last executing test programs:

15.102041215s ago: executing program 1 (id=3962):
socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a80)={0x7c, r3, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PEERS={0x30, 0x8, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}]}, {0x4}]}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @b}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4004840}, 0x4010)

14.733356507s ago: executing program 1 (id=3963):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x7, 0x2002)
ioctl$EVIOCGRAB(r1, 0x40044590, &(0x7f0000000100)=0x924)
r2 = openat$cgroup_type(r0, &(0x7f0000000300), 0x2, 0x0)
write$cgroup_type(r2, &(0x7f0000000280), 0x9)
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x9, 0x5)

14.021792711s ago: executing program 1 (id=3964):
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000100085000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_INIT(r2, &(0x7f00000001c0)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x4, 0x800000, 0x4, 0x400, 0x5, 0x1, 0x0, 0x0, 0x1, 0x74}}, 0x50)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f0000000340)={0x30, 0x5, 0x0, {0x0, 0x1, 0xf}}, 0x30)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xeb38e000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
syz_clone3(&(0x7f00000006c0)={0x50048800, 0x0, 0x0, 0x0, {}, &(0x7f0000000380)=""/173, 0xad, 0x0, &(0x7f0000000040)=[0xffffffffffffffff, r3], 0x2}, 0x58)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
syz_open_dev$tty20(0xc, 0x4, 0x1)
open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x9)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x2100, 0x100)

13.595515775s ago: executing program 1 (id=3969):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$incfs(&(0x7f0000000340)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x54)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x2000004c, &(0x7f0000000380)=ANY=[], 0xfe, 0x152b, &(0x7f0000003e00)="$eJzs3AuYjtX6MPB1r7Uehia9TXIY1r3uhzcNlkmSHJLkkCRJkuSUJGmSJCEx5JQ0JCHHSZPDEJJTY9I4nw85J022NEkSklNY38Wubfe1/+39/3bf3//ac/+ua12z7vd57/Xez9xzzbue571mvus2vE6zujWbEJH4t8BfvyQLIWKEEIOFENcIIQIhRMW4inEXj+dTkPzvvQj7cz2UfqUrYFcS9z934/7nbtz/3I37n7tx/3M37n/uxv3P3bj/jOVmW2YUvZZH7h18/z834/f//yA55SZ8ta7c9d3/Gync/9yN+5+7cf9zkeD3D3H/czfuf+7G/f/Pd+cfHOP+/4eK+deexv1nLDf7273gc977/wX3o//skfd3n3H8egv6ytf2v2Fc4R8/xhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGO5xGl/mRZC/Dq/0nUxxhhjjDHGGGPsz+PzXukKGGOMMcYYY4wx9v8fCCmU0CIQeUReESPyifziKhErrhYFxDUiIq4VceI6UVBcLwqJwqKIKCriRTFRXBiBwgoSoSghSoqouEGUEjeKBFFalBFlhRPlRKK4SZQXN4sK4hZRUdwqKonbRGVRRVQV1cTtorq4Q9QQd4qa4i5RS9QWdURdcbeoJ+4R9cW9ooG4TzQU94tG4gHRWDwomoiHRFPxsGgmHhHNxaOihWgpWonWos3/U/5Lopd4WfQWfUSy6Cv6iVdEfzFADBSDxGDxqhgiXhNDxesiRQwTw8UbYoR4U4wUb4lRYrQYI94WY8U4MV5MEBPFJJEq3hGTxbsiTbwnpoipYpqYLtLFDDFTvC9midlijvhAzBUfinlivlggFopF4iORIRaLTPGxWCI+EVliqVgmlosVYqVYJVaLNWKtWCfWiw1io9gkNost4lOxVWwT28UOsVPsErvFZ2KP+FzsFV+IbPHlfzP/1P+V3x0ECJAgQYOGPJAHYiAG8kN+iIVYKAAFIAIRiIM4KAgFoRAUgiJQBOIhHopDcUBAICAoASUgClEoBaUgARKgDJQBBw4SIRHKw81QASpARagIlaASVIYqUAWqQTWoDtWhBtSAmlATakEtqAN14G64G+6B+lAfGkADaAgNoRE0gsbQGJpAE2gKTaEZNIPm0BxaQAtoBa2gDbSBttAW2kE7aA/toQN0gI7QEZIgCTpBJ+gMnaELdIGu0BW6QTfoDj2gB7wEL8HL8DL0gVqyL/SDftAf+sNAGASD4FUYAq/Ba/A6pMAwGA5vwBvwJoyEkzAKRsMYGAPV5TgYDxOA5CRIhVSYDJMhDdJgCkyFqTAd0mEGzISZMAtmw2z4AObCh/AhzIf5sBAWwSLIgMWQCZmwBE5BFiyFZbAcVsBKWAGrYQ2shnWwHtbBRtgIm2EzfAqfwjbYBjtgB+yCXfAZfAafw+eQAtmQDftgH+yH/XAADkAO5MBBOAiH4BAchsNwBI7AUTgGx+EYnIATcBJOwWk4DWfhLJyDF+K/abqr9NoUIS/SUss8Mo+MkTEyv8wvY2WsLCALyIiMyDgZJwvKgrKQLCSLyCIyXsbL4rK4RImSZChLyBIyKqOylCwlE2SCLCPLSCedTJSJsrwsLyvICrKivFVWkrfJyrKKfMJVk9Vkddne1ZB3ypqypqwla8s6sq6sK+vJerK+rC8byAayoWwoG8kHZGPZFwbCQ/JiZ5rJYdBcDocWsqVsJVvLN+Ex2VaOhHbyCdlePilHwyjoKNu6JPmM7CTHQ2f5nJwAz8uuchJ0ky/K7rKH7Clfkr1kO9db9pFToK/sJ6dDfzlADpSD5CyoLS92rI58XabIYXK4fEMuhDflSPmWHCVHyzHybTlWjpPj5QQ5UU6SqfIdOVm+K9Pke3KKnCqnyekyXc6QM+X7cpacLefID+Rc+aGcJ+fLBXKhXCQ/khlyscyUH8sl8hOZJZfKZXK5XCFXylVytVwj18p1cr3cIDfKTXKz3CI/lVvlNrld7pA75S65W34m98jP5V75hcyWX8p98i9yv/xKHpBfyxz5jTwov5WH5HfysPxeHpE/yKPymDwuf5Qn5E/ypDwlT8sz8qz8WZ6T5+UF6aVQoKRSSqtA5VF5VYzKp/Krq1SsuloVUNeoiLpWxanrVEF1vSqkCqsiqqiKV8VUcWUUKqtIhaqEKqmi6gZVSt2oElRpVUaVVU6VU4nqJlVe3awqqFtURXWrqqRuU5VVFVVVVVO3q+rqDlVD3alqqrtULVVb1VF11d2qnrpH1Vf3qgbqPtVQ3a8aqQdUY/WgaqIeUk3Vw6qZekQ1V4+qFqqlaqVaqzbqMdVWPa7aBUII9aTqoJ5SHdXTKkk9ozqpZ1Vn9Zzqop5XXdULqpt6UXVXPVRPdV5dUF71Vn1Usuqr+qlXVH81QA1Ug9Rg9aoaol5TQ9XrKkUNU8PVG2qEelONVG+pUWq0GqPeVmPVODVeTVAT1SSVqt5Rk9W7Kk29p6aoqWqamq7S1Qw18JeV5vwL+e/+g/yhl159s9qiPlVb1Ta1Xe1QO9UutVvtVnvUHrVX7VXZKlvtU/vUfrVfHVAHVI7KUQfVQXVIHVKH1WF1RB1RR9UxdUb9qE6on9RJdUqdUmfUWXVWnfvleyA0aKmV1jrQeXReHaPz6fz6Kh2rr9YF9DU6oq/Vcfo6XVBfrwvpwrqILqrjdTFdXBuN2mrSoS6hS+qovkGX0jfqBF1al9FltdPldKK+6d/O/2f1tdFtdFvdVrfT7XR73V530B10R91RJ+kk3Ul30p11Z91Fd9FddVfdTXfT3XV33VP31L10L91b99bJOln306/o/nqAHqgH6cH6VT1ED9FD9VCdolP0cD1cj9Aj9Eg9Uo/So/QYPUaP1WP1eD1eT9QTdapO1ZP1ZJ2m0/QUPUVP09N0uk7XM/VMPUvP0nP0HD1Xz9Xz9Dy9QC/Qi/QinaEzdKbO1Ev0Ep2ll+qlerlerlfqlXq1Xq3X6rV6vV6vN+qNOktv0Vv0Vr1Vb9fb9U69U+/Wu/UevUfv1Xt1ts7W+/Q+vV/v1wf0AZ2jc/RBfVAf0of0YX1YH9FH9FF9VB/Xx/UJfUKf1Cf1aX1an9Vn9Tl9Tl/QFy5u+wIZyEAHOsgT5Aligpggf5A/iA1igwJBgSASRIK4IC4oGFwfFAoKB0WCokF8UCwoHpgAAxtQEAYlgpJBNLghKBXcGCQEpYMyQdnABeWCxOCmoHxwc1AhuCWoGNwaVApuCyoHVYKqQbXg9qB6cEdQI7gzqBncFdQKav/6OVRwT1A/uDdoENwXNAzuDxoFDwSNgweDJsFDQdPg4aBZ8EjQPHg0aBG0DFoFrYM2/+r6QZ2gbnB3UO8P1/f+ZOHHXW/TxySbvqafecX0NwPMQDPIDDavmiHmNTPUvG5SzDAz3LxhRpg3zUjzlhllRpsx5m0z1owz480EM9FMMqnmHTPZvGvSzHtmiplqppnpJt3MMDPN+2aWmW3mmA/MXPOhmWfmmwVmoVlkPjIZZrHJNB+bJeYTk2WWmmVmuVlhVppVZrVZY9aadWa92WA2mk1ms9liPjVbzTaz3ewwO80us9t8ZvaYz81e84XJNl+afeYvZr/5yhwwX5sc8405aL41h8x35rD53hwxP5ij5pg5bn40J8xP5qQ5ZU6bM+as+dmcM+fNBeMvbu4vvr2jRo15MA/GYAzmx/wYi7FYAAtgBCMYh3FYEAtiISyERbAIxmM8FsfieBEhYQksgVGMYikshQmYgGWwDDp0mIiJWB7LYwWsgBWxIlbCSlgZK2NVrIq34+14B96Bd+KdeBfehbWxNtbFulgP62F9rI8NsAE2xIbYCBthY2yMTbAJNsWm2AybYXNsji2wBbbCVtgG22BbbIvtsB22x/bYATtgR+yISZiEnbATdsbO2AW7YFfsit2wG3bH7tgTe2Iv7IW9z/TGZEzGftgP+2N/HIgDcTAOxiE4BIfiUEzBFByOw3EEjsCROBJH4Wgcg2/jWByH43ECTsRJmIqpOBknYxqm4RScgtNwGqZjOs7EmTgLZ+EcnINzcS7Ow3m4ABfgIlyEGZiBmZiJS3AJZmEWLsNluAJX4CpchWtwDa7DdbgBN+Am3IRbcAtuVVtxO27HnbgTd+Nu3IN7cC/uxWzMxn24D/fjfjyABzAHc/AgHsRDeAgP42E8gkfwKB7F43gcT+AJPIkn8TSexrP4M57D83gBPcZYKfLbq2ysvdoWsNfYGJvP/n1cxBa18baYLW6NLWQL/yZGa22CLW3L2LLW2XI20d70u7iyrWKr2mr2dlvd3mFr/C6uZ++x9e29toG9z9a1d/8mbmjvt43sI7axfdQ2sS1tU9vaNrOP2Ob2UdvCtrStbGvbwT5lO9qnbZJ9xnayz/4uzrCL7Rq71q6z6+0e+7k9bc/YQ/Y7e9b+bHvbPnawfdUOsa/ZofZ1m9Jg2G9jO8yOsW/bsXacHW8n2Il20u/iaXa6Tbcz7Ez7vp1lZ/8uXmQ/snNtpp1n59sFduGl+GJNmfZju8R+YrPsUrvMLrcr7Eq7yq7+W63L7Ua7yW62u+1ndqvdZrfbHXan3XUpvngee+0XNtt+aQ/ab+1++5U9YA/bHPvNpfji+R2239sj9gd71B6zx+2P9oT9yZ60py6d/8Vz/9Getxest4KAJCnSFFAeyksxlI/y01UUS1dTAbqGInQtxdF1VJCup0JUmIpQUYqnYlScDCFZIgqpBJWkKN1ApehGSqDSVIbKkqNylEg3UXm6mSrQLVSRbqVKdBtVpipUlarR7VSd7qAaWlBNuotqUW2qQ3XpbqpH91B9upca0H3UkO6nRvQANaYHqQk9RE3pYWpGj1BzepRaUEtqRa2pDT1GbelxakdPUHt6kjrQU9SRnqYkeoY60bPUmZ6jLvQ8daUXqBu9SN2pB/Wkl6gXvUy9qQ8lU1/qR69QfxpAA2kQDaZXaQi9RkPpdUqhYTSc3qAR9CaNpLdoFI2mMfQ2jaVxNJ4m0ESaRKn0Dk2mdymN3qMpNJWm0XRKpxk0k96nWTSb5tAHNJc+pHk0nxbQQlpEH1EGLaZM+piW0CeURUtpGS2nFbSSVtFqWkNraR2tpw20kTbRZtpCn9JW2kbbaQftpF20mz6jPfQ57aUvKJu+pH30F9pPX9EB+ppy6Bs6SN/SIfqODtP3dIR+oKN0jI7Tj3SCfqKTdIpO0xk6Sz/TOTpPF8iTCCGUoQp1GIR5wrxhTJgvzB9eFcaGV4cFwmvCSHhtGBdeFxYMrw8LhYXDImHRMD4sFhYPTYihDSkMwxJhyTAa3hCWCm8ME8LSYZmwbOjCcmFieFNYPrw5rBDeElYMbw0rhbeFlcMq4SP3VQtvD6uHd4Q1wjvDmuFdYa2wdlgnrBveHdYL7wnrh/eGDcL7wgrh/WGj8IGwcfhg2CR8KGwaPhw2Cx8Jm4ePhi3ClmGrsHXYJnwsbBs+HrYLnwjbh0+GHcKnwo7h02FS+EzYKXz2nx5PDvuG/cJXwldC7+9VC6ILo4uiH0UzooujmdGPo0uin0Szokujy6LLoyuiK6Oroquja6Jro+ui66Mbohujm6Kbo97XzSscOOmU0y5weVxeF+PyufzuKhfrrnYF3DUu4q51ce46V9Bd7wq5wq6IK+riXTFX3BmHzjpyoSvhSrqou8GVcje6BFfalXFlnXPlXKJr7dq4Nq6te9y1c0+49u5J96R7yj3lnnZPu2dcJ/es6+yec13c866re8G94F503V0P19O95Hq5l11v18clu2TXz/Vz/V1/N9ANzPPLHswNdUNdiktxw91wN8KNcCPdSDfKjXJj3Bg31o114914N9FNdKku1U12k12aS3NT3BQ3zU1z6S7dzXQz3Sw3y81xc9zchLlunpvnFrgFbpFb5DJchst0mW6JW+KyXJZb5pa5FW6FW+VWuTVujVvn1rkNboPb5Da5LW6L2+q2uu1uu9vpdrrdbrfb4/a4vW6vy3bZbp/b5/a7/e6A+9rluG/cQfetO+S+c4fd9+6I+8EddcfccfejO+F+cifdKXfanXFn3c/unDvvLjjvUiPvRCZH3o2kRd6LTIlMjUyLTI+kR2ZEZkbej8yKzI7MiXwQmRv5MDIvMj+yIBIjhPgokhFZHMmMfBxZEvkkkhVZGlkWWR5ZEVkZ8b7Y1tCX8CV91N/gS/kbfYIv7cv4st75cj7R3+TL+5t9BX+Lr+hv9ZX8bb6yr+Kr+kd9C9/St/KtfRv/mG/rH/ft/BO+vX/Sd/BP+Y7+aZ/kn/Gd/LO+s3/Od/HP+67+Bd/Nv+i7+x6+p3/J9/Iv+96+j0/2fX0//4rv7wf4gX6QH+xf9UP8a36of92n+GF+uH/Dj/Bv+pH+LT/Kj/Zj/Nt+rB/nx/sJfqKf5FP9O35yvnd9mn/PT/FT/TQ/3af7GX6mf9/P8rP9HP+Bn+s/9PP8fL/AL/SL/Ec+wy/2mf5jv8R/4rP8Ur/ML/cr/Eq/yq/2a/xav86v9xv8Rr/Jb/Zb/Kd+q9/mt/sdfqff5Xf7z/we/7nf67/w2f5Lv8//xe/3X/kD/muf47/xB/23/pD/zh/23/sj/gd/1B/zx/2P/oT/yZ/0p/xpf8af9T/7c/68v8B/s8YYY4wx9i9JO/DHx/v+g8fkL+OifkKIq7cVzfn741oIsaHQX+cDZHyHiBDimT7dHvp11KqVnJz8y3OzlAhKzhdCRC7nX7oM+SVeKtqLp0SSeEKU/4f1DZA9ztIfrA9HvY/eKkT+v8u5uI//Nb68/s3/xfqPPTkmo1J4Ou6365/7Zb95sf7ofCESSl7OyScux5fXr/BfrF+47R/Vn6VEvq9ShWj3dzmx4nJ8ef1E8bh4ViT95pmMMcYYY4wxxthfDZBVu/yT689L1+fx+lJ46eG84m/xP70+Z4wxxhhjjDHG2JX3fI+eTz+WlPREF57whCc8+dvkSv9mYowxxhhjjP3ZLm/6r3QljDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcZY7vU/8e/ErvQ5MsYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY1fa/wkAAP//jKQ7JQ==")

