827] EXT4-fs error (device loop1): ext4_lookup:1855: inode #2: comm syz.1.1908: 'file1' linked to parent dir
[   92.673260][   T28] audit: type=1400 audit(2000000011.290:7826): avc:  denied  { create } for  pid=4859 comm="syz.4.1923" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   92.700842][   T28] audit: type=1400 audit(2000000011.310:7827): avc:  denied  { setopt } for  pid=4859 comm="syz.4.1923" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   92.729120][   T39] usb 6-1: USB disconnect, device number 5
[   92.739816][   T28] audit: type=1400 audit(2000000011.310:7828): avc:  denied  { ioctl } for  pid=4861 comm="syz.0.1924" path="socket:[36362]" dev="sockfs" ino=36362 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   92.767243][   T28] audit: type=1400 audit(2000000011.310:7829): avc:  denied  { connect } for  pid=4861 comm="syz.0.1924" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   92.787504][   T28] audit: type=1400 audit(2000000011.310:7830): avc:  denied  { write } for  pid=4861 comm="syz.0.1924" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   92.864582][ T4879] loop0: detected capacity change from 0 to 1024
[   92.872174][ T4879] EXT4-fs: Ignoring removed oldalloc option
[   93.028057][ T4908] loop3: detected capacity change from 0 to 128
[   93.070874][ T4916] loop4: detected capacity change from 0 to 1024
[   93.108736][ T4923] device ip6tnl1 entered promiscuous mode
[   93.133965][   T28] audit: type=1400 audit(2000000011.750:7831): avc:  denied  { read write } for  pid=4926 comm="syz.4.1952" name="uhid" dev="devtmpfs" ino=267 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   93.136508][  T304] hid-generic 0000:0000:0000.0019: unknown main item tag 0x0
[   93.158370][   T28] audit: type=1400 audit(2000000011.750:7832): avc:  denied  { open } for  pid=4926 comm="syz.4.1952" path="/dev/uhid" dev="devtmpfs" ino=267 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   93.190973][  T304] hid-generic 0000:0000:0000.0019: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   93.320236][ T4936] loop0: detected capacity change from 0 to 256
[   93.355376][ T4936] FAT-fs (loop0): Directory bread(block 64) failed
[   93.363896][ T4936] FAT-fs (loop0): Directory bread(block 65) failed
[   93.370769][ T4936] FAT-fs (loop0): Directory bread(block 66) failed
[   93.377727][ T4936] FAT-fs (loop0): Directory bread(block 67) failed
[   93.384586][ T4936] FAT-fs (loop0): Directory bread(block 68) failed
[   93.391206][ T4936] FAT-fs (loop0): Directory bread(block 69) failed
[   93.398197][ T4936] FAT-fs (loop0): Directory bread(block 70) failed
[   93.416081][ T4936] FAT-fs (loop0): Directory bread(block 71) failed
[   93.424613][ T4936] FAT-fs (loop0): Directory bread(block 72) failed
[   93.431260][ T4936] FAT-fs (loop0): Directory bread(block 73) failed
[   93.522366][ T4975] loop4: detected capacity change from 0 to 1024
[   93.534127][ T4975] ext4 filesystem being mounted at /356/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.668465][ T4993] loop4: detected capacity change from 0 to 256
[   93.683359][ T4993] FAT-fs (loop4): Directory bread(block 64) failed
[   93.689981][ T4993] FAT-fs (loop4): Directory bread(block 65) failed
[   93.696644][ T4993] FAT-fs (loop4): Directory bread(block 66) failed
[   93.703309][  T287] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[   93.703515][ T4993] FAT-fs (loop4): Directory bread(block 67) failed
[   93.717517][ T4993] FAT-fs (loop4): Directory bread(block 68) failed
[   93.724085][ T4993] FAT-fs (loop4): Directory bread(block 69) failed
[   93.730643][ T4993] FAT-fs (loop4): Directory bread(block 70) failed
[   93.737331][ T4993] FAT-fs (loop4): Directory bread(block 71) failed
[   93.743916][ T4993] FAT-fs (loop4): Directory bread(block 72) failed
[   93.750419][ T4993] FAT-fs (loop4): Directory bread(block 73) failed
[   93.783531][ T4995] loop3: detected capacity change from 0 to 128
[   93.792159][ T4995] ext4 filesystem being mounted at /447/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   93.881885][  T287] usb 6-1: Using ep0 maxpacket: 16
[   93.888411][  T287] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   93.902143][  T287] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   93.913258][  T287] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[   93.923376][  T287] usb 6-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0
[   93.932307][  T287] usb 6-1: Product: syz
[   93.936672][  T287] usb 6-1: Manufacturer: syz
[   93.942165][  T287] usb 6-1: config 0 descriptor??