12.461372402s ago: executing program 1 (id=3971):
pipe2$9p(0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x50)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
r1 = dup(0xffffffffffffffff)
write$FUSE_BMAP(r1, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r1, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_INIT(r1, &(0x7f00000001c0)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x4, 0x800000, 0x4, 0x400, 0x5, 0x1, 0x0, 0x0, 0x1, 0x74}}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x2100, 0x100)

10.042254156s ago: executing program 1 (id=3975):
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
bpf$PROG_LOAD(0x5, &(0x7f0000001cc0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x81e00, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000300)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000500)={'wlan1\x00'})
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000004}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000a0d2"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
socket$inet_udplite(0x2, 0x2, 0x88)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r6, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r7, 0x8, 0x0, 0x1003, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}, 0x32)

9.975074907s ago: executing program 32 (id=3975):
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
bpf$PROG_LOAD(0x5, &(0x7f0000001cc0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x81e00, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000300)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000500)={'wlan1\x00'})
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000004}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000a0d2"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
socket$inet_udplite(0x2, 0x2, 0x88)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r6, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r7, 0x8, 0x0, 0x1003, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}, 0x32)

7.98227832s ago: executing program 0 (id=3999):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff})
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/246, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x1, r2})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)

7.179614505s ago: executing program 0 (id=4003):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r1}, &(0x7f0000000080), &(0x7f00000006c0)='%-010d \x00'}, 0x20)
fcntl$setlease(r0, 0x400, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x2d)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x200000, 0x0, 0x0, 0x0, 0x0)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_TARGET(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x4}, 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000140), r8)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r9, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, 0x0, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)

6.209134381s ago: executing program 0 (id=4010):
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000500)=ANY=[@ANYBLOB="7a0af8ff75256320bfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000ff00000000b2595285faa6ead0169191d54f8196217fc563e2fc91f6da4dad4fdc2eb1b5986fc44bc25fb591cf77b9dfb379a3f611dbc2a364916f098dab10b1a297cf528666d1ddd73f30f2382f6cda4bfdd45be583823c0f092248a57d48621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000800db583620ce7243d1aebdb638d91dbef6619358399aa9c2acd068c03efefd8bc77edf2d34b12cd48a1b20fb7dd843267e0331759f4ec6b5b0af58e604f494eff289026d5045ef08000000000000007718a09f4886afc26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc76be40d435aa8b5202db761014b1b999a12df6bee431a6681000000263b6233e1c0fe30e384c3cb07b74a72291a1a2b523dd81b6651b1ee48e999bb004823ebcd8c65743f31f84b263ab9b3426692d01ad194f302d7a658e9e54687d3c56d7bedb6b2f25ddb8c640ab321a402058c9221b6870814cf4ee23ddb79fff5eb156e0a000000000000f2bd1d4a178d86d6935eb8b75bc4eb680d10e8b6a54c6c8674caf63ff76622939a20d4aadf85db40179c2cf83ee07e30a279d8f9f3bc282deb43a03409f8e6972f3f720d045923702cede0f3e91411f3f1b16f065624f280a7dcce8db910f93c49b9e0b6dd7356aa79d5fabb5c0d0da6d719d7e0efb2bb713d18242cd5df6ca53307a4cdd9030a46c190e317c8de5e5c3933fd5d5bf38f6b9fc39fc829dcfe4af8ac5fbb7314a7a433e0182767d1376eda2b20"], &(0x7f0000000100)='GPL\x00'}, 0x48)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x100}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
close(r2)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110e22fff6)
ioctl$TUNGETVNETLE(r2, 0x40047451, &(0x7f0000000180))

5.880407263s ago: executing program 0 (id=4012):
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000081dd22104c052e000005010203010902120001000000000904000000f704"], 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020100008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x2, 0xffff0f00}}, @union={0x0, 0x0, 0x0, 0x9, 0x0, 0x2}]}}, 0x0, 0x3e}, 0x28)

3.670824307s ago: executing program 2 (id=4041):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
socket(0x400000000010, 0x3, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x100}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
close(r2)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110e22fff6)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100006cc70000000000000000ea04850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r4}, 0x10)
ioctl$TUNGETVNETLE(r2, 0x40047451, &(0x7f0000000180))

3.218191619s ago: executing program 3 (id=4046):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xfffffff7, 0x0, 0x0, 0x40f00, 0xc}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x1}]}}}, @IFLA_IFNAME={0x14, 0x3, 'xfrm0\x00'}]}, 0x50}}, 0x0)

3.217668959s ago: executing program 3 (id=4047):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x8, 0x7fe2, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c00000010004b0400f4ed00000000007a00", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c0002800800040000000000060006"], 0x4c}}, 0x0)

3.18774061s ago: executing program 3 (id=4048):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace(0x8, r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x8, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000bb00551a0000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
waitid(0x2, 0x0, 0x0, 0x4, 0x0)

3.13994219s ago: executing program 3 (id=4049):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r0, 0x400448e1, &(0x7f00000001c0))

2.750886503s ago: executing program 0 (id=4051):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff})
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xfffffff9)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/246, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x1, r2})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)

2.750498613s ago: executing program 2 (id=4052):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x4714, &(0x7f0000000100)={[{@test_dummy_encryption}, {@jqfmt_vfsv0}]}, 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x40000, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x4002, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000809, 0x0, 0x1, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r4}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r6, &(0x7f00000000c0), 0x10)

2.344865605s ago: executing program 5 (id=4054):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x11, 0x2000000000000050, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f00000012c0)='sys_enter\x00', r0}, 0x18)
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r2, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x2, 0x6, 0x4})
sendmmsg$inet6(r1, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

2.319790626s ago: executing program 5 (id=4055):
getuid()
openat$binderfs(0xffffffffffffff9c, 0x0, 0x1802, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
signalfd(0xffffffffffffffff, &(0x7f00000003c0), 0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x26, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB="280000001e00030903000000fedbdf2507"], 0x28}, 0x1, 0x0, 0x0, 0x2000c090}, 0x10)
recvmmsg$unix(r5, &(0x7f0000002040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40010002, 0x0)

2.055979377s ago: executing program 4 (id=4057):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
open(&(0x7f00000002c0)='./file0/file0\x00', 0x141840, 0x0)
mount$incfs(&(0x7f0000000340)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x54)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x2000004c, &(0x7f0000000380)=ANY=[], 0xfe, 0x152b, &(0x7f0000003e00)="$eJzs3AuYjtX6MPB1r7Uehia9TXIY1r3uhzcNlkmSHJLkkCRJkuSUJGmSJCEx5JQ0JCHHSZPDEJJTY9I4nw85J022NEkSklNY38Wubfe1/+39/3bf3//ac/+ua12z7vd57/Xez9xzzbue571mvus2vE6zujWbEJH4t8BfvyQLIWKEEIOFENcIIQIhRMW4inEXj+dTkPzvvQj7cz2UfqUrYFcS9z934/7nbtz/3I37n7tx/3M37n/uxv3P3bj/jOVmW2YUvZZH7h18/z834/f//yA55SZ8ta7c9d3/Gync/9yN+5+7cf9zkeD3D3H/czfuf+7G/f/Pd+cfHOP+/4eK+deexv1nLDf7273gc977/wX3o//skfd3n3H8egv6ytf2v2Fc4R8/xhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGO5xGl/mRZC/Dq/0nUxxhhjjDHGGGPsz+PzXukKGGOMMcYYY4wx9v8fCCmU0CIQeUReESPyifziKhErrhYFxDUiIq4VceI6UVBcLwqJwqKIKCriRTFRXBiBwgoSoSghSoqouEGUEjeKBFFalBFlhRPlRKK4SZQXN4sK4hZRUdwqKonbRGVRRVQV1cTtorq4Q9QQd4qa4i5RS9QWdURdcbeoJ+4R9cW9ooG4TzQU94tG4gHRWDwomoiHRFPxsGgmHhHNxaOihWgpWonWos3/U/5Lopd4WfQWfUSy6Cv6iVdEfzFADBSDxGDxqhgiXhNDxesiRQwTw8UbYoR4U4wUb4lRYrQYI94WY8U4MV5MEBPFJJEq3hGTxbsiTbwnpoipYpqYLtLFDDFTvC9midlijvhAzBUfinlivlggFopF4iORIRaLTPGxWCI+EVliqVgmlosVYqVYJVaLNWKtWCfWiw1io9gkNost4lOxVWwT28UOsVPsErvFZ2KP+FzsFV+IbPHlfzP/1P+V3x0ECJAgQYOGPJAHYiAG8kN+iIVYKAAFIAIRiIM4KAgFoRAUgiJQBOIhHopDcUBAICAoASUgClEoBaUgARKgDJQBBw4SIRHKw81QASpARagIlaASVIYqUAWqQTWoDtWhBtSAmlATakEtqAN14G64G+6B+lAfGkADaAgNoRE0gsbQGJpAE2gKTaEZNIPm0BxaQAtoBa2gDbSBttAW2kE7aA/toQN0gI7QEZIgCTpBJ+gMnaELdIGu0BW6QTfoDj2gB7wEL8HL8DL0gVqyL/SDftAf+sNAGASD4FUYAq/Ba/A6pMAwGA5vwBvwJoyEkzAKRsMYGAPV5TgYDxOA5CRIhVSYDJMhDdJgCkyFqTAd0mEGzISZMAtmw2z4AObCh/AhzIf5sBAWwSLIgMWQCZmwBE5BFiyFZbAcVsBKWAGrYQ2shnWwHtbBRtgIm2EzfAqfwjbYBjtgB+yCXfAZfAafw+eQAtmQDftgH+yH/XAADkAO5MBBOAiH4BAchsNwBI7AUTgGx+EYnIATcBJOwWk4DWfhLJyDF+K/abqr9NoUIS/SUss8Mo+MkTEyv8wvY2WsLCALyIiMyDgZJwvKgrKQLCSLyCIyXsbL4rK4RImSZChLyBIyKqOylCwlE2SCLCPLSCedTJSJsrwsLyvICrKivFVWkrfJyrKKfMJVk9Vkddne1ZB3ypqypqwla8s6sq6sK+vJerK+rC8byAayoWwoG8kHZGPZFwbCQ/JiZ5rJYdBcDocWsqVsJVvLN+Ex2VaOhHbyCdlePilHwyjoKNu6JPmM7CTHQ2f5nJwAz8uuchJ0ky/K7rKH7Clfkr1kO9db9pFToK/sJ6dDfzlADpSD5CyoLS92rI58XabIYXK4fEMuhDflSPmWHCVHyzHybTlWjpPj5QQ5UU6SqfIdOVm+K9Pke3KKnCqnyekyXc6QM+X7cpacLefID+Rc+aGcJ+fLBXKhXCQ/khlyscyUH8sl8hOZJZfKZXK5XCFXylVytVwj18p1cr3cIDfKTXKz3CI/lVvlNrld7pA75S65W34m98jP5V75hcyWX8p98i9yv/xKHpBfyxz5jTwov5WH5HfysPxeHpE/yKPymDwuf5Qn5E/ypDwlT8sz8qz8WZ6T5+UF6aVQoKRSSqtA5VF5VYzKp/Krq1SsuloVUNeoiLpWxanrVEF1vSqkCqsiqqiKV8VUcWUUKqtIhaqEKqmi6gZVSt2oElRpVUaVVU6VU4nqJlVe3awqqFtURXWrqqRuU5VVFVVVVVO3q+rqDlVD3alqqrtULVVb1VF11d2qnrpH1Vf3qgbqPtVQ3a8aqQdUY/WgaqIeUk3Vw6qZekQ1V4+qFqqlaqVaqzbqMdVWPa7aBUII9aTqoJ5SHdXTKkk9ozqpZ1Vn9Zzqop5XXdULqpt6UXVXPVRPdV5dUF71Vn1Usuqr+qlXVH81QA1Ug9Rg9aoaol5TQ9XrKkUNU8PVG2qEelONVG+pUWq0GqPeVmPVODVeTVAT1SSVqt5Rk9W7Kk29p6aoqWqamq7S1Qw18JeV5vwL+e/+g/yhl159s9qiPlVb1Ta1Xe1QO9UutVvtVnvUHrVX7VXZKlvtU/vUfrVfHVAHVI7KUQfVQXVIHVKH1WF1RB1RR9UxdUb9qE6on9RJdUqdUmfUWXVWnfvleyA0aKmV1jrQeXReHaPz6fz6Kh2rr9YF9DU6oq/Vcfo6XVBfrwvpwrqILqrjdTFdXBuN2mrSoS6hS+qovkGX0jfqBF1al9FltdPldKK+6d/O/2f1tdFtdFvdVrfT7XR73V530B10R91RJ+kk3Ul30p11Z91Fd9FddVfdTXfT3XV33VP31L10L91b99bJOln306/o/nqAHqgH6cH6VT1ED9FD9VCdolP0cD1cj9Aj9Eg9Uo/So/QYPUaP1WP1eD1eT9QTdapO1ZP1ZJ2m0/QUPUVP09N0uk7XM/VMPUvP0nP0HD1Xz9Xz9Dy9QC/Qi/QinaEzdKbO1Ev0Ep2ll+qlerlerlfqlXq1Xq3X6rV6vV6vN+qNOktv0Vv0Vr1Vb9fb9U69U+/Wu/UevUfv1Xt1ts7W+/Q+vV/v1wf0AZ2jc/RBfVAf0of0YX1YH9FH9FF9VB/Xx/UJfUKf1Cf1aX1an9Vn9Tl9Tl/QFy5u+wIZyEAHOsgT5Aligpggf5A/iA1igwJBgSASRIK4IC4oGFwfFAoKB0WCokF8UCwoHpgAAxtQEAYlgpJBNLghKBXcGCQEpYMyQdnABeWCxOCmoHxwc1AhuCWoGNwaVApuCyoHVYKqQbXg9qB6cEdQI7gzqBncFdQKav/6OVRwT1A/uDdoENwXNAzuDxoFDwSNgweDJsFDQdPg4aBZ8EjQPHg0aBG0DFoFrYM2/+r6QZ2gbnB3UO8P1/f+ZOHHXW/TxySbvqafecX0NwPMQDPIDDavmiHmNTPUvG5SzDAz3LxhRpg3zUjzlhllRpsx5m0z1owz480EM9FMMqnmHTPZvGvSzHtmiplqppnpJt3MMDPN+2aWmW3mmA/MXPOhmWfmmwVmoVlkPjIZZrHJNB+bJeYTk2WWmmVmuVlhVppVZrVZY9aadWa92WA2mk1ms9liPjVbzTaz3ewwO80us9t8ZvaYz81e84XJNl+afeYvZr/5yhwwX5sc8405aL41h8x35rD53hwxP5ij5pg5bn40J8xP5qQ5ZU6bM+as+dmcM+fNBeMvbu4vvr2jRo15MA/GYAzmx/wYi7FYAAtgBCMYh3FYEAtiISyERbAIxmM8FsfieBEhYQksgVGMYikshQmYgGWwDDp0mIiJWB7LYwWsgBWxIlbCSlgZK2NVrIq34+14B96Bd+KdeBfehbWxNtbFulgP62F9rI8NsAE2xIbYCBthY2yMTbAJNsWm2AybYXNsji2wBbbCVtgG22BbbIvtsB22x/bYATtgR+yISZiEnbATdsbO2AW7YFfsit2wG3bH7tgTe2Iv7IW9z/TGZEzGftgP+2N/HIgDcTAOxiE4BIfiUEzBFByOw3EEjsCROBJH4Wgcg2/jWByH43ECTsRJmIqpOBknYxqm4RScgtNwGqZjOs7EmTgLZ+EcnINzcS7Ow3m4ABfgIlyEGZiBmZiJS3AJZmEWLsNluAJX4CpchWtwDa7DdbgBN+Am3IRbcAtuVVtxO27HnbgTd+Nu3IN7cC/uxWzMxn24D/fjfjyABzAHc/AgHsRDeAgP42E8gkfwKB7F43gcT+AJPIkn8TSexrP4M57D83gBPcZYKfLbq2ysvdoWsNfYGJvP/n1cxBa18baYLW6NLWQL/yZGa22CLW3L2LLW2XI20d70u7iyrWKr2mr2dlvd3mFr/C6uZ++x9e29toG9z9a1d/8mbmjvt43sI7axfdQ2sS1tU9vaNrOP2Ob2UdvCtrStbGvbwT5lO9qnbZJ9xnayz/4uzrCL7Rq71q6z6+0e+7k9bc/YQ/Y7e9b+bHvbPnawfdUOsa/ZofZ1m9Jg2G9jO8yOsW/bsXacHW8n2Il20u/iaXa6Tbcz7Ez7vp1lZ/8uXmQ/snNtpp1n59sFduGl+GJNmfZju8R+YrPsUrvMLrcr7Eq7yq7+W63L7Ua7yW62u+1ndqvdZrfbHXan3XUpvngee+0XNtt+aQ/ab+1++5U9YA/bHPvNpfji+R2239sj9gd71B6zx+2P9oT9yZ60py6d/8Vz/9Getxest4KAJCnSFFAeyksxlI/y01UUS1dTAbqGInQtxdF1VJCup0JUmIpQUYqnYlScDCFZIgqpBJWkKN1ApehGSqDSVIbKkqNylEg3UXm6mSrQLVSRbqVKdBtVpipUlarR7VSd7qAaWlBNuotqUW2qQ3XpbqpH91B9upca0H3UkO6nRvQANaYHqQk9RE3pYWpGj1BzepRaUEtqRa2pDT1GbelxakdPUHt6kjrQU9SRnqYkeoY60bPUmZ6jLvQ8daUXqBu9SN2pB/Wkl6gXvUy9qQ8lU1/qR69QfxpAA2kQDaZXaQi9RkPpdUqhYTSc3qAR9CaNpLdoFI2mMfQ2jaVxNJ4m0ESaRKn0Dk2mdymN3qMpNJWm0XRKpxk0k96nWTSb5tAHNJc+pHk0nxbQQlpEH1EGLaZM+piW0CeURUtpGS2nFbSSVtFqWkNraR2tpw20kTbRZtpCn9JW2kbbaQftpF20mz6jPfQ57aUvKJu+pH30F9pPX9EB+ppy6Bs6SN/SIfqODtP3dIR+oKN0jI7Tj3SCfqKTdIpO0xk6Sz/TOTpPF8iTCCGUoQp1GIR5wrxhTJgvzB9eFcaGV4cFwmvCSHhtGBdeFxYMrw8LhYXDImHRMD4sFhYPTYihDSkMwxJhyTAa3hCWCm8ME8LSYZmwbOjCcmFieFNYPrw5rBDeElYMbw0rhbeFlcMq4SP3VQtvD6uHd4Q1wjvDmuFdYa2wdlgnrBveHdYL7wnrh/eGDcL7wgrh/WGj8IGwcfhg2CR8KGwaPhw2Cx8Jm4ePhi3ClmGrsHXYJnwsbBs+HrYLnwjbh0+GHcKnwo7h02FS+EzYKXz2nx5PDvuG/cJXwldC7+9VC6ILo4uiH0UzooujmdGPo0uin0Szokujy6LLoyuiK6Oroquja6Jro+ui66Mbohujm6Kbo97XzSscOOmU0y5weVxeF+PyufzuKhfrrnYF3DUu4q51ce46V9Bd7wq5wq6IK+riXTFX3BmHzjpyoSvhSrqou8GVcje6BFfalXFlnXPlXKJr7dq4Nq6te9y1c0+49u5J96R7yj3lnnZPu2dcJ/es6+yec13c866re8G94F503V0P19O95Hq5l11v18clu2TXz/Vz/V1/N9ANzPPLHswNdUNdiktxw91wN8KNcCPdSDfKjXJj3Bg31o114914N9FNdKku1U12k12aS3NT3BQ3zU1z6S7dzXQz3Sw3y81xc9zchLlunpvnFrgFbpFb5DJchst0mW6JW+KyXJZb5pa5FW6FW+VWuTVujVvn1rkNboPb5Da5LW6L2+q2uu1uu9vpdrrdbrfb4/a4vW6vy3bZbp/b5/a7/e6A+9rluG/cQfetO+S+c4fd9+6I+8EddcfccfejO+F+cifdKXfanXFn3c/unDvvLjjvUiPvRCZH3o2kRd6LTIlMjUyLTI+kR2ZEZkbej8yKzI7MiXwQmRv5MDIvMj+yIBIjhPgokhFZHMmMfBxZEvkkkhVZGlkWWR5ZEVkZ8b7Y1tCX8CV91N/gS/kbfYIv7cv4st75cj7R3+TL+5t9BX+Lr+hv9ZX8bb6yr+Kr+kd9C9/St/KtfRv/mG/rH/ft/BO+vX/Sd/BP+Y7+aZ/kn/Gd/LO+s3/Od/HP+67+Bd/Nv+i7+x6+p3/J9/Iv+96+j0/2fX0//4rv7wf4gX6QH+xf9UP8a36of92n+GF+uH/Dj/Bv+pH+LT/Kj/Zj/Nt+rB/nx/sJfqKf5FP9O35yvnd9mn/PT/FT/TQ/3af7GX6mf9/P8rP9HP+Bn+s/9PP8fL/AL/SL/Ec+wy/2mf5jv8R/4rP8Ur/ML/cr/Eq/yq/2a/xav86v9xv8Rr/Jb/Zb/Kd+q9/mt/sdfqff5Xf7z/we/7nf67/w2f5Lv8//xe/3X/kD/muf47/xB/23/pD/zh/23/sj/gd/1B/zx/2P/oT/yZ/0p/xpf8af9T/7c/68v8B/s8YYY4wx9i9JO/DHx/v+g8fkL+OifkKIq7cVzfn741oIsaHQX+cDZHyHiBDimT7dHvp11KqVnJz8y3OzlAhKzhdCRC7nX7oM+SVeKtqLp0SSeEKU/4f1DZA9ztIfrA9HvY/eKkT+v8u5uI//Nb68/s3/xfqPPTkmo1J4Ou6365/7Zb95sf7ofCESSl7OyScux5fXr/BfrF+47R/Vn6VEvq9ShWj3dzmx4nJ8ef1E8bh4ViT95pmMMcYYY4wxxthfDZBVu/yT689L1+fx+lJ46eG84m/xP70+Z4wxxhhjjDHG2JX3fI+eTz+WlPREF57whCc8+dvkSv9mYowxxhhjjP3ZLm/6r3QljDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcZY7vU/8e/ErvQ5MsYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY1fa/wkAAP//jKQ7JQ==")