[   94.089592][ T5017] loop1: detected capacity change from 0 to 40427
[   94.096933][ T5017] F2FS-fs (loop1): fault_injection options not supported
[   94.104746][ T5017] F2FS-fs (loop1): invalid crc value
[   94.111594][ T5017] F2FS-fs (loop1): Found nat_bits in checkpoint
[   94.154076][ T5017] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   94.199861][  T286] syz-executor: attempt to access beyond end of device
[   94.199861][  T286] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   94.231909][ T5023] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.239078][ T5023] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.247169][ T5023] device bridge_slave_0 entered promiscuous mode
[   94.254627][ T5023] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.262138][ T5023] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.269838][ T5023] device bridge_slave_1 entered promiscuous mode
[   94.350040][  T287] kovaplus 0003:1E7D:2D50.001A: hidraw0: USB HID v0.07 Device [syz syz] on usb-dummy_hcd.5-1/input0
[   94.366661][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   94.374803][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   94.392538][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   94.401474][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   94.410065][ T1621] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.417178][ T1621] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.426165][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   94.434705][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   94.443233][ T1621] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.450303][ T1621] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.468235][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   94.476240][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   94.484572][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   94.502772][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   94.512762][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   94.521076][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   94.528936][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   94.537338][ T5023] device veth0_vlan entered promiscuous mode
[   94.549070][  T287] kovaplus 0003:1E7D:2D50.001A: couldn't init struct kovaplus_device
[   94.553279][ T5023] device veth1_macvtap entered promiscuous mode
[   94.562952][  T287] kovaplus 0003:1E7D:2D50.001A: couldn't install mouse
[   94.570600][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   94.579310][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   94.587991][  T287] kovaplus: probe of 0003:1E7D:2D50.001A failed with error -71
[   94.590168][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   94.597288][  T287] usb 6-1: USB disconnect, device number 6
[   94.605501][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   94.618273][ T1621] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   94.726847][ T5037] loop1: detected capacity change from 0 to 512
[   94.735171][ T5037] EXT4-fs mount: 42 callbacks suppressed
[   94.735188][ T5037] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   94.752367][ T5037] EXT4-fs error (device loop1): ext4_inlinedir_to_tree:1432: inode #12: block 7: comm syz.1.1998: path /: bad entry in directory: rec_len is smaller than minimal - offset=21, inode=14, rec_len=1, size=60 fake=0
[   94.773264][ T5037] EXT4-fs (loop1): Remounting filesystem read-only
[   94.786648][  T286] EXT4-fs error (device loop1): ext4_lookup:1858: inode #11: comm syz-executor: iget: bad extended attribute block 11042816
[   94.799970][  T286] EXT4-fs (loop1): Remounting filesystem read-only
[   94.807125][  T286] EXT4-fs error (device loop1): ext4_lookup:1858: inode #11: comm syz-executor: iget: bad extended attribute block 11042816
[   94.820411][  T286] EXT4-fs (loop1): Remounting filesystem read-only
[   94.878775][ T5039] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.886344][ T5039] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.894129][  T428] EXT4-fs (loop1): unmounting filesystem.
[   94.894652][ T5039] device bridge_slave_0 entered promiscuous mode
[   94.907301][ T5039] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.914590][ T5039] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.922288][ T5039] device bridge_slave_1 entered promiscuous mode
[   94.998483][ T5039] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.005561][ T5039] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.012863][ T5039] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.019890][ T5039] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.044743][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   95.052756][  T315] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.060206][  T315] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.090830][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   95.099459][  T315] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.106560][  T315] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.114904][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   95.123320][ T5047] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2000'.
[   95.132986][ T5047] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2000'.
[   95.142474][  T315] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.149530][  T315] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.167530][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   95.175662][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   95.178911][ T5050] loop5: detected capacity change from 0 to 256
[   95.218571][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   95.240302][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   95.248451][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   95.256474][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   95.273882][ T5039] device veth0_vlan entered promiscuous mode
[   95.280490][ T5048] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.287641][ T5048] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.295231][ T5048] device bridge_slave_0 entered promiscuous mode
[   95.302577][ T5048] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.309689][ T5048] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.317534][ T5048] device bridge_slave_1 entered promiscuous mode
[   95.330589][    T8] device bridge_slave_1 left promiscuous mode
[   95.336940][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.345044][    T8] device bridge_slave_0 left promiscuous mode
[   95.351297][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.359493][    T8] device veth1_macvtap left promiscuous mode
[   95.365591][    T8] device veth0_vlan left promiscuous mode
[   95.451056][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   95.459420][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   95.478062][ T5039] device veth1_macvtap entered promiscuous mode
[   95.501226][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   95.509835][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   95.518290][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   95.537527][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   95.546017][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   95.555145][ T5062] loop5: detected capacity change from 0 to 2048
[   95.573436][ T5062] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   95.647205][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   95.655000][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   95.694318][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   95.703248][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   95.711591][  T315] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.718672][  T315] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.727320][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   95.736157][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   95.744870][  T315] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.751977][  T315] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.760072][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   95.780999][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   95.796133][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   95.822956][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   95.840432][ T5048] device veth0_vlan entered promiscuous mode
[   95.854196][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   95.862951][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   95.870539][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   95.897413][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   95.911975][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[   95.914222][ T5048] device veth1_macvtap entered promiscuous mode
[   95.921853][  T654] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   95.931594][ T5009] Bluetooth: hci0: Opcode 0x080f failed: -4
[   95.948003][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   95.971161][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   96.040350][ T5067] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.057690][ T5067] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.080943][ T5067] device bridge_slave_0 entered promiscuous mode
[   96.099540][ T5067] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.112782][ T5067] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.138345][ T5067] device bridge_slave_1 entered promiscuous mode
[   96.344189][ T5067] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.351283][ T5067] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.358632][ T5067] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.365792][ T5067] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.472552][ T1621] device bridge_slave_1 left promiscuous mode
[   96.478721][ T1621] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.522363][ T1621] device bridge_slave_0 left promiscuous mode
[   96.542297][ T1621] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.560749][ T5092] loop0: detected capacity change from 0 to 4096
[   96.570080][ T1621] device veth1_macvtap left promiscuous mode
[   96.580071][ T5092] EXT4-fs (loop0): Test dummy encryption mode enabled
[   96.590034][ T1621] device veth0_vlan left promiscuous mode
[   96.613416][ T5092] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   96.687941][ T5090] loop4: detected capacity change from 0 to 32768
[   96.726957][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.736769][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.766144][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   96.793053][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   96.842524][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   96.862448][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   96.891980][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.899077][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.916769][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   96.937026][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   96.954721][ T3127] EXT4-fs (loop0): unmounting filesystem.
[   96.961060][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.968152][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.006042][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   97.026607][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   97.044952][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   97.055053][ T3353] EXT4-fs (loop5): unmounting filesystem.