2.043192967s ago: executing program 4 (id=4058):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xfffffff7, 0x0, 0x0, 0x40f00, 0xc}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x1}]}}}, @IFLA_IFNAME={0x14, 0x3, 'xfrm0\x00'}]}, 0x50}}, 0x0)

2.029255897s ago: executing program 4 (id=4059):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x8, 0x7fe2, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c00000010004b0400f4ed00000000007a00", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c0002800800040000000000060006"], 0x4c}}, 0x0)

2.004397437s ago: executing program 4 (id=4060):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x4714, &(0x7f0000000100)={[{@test_dummy_encryption}, {@jqfmt_vfsv0}]}, 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x40000, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x4002, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000809, 0x0, 0x1, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r6}, 0x10)
r7 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r7, &(0x7f00000000c0), 0x10)
sendmsg$can_bcm(r7, &(0x7f0000000000)={&(0x7f0000000040), 0x10, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="0400000000000000", @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x0, @ANYRES64, @ANYBLOB='\x00\x00\x00\x00'], 0x48}}, 0x0)
connect$netlink(r1, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x68, 0x30, 0x829, 0x0, 0x0, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}, @TCA_SKBEDIT_PRIORITY={0x8}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x1c0)
mount$overlay(0x0, &(0x7f0000000400)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f0000000040)='./bus\x00', 0x888430, &(0x7f0000000000)=ANY=[], 0x1, 0x0, 0x0)

1.937673078s ago: executing program 0 (id=4061):
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000081dd22104c052e000005010203010902120001000000000904000000f704"], 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020100008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x2, 0xffff0f00}}, @union={0x0, 0x0, 0x0, 0x9, 0x0, 0x2}]}}, 0x0, 0x3e}, 0x28)

1.915291437s ago: executing program 2 (id=4062):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
socket(0x400000000010, 0x3, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x100}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
close(r2)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110e22fff6)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100006cc70000000000000000ea04850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r4}, 0x10)
ioctl$TUNGETVNETLE(r2, 0x40047451, &(0x7f0000000180))

1.451063441s ago: executing program 5 (id=4063):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x10)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000002780)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0}, 0x18)
r3 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSFF(r3, 0x40304580, &(0x7f0000000b40)={0x52, 0x1, 0x1, {0x0, 0x1}, {0x60, 0x2}, @const={0x3, {0x1, 0xf801, 0x4, 0x1}}})
write$char_usb(r3, &(0x7f0000000040)="e2", 0x2250)

1.133324563s ago: executing program 4 (id=4064):
gettid()
timer_create(0x1, 0x0, 0x0)
pipe2(0x0, 0x84000)
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0xf, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x380})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00001b1000/0x4000)=nil, 0x400000, 0x2, 0x2})
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r2, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11)
recvfrom$inet(r2, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)

1.084787013s ago: executing program 3 (id=4065):
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00"/14], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setscheduler(0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x2, 0x20}}, @const={0x0, 0x0, 0x0, 0xa, 0x3}]}}, 0x0, 0x3e}, 0x28)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r4}, &(0x7f0000001c00)=0x8000000, &(0x7f0000001c40)=r5}, 0x20)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@ipv4_newrule={0x24, 0x20, 0x301, 0xfffffffc, 0x0, {0x2, 0x20, 0x0, 0x4, 0x3, 0x0, 0x0, 0x3, 0xf}, [@FRA_DST={0x8, 0x1, @private=0xa010101}]}, 0x24}}, 0x42094)

966.363844ms ago: executing program 2 (id=4066):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f000000bbc0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000001180)="dd9e41970d03", 0x6}], 0x1, &(0x7f00000003c0)=[@rights={{0x10}}], 0x10, 0x20000041}}], 0x1, 0xc004)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r0, &(0x7f00003a1000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000000)="9a01000000f800b8d58800000f23d00f21f8351000000d0f23f864640f79ea66baf80cb8c85f5480ef66bafc0cecc4c2adac17b9550200000f320f2860c7c4e11751df0f2e2d00000080b9800000c00f3235008000000f30", 0x58}], 0x1, 0x4a, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(r2, 0x4048ae9b, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
unlinkat(0xffffffffffffffff, 0x0, 0x0)

938.841844ms ago: executing program 2 (id=4067):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000200000000000000070000009500000000000000ead6b80d026a"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$KDSKBMETA(0xffffffffffffffff, 0x4b63, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
r4 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
r5 = socket$inet6(0x10, 0x2, 0x4)
sendto$inet6(r5, &(0x7f0000000080)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038c88cc055c5ac27a6c5b068d0bf46d323452536005ad94a461cdbfee9bdb942352359a351d1ec0cffc8792cd8000080", 0x4c, 0x0, 0x0, 0x0)
syz_clone(0x60100100, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480))

237.551528ms ago: executing program 4 (id=4068):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000040)})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3ffffffffffffbf, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
r4 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000280)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
keyctl$revoke(0x3, r4)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
r6 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
ioctl$USBDEVFS_IOCTL(r6, 0xc0105512, 0x0)
keyctl$KEYCTL_PKEY_DECRYPT(0x1a, &(0x7f0000001180)={r4, 0x0, 0xf8}, &(0x7f0000001200)={'enc=', 'pkcs1', ' hash=', {'crc32-generic\x00'}}, 0x0, &(0x7f0000001380)=""/248)
preadv(0xffffffffffffffff, &(0x7f0000001280), 0x0, 0x4, 0x0)

222.416089ms ago: executing program 5 (id=4069):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xfffffff7, 0x0, 0x0, 0x40f00, 0xc}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x1}]}}}, @IFLA_IFNAME={0x14, 0x3, 'xfrm0\x00'}]}, 0x50}}, 0x0)

193.459459ms ago: executing program 5 (id=4070):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x8, 0x7fe2, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c00000010004b0400f4ed00000000007a0000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c0002800800040000000000060006"], 0x4c}}, 0x0)

176.516339ms ago: executing program 3 (id=4071):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_GUEST_DEBUG_x86(0xffffffffffffffff, 0x4048ae9b, &(0x7f0000000140)={0x3})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00'}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
r5 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r5, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)