[   97.061233][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   97.081512][   T24] ==================================================================
[   97.089615][   T24] BUG: KASAN: use-after-free in enqueue_timer+0xae/0x480
[   97.096681][   T24] Write of size 8 at addr ffff88810d36ca00 by task kworker/1:0/24
[   97.104502][   T24] 
[   97.106851][   T24] CPU: 1 PID: 24 Comm: kworker/1:0 Not tainted 6.1.138-syzkaller-00056-g7af56ffc913d #0
[   97.116575][   T24] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   97.126629][   T24] Workqueue: ipv6_addrconf addrconf_dad_work
[   97.132632][   T24] Call Trace:
[   97.135931][   T24]  <TASK>
[   97.138858][   T24]  __dump_stack+0x21/0x24
[   97.143237][   T24]  dump_stack_lvl+0xee/0x150
[   97.147829][   T24]  ? __cfi_dump_stack_lvl+0x8/0x8
[   97.152870][   T24]  ? enqueue_timer+0xae/0x480
[   97.157557][   T24]  print_address_description+0x71/0x210
[   97.163110][   T24]  print_report+0x4a/0x60
[   97.167435][   T24]  kasan_report+0x122/0x150
[   97.171930][   T24]  ? enqueue_timer+0xae/0x480
[   97.176778][   T24]  __asan_report_store8_noabort+0x17/0x20
[   97.182519][   T24]  enqueue_timer+0xae/0x480
[   97.187018][   T24]  __mod_timer+0x79f/0xb30
[   97.191431][   T24]  add_timer+0x68/0x80
[   97.195489][   T24]  __queue_delayed_work+0x173/0x200
[   97.200681][   T24]  mod_delayed_work_on+0x74/0xe0
[   97.205709][   T24]  addrconf_mod_dad_work+0x7d/0x120
[   97.210920][   T24]  addrconf_dad_kick+0x272/0x370
[   97.215850][   T24]  ? __kasan_check_write+0x14/0x20
[   97.220984][   T24]  ? addrconf_dad_completed+0xe80/0xe80
[   97.226529][   T24]  addrconf_dad_work+0xe1f/0x14b0
[   97.231567][   T24]  ? __cfi_addrconf_dad_work+0x10/0x10
[   97.237036][   T24]  ? __kasan_check_write+0x14/0x20
[   97.242166][   T24]  ? pwq_dec_nr_in_flight+0x18c/0x3c0
[   97.247581][   T24]  process_one_work+0x71f/0xc40
[   97.252464][   T24]  worker_thread+0xa29/0x11f0
[   97.257160][   T24]  kthread+0x281/0x320
[   97.261221][   T24]  ? __cfi_worker_thread+0x10/0x10
[   97.266323][   T24]  ? __cfi_kthread+0x10/0x10
[   97.270901][   T24]  ret_from_fork+0x1f/0x30
[   97.275316][   T24]  </TASK>
[   97.278326][   T24] 
[   97.280646][   T24] Allocated by task 5009:
[   97.284956][   T24]  kasan_set_track+0x4b/0x70
[   97.289542][   T24]  kasan_save_alloc_info+0x25/0x30
[   97.294738][   T24]  __kasan_kmalloc+0x95/0xb0
[   97.299317][   T24]  __kmalloc+0xb1/0x1e0
[   97.303485][   T24]  hci_alloc_dev_priv+0x27/0x1bd0
[   97.308497][   T24]  hci_uart_tty_ioctl+0x3d6/0xa20
[   97.313628][   T24]  tty_ioctl+0x8ef/0xc60
[   97.317870][   T24]  __se_sys_ioctl+0x12f/0x1b0
[   97.322543][   T24]  __x64_sys_ioctl+0x7b/0x90
[   97.327127][   T24]  x64_sys_call+0x58b/0x9a0
[   97.331638][   T24]  do_syscall_64+0x4c/0xa0
[   97.336047][   T24]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   97.341939][   T24] 
[   97.344248][   T24] Freed by task 5009:
[   97.348211][   T24]  kasan_set_track+0x4b/0x70
[   97.352789][   T24]  kasan_save_free_info+0x31/0x50
[   97.357807][   T24]  ____kasan_slab_free+0x132/0x180
[   97.362911][   T24]  __kasan_slab_free+0x11/0x20
[   97.367685][   T24]  slab_free_freelist_hook+0xc2/0x190
[   97.373050][   T24]  __kmem_cache_free+0xb7/0x1b0
[   97.377888][   T24]  kfree+0x6f/0xf0
[   97.381600][   T24]  hci_release_dev+0x13ad/0x1500
[   97.386529][   T24]  bt_host_release+0x82/0x90