169.669209ms ago: executing program 5 (id=4072):
mkdir(0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
open(&(0x7f00000002c0)='./file0/file0\x00', 0x141840, 0x0)
mount$incfs(&(0x7f0000000340)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x54)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x2000004c, &(0x7f0000000380)=ANY=[], 0xfe, 0x152b, &(0x7f0000003e00)="$eJzs3AuYjtX6MPB1r7Uehia9TXIY1r3uhzcNlkmSHJLkkCRJkuSUJGmSJCEx5JQ0JCHHSZPDEJJTY9I4nw85J022NEkSklNY38Wubfe1/+39/3bf3//ac/+ua12z7vd57/Xez9xzzbue571mvus2vE6zujWbEJH4t8BfvyQLIWKEEIOFENcIIQIhRMW4inEXj+dTkPzvvQj7cz2UfqUrYFcS9z934/7nbtz/3I37n7tx/3M37n/uxv3P3bj/jOVmW2YUvZZH7h18/z834/f//yA55SZ8ta7c9d3/Gync/9yN+5+7cf9zkeD3D3H/czfuf+7G/f/Pd+cfHOP+/4eK+deexv1nLDf7273gc977/wX3o//skfd3n3H8egv6ytf2v2Fc4R8/xhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGO5xGl/mRZC/Dq/0nUxxhhjjDHGGGPsz+PzXukKGGOMMcYYY4wx9v8fCCmU0CIQeUReESPyifziKhErrhYFxDUiIq4VceI6UVBcLwqJwqKIKCriRTFRXBiBwgoSoSghSoqouEGUEjeKBFFalBFlhRPlRKK4SZQXN4sK4hZRUdwqKonbRGVRRVQV1cTtorq4Q9QQd4qa4i5RS9QWdURdcbeoJ+4R9cW9ooG4TzQU94tG4gHRWDwomoiHRFPxsGgmHhHNxaOihWgpWonWos3/U/5Lopd4WfQWfUSy6Cv6iVdEfzFADBSDxGDxqhgiXhNDxesiRQwTw8UbYoR4U4wUb4lRYrQYI94WY8U4MV5MEBPFJJEq3hGTxbsiTbwnpoipYpqYLtLFDDFTvC9midlijvhAzBUfinlivlggFopF4iORIRaLTPGxWCI+EVliqVgmlosVYqVYJVaLNWKtWCfWiw1io9gkNost4lOxVWwT28UOsVPsErvFZ2KP+FzsFV+IbPHlfzP/1P+V3x0ECJAgQYOGPJAHYiAG8kN+iIVYKAAFIAIRiIM4KAgFoRAUgiJQBOIhHopDcUBAICAoASUgClEoBaUgARKgDJQBBw4SIRHKw81QASpARagIlaASVIYqUAWqQTWoDtWhBtSAmlATakEtqAN14G64G+6B+lAfGkADaAgNoRE0gsbQGJpAE2gKTaEZNIPm0BxaQAtoBa2gDbSBttAW2kE7aA/toQN0gI7QEZIgCTpBJ+gMnaELdIGu0BW6QTfoDj2gB7wEL8HL8DL0gVqyL/SDftAf+sNAGASD4FUYAq/Ba/A6pMAwGA5vwBvwJoyEkzAKRsMYGAPV5TgYDxOA5CRIhVSYDJMhDdJgCkyFqTAd0mEGzISZMAtmw2z4AObCh/AhzIf5sBAWwSLIgMWQCZmwBE5BFiyFZbAcVsBKWAGrYQ2shnWwHtbBRtgIm2EzfAqfwjbYBjtgB+yCXfAZfAafw+eQAtmQDftgH+yH/XAADkAO5MBBOAiH4BAchsNwBI7AUTgGx+EYnIATcBJOwWk4DWfhLJyDF+K/abqr9NoUIS/SUss8Mo+MkTEyv8wvY2WsLCALyIiMyDgZJwvKgrKQLCSLyCIyXsbL4rK4RImSZChLyBIyKqOylCwlE2SCLCPLSCedTJSJsrwsLyvICrKivFVWkrfJyrKKfMJVk9Vkddne1ZB3ypqypqwla8s6sq6sK+vJerK+rC8byAayoWwoG8kHZGPZFwbCQ/JiZ5rJYdBcDocWsqVsJVvLN+Ex2VaOhHbyCdlePilHwyjoKNu6JPmM7CTHQ2f5nJwAz8uuchJ0ky/K7rKH7Clfkr1kO9db9pFToK/sJ6dDfzlADpSD5CyoLS92rI58XabIYXK4fEMuhDflSPmWHCVHyzHybTlWjpPj5QQ5UU6SqfIdOVm+K9Pke3KKnCqnyekyXc6QM+X7cpacLefID+Rc+aGcJ+fLBXKhXCQ/khlyscyUH8sl8hOZJZfKZXK5XCFXylVytVwj18p1cr3cIDfKTXKz3CI/lVvlNrld7pA75S65W34m98jP5V75hcyWX8p98i9yv/xKHpBfyxz5jTwov5WH5HfysPxeHpE/yKPymDwuf5Qn5E/ypDwlT8sz8qz8WZ6T5+UF6aVQoKRSSqtA5VF5VYzKp/Krq1SsuloVUNeoiLpWxanrVEF1vSqkCqsiqqiKV8VUcWUUKqtIhaqEKqmi6gZVSt2oElRpVUaVVU6VU4nqJlVe3awqqFtURXWrqqRuU5VVFVVVVVO3q+rqDlVD3alqqrtULVVb1VF11d2qnrpH1Vf3qgbqPtVQ3a8aqQdUY/WgaqIeUk3Vw6qZekQ1V4+qFqqlaqVaqzbqMdVWPa7aBUII9aTqoJ5SHdXTKkk9ozqpZ1Vn9Zzqop5XXdULqpt6UXVXPVRPdV5dUF71Vn1Usuqr+qlXVH81QA1Ug9Rg9aoaol5TQ9XrKkUNU8PVG2qEelONVG+pUWq0GqPeVmPVODVeTVAT1SSVqt5Rk9W7Kk29p6aoqWqamq7S1Qw18JeV5vwL+e/+g/yhl159s9qiPlVb1Ta1Xe1QO9UutVvtVnvUHrVX7VXZKlvtU/vUfrVfHVAHVI7KUQfVQXVIHVKH1WF1RB1RR9UxdUb9qE6on9RJdUqdUmfUWXVWnfvleyA0aKmV1jrQeXReHaPz6fz6Kh2rr9YF9DU6oq/Vcfo6XVBfrwvpwrqILqrjdTFdXBuN2mrSoS6hS+qovkGX0jfqBF1al9FltdPldKK+6d/O/2f1tdFtdFvdVrfT7XR73V530B10R91RJ+kk3Ul30p11Z91Fd9FddVfdTXfT3XV33VP31L10L91b99bJOln306/o/nqAHqgH6cH6VT1ED9FD9VCdolP0cD1cj9Aj9Eg9Uo/So/QYPUaP1WP1eD1eT9QTdapO1ZP1ZJ2m0/QUPUVP09N0uk7XM/VMPUvP0nP0HD1Xz9Xz9Dy9QC/Qi/QinaEzdKbO1Ev0Ep2ll+qlerlerlfqlXq1Xq3X6rV6vV6vN+qNOktv0Vv0Vr1Vb9fb9U69U+/Wu/UevUfv1Xt1ts7W+/Q+vV/v1wf0AZ2jc/RBfVAf0of0YX1YH9FH9FF9VB/Xx/UJfUKf1Cf1aX1an9Vn9Tl9Tl/QFy5u+wIZyEAHOsgT5Aligpggf5A/iA1igwJBgSASRIK4IC4oGFwfFAoKB0WCokF8UCwoHpgAAxtQEAYlgpJBNLghKBXcGCQEpYMyQdnABeWCxOCmoHxwc1AhuCWoGNwaVApuCyoHVYKqQbXg9qB6cEdQI7gzqBncFdQKav/6OVRwT1A/uDdoENwXNAzuDxoFDwSNgweDJsFDQdPg4aBZ8EjQPHg0aBG0DFoFrYM2/+r6QZ2gbnB3UO8P1/f+ZOHHXW/TxySbvqafecX0NwPMQDPIDDavmiHmNTPUvG5SzDAz3LxhRpg3zUjzlhllRpsx5m0z1owz480EM9FMMqnmHTPZvGvSzHtmiplqppnpJt3MMDPN+2aWmW3mmA/MXPOhmWfmmwVmoVlkPjIZZrHJNB+bJeYTk2WWmmVmuVlhVppVZrVZY9aadWa92WA2mk1ms9liPjVbzTaz3ewwO80us9t8ZvaYz81e84XJNl+afeYvZr/5yhwwX5sc8405aL41h8x35rD53hwxP5ij5pg5bn40J8xP5qQ5ZU6bM+as+dmcM+fNBeMvbu4vvr2jRo15MA/GYAzmx/wYi7FYAAtgBCMYh3FYEAtiISyERbAIxmM8FsfieBEhYQksgVGMYikshQmYgGWwDDp0mIiJWB7LYwWsgBWxIlbCSlgZK2NVrIq34+14B96Bd+KdeBfehbWxNtbFulgP62F9rI8NsAE2xIbYCBthY2yMTbAJNsWm2AybYXNsji2wBbbCVtgG22BbbIvtsB22x/bYATtgR+yISZiEnbATdsbO2AW7YFfsit2wG3bH7tgTe2Iv7IW9z/TGZEzGftgP+2N/HIgDcTAOxiE4BIfiUEzBFByOw3EEjsCROBJH4Wgcg2/jWByH43ECTsRJmIqpOBknYxqm4RScgtNwGqZjOs7EmTgLZ+EcnINzcS7Ow3m4ABfgIlyEGZiBmZiJS3AJZmEWLsNluAJX4CpchWtwDa7DdbgBN+Am3IRbcAtuVVtxO27HnbgTd+Nu3IN7cC/uxWzMxn24D/fjfjyABzAHc/AgHsRDeAgP42E8gkfwKB7F43gcT+AJPIkn8TSexrP4M57D83gBPcZYKfLbq2ysvdoWsNfYGJvP/n1cxBa18baYLW6NLWQL/yZGa22CLW3L2LLW2XI20d70u7iyrWKr2mr2dlvd3mFr/C6uZ++x9e29toG9z9a1d/8mbmjvt43sI7axfdQ2sS1tU9vaNrOP2Ob2UdvCtrStbGvbwT5lO9qnbZJ9xnayz/4uzrCL7Rq71q6z6+0e+7k9bc/YQ/Y7e9b+bHvbPnawfdUOsa/ZofZ1m9Jg2G9jO8yOsW/bsXacHW8n2Il20u/iaXa6Tbcz7Ez7vp1lZ/8uXmQ/snNtpp1n59sFduGl+GJNmfZju8R+YrPsUrvMLrcr7Eq7yq7+W63L7Ua7yW62u+1ndqvdZrfbHXan3XUpvngee+0XNtt+aQ/ab+1++5U9YA/bHPvNpfji+R2239sj9gd71B6zx+2P9oT9yZ60py6d/8Vz/9Getxest4KAJCnSFFAeyksxlI/y01UUS1dTAbqGInQtxdF1VJCup0JUmIpQUYqnYlScDCFZIgqpBJWkKN1ApehGSqDSVIbKkqNylEg3UXm6mSrQLVSRbqVKdBtVpipUlarR7VSd7qAaWlBNuotqUW2qQ3XpbqpH91B9upca0H3UkO6nRvQANaYHqQk9RE3pYWpGj1BzepRaUEtqRa2pDT1GbelxakdPUHt6kjrQU9SRnqYkeoY60bPUmZ6jLvQ8daUXqBu9SN2pB/Wkl6gXvUy9qQ8lU1/qR69QfxpAA2kQDaZXaQi9RkPpdUqhYTSc3qAR9CaNpLdoFI2mMfQ2jaVxNJ4m0ESaRKn0Dk2mdymN3qMpNJWm0XRKpxk0k96nWTSb5tAHNJc+pHk0nxbQQlpEH1EGLaZM+piW0CeURUtpGS2nFbSSVtFqWkNraR2tpw20kTbRZtpCn9JW2kbbaQftpF20mz6jPfQ57aUvKJu+pH30F9pPX9EB+ppy6Bs6SN/SIfqODtP3dIR+oKN0jI7Tj3SCfqKTdIpO0xk6Sz/TOTpPF8iTCCGUoQp1GIR5wrxhTJgvzB9eFcaGV4cFwmvCSHhtGBdeFxYMrw8LhYXDImHRMD4sFhYPTYihDSkMwxJhyTAa3hCWCm8ME8LSYZmwbOjCcmFieFNYPrw5rBDeElYMbw0rhbeFlcMq4SP3VQtvD6uHd4Q1wjvDmuFdYa2wdlgnrBveHdYL7wnrh/eGDcL7wgrh/WGj8IGwcfhg2CR8KGwaPhw2Cx8Jm4ePhi3ClmGrsHXYJnwsbBs+HrYLnwjbh0+GHcKnwo7h02FS+EzYKXz2nx5PDvuG/cJXwldC7+9VC6ILo4uiH0UzooujmdGPo0uin0Szokujy6LLoyuiK6Oroquja6Jro+ui66Mbohujm6Kbo97XzSscOOmU0y5weVxeF+PyufzuKhfrrnYF3DUu4q51ce46V9Bd7wq5wq6IK+riXTFX3BmHzjpyoSvhSrqou8GVcje6BFfalXFlnXPlXKJr7dq4Nq6te9y1c0+49u5J96R7yj3lnnZPu2dcJ/es6+yec13c866re8G94F503V0P19O95Hq5l11v18clu2TXz/Vz/V1/N9ANzPPLHswNdUNdiktxw91wN8KNcCPdSDfKjXJj3Bg31o114914N9FNdKku1U12k12aS3NT3BQ3zU1z6S7dzXQz3Sw3y81xc9zchLlunpvnFrgFbpFb5DJchst0mW6JW+KyXJZb5pa5FW6FW+VWuTVujVvn1rkNboPb5Da5LW6L2+q2uu1uu9vpdrrdbrfb4/a4vW6vy3bZbp/b5/a7/e6A+9rluG/cQfetO+S+c4fd9+6I+8EddcfccfejO+F+cifdKXfanXFn3c/unDvvLjjvUiPvRCZH3o2kRd6LTIlMjUyLTI+kR2ZEZkbej8yKzI7MiXwQmRv5MDIvMj+yIBIjhPgokhFZHMmMfBxZEvkkkhVZGlkWWR5ZEVkZ8b7Y1tCX8CV91N/gS/kbfYIv7cv4st75cj7R3+TL+5t9BX+Lr+hv9ZX8bb6yr+Kr+kd9C9/St/KtfRv/mG/rH/ft/BO+vX/Sd/BP+Y7+aZ/kn/Gd/LO+s3/Od/HP+67+Bd/Nv+i7+x6+p3/J9/Iv+96+j0/2fX0//4rv7wf4gX6QH+xf9UP8a36of92n+GF+uH/Dj/Bv+pH+LT/Kj/Zj/Nt+rB/nx/sJfqKf5FP9O35yvnd9mn/PT/FT/TQ/3af7GX6mf9/P8rP9HP+Bn+s/9PP8fL/AL/SL/Ec+wy/2mf5jv8R/4rP8Ur/ML/cr/Eq/yq/2a/xav86v9xv8Rr/Jb/Zb/Kd+q9/mt/sdfqff5Xf7z/we/7nf67/w2f5Lv8//xe/3X/kD/muf47/xB/23/pD/zh/23/sj/gd/1B/zx/2P/oT/yZ/0p/xpf8af9T/7c/68v8B/s8YYY4wx9i9JO/DHx/v+g8fkL+OifkKIq7cVzfn741oIsaHQX+cDZHyHiBDimT7dHvp11KqVnJz8y3OzlAhKzhdCRC7nX7oM+SVeKtqLp0SSeEKU/4f1DZA9ztIfrA9HvY/eKkT+v8u5uI//Nb68/s3/xfqPPTkmo1J4Ou6365/7Zb95sf7ofCESSl7OyScux5fXr/BfrF+47R/Vn6VEvq9ShWj3dzmx4nJ8ef1E8bh4ViT95pmMMcYYY4wxxthfDZBVu/yT689L1+fx+lJ46eG84m/xP70+Z4wxxhhjjDHG2JX3fI+eTz+WlPREF57whCc8+dvkSv9mYowxxhhjjP3ZLm/6r3QljDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcZY7vU/8e/ErvQ5MsYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY1fa/wkAAP//jKQ7JQ==")