[   97.391106][   T24]  device_release+0xa4/0x1d0
[   97.395703][   T24]  kobject_put+0x19d/0x280
[   97.400104][   T24]  put_device+0x1f/0x30
[   97.404247][   T24]  hci_dev_cmd+0x265/0x720
[   97.408652][   T24]  hci_sock_ioctl+0x41e/0x7f0
[   97.413317][   T24]  sock_do_ioctl+0x101/0x310
[   97.417897][   T24]  sock_ioctl+0x4d8/0x6e0
[   97.422212][   T24]  __se_sys_ioctl+0x12f/0x1b0
[   97.426883][   T24]  __x64_sys_ioctl+0x7b/0x90
[   97.431551][   T24]  x64_sys_call+0x58b/0x9a0
[   97.436044][   T24]  do_syscall_64+0x4c/0xa0
[   97.440450][   T24]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   97.446337][   T24] 
[   97.448653][   T24] Last potentially related work creation:
[   97.454348][   T24]  kasan_save_stack+0x3a/0x60
[   97.459020][   T24]  __kasan_record_aux_stack+0xb6/0xc0
[   97.464385][   T24]  kasan_record_aux_stack_noalloc+0xb/0x10
[   97.470187][   T24]  insert_work+0x51/0x300
[   97.474525][   T24]  __queue_work+0x9b1/0xd30
[   97.479027][   T24]  queue_work_on+0xd2/0x140
[   97.483551][   T24]  __hci_cmd_sync_sk+0xa3e/0xcf0
[   97.488523][   T24]  hci_cmd_sync_status+0x53/0x120
[   97.493549][   T24]  hci_dev_cmd+0x628/0x720
[   97.497965][   T24]  hci_sock_ioctl+0x41e/0x7f0
[   97.502641][   T24]  sock_do_ioctl+0x101/0x310
[   97.507221][   T24]  sock_ioctl+0x4d8/0x6e0
[   97.511539][   T24]  __se_sys_ioctl+0x12f/0x1b0
[   97.516240][   T24]  __x64_sys_ioctl+0x7b/0x90
[   97.520850][   T24]  x64_sys_call+0x58b/0x9a0
[   97.525396][   T24]  do_syscall_64+0x4c/0xa0
[   97.529825][   T24]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   97.535724][   T24] 
[   97.538125][   T24] Second to last potentially related work creation:
[   97.544693][   T24]  kasan_save_stack+0x3a/0x60
[   97.549362][   T24]  __kasan_record_aux_stack+0xb6/0xc0
[   97.554732][   T24]  kasan_record_aux_stack_noalloc+0xb/0x10
[   97.560557][   T24]  insert_work+0x51/0x300
[   97.564914][   T24]  __queue_work+0x9b1/0xd30
[   97.569423][   T24]  queue_work_on+0xd2/0x140
[   97.573931][   T24]  hci_cmd_timeout+0x191/0x200
[   97.578694][   T24]  process_one_work+0x71f/0xc40
[   97.583542][   T24]  worker_thread+0xa29/0x11f0
[   97.588202][   T24]  kthread+0x281/0x320
[   97.592256][   T24]  ret_from_fork+0x1f/0x30
[   97.596662][   T24] 
[   97.598977][   T24] The buggy address belongs to the object at ffff88810d36c000
[   97.598977][   T24]  which belongs to the cache kmalloc-8k of size 8192
[   97.613109][   T24] The buggy address is located 2560 bytes inside of
[   97.613109][   T24]  8192-byte region [ffff88810d36c000, ffff88810d36e000)
[   97.626556][   T24] 
[   97.628889][   T24] The buggy address belongs to the physical page:
[   97.635301][   T24] page:ffffea000434da00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10d368
[   97.645524][   T24] head:ffffea000434da00 order:3 compound_mapcount:0 compound_pincount:0
[   97.653844][   T24] flags: 0x4000000000010200(slab|head|zone=1)
[   97.659943][   T24] raw: 4000000000010200 ffffea0004548800 dead000000000005 ffff888100043500
[   97.668593][   T24] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000
[   97.677165][   T24] page dumped because: kasan: bad access detected
[   97.683709][   T24] page_owner tracks the page as allocated
[   97.689418][   T24] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 844, tgid 843 (syz.2.227), ts 35082411451, free_ts 35067224210