0s ago: executing program 2 (id=4073):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x10000000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000340)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000300)={@local, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, '\x00', 0x8, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x18}}, @remote, {[@hopopts={0x2f}]}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
ptrace$getregset(0x4204, r0, 0x9b333401ba15565a, &(0x7f0000000000)={&(0x7f0000002380)=""/4096, 0x1000})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000"], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r5)
syz_mount_image$f2fs(&(0x7f0000000180), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYRES8=0x0], 0x1, 0x5514, &(0x7f000000b2c0)="$eJzs3M1rI2UYAPAn7Xa/XYt48LYDi9DCJmy67aK3qrv4gV3KqgdPmiZpyG6SKU2a1p48eBQPnv0nRMGTR/8GD569iQfFm6BkZqpbP8ClSWPb3w8mz7xv3jzzvGFZeGZKAjiz5pNffirFtbgUEbMRcTUiOy8VR2Y1D89FxPWImHnsKBXzf0ycj4jLEXFtlDzPWSre+vTm8MbKj2/8/PW3F85d+fyr76a3a2Dano+I7lZ+vtvNY9rK48NivjZsZ7G7PCxi/kb3UTFO87jb3Mgy7NYO1tWyeLuVr0+3dvqjuNmp1Uex1d7M5rd6+QX7w9ZBnuwDD2vb2bjR3Mhiu59msbWf17W3n//ftt8f5HkaRb4PsvQxGBzEfL6518z3s/Uoi/XeoJjP86aN5t4oDotYXC7qaaeR1bFxlG/6/+3Ndm9nLxk2t/vttJesVKovVKp3ytXttNEcNJfLtW7jznKy0OqMlpUHzVp3tZWmrU6zUk+7i8lCq14vV6vJwt3mRrvWS6rVyu3KrfLKYnF2M3n1/jtJp5EsjOLL7d7OoN3pJ5vpdpJ/YjFZqtx+cTG5UU3eWltP1h/cu7e2/vZ7d9+9/9La668Ui/5WVrKwdGtpqVy9VV6qLp6h/X9UFD3G/cORlJ5s+YVJ1QFwguj/gWmYXP+//SBi8v1/6P/H4kT1vxPr/z87s/uHI3nC/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNPj+7kvXstO5vPxlWL+qWLqmWJcioiZiPjtH8zG+UM5Z4s8c/+yfu4vNXxTiizD6BoXiuNyRKwWx69PT/pbAAAAgNPryw+vf5J36/nL/LQL4jjlN21mrr4/pnyliJib/2FM2WZGL8+OKVn27/tc7I0pW3YD6+KYkuW33M6NK9t/MnsoXHwslPIwc6zlAAAAx+JwJ3C8XQgAAADH6eNpF8B0lOLgUebBs+DsL+//fCB46dAIAAAAOIFK0y4AAAAAmLis//f7fwAAAHC65b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7lpA1EcgJ8NLvSfiqru26N0B8foEbrssuIAvQRHoFfIBTgD2eUIEUR4HBSiJIrisa2Q75PMMBb8/IzwYmakAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALp0Wa0X//9+/9c2Z7dv54WX/dG2bgAAAHgLttV6Ub+Zpf7H5vzn5tTXpl9ERBkRD43dR/HuJHPU5FSPfL66V8NFRJ1wuMakOT5ExM/muP7S9a8AAAAA52uzXM3TaD29zIYuiD6lSZvy069MeUVEVLOrTGnlIe9bprD6/z2OP5nS6gmsaaawNOU2zpX2LPXjfpy1m95pitSUT38/270DAAA9Gp00/Y5CAAAA6NPvoQtgGEXcLmUelwInqWmW996f9AAAAIBXqBi6AAAAAKBz9fjf/n8AAABw3tL+fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHRpW60Xm+Vq3jZnt28nz90AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADADfvzjgIhEAZhsHd9ZzL3P6w0aGpqUgXCx98YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7M9tCoAgEIbBrezrX3j/w8YLeoYIZkB42EVBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBH7hnLOLXO2BJPVbVME3vGvaqOrBJnVokrF/p4sPUPfwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMvO/bzGUcUBAH8zs7NJq+IaZQ8RseBBLzbd1tbexIMSPPgnCCHd1titP9ocbClCLt4k515EjyKCEm/9H3puoZd662EPFTxX5lcy+XFYhZ3ZZD8fePO+Mwzzvm8WQr77XgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADsM/5wL06yQ6+I4/Law2d317P+0YE+c3/78XLWsjhqMunj4Y36SdSvnSw2nwwAAADzIanq+xDCk3RnNevjXl7/p9U9Wc3/00tFXNXzB+v+qq9q/6z9+cfT13YH6hXjZA+9ujEanjucSmd6s5xhz1+e4KZO/ubz716S/AOJP9l6dZzm7zP64cGDj7p5uDD9dAGA/+ds1ZdB9ftQ1g/aTAyAudGpFd5V/Z/02s0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAnjrfBCFUchhOXOXpx59Ozu+lH9/e3Hy1W7dO/edv2Z2SPSEMLVjdHwXFhscDaz7dbtO9fXRqPhzeaDN0MIbY3+QTn9659NcHMIU0rjTEtvfs6CuPywZyWf4xG0+EMJAIATKS1bVtc/SXdWs2vRUgjPf95f/79di8OE9f/Tzy89rI9Vr/8Hjc1w9q1s3vh65dbtO+9u3Fi7Nrw2/PK984P3BxcuX7x4eSX/rqQ4tp0mAAAAx1i3bPX6P146vP5/uhaHCev/b34cfFcfK1H/H2lv0a/tTAAAAObbK2f++Ts64nrU7YZv1zY3bw6K4+75+eLYQqr/2ULZ6vV/stR2VgAAAEATxlvRvvX/K7U4TLj+/+Ivr/9Wf2YSQjhVrv+fXf9qdKW56cy0qfzx8EL5cDsLAAAAKOvxUwfW/9N8/3+8u+UhDiG881YRl/8GcKL6P/n4+1/rY9X3/19oboozKe4X7yPv+yF0+m1nBAAAwEm2mLdeXv//le6sfvH76U+79v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANO3fAAAA///FdTwZ")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000002340)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000003c0)=ANY=[], 0x4c}}, 0x0)

kernel console output (not intermixed with test programs):