[   97.711818][   T24]  post_alloc_hook+0x1f5/0x210
[   97.716602][   T24]  prep_new_page+0x1c/0x110
[   97.721271][   T24]  get_page_from_freelist+0x2c6e/0x2ce0
[   97.726898][   T24]  __alloc_pages+0x19e/0x3a0
[   97.731599][   T24]  alloc_slab_page+0x6e/0xf0
[   97.736195][   T24]  new_slab+0x98/0x3d0
[   97.740254][   T24]  ___slab_alloc+0x6f6/0xb50
[   97.744828][   T24]  __slab_alloc+0x5e/0xa0
[   97.749151][   T24]  __kmem_cache_alloc_node+0x203/0x2c0
[   97.754598][   T24]  kmalloc_trace+0x29/0xb0
[   97.759014][   T24]  audit_log_d_path+0xc6/0x240
[   97.763816][   T24]  audit_log_d_path_exe+0x42/0x70
[   97.768955][   T24]  audit_log_task+0x205/0x2e0
[   97.773651][   T24]  audit_seccomp+0x7f/0x160
[   97.778156][   T24]  __seccomp_filter+0xacd/0x19d0
[   97.783095][   T24]  __secure_computing+0xea/0x290
[   97.788036][   T24] page last free stack trace:
[   97.792696][   T24]  free_unref_page_prepare+0x742/0x750
[   97.798156][   T24]  free_unref_page+0x8f/0x530
[   97.802935][   T24]  __free_pages+0x67/0x100
[   97.807441][   T24]  __free_slab+0xca/0x1a0
[   97.811850][   T24]  __unfreeze_partials+0x160/0x190
[   97.816964][   T24]  put_cpu_partial+0xa9/0x100
[   97.821644][   T24]  __slab_free+0x1c4/0x280
[   97.826158][   T24]  ___cache_free+0xbf/0xd0
[   97.830575][   T24]  qlist_free_all+0xc6/0x140
[   97.835170][   T24]  kasan_quarantine_reduce+0x14a/0x170
[   97.840634][   T24]  __kasan_slab_alloc+0x24/0x80
[   97.845478][   T24]  slab_post_alloc_hook+0x4f/0x2d0
[   97.850624][   T24]  kmem_cache_alloc+0x16e/0x330
[   97.855484][   T24]  mas_alloc_nodes+0x2d8/0x850
[   97.860350][   T24]  mas_preallocate+0xdcf/0x1390
[   97.865202][   T24]  vma_expand+0x3b7/0xa10
[   97.869535][   T24] 
[   97.871849][   T24] Memory state around the buggy address:
[   97.877472][   T24]  ffff88810d36c900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   97.885536][   T24]  ffff88810d36c980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   97.893596][   T24] >ffff88810d36ca00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   97.901650][   T24]                    ^
SYZFAIL: failed to send rpc
fd=3 want=56 sent=0 n=-1 (errno 32: Broken pipe)
[   97.905769][   T24]  ffff88810d36ca80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   97.913819][   T24]  ffff88810d36cb00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   97.921878][   T24] ==================================================================
[   97.930028][   T24] Disabling lock debugging due to kernel taint
[   97.947543][   T28] kauditd_printk_skb: 16 callbacks suppressed
[   97.947561][   T28] audit: type=1400 audit(2000000016.560:7849): avc:  denied  { write } for  pid=274 comm="syz-executor" path="pipe:[15416]" dev="pipefs" ino=15416 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[   97.981912][    C1] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[   97.993785][    C1] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[   98.002328][    C1] CPU: 1 PID: 5066 Comm: syz-executor Tainted: G    B              6.1.138-syzkaller-00056-g7af56ffc913d #0
[   98.013931][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   98.024022][    C1] RIP: 0010:__queue_work+0x575/0xd30
[   98.029372][    C1] Code: 39 2b 0f 84 b9 00 00 00 e8 f8 d2 28 00 4c 89 ff e8 70 c6 a8 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 dc 29 6d 00 49 8b 7d 00 e8 53 c2