=4294967295 subj=root:sysadm_r:sysadm_t pid=8445 comm="syz.4.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3e678efc9 code=0x7ffc0000
[  225.440380][   T28] audit: type=1326 audit(1761860743.239:3496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8445 comm="syz.4.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe3e678efc9 code=0x7ffc0000
[  225.470953][ T8464] incfs: Can't find or create .index dir in ./file0
[  225.477635][ T8464] incfs: mount failed -14
[  225.491798][ T7327] EXT4-fs (loop3): unmounting filesystem.
[  226.705916][ T7875] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  226.901946][ T8494] xt_bpf: check failed: parse error
[  226.987128][ T8500] loop1: detected capacity change from 0 to 4096
[  227.001994][ T8500] EXT4-fs: Ignoring removed mblk_io_submit option
[  227.018212][ T8500] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  227.028618][ T8500] EXT4-fs (loop1): Test dummy encryption mode enabled
[  227.036704][ T8500] EXT4-fs (loop1): can't mount with data_err=abort, fs mounted w/o journal
[  227.301482][ T8520] loop1: detected capacity change from 0 to 128
[  227.710348][ T8506] loop2: detected capacity change from 0 to 8192
[  227.758852][ T8506]  loop2: p1 < > p2 < p5 p6 > p3 p4
[  227.764883][ T8506] loop2: partition table partially beyond EOD, truncated
[  227.776928][ T8506] loop2: p1 start 67108864 is beyond EOD, truncated
[  227.790380][ T8506] loop2: p3 start 100859904 is beyond EOD, truncated
[  227.800625][ T8506] loop2: p4 size 393216 extends beyond EOD, truncated
[  227.832310][ T8506] loop2: p5 start 100859904 is beyond EOD, truncated
[  227.841321][ T8506] loop2: p6 size 393216 extends beyond EOD, truncated
[  228.286951][ T8535] loop4: detected capacity change from 0 to 4096
[  228.332137][ T8535] EXT4-fs (loop4): Test dummy encryption mode enabled
[  228.378903][ T8535] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  228.808940][ T8213] EXT4-fs (loop4): unmounting filesystem.
[  228.879914][ T8566] loop0: detected capacity change from 0 to 512
[  228.915754][ T8566] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  228.937816][ T8566] ext4 filesystem being mounted at /52/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  228.981251][ T7489] EXT4-fs (loop0): unmounting filesystem.
[  230.947167][ T8591] loop3: detected capacity change from 0 to 40427
[  231.185255][ T8591] F2FS-fs (loop3): Found nat_bits in checkpoint
[  231.334882][ T8598] loop4: detected capacity change from 0 to 512
[  231.875844][ T8598] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  231.887255][ T8598] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  234.116233][ T8598] EXT4-fs: error -4 creating inode table initialization thread
[  234.124360][ T8598] EXT4-fs (loop4): mount failed
[  234.401522][ T8612] loop4: detected capacity change from 0 to 4096
[  234.438870][ T8612] EXT4-fs (loop4): Test dummy encryption mode enabled
[  234.492530][ T8612] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  234.509834][ T8612] System zones: 0-5
[  234.559228][ T8612] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  234.584109][ T8612] EXT4-fs (loop4): unmounting filesystem.
[  234.939990][ T8638] incfs: Can't find or create .index dir in ./file0
[  234.948476][ T8638] incfs: mount failed -14
[  235.975169][ T8683] loop1: detected capacity change from 0 to 1024
[  236.026381][ T8683] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  236.262185][   T28] kauditd_printk_skb: 82 callbacks suppressed
[  236.262225][   T28] audit: type=1400 audit(1761860754.499:3579): avc:  denied  { mounton } for  pid=8682 comm="syz.1.3243" path="/27/file1/file0" dev="loop1" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  236.458737][ T8659] loop3: detected capacity change from 0 to 8192
[  236.508813][ T8659]  loop3: p1 < > p2 < p5 p6 > p3 p4
[  236.515718][ T8659] loop3: partition table partially beyond EOD, truncated
[  236.528090][ T8659] loop3: p1 start 67108864 is beyond EOD, truncated
[  236.541065][ T8659] loop3: p3 start 100859904 is beyond EOD, truncated
[  236.552992][ T8659] loop3: p4 size 393216 extends beyond EOD, truncated
[  236.565463][ T8659] loop3: p5 start 100859904 is beyond EOD, truncated
[  236.575353][ T8659] loop3: p6 size 393216 extends beyond EOD, truncated
[  236.864339][ T8316] EXT4-fs (loop1): unmounting filesystem.
[  237.337056][ T8706] loop3: detected capacity change from 0 to 256
[  237.381813][ T8706] FAT-fs (loop3): Directory bread(block 64) failed
[  237.408318][ T8706] FAT-fs (loop3): Directory bread(block 65) failed
[  237.428798][ T8706] FAT-fs (loop3): Directory bread(block 66) failed
[  237.437494][ T8706] FAT-fs (loop3): Directory bread(block 67) failed
[  237.450335][ T8706] FAT-fs (loop3): Directory bread(block 68) failed
[  237.462101][ T8706] FAT-fs (loop3): Directory bread(block 69) failed
[  237.476473][ T8706] FAT-fs (loop3): Directory bread(block 70) failed
[  237.483468][ T8706] FAT-fs (loop3): Directory bread(block 71) failed
[  237.490380][ T8706] FAT-fs (loop3): Directory bread(block 72) failed
[  237.497022][ T8706] FAT-fs (loop3): Directory bread(block 73) failed
[  237.563643][ T8701] loop1: detected capacity change from 0 to 40427
[  237.579746][ T8701] F2FS-fs (loop1): invalid crc value
[  237.622690][ T8701] F2FS-fs (loop1): Found nat_bits in checkpoint
[  237.665357][ T8701] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  237.726327][ T8719] loop2: detected capacity change from 0 to 512
[  237.743307][ T8719] ext4: Unknown parameter 'nouser_xattr'
[  237.789954][ T7850] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  237.875845][ T8732] loop4: detected capacity change from 0 to 1024
[  237.906683][ T8735] netlink: 'syz.0.3257': attribute type 12 has an invalid length.
[  237.915175][ T8732] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  238.299791][ T8316] syz-executor: attempt to access beyond end of device
[  238.299791][ T8316] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  238.470044][   T28] audit: type=1326 audit(1761860756.709:3580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8752 comm="syz.2.3265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63b758efc9 code=0x7ffc0000
[  238.497476][   T28] audit: type=1326 audit(1761860756.739:3581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8752 comm="syz.2.3265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f63b758efc9 code=0x7ffc0000
[  238.523145][   T28] audit: type=1326 audit(1761860756.739:3582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8752 comm="syz.2.3265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63b758efc9 code=0x7ffc0000
[  238.553964][   T28] audit: type=1326 audit(1761860756.739:3583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8752 comm="syz.2.3265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f63b758efc9 code=0x7ffc0000
[  238.591158][   T28] audit: type=1326 audit(1761860756.739:3584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8752 comm="syz.2.3265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63b758efc9 code=0x7ffc0000
[  238.617981][   T28] audit: type=1326 audit(1761860756.739:3585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8752 comm="syz.2.3265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f63b758efc9 code=0x7ffc0000
[  238.641821][   T28] audit: type=1326 audit(1761860756.739:3586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8752 comm="syz.2.3265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63b758efc9 code=0x7ffc0000
[  238.665699][   T28] audit: type=1326 audit(1761860756.739:3587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8752 comm="syz.2.3265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f63b758efc9 code=0x7ffc0000
[  238.689218][   T28] audit: type=1326 audit(1761860756.739:3588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8752 comm="syz.2.3265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63b758efc9 code=0x7ffc0000
[  238.944057][ T8761] loop2: detected capacity change from 0 to 4096
[  239.009723][ T8761] EXT4-fs (loop2): Test dummy encryption mode enabled
[  239.026622][ T8213] EXT4-fs (loop4): unmounting filesystem.
[  239.119566][ T8761] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  239.364180][ T8086] EXT4-fs (loop2): unmounting filesystem.
[  239.439156][ T8779] netlink: 'syz.0.3271': attribute type 12 has an invalid length.
[  239.645918][ T8777] loop2: detected capacity change from 0 to 40427
[  239.663694][ T8777] F2FS-fs (loop2): invalid crc value
[  239.700662][ T8777] F2FS-fs (loop2): Found nat_bits in checkpoint
[  239.735294][ T8799] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3279'.
[  239.784575][ T8777] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  240.063297][ T8086] syz-executor: attempt to access beyond end of device
[  240.063297][ T8086] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  240.355607][ T8821] loop1: detected capacity change from 0 to 1024
[  240.364548][ T8821] EXT4-fs: Ignoring removed orlov option
[  240.385646][ T8821] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  240.479134][ T8316] EXT4-fs (loop1): unmounting filesystem.
[  240.502742][ T8832] xt_bpf: check failed: parse error
[  242.009204][ T8841] loop0: detected capacity change from 0 to 40427
[  242.159705][ T8841] F2FS-fs (loop0): Found nat_bits in checkpoint
[  242.247314][ T8841] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  244.452497][ T7255] usb 3-1: new low-speed USB device number 10 using dummy_hcd
[  244.986390][ T7255] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  244.997378][ T7255] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.008185][ T7255] usb 3-1: config 0 descriptor??
[  245.216219][ T7255] asix 3-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[  245.321726][ T8882] loop4: detected capacity change from 0 to 1024
[  245.328397][ T2951] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  245.340118][ T8882] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  245.839224][ T2951] usb 2-1: Using ep0 maxpacket: 32
[  245.845516][ T2951] usb 2-1: config 0 has an invalid interface number: 20 but max is 0
[  245.854261][ T2951] usb 2-1: config 0 has no interface number 0
[  245.860735][ T2951] usb 2-1: config 0 interface 20 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  245.870911][ T2951] usb 2-1: config 0 interface 20 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[  245.884184][ T2951] usb 2-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[  245.893448][ T2951] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  245.901649][ T2951] usb 2-1: Product: syz
[  245.905851][ T2951] usb 2-1: Manufacturer: syz
[  245.910697][ T2951] usb 2-1: SerialNumber: syz
[  245.919561][ T2951] usb 2-1: config 0 descriptor??
[  245.924896][ T8880] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  245.932499][ T8880] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  245.941591][ T2951] usb-storage 2-1:0.20: USB Mass Storage device detected
[  245.952801][ T2951] usb-storage 2-1:0.20: Quirks match for vid 04e6 pid 000b: 4
[  245.982162][ T8900] fuse: Bad value for 'fd'
[  246.025382][ T8903] loop3: detected capacity change from 0 to 256
[  246.054860][ T8903] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  246.200171][ T8213] EXT4-fs (loop4): unmounting filesystem.
[  246.241425][ T8915] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3311'.
[  246.255148][ T8915] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3311'.
[  246.435855][ T8918] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3317'.
[  246.474164][ T2951] scsi host1: usb-storage 2-1:0.20
[  246.482059][ T2951] usb 2-1: USB disconnect, device number 16
[  247.602279][ T8935] loop3: detected capacity change from 0 to 4096
[  247.635984][ T8935] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  247.687933][ T7327] EXT4-fs (loop3): unmounting filesystem.
[  247.815529][ T8946] loop0: detected capacity change from 0 to 256
[  247.854474][ T8947] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3328'.
[  247.875328][ T8946] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  247.995618][ T8953] loop3: detected capacity change from 0 to 128
[  248.141772][ T8953] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  248.151763][ T8953] ext4 filesystem being mounted at /109/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  249.088811][ T7255] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x8001: -71
[  249.090736][ T7327] EXT4-fs (loop3): unmounting filesystem.
[  249.099498][ T7255] asix: probe of 3-1:0.0 failed with error -71
[  249.112158][ T7255] usb 3-1: USB disconnect, device number 10
[  249.250871][ T8978] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3340'.
[  253.406665][ T9015] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3351'.
[  254.980446][ T9022] loop2: detected capacity change from 0 to 512
[  255.868506][ T9022] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  255.879938][ T9022] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  256.210323][ T9022] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2195: inode #15: comm syz.2.3353: corrupted in-inode xattr
[  256.224234][ T9022] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.3353: couldn't read orphan inode 15 (err -117)
[  256.237199][ T9022] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  256.276692][ T9026] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3355'.
[  256.286434][ T9028] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3355'.
[  256.348528][ T9036] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3359'.
[  256.388944][ T9036] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3359'.
[  256.406285][ T8086] EXT4-fs (loop2): unmounting filesystem.
[  256.443830][ T9046] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3362'.
[  256.559617][ T9055] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3365'.
[  257.293951][ T9078] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3376'.
[  257.332212][ T9084] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3378'.
[  257.363798][ T9089] loop1: detected capacity change from 0 to 256
[  257.389929][ T9089] FAT-fs (loop1): Directory bread(block 64) failed
[  257.396887][ T9089] FAT-fs (loop1): Directory bread(block 65) failed
[  257.412138][ T9093] loop0: detected capacity change from 0 to 1024
[  257.430480][ T9093] EXT4-fs: Ignoring removed orlov option
[  257.447174][ T9089] FAT-fs (loop1): Directory bread(block 66) failed
[  257.465407][ T9089] FAT-fs (loop1): Directory bread(block 67) failed
[  257.472302][ T9089] FAT-fs (loop1): Directory bread(block 68) failed
[  257.478899][ T9089] FAT-fs (loop1): Directory bread(block 69) failed
[  257.485718][ T9089] FAT-fs (loop1): Directory bread(block 70) failed
[  257.501009][ T9089] FAT-fs (loop1): Directory bread(block 71) failed
[  257.504456][ T9100] xt_bpf: check failed: parse error
[  257.512145][ T9089] FAT-fs (loop1): Directory bread(block 72) failed
[  257.521041][ T9089] FAT-fs (loop1): Directory bread(block 73) failed
[  257.580691][ T9093] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  257.915330][ T7489] EXT4-fs (loop0): unmounting filesystem.
[  258.362602][ T9122] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3390'.
[  258.406342][ T9131] loop1: detected capacity change from 0 to 256
[  258.437797][ T9131] FAT-fs (loop1): Directory bread(block 64) failed
[  258.445397][ T5147] Bluetooth: hci0: Frame reassembly failed (-84)
[  258.459783][ T9131] FAT-fs (loop1): Directory bread(block 65) failed
[  258.478949][ T9131] FAT-fs (loop1): Directory bread(block 66) failed
[  258.487960][ T9131] FAT-fs (loop1): Directory bread(block 67) failed
[  258.501295][ T9131] FAT-fs (loop1): Directory bread(block 68) failed
[  258.518011][ T9131] FAT-fs (loop1): Directory bread(block 69) failed
[  258.532654][ T9131] FAT-fs (loop1): Directory bread(block 70) failed
[  258.541225][ T9131] FAT-fs (loop1): Directory bread(block 71) failed
[  258.543222][ T9137] loop2: detected capacity change from 0 to 256
[  258.548009][ T9131] FAT-fs (loop1): Directory bread(block 72) failed
[  258.561147][ T9131] FAT-fs (loop1): Directory bread(block 73) failed
[  258.594019][ T9137] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  258.632915][ T9140] loop1: detected capacity change from 0 to 512
[  258.670125][ T9140] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  258.671308][ T9145] xt_bpf: check failed: parse error
[  258.679349][ T9140] ext4 filesystem being mounted at /55/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  258.769358][ T9136] loop0: detected capacity change from 0 to 8192
[  258.809173][ T9136]  loop0: p1 < > p2 < p5 p6 > p3 p4
[  258.814434][ T9136] loop0: partition table partially beyond EOD, truncated
[  258.832715][ T9136] loop0: p1 start 67108864 is beyond EOD, truncated
[  258.840158][ T9136] loop0: p3 start 100859904 is beyond EOD, truncated
[  258.846887][ T9136] loop0: p4 size 393216 extends beyond EOD, truncated
[  258.855745][ T9136] loop0: p5 start 100859904 is beyond EOD, truncated
[  258.862564][ T9136] loop0: p6 size 393216 extends beyond EOD, truncated
[  258.900433][ T9150] loop2: detected capacity change from 0 to 256
[  258.935977][ T7850] udevd[7850]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[  258.963572][ T9150] FAT-fs (loop2): Directory bread(block 64) failed
[  258.978439][ T9150] FAT-fs (loop2): Directory bread(block 65) failed
[  258.983822][ T7849] udevd[7849]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  258.991897][ T7847] udevd[7847]: inotify_add_watch(7, /dev/loop0p6, 10) failed: No such file or directory
[  258.999760][ T7850] udevd[7850]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[  259.017575][ T9150] FAT-fs (loop2): Directory bread(block 66) failed
[  259.027015][ T9150] FAT-fs (loop2): Directory bread(block 67) failed
[  259.034345][ T9156] loop0: detected capacity change from 0 to 1024
[  259.040033][ T9150] FAT-fs (loop2): Directory bread(block 68) failed
[  259.047518][ T9150] FAT-fs (loop2): Directory bread(block 69) failed
[  259.058384][ T9150] FAT-fs (loop2): Directory bread(block 70) failed
[  259.066537][ T9150] FAT-fs (loop2): Directory bread(block 71) failed
[  259.074512][ T7849] udevd[7849]: inotify_add_watch(7, /dev/loop0p6, 10) failed: No such file or directory
[  259.074912][ T7852] udevd[7852]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  259.085822][ T7850] udevd[7850]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[  259.094348][ T9150] FAT-fs (loop2): Directory bread(block 72) failed
[  259.111851][ T9150] FAT-fs (loop2): Directory bread(block 73) failed
[  259.119252][ T9156] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  259.268819][ T9169] loop4: detected capacity change from 0 to 256
[  259.284358][ T9169] FAT-fs (loop4): Directory bread(block 64) failed
[  259.291013][ T9169] FAT-fs (loop4): Directory bread(block 65) failed
[  259.297565][ T9169] FAT-fs (loop4): Directory bread(block 66) failed
[  259.328794][ T9169] FAT-fs (loop4): Directory bread(block 67) failed
[  259.335832][ T9169] FAT-fs (loop4): Directory bread(block 68) failed
[  259.342950][ T9169] FAT-fs (loop4): Directory bread(block 69) failed
[  259.349930][ T9169] FAT-fs (loop4): Directory bread(block 70) failed
[  259.367538][ T9169] FAT-fs (loop4): Directory bread(block 71) failed
[  259.374737][ T9169] FAT-fs (loop4): Directory bread(block 72) failed
[  259.384610][ T9169] FAT-fs (loop4): Directory bread(block 73) failed
[  259.593070][ T8316] EXT4-fs (loop1): unmounting filesystem.
[  259.612653][ T9174] loop1: detected capacity change from 0 to 256
[  259.636478][ T9174] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  259.649155][ T9176] xt_bpf: check failed: parse error
[  259.785027][ T9186] loop2: detected capacity change from 0 to 2048
[  259.792687][ T9186] EXT4-fs: Ignoring removed nomblk_io_submit option
[  259.799409][ T9186] EXT4-fs: Ignoring removed nobh option
[  259.810320][ T9186] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  259.844797][ T8086] EXT4-fs (loop2): unmounting filesystem.
[  259.886340][ T7489] EXT4-fs (loop0): unmounting filesystem.
[  259.939845][ T9184] loop1: detected capacity change from 0 to 8192
[  260.048572][ T9200] loop0: detected capacity change from 0 to 512
[  260.057733][ T9200] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  260.069183][ T9200] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  260.139859][ T9184]  loop1: p1 < > p2 < p5 p6 > p3 p4
[  260.184567][ T9200] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2195: inode #15: comm syz.0.3419: corrupted in-inode xattr
[  260.197334][ T9200] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.3419: couldn't read orphan inode 15 (err -117)
[  260.210592][ T9200] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  260.243354][ T9184] loop1: partition table partially beyond EOD, truncated
[  260.403276][ T9184] loop1: p1 start 67108864 is beyond EOD, truncated