[   98.049279][    C1] RSP: 0018:ffffc900001b0c70 EFLAGS: 00010046
[   98.055356][    C1] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff888137f33cc0
[   98.063326][    C1] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[   98.071293][    C1] RBP: ffffc900001b0d08 R08: fffffffffffffffb R09: 0000000000000007
[   98.079348][    C1] R10: ffffed1021a6d939 R11: 1ffff11021a6d939 R12: dffffc0000000000
[   98.087326][    C1] R13: 0000000000000000 R14: ffff88810d36c9c8 R15: 0000000000000008
[   98.095294][    C1] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   98.104252][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   98.110830][    C1] CR2: 00007f9f1c4e56c0 CR3: 0000000006e0f000 CR4: 00000000003506a0
[   98.118800][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   98.126767][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   98.134732][    C1] Call Trace:
[   98.138030][    C1]  <IRQ>
[   98.140874][    C1]  delayed_work_timer_fn+0x61/0x80
[   98.146077][    C1]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[   98.151884][    C1]  call_timer_fn+0x46/0x2a0
[   98.156388][    C1]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[   98.162201][    C1]  __run_timers+0x667/0x9a0
[   98.166710][    C1]  ? calc_index+0x200/0x200
[   98.171218][    C1]  ? kvm_sched_clock_read+0x18/0x40
[   98.176420][    C1]  run_timer_softirq+0x6a/0xf0
[   98.181197][    C1]  handle_softirqs+0x1d7/0x600
[   98.185962][    C1]  __irq_exit_rcu+0x52/0xf0
[   98.190467][    C1]  irq_exit_rcu+0x9/0x10
[   98.194703][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[   98.200331][    C1]  </IRQ>
[   98.203255][    C1]  <TASK>
[   98.206180][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[   98.212155][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x30/0x60
[   98.218490][    C1] Code: 45 08 65 48 8b 0d a0 7c 92 7e 65 8b 15 a1 7c 92 7e 81 e2 00 01 ff 00 74 11 81 fa 00 01 00 00 75 35 83 b9 6c 0b 00 00 00 74 2c <8b> 91 48 0b 00 00 83 fa 02 75 21 48 8b 91 50 0b 00 00 48 8b 32 48
[   98.238094][    C1] RSP: 0018:ffffc9000075f5f0 EFLAGS: 00000246
[   98.244274][    C1] RAX: ffffffff819e0862 RBX: ffffea0004bcbd00 RCX: ffff888137f33cc0
[   98.252267][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   98.260240][    C1] RBP: ffffc9000075f5f0 R08: dffffc0000000000 R09: fffff940009797af
[   98.268210][    C1] R10: fffff940009797af R11: 1ffffd40009797ae R12: dffffc0000000000
[   98.276179][    C1] R13: 0000000000000000 R14: ffffea0004bcbd00 R15: 0000000000000000
[   98.284151][    C1]  ? release_pages+0x1d2/0xb20
[   98.288957][    C1]  release_pages+0x1d2/0xb20
[   98.293582][    C1]  ? __cfi_release_pages+0x10/0x10
[   98.298696][    C1]  ? __cfi_lru_add_drain_cpu+0x10/0x10
[   98.304186][    C1]  ? __kasan_check_read+0x11/0x20
[   98.309214][    C1]  free_pages_and_swap_cache+0x86/0xa0
[   98.314674][    C1]  tlb_finish_mmu+0x1aa/0x370
[   98.319376][    C1]  exit_mmap+0x3c7/0xa40
[   98.323620][    C1]  ? __cfi_exit_mmap+0x10/0x10
[   98.328392][    C1]  ? __cfi_exit_aio+0x10/0x10
[   98.333072][    C1]  ? uprobe_clear_state+0x2c1/0x320
[   98.338268][    C1]  __mmput+0x93/0x320
[   98.342250][    C1]  ? mmput+0x43/0x150
[   98.346344][    C1]  mmput+0x4b/0x150
[   98.350152][    C1]  do_exit+0x979/0x2650
[   98.354316][    C1]  ? __switch_to_asm+0x3a/0x60
[   98.359082][    C1]  ? __cfi_do_exit+0x10/0x10