[  260.493551][ T9184] loop1: p3 start 100859904 is beyond EOD, truncated
[  260.508571][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  260.508629][ T7875] Bluetooth: hci0: command 0x1003 tx timeout
[  260.559434][ T9184] loop1: p4 size 393216 extends beyond EOD, truncated
[  260.691406][ T9184] loop1: p5 start 100859904 is beyond EOD, truncated
[  260.729934][ T9184] loop1: p6 size 393216 extends beyond EOD, truncated
[  261.632006][ T9207] loop2: detected capacity change from 0 to 40427
[  261.653713][ T7489] EXT4-fs (loop0): unmounting filesystem.
[  261.877615][ T9207] F2FS-fs (loop2): Found nat_bits in checkpoint
[  261.978009][ T9207] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  262.298477][ T9215] loop1: detected capacity change from 0 to 256
[  262.396453][ T7849] udevd[7849]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  262.407691][ T7850] udevd[7850]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  262.750641][ T9215] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  262.754079][ T7847] udevd[7847]: inotify_add_watch(7, /dev/loop1p6, 10) failed: No such file or directory
[  262.966290][ T9226] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3426'.
[  263.260689][ T9235] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3430'.
[  263.350703][ T9240] loop4: detected capacity change from 0 to 16
[  263.369434][ T9240] erofs: (device loop4): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 125300)
[  263.446054][ T7850] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  263.493981][ T2951] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  264.019939][ T9243] fuse: Bad value for 'fd'
[  264.060095][ T9247] xt_bpf: check failed: parse error
[  264.437283][ T9255] loop0: detected capacity change from 0 to 40427
[  264.468742][ T2951] usb 2-1: Using ep0 maxpacket: 16
[  264.479796][ T2951] usb 2-1: New USB device found, idVendor=054c, idProduct=002e, bcdDevice= 5.00
[  264.615529][ T2951] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  264.653370][ T9255] F2FS-fs (loop0): Found nat_bits in checkpoint
[  264.765763][ T9255] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  264.917019][ T2951] usb 2-1: Product: syz
[  265.048786][ T2951] usb 2-1: Manufacturer: syz
[  265.078929][ T2951] usb 2-1: SerialNumber: syz
[  265.705614][ T9273] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3443'.
[  266.154693][ T2951] usb 2-1: config 0 descriptor??
[  266.165576][ T2951] usb-storage 2-1:0.0: USB Mass Storage device detected
[  266.177489][ T9284] xt_bpf: check failed: parse error
[  266.197895][ T9286] fuse: Bad value for 'fd'
[  266.503914][ T9294] loop0: detected capacity change from 0 to 1024
[  266.512416][ T2951] usb-storage 2-1:0.0: Quirks match for vid 054c pid 002e: 1
[  266.514692][ T9294] EXT4-fs: Ignoring removed orlov option
[  266.593366][ T9299] loop3: detected capacity change from 0 to 16
[  266.604870][ T9299] erofs: (device loop3): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 125300)
[  266.810433][ T9294] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  267.374678][ T7489] EXT4-fs (loop0): unmounting filesystem.
[  267.420531][ T9312] loop4: detected capacity change from 0 to 512
[  267.436291][ T9312] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  267.446574][ T9312] EXT4-fs (loop4): orphan cleanup on readonly fs
[  267.455355][ T9312] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.3456: bg 0: block 248: padding at end of block bitmap is not set
[  267.470199][ T9312] __quota_error: 28 callbacks suppressed
[  267.470217][ T9312] Quota error (device loop4): write_blk: dquota write failed
[  267.484146][ T9312] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  267.503733][ T9312] EXT4-fs error (device loop4): ext4_acquire_dquot:6803: comm syz.4.3456: Failed to acquire dquot type 1
[  267.522701][ T2951] usb-storage 2-1:0.0: This device (054c,002e,0500 S 04 P 00) has an unneeded SubClass entry in unusual_devs.h (kernel syzkaller)
[  267.522701][ T2951]    Please send a copy of this message to <linux-usb@vger.kernel.org> and <usb-storage@lists.one-eyed-alien.net>
[  267.542848][ T9312] EXT4-fs (loop4): 1 truncate cleaned up
[  267.559598][ T9312] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  267.592740][ T2951] usb 2-1: USB disconnect, device number 17
[  267.623931][ T9312] EXT4-fs error (device loop4): ext4_lookup:1862: inode #2: comm syz.4.3456: deleted inode referenced: 12
[  267.687209][ T8213] EXT4-fs (loop4): unmounting filesystem.
[  267.689328][ T9326] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3462'.
[  269.713543][ T9331] loop1: detected capacity change from 0 to 40427
[  269.775188][ T9332] fuse: Bad value for 'fd'
[  269.834367][ T9331] F2FS-fs (loop1): Found nat_bits in checkpoint
[  270.302047][ T9331] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  270.370376][ T9346] loop4: detected capacity change from 0 to 1024
[  270.384302][ T9346] EXT4-fs: Ignoring removed orlov option
[  270.410214][ T9346] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  270.459786][ T8213] EXT4-fs (loop4): unmounting filesystem.
[  270.542508][ T9353] loop3: detected capacity change from 0 to 16
[  270.554176][ T9353] erofs: (device loop3): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 125300)
[  271.331590][ T9357] loop0: detected capacity change from 0 to 1024
[  271.358139][ T9360] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3473'.
[  271.377669][ T9357] EXT4-fs: Ignoring removed nomblk_io_submit option
[  271.394078][ T9357] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  271.440747][ T9357] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  271.520141][ T9370] loop4: detected capacity change from 0 to 512
[  271.569890][ T9370] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  271.579665][ T9370] ext4 filesystem being mounted at /79/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  271.628350][ T7254] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  272.127551][ T9383] incfs: Can't find or create .index dir in ./file0
[  272.134408][ T9383] incfs: mount failed -14
[  272.156729][ T9386] loop1: detected capacity change from 0 to 1024
[  272.163703][ T9386] EXT4-fs: Ignoring removed orlov option
[  272.189660][ T9386] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  272.210657][ T8316] EXT4-fs (loop1): unmounting filesystem.
[  272.218401][ T7254] usb 3-1: Using ep0 maxpacket: 16
[  272.226262][ T7254] usb 3-1: New USB device found, idVendor=054c, idProduct=002e, bcdDevice= 5.00
[  272.237045][ T7254] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.245994][ T7254] usb 3-1: Product: syz
[  272.250435][ T7254] usb 3-1: Manufacturer: syz
[  272.255057][ T7254] usb 3-1: SerialNumber: syz
[  272.260495][ T7254] usb 3-1: config 0 descriptor??
[  272.266220][ T7254] usb-storage 3-1:0.0: USB Mass Storage device detected
[  272.273954][ T7254] usb-storage 3-1:0.0: Quirks match for vid 054c pid 002e: 1
[  272.281455][ T7254] usb-storage 3-1:0.0: This device (054c,002e,0500 S 04 P 00) has an unneeded SubClass entry in unusual_devs.h (kernel syzkaller)
[  272.281455][ T7254]    Please send a copy of this message to <linux-usb@vger.kernel.org> and <usb-storage@lists.one-eyed-alien.net>
[  272.371012][ T8213] EXT4-fs (loop4): unmounting filesystem.
[  272.404064][ T9390] loop1: detected capacity change from 0 to 1024
[  272.437340][ T9397] loop3: detected capacity change from 0 to 256
[  272.458840][ T7489] EXT4-fs (loop0): unmounting filesystem.
[  272.459080][ T9397] FAT-fs (loop3): Directory bread(block 64) failed
[  272.476130][ T9397] FAT-fs (loop3): Directory bread(block 65) failed
[  272.483141][ T9397] FAT-fs (loop3): Directory bread(block 66) failed
[  272.496641][ T9397] FAT-fs (loop3): Directory bread(block 67) failed
[  272.503589][ T9397] FAT-fs (loop3): Directory bread(block 68) failed
[  272.511818][ T9397] FAT-fs (loop3): Directory bread(block 69) failed
[  272.523152][ T9397] FAT-fs (loop3): Directory bread(block 70) failed
[  272.536977][ T9397] FAT-fs (loop3): Directory bread(block 71) failed
[  272.553016][ T9397] FAT-fs (loop3): Directory bread(block 72) failed
[  272.560178][ T9397] FAT-fs (loop3): Directory bread(block 73) failed
[  272.611565][ T9390] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  272.615719][ T9404] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3485'.
[  273.169988][ T9409] tipc: Started in network mode
[  273.175409][ T9409] tipc: Node identity 52490f4d56d4, cluster identity 4711
[  273.183652][ T9409] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  274.490801][ T9410] loop4: detected capacity change from 0 to 16
[  274.501017][  T533] tipc: Node number set to 77401933
[  274.511044][ T9406] loop0: detected capacity change from 0 to 512
[  274.530936][ T9410] erofs: (device loop4): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 125300)
[  274.616125][ T9406] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  274.847998][ T9406] EXT4-fs (loop0): Test dummy encryption mode enabled
[  274.865593][ T8316] EXT4-fs (loop1): unmounting filesystem.
[  274.891270][ T9406] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.3487: casefold flag without casefold feature
[  274.904658][ T9406] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.3487: couldn't read orphan inode 15 (err -117)
[  274.917400][ T9406] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  274.943308][   T28] audit: type=1400 audit(1761860793.179:3617): avc:  denied  { write } for  pid=9405 comm="syz.0.3487" name="file0" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  275.063807][   T28] audit: type=1400 audit(1761860793.209:3618): avc:  denied  { add_name } for  pid=9405 comm="syz.0.3487" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  275.460965][ T9396] tipc: Disabling bearer <eth:syzkaller0>
[  275.507691][   T28] audit: type=1400 audit(1761860793.729:3619): avc:  denied  { remount } for  pid=9405 comm="syz.0.3487" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  275.520657][   T24] usb 3-1: USB disconnect, device number 11
[  275.527706][   T28] audit: type=1400 audit(1761860793.729:3620): avc:  denied  { setattr } for  pid=9405 comm="syz.0.3487" name="work" dev="loop0" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  275.592275][ T9417] fscrypt (loop0): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[  275.601922][ T9417] overlayfs: upper fs does not support tmpfile.
[  275.608555][ T9417] fscrypt (loop0): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[  275.642053][   T28] audit: type=1400 audit(1761860793.879:3621): avc:  denied  { write } for  pid=9427 comm="syz.3.3491" name="uinput" dev="devtmpfs" ino=262 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  275.666626][ T7489] EXT4-fs (loop0): unmounting filesystem.
[  275.688129][ T9434] loop2: detected capacity change from 0 to 512
[  275.731468][ T9439] xt_bpf: check failed: parse error
[  275.778172][ T9444] fuse: Bad value for 'fd'
[  275.783647][ T9434] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  275.813085][ T9434] ext4 filesystem being mounted at /91/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  276.815329][ T9448] loop1: detected capacity change from 0 to 1024
[  276.839322][ T9448] EXT4-fs: Ignoring removed orlov option
[  276.917825][ T9453] loop0: detected capacity change from 0 to 16
[  276.984125][ T9453] erofs: (device loop0): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 125300)
[  277.143134][ T8086] EXT4-fs (loop2): unmounting filesystem.
[  277.200342][ T9448] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  277.488879][ T9466] loop4: detected capacity change from 0 to 256
[  277.508904][ T8316] EXT4-fs (loop1): unmounting filesystem.
[  277.529495][ T9466] FAT-fs (loop4): Directory bread(block 64) failed
[  278.772268][ T9466] FAT-fs (loop4): Directory bread(block 65) failed
[  278.778915][ T9466] FAT-fs (loop4): Directory bread(block 66) failed
[  278.785461][ T9466] FAT-fs (loop4): Directory bread(block 67) failed
[  278.792115][ T9466] FAT-fs (loop4): Directory bread(block 68) failed
[  278.799866][   T28] audit: type=1400 audit(1761860795.869:3622): avc:  denied  { mount } for  pid=9460 comm="syz.2.3501" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  278.851557][ T9466] FAT-fs (loop4): Directory bread(block 69) failed
[  278.876072][ T9466] FAT-fs (loop4): Directory bread(block 70) failed
[  278.898647][ T9466] FAT-fs (loop4): Directory bread(block 71) failed
[  278.905356][ T9466] FAT-fs (loop4): Directory bread(block 72) failed
[  278.911963][ T9466] FAT-fs (loop4): Directory bread(block 73) failed
[  279.189067][ T9486] loop3: detected capacity change from 0 to 512
[  279.398679][ T9486] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  279.417663][ T9486] ext4 filesystem being mounted at /137/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  279.502566][ T9481] loop0: detected capacity change from 0 to 40427
[  279.515343][ T9481] F2FS-fs (loop0): Invalid log_blocksize (64), supports only 12
[  279.525108][ T9481] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  279.543914][ T9481] F2FS-fs (loop0): invalid crc value
[  279.554819][ T9481] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  279.591534][ T9481] F2FS-fs (loop0): Start checkpoint disabled!
[  279.598977][ T9481] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  279.606088][ T9481] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  280.143415][ T9505] overlayfs: workdir and upperdir must be separate subtrees
[  280.805331][ T7327] EXT4-fs (loop3): unmounting filesystem.
[  280.909149][ T9509] loop1: detected capacity change from 0 to 16
[  280.989896][ T9509] erofs: (device loop1): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 125300)
[  281.019704][ T5170] kworker/u4:60: attempt to access beyond end of device
[  281.019704][ T5170] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  281.084506][ T7850] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  283.995306][ T9538] loop1: detected capacity change from 0 to 512
[  284.039092][ T9538] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  284.059371][ T9538] EXT4-fs (loop1): Test dummy encryption mode enabled
[  284.134148][ T9551] fuse: Bad value for 'fd'
[  284.174785][ T9538] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.3528: casefold flag without casefold feature
[  284.187883][ T9538] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.3528: couldn't read orphan inode 15 (err -117)
[  285.031544][ T9538] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  285.170035][ T9559] loop2: detected capacity change from 0 to 16
[  286.145233][ T9559] erofs: (device loop2): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 125300)
[  286.238620][  T533] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  286.410026][ T8316] EXT4-fs (loop1): unmounting filesystem.
[  286.465684][   T28] audit: type=1326 audit(1761860804.699:3623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9565 comm="syz.4.3537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3e678efc9 code=0x7ffc0000
[  286.627521][ T5147] Bluetooth: hci0: Frame reassembly failed (-84)
[  286.635118][  T533] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  286.969395][  T533] usb 4-1: New USB device found, idVendor=046d, idProduct=c71c, bcdDevice= 0.00
[  286.978875][   T28] audit: type=1326 audit(1761860804.739:3624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9565 comm="syz.4.3537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7fe3e678efc9 code=0x7ffc0000
[  287.009475][  T533] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  287.022002][  T533] usb 4-1: config 0 descriptor??
[  287.029840][   T28] audit: type=1326 audit(1761860804.739:3625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9565 comm="syz.4.3537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3e678efc9 code=0x7ffc0000
[  287.110682][ T9580] loop4: detected capacity change from 0 to 256
[  287.138433][ T9580] FAT-fs (loop4): Directory bread(block 64) failed
[  287.147678][ T9580] FAT-fs (loop4): Directory bread(block 65) failed
[  287.154941][ T9580] FAT-fs (loop4): Directory bread(block 66) failed
[  287.161828][ T9580] FAT-fs (loop4): Directory bread(block 67) failed
[  287.169634][ T9580] FAT-fs (loop4): Directory bread(block 68) failed
[  287.176380][ T9580] FAT-fs (loop4): Directory bread(block 69) failed
[  287.183399][ T9580] FAT-fs (loop4): Directory bread(block 70) failed
[  287.190661][ T9580] FAT-fs (loop4): Directory bread(block 71) failed
[  287.197336][ T9580] FAT-fs (loop4): Directory bread(block 72) failed
[  287.204429][ T9580] FAT-fs (loop4): Directory bread(block 73) failed
[  287.208792][  T533] usbhid 4-1:0.0: can't add hid device: -71
[  287.219502][  T533] usbhid: probe of 4-1:0.0 failed with error -71
[  287.227386][  T533] usb 4-1: USB disconnect, device number 5
[  288.609677][ T9590] fuse: Bad value for 'fd'
[  288.668364][ T7875] Bluetooth: hci0: command 0x1003 tx timeout
[  288.675089][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  288.686780][ T9594] loop3: detected capacity change from 0 to 512
[  288.709227][ T9594] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  288.723086][ T9594] EXT4-fs (loop3): Test dummy encryption mode enabled
[  288.731770][ T9594] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.3546: casefold flag without casefold feature
[  288.745131][ T9594] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.3546: couldn't read orphan inode 15 (err -117)
[  289.141249][ T9594] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  289.720943][ T9613] loop0: detected capacity change from 0 to 128
[  289.729429][ T7327] EXT4-fs (loop3): unmounting filesystem.
[  289.752335][ T9617] loop4: detected capacity change from 0 to 256
[  289.772584][ T9613] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3553'.
[  289.783576][ T9621] fuse: Bad value for 'fd'
[  289.799370][ T9617] FAT-fs (loop4): Directory bread(block 64) failed
[  289.819807][ T9617] FAT-fs (loop4): Directory bread(block 65) failed
[  289.832275][ T9617] FAT-fs (loop4): Directory bread(block 66) failed
[  289.841187][ T9617] FAT-fs (loop4): Directory bread(block 67) failed
[  289.847995][ T9617] FAT-fs (loop4): Directory bread(block 68) failed
[  289.855344][ T9617] FAT-fs (loop4): Directory bread(block 69) failed
[  289.866869][ T9617] FAT-fs (loop4): Directory bread(block 70) failed
[  289.874026][ T9617] FAT-fs (loop4): Directory bread(block 71) failed
[  289.881328][ T9617] FAT-fs (loop4): Directory bread(block 72) failed
[  289.890138][ T9617] FAT-fs (loop4): Directory bread(block 73) failed
[  290.047094][   T43] Bluetooth: hci1: Frame reassembly failed (-84)
[  291.996243][ T9644] loop2: detected capacity change from 0 to 1024
[  292.003075][ T9644] EXT4-fs: Ignoring removed orlov option
[  292.010122][   T28] audit: type=1400 audit(1761860809.259:3626): avc:  denied  { setopt } for  pid=9622 comm="syz.0.3558" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  292.030134][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  292.108353][ T7875] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  292.108383][ T3051] Bluetooth: hci1: command 0x1003 tx timeout
[  292.147683][ T9644] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  292.376457][ T9648] loop4: detected capacity change from 0 to 512
[  292.396166][ T9648] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  292.415239][ T9648] EXT4-fs (loop4): Test dummy encryption mode enabled
[  292.427931][ T9648] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.3565: casefold flag without casefold feature
[  292.441222][ T9648] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.3565: couldn't read orphan inode 15 (err -117)
[  292.454206][ T9648] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  292.923357][ T9655] loop1: detected capacity change from 0 to 512
[  292.950279][ T9655] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  292.960845][ T9655] ext4 filesystem being mounted at /87/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  293.075630][ T9660] loop3: detected capacity change from 0 to 128
[  293.085334][ T8086] EXT4-fs (loop2): unmounting filesystem.
[  293.134990][ T9660] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3568'.
[  293.145957][ T8213] EXT4-fs (loop4): unmounting filesystem.
[  293.184044][ T9665] fuse: Bad value for 'fd'
[  293.243825][ T9674] loop2: detected capacity change from 0 to 256
[  293.263102][  T371] Bluetooth: hci0: Frame reassembly failed (-84)
[  293.275161][ T9674] FAT-fs (loop2): Directory bread(block 64) failed
[  293.281790][ T9674] FAT-fs (loop2): Directory bread(block 65) failed
[  293.288502][ T9674] FAT-fs (loop2): Directory bread(block 66) failed
[  293.295080][ T9674] FAT-fs (loop2): Directory bread(block 67) failed
[  293.301964][ T9674] FAT-fs (loop2): Directory bread(block 68) failed
[  293.308655][ T9674] FAT-fs (loop2): Directory bread(block 69) failed