[   98.363672][    C1]  ? __schedule+0xb8f/0x14e0
[   98.368276][    C1]  ? __kasan_check_write+0x14/0x20
[   98.373390][    C1]  ? _raw_spin_lock_irqsave+0xb0/0x110
[   98.378850][    C1]  ? __cfi__raw_spin_lock_irqsave+0x10/0x10
[   98.384742][    C1]  ? __kasan_check_write+0x14/0x20
[   98.389858][    C1]  ? _raw_spin_lock_irq+0x8f/0xe0
[   98.394921][    C1]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[   98.400470][    C1]  do_group_exit+0x210/0x2d0
[   98.405072][    C1]  ? __kasan_check_write+0x14/0x20
[   98.410189][    C1]  get_signal+0x13b5/0x1520
[   98.414702][    C1]  ? put_pid+0xc5/0x120
[   98.418910][    C1]  arch_do_signal_or_restart+0xb0/0x1030
[   98.424545][    C1]  ? __cfi_child_wait_callback+0x10/0x10
[   98.430205][    C1]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[   98.436360][    C1]  ? __cfi___x64_sys_wait4+0x10/0x10
[   98.441651][    C1]  ? do_user_addr_fault+0x9ac/0x1050
[   98.446944][    C1]  exit_to_user_mode_loop+0x7a/0xb0
[   98.452159][    C1]  exit_to_user_mode_prepare+0x5a/0xa0
[   98.457614][    C1]  syscall_exit_to_user_mode+0x1a/0x30
[   98.463085][    C1]  do_syscall_64+0x58/0xa0
[   98.467501][    C1]  ? clear_bhb_loop+0x15/0x70
[   98.472173][    C1]  ? clear_bhb_loop+0x15/0x70
[   98.476845][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   98.482746][    C1] RIP: 0033:0x7fcdb0b84b53
[   98.487159][    C1] Code: Unable to access opcode bytes at 0x7fcdb0b84b29.
[   98.494253][    C1] RSP: 002b:00007ffc50188a58 EFLAGS: 00000202 ORIG_RAX: 000000000000003d
[   98.502679][    C1] RAX: fffffffffffffe00 RBX: 00000000000013cb RCX: 00007fcdb0b84b53
[   98.510759][    C1] RDX: 0000000040000000 RSI: 00007ffc50188a6c RDI: 00000000ffffffff
[   98.518726][    C1] RBP: 00007ffc50188a6c R08: 0000000000000000 R09: 0000000000000000
[   98.526691][    C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000008
[   98.535438][    C1] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[   98.543498][    C1]  </TASK>
[   98.546553][    C1] Modules linked in:
[   98.550450][    C1] ---[ end trace 0000000000000000 ]---
[   98.555933][    C1] RIP: 0010:__queue_work+0x575/0xd30
[   98.561238][    C1] Code: 39 2b 0f 84 b9 00 00 00 e8 f8 d2 28 00 4c 89 ff e8 70 c6 a8 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 dc 29 6d 00 49 8b 7d 00 e8 53 c2
[   98.580965][    C1] RSP: 0018:ffffc900001b0c70 EFLAGS: 00010046
[   98.587045][    C1] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff888137f33cc0
[   98.595015][    C1] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[   98.602983][    C1] RBP: ffffc900001b0d08 R08: fffffffffffffffb R09: 0000000000000007
[   98.610974][    C1] R10: ffffed1021a6d939 R11: 1ffff11021a6d939 R12: dffffc0000000000
[   98.618959][    C1] R13: 0000000000000000 R14: ffff88810d36c9c8 R15: 0000000000000008
[   98.626929][    C1] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   98.635858][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   98.642440][    C1] CR2: 00007f9f1c4e56c0 CR3: 0000000006e0f000 CR4: 00000000003506a0
[   98.650420][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   98.658474][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   98.666449][    C1] Kernel panic - not syncing: Fatal exception in interrupt
[   98.673917][    C1] Kernel Offset: disabled
[   98.678234][    C1] Rebooting in 86400 seconds..