[  293.320256][ T9674] FAT-fs (loop2): Directory bread(block 70) failed
[  293.328857][   T28] audit: type=1400 audit(1761860811.559:3627): avc:  denied  { connect } for  pid=9669 comm="syz.0.3572" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  293.333052][ T9674] FAT-fs (loop2): Directory bread(block 71) failed
[  293.355822][ T9674] FAT-fs (loop2): Directory bread(block 72) failed
[  293.362762][ T9674] FAT-fs (loop2): Directory bread(block 73) failed
[  293.797662][ T8316] EXT4-fs (loop1): unmounting filesystem.
[  293.896630][ T5170] Bluetooth: hci1: Frame reassembly failed (-84)
[  294.071469][ T9691] loop0: detected capacity change from 0 to 512
[  294.082929][ T9691] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  294.095794][ T9691] EXT4-fs (loop0): Test dummy encryption mode enabled
[  294.105346][ T9691] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.3580: casefold flag without casefold feature
[  294.120130][ T9691] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.3580: couldn't read orphan inode 15 (err -117)
[  294.138696][ T9691] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  294.174477][ T9691] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  294.183179][   T28] audit: type=1400 audit(1761860812.419:3628): avc:  denied  { remove_name } for  pid=9690 comm="syz.0.3580" name="#6" dev="loop0" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  294.214440][   T28] audit: type=1400 audit(1761860812.439:3629): avc:  denied  { rename } for  pid=9690 comm="syz.0.3580" name="#6" dev="loop0" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  294.236387][   T28] audit: type=1400 audit(1761860812.439:3630): avc:  denied  { unlink } for  pid=9690 comm="syz.0.3580" name="#6" dev="loop0" ino=24 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[  294.260486][   T28] audit: type=1400 audit(1761860812.499:3631): avc:  denied  { rmdir } for  pid=7489 comm="syz-executor" name="work" dev="loop0" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  294.285321][ T7489] EXT4-fs (loop0): unmounting filesystem.
[  294.316976][ T9704] loop0: detected capacity change from 0 to 128
[  294.336832][ T9706] fuse: Bad value for 'fd'
[  294.345839][ T9704] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3583'.
[  294.728619][ T9716] loop0: detected capacity change from 0 to 512
[  294.747038][ T9716] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  294.753145][ T9721] incfs: Can't find or create .index dir in ./file0
[  294.757273][ T9716] ext4 filesystem being mounted at /129/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  294.763097][ T9721] incfs: mount failed -14
[  294.818905][ T9723] loop4: detected capacity change from 0 to 256
[  294.851426][ T9723] FAT-fs (loop4): Directory bread(block 64) failed
[  294.857977][ T9723] FAT-fs (loop4): Directory bread(block 65) failed
[  294.864881][ T9723] FAT-fs (loop4): Directory bread(block 66) failed
[  294.871744][ T9723] FAT-fs (loop4): Directory bread(block 67) failed
[  294.878460][ T9723] FAT-fs (loop4): Directory bread(block 68) failed
[  294.885040][ T9723] FAT-fs (loop4): Directory bread(block 69) failed
[  294.891994][ T9723] FAT-fs (loop4): Directory bread(block 70) failed
[  294.898656][ T9723] FAT-fs (loop4): Directory bread(block 71) failed
[  294.905408][ T9723] FAT-fs (loop4): Directory bread(block 72) failed
[  294.912106][ T9723] FAT-fs (loop4): Directory bread(block 73) failed
[  295.248450][ T9730] loop2: detected capacity change from 0 to 40427
[  295.265130][ T9730] F2FS-fs (loop2): invalid crc value
[  295.276693][ T9730] F2FS-fs (loop2): Found nat_bits in checkpoint
[  295.308380][ T7875] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  295.308399][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[  295.315200][ T9730] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  295.471267][ T8086] syz-executor: attempt to access beyond end of device
[  295.471267][ T8086] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  295.583404][ T9737] loop2: detected capacity change from 0 to 512
[  295.594956][ T7489] EXT4-fs (loop0): unmounting filesystem.
[  295.600221][ T9737] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  295.609616][ T9737] EXT4-fs (loop2): Test dummy encryption mode enabled
[  295.630612][ T9737] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.3594: casefold flag without casefold feature
[  295.645194][ T9737] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.3594: couldn't read orphan inode 15 (err -117)
[  295.668546][ T9737] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  295.719900][ T8086] EXT4-fs (loop2): unmounting filesystem.
[  297.265104][ T9748] loop4: detected capacity change from 0 to 40427
[  297.328151][ T7875] Bluetooth: hci1: command 0x1003 tx timeout
[  297.334410][ T3051] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  297.515721][ T9748] F2FS-fs (loop4): Found nat_bits in checkpoint
[  297.610046][ T9748] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  297.912861][ T9755] loop2: detected capacity change from 0 to 128
[  297.979374][ T9755] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3598'.
[  298.233828][ T9767] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3601'.
[  298.245391][ T9767] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3601'.
[  298.479059][ T9771] loop0: detected capacity change from 0 to 512
[  298.520165][ T9771] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  298.535558][ T9771] ext4 filesystem being mounted at /133/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  298.579417][ T9779] loop4: detected capacity change from 0 to 256
[  298.602119][ T9779] FAT-fs (loop4): Directory bread(block 64) failed
[  298.609114][ T9779] FAT-fs (loop4): Directory bread(block 65) failed
[  298.615755][ T9779] FAT-fs (loop4): Directory bread(block 66) failed
[  298.622469][ T9779] FAT-fs (loop4): Directory bread(block 67) failed
[  298.629147][ T9779] FAT-fs (loop4): Directory bread(block 68) failed
[  298.635813][ T9779] FAT-fs (loop4): Directory bread(block 69) failed
[  298.642615][ T9779] FAT-fs (loop4): Directory bread(block 70) failed
[  298.645308][   T24] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  298.657711][ T9779] FAT-fs (loop4): Directory bread(block 71) failed
[  298.666231][ T9779] FAT-fs (loop4): Directory bread(block 72) failed
[  298.678318][ T9779] FAT-fs (loop4): Directory bread(block 73) failed
[  298.821618][   T28] audit: type=1400 audit(1761860817.029:3632): avc:  denied  { create } for  pid=9781 comm="syz.3.3608" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  298.844037][   T28] audit: type=1400 audit(1761860817.029:3633): avc:  denied  { write } for  pid=9781 comm="syz.3.3608" path="socket:[47088]" dev="sockfs" ino=47088 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  298.902547][   T24] usb 3-1: Using ep0 maxpacket: 32
[  298.930428][   T24] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  298.995522][   T24] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  299.003818][ T5191] Bluetooth: hci0: Frame reassembly failed (-84)
[  299.020165][   T24] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  299.030409][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.039779][   T24] usb 3-1: config 0 descriptor??
[  299.052425][   T24] hub 3-1:0.0: bad descriptor, ignoring hub
[  299.058593][   T24] hub: probe of 3-1:0.0 failed with error -5
[  299.064887][   T24] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  299.335984][ T7489] EXT4-fs (loop0): unmounting filesystem.
[  299.352420][ T9790] xt_bpf: check failed: parse error
[  299.498775][ T9799] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3614'.
[  299.508728][ T9799] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3614'.
[  299.656524][ T9813] loop3: detected capacity change from 0 to 512
[  299.675388][ T9813] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  299.691293][ T9813] EXT4-fs (loop3): Test dummy encryption mode enabled
[  299.699876][ T9813] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.3620: casefold flag without casefold feature
[  299.713035][ T9813] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.3620: couldn't read orphan inode 15 (err -117)
[  299.725362][ T9813] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  299.846430][ T9816] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3619'.
[  300.059192][ T9816] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3619'.
[  300.694491][ T7327] EXT4-fs (loop3): unmounting filesystem.
[  300.704601][ T9821] loop0: detected capacity change from 0 to 512
[  300.730573][ T9824] xt_bpf: check failed: parse error
[  300.744158][ T9821] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  300.754218][ T9821] ext4 filesystem being mounted at /141/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  300.786301][ T9830] loop3: detected capacity change from 0 to 256
[  300.826034][ T9830] FAT-fs (loop3): Directory bread(block 64) failed
[  300.835952][ T9830] FAT-fs (loop3): Directory bread(block 65) failed
[  300.843328][ T9830] FAT-fs (loop3): Directory bread(block 66) failed
[  300.850042][ T9830] FAT-fs (loop3): Directory bread(block 67) failed
[  300.856651][ T9830] FAT-fs (loop3): Directory bread(block 68) failed
[  300.863263][ T9830] FAT-fs (loop3): Directory bread(block 69) failed
[  300.870260][ T9830] FAT-fs (loop3): Directory bread(block 70) failed
[  300.876839][ T9830] FAT-fs (loop3): Directory bread(block 71) failed
[  300.883479][ T9830] FAT-fs (loop3): Directory bread(block 72) failed
[  300.890083][ T9830] FAT-fs (loop3): Directory bread(block 73) failed
[  301.068309][ T3051] Bluetooth: hci0: command 0x1003 tx timeout
[  301.068322][ T7875] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  301.577497][ T7489] EXT4-fs (loop0): unmounting filesystem.
[  302.228711][   T39] usb 3-1: USB disconnect, device number 12
[  302.405059][ T9854] loop0: detected capacity change from 0 to 512
[  302.452076][ T9854] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  302.461172][ T9856] xt_bpf: check failed: parse error
[  302.470289][ T9854] EXT4-fs (loop0): Test dummy encryption mode enabled
[  302.542136][ T9862] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3632'.
[  302.553808][ T9862] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3632'.
[  302.678923][ T9854] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.3633: casefold flag without casefold feature
[  302.708537][   T39] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  302.762757][ T9854] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.3633: couldn't read orphan inode 15 (err -117)
[  302.779924][ T9854] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  302.785882][ T9867] loop3: detected capacity change from 0 to 256
[  302.800725][ T9867] FAT-fs (loop3): Directory bread(block 64) failed
[  302.807340][ T9867] FAT-fs (loop3): Directory bread(block 65) failed
[  302.814274][ T9867] FAT-fs (loop3): Directory bread(block 66) failed
[  302.821291][ T9867] FAT-fs (loop3): Directory bread(block 67) failed
[  302.828456][ T9867] FAT-fs (loop3): Directory bread(block 68) failed
[  302.835132][ T9867] FAT-fs (loop3): Directory bread(block 69) failed
[  302.842191][ T9867] FAT-fs (loop3): Directory bread(block 70) failed
[  302.849244][ T9867] FAT-fs (loop3): Directory bread(block 71) failed
[  302.855962][ T9867] FAT-fs (loop3): Directory bread(block 72) failed
[  302.869129][ T9867] FAT-fs (loop3): Directory bread(block 73) failed
[  303.452540][   T39] usb 3-1: Using ep0 maxpacket: 32
[  303.464105][ T7489] EXT4-fs (loop0): unmounting filesystem.
[  303.473421][   T39] usb 3-1: config 0 has an invalid interface number: 67 but max is 0
[  303.474570][ T9872] fuse: Bad value for 'fd'
[  303.499827][   T39] usb 3-1: config 0 has no interface number 0
[  303.509714][   T39] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  303.529104][   T39] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  303.547220][   T39] usb 3-1: Product: syz
[  303.597202][   T39] usb 3-1: Manufacturer: syz
[  303.662737][   T39] usb 3-1: SerialNumber: syz
[  303.975662][   T39] usb 3-1: config 0 descriptor??
[  304.232963][   T39] smsc95xx v2.0.0
[  304.996605][   T39] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  305.106063][   T39] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  305.199022][ T9904] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3649'.
[  305.209666][ T9904] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3649'.
[  305.395286][ T9908] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3650'.
[  305.406929][ T9908] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3650'.
[  305.558524][ T2437] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  305.558559][ T7875] Bluetooth: hci0: command 0x1003 tx timeout
[  305.612782][ T9910] fuse: Bad value for 'fd'
[  305.966811][ T9912] loop3: detected capacity change from 0 to 256
[  306.005526][ T9912] FAT-fs (loop3): Directory bread(block 64) failed
[  306.023849][ T9912] FAT-fs (loop3): Directory bread(block 65) failed
[  306.031783][ T9912] FAT-fs (loop3): Directory bread(block 66) failed
[  306.068506][ T9912] FAT-fs (loop3): Directory bread(block 67) failed
[  306.082485][ T9912] FAT-fs (loop3): Directory bread(block 68) failed
[  306.092523][ T9912] FAT-fs (loop3): Directory bread(block 69) failed
[  306.108614][ T9912] FAT-fs (loop3): Directory bread(block 70) failed
[  306.118427][ T9912] FAT-fs (loop3): Directory bread(block 71) failed
[  306.135516][ T9912] FAT-fs (loop3): Directory bread(block 72) failed
[  306.142104][ T9912] FAT-fs (loop3): Directory bread(block 73) failed
[  306.819882][   T39] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -32
[  307.061641][   T39] smsc95xx: probe of 3-1:0.67 failed with error -32
[  308.588118][   T28] audit: type=1400 audit(1761860826.819:3634): avc:  denied  { read } for  pid=9921 comm="syz.0.3656" name=".log" dev="incremental-fs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  308.793210][   T39] usb 3-1: USB disconnect, device number 13
[  308.878572][   T28] audit: type=1400 audit(1761860826.819:3635): avc:  denied  { open } for  pid=9921 comm="syz.0.3656" path="/146/file0/.log" dev="incremental-fs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  309.114270][ T9945] loop4: detected capacity change from 0 to 1024
[  309.139706][ T9945] EXT4-fs: Ignoring removed orlov option
[  309.980435][ T9950] loop1: detected capacity change from 0 to 40427
[  310.271131][ T9958] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3665'.
[  310.289810][ T9958] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3665'.
[  310.795142][ T9945] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  310.862610][ T9950] F2FS-fs (loop1): Found nat_bits in checkpoint
[  310.980878][ T9950] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  311.075634][ T9965] fuse: Bad value for 'fd'
[  311.332402][ T9969] loop0: detected capacity change from 0 to 256
[  311.359716][ T8213] EXT4-fs (loop4): unmounting filesystem.
[  311.418806][ T9969] FAT-fs (loop0): Directory bread(block 64) failed
[  311.437190][ T9969] FAT-fs (loop0): Directory bread(block 65) failed
[  311.443973][ T9969] FAT-fs (loop0): Directory bread(block 66) failed
[  311.450603][ T9969] FAT-fs (loop0): Directory bread(block 67) failed
[  311.457196][ T9969] FAT-fs (loop0): Directory bread(block 68) failed
[  311.463842][ T9969] FAT-fs (loop0): Directory bread(block 69) failed
[  311.470467][ T9969] FAT-fs (loop0): Directory bread(block 70) failed
[  311.477035][ T9969] FAT-fs (loop0): Directory bread(block 71) failed
[  311.483767][ T9969] FAT-fs (loop0): Directory bread(block 72) failed
[  311.518749][ T9969] FAT-fs (loop0): Directory bread(block 73) failed
[  312.318407][ T9988] loop0: detected capacity change from 0 to 1024
[  312.406907][  T287] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  312.511333][ T9994] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3677'.
[  312.523242][ T9994] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3677'.
[  312.778150][ T9988] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  312.828530][  T287] usb 2-1: Using ep0 maxpacket: 32
[  312.835915][  T287] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[  312.943188][  T287] usb 2-1: config 0 has no interface number 0
[  313.013973][ T7489] EXT4-fs (loop0): unmounting filesystem.
[  313.023584][  T287] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  313.228296][T10001] fuse: Bad value for 'fd'
[  313.292516][T10003] loop4: detected capacity change from 0 to 1024
[  313.328238][T10003] EXT4-fs: Ignoring removed orlov option
[  313.359940][T10003] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  313.406699][T10014] netlink: 96 bytes leftover after parsing attributes in process `syz.0.3681'.
[  313.436310][ T8213] EXT4-fs (loop4): unmounting filesystem.
[  313.457454][  T287] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  313.465570][  T287] usb 2-1: Product: syz
[  313.469869][  T287] usb 2-1: Manufacturer: syz
[  313.476189][  T287] usb 2-1: SerialNumber: syz
[  313.481886][  T287] usb 2-1: config 0 descriptor??
[  313.499289][  T287] smsc95xx v2.0.0
[  313.876995][T10025] loop3: detected capacity change from 0 to 256
[  313.910873][  T287] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  313.944801][  T287] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  314.012718][T10025] FAT-fs (loop3): Directory bread(block 64) failed
[  314.070481][T10025] FAT-fs (loop3): Directory bread(block 65) failed
[  314.101875][T10025] FAT-fs (loop3): Directory bread(block 66) failed
[  314.166231][T10025] FAT-fs (loop3): Directory bread(block 67) failed
[  314.213162][T10025] FAT-fs (loop3): Directory bread(block 68) failed
[  314.243400][T10025] FAT-fs (loop3): Directory bread(block 69) failed
[  314.275059][T10025] FAT-fs (loop3): Directory bread(block 70) failed
[  314.304153][T10025] FAT-fs (loop3): Directory bread(block 71) failed
[  314.415710][T10025] FAT-fs (loop3): Directory bread(block 72) failed
[  314.428334][T10025] FAT-fs (loop3): Directory bread(block 73) failed
[  314.587230][T10030] loop2: detected capacity change from 0 to 512
[  314.606563][T10030] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  314.615543][T10030] EXT4-fs (loop2): Test dummy encryption mode enabled
[  314.644493][T10030] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.3687: casefold flag without casefold feature
[  314.662929][T10033] loop0: detected capacity change from 0 to 1024
[  314.670520][T10030] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.3687: couldn't read orphan inode 15 (err -117)
[  314.682882][T10030] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  314.814704][T10033] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  315.208554][  T287] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -32
[  315.225743][  T287] smsc95xx: probe of 2-1:0.67 failed with error -32
[  315.461123][ T8086] EXT4-fs (loop2): unmounting filesystem.
[  315.710682][T10050] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3692'.
[  315.722386][T10050] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3692'.
[  315.963299][ T7489] EXT4-fs (loop0): unmounting filesystem.
[  316.039935][T10058] fuse: Bad value for 'fd'
[  316.089440][T10061] loop0: detected capacity change from 0 to 1024
[  316.107078][T10061] EXT4-fs: Ignoring removed orlov option
[  316.140506][T10061] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  316.230668][  T539] usb 2-1: USB disconnect, device number 18
[  316.669774][ T7489] EXT4-fs (loop0): unmounting filesystem.
[  316.813785][T10073] loop0: detected capacity change from 0 to 256
[  316.835700][T10071] loop4: detected capacity change from 0 to 512
[  316.843361][T10073] FAT-fs (loop0): Directory bread(block 64) failed
[  316.859123][T10073] FAT-fs (loop0): Directory bread(block 65) failed
[  316.963821][T10073] FAT-fs (loop0): Directory bread(block 66) failed
[  317.084997][T10071] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  317.135714][T10073] FAT-fs (loop0): Directory bread(block 67) failed
[  317.178814][T10071] ext4 filesystem being mounted at /129/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  317.265678][T10073] FAT-fs (loop0): Directory bread(block 68) failed
[  317.357754][T10073] FAT-fs (loop0): Directory bread(block 69) failed
[  317.471516][T10073] FAT-fs (loop0): Directory bread(block 70) failed
[  317.530847][T10071] Quota error (device loop4): do_check_range: Getting dqdh_next_free 256 out of range 0-6
[  317.547902][T10073] FAT-fs (loop0): Directory bread(block 71) failed
[  317.558190][T10073] FAT-fs (loop0): Directory bread(block 72) failed
[  317.566155][T10071] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  317.577385][T10073] FAT-fs (loop0): Directory bread(block 73) failed
[  317.584933][T10071] EXT4-fs error (device loop4): ext4_acquire_dquot:6803: comm syz.4.3700: Failed to acquire dquot type 0
[  317.938406][ T8213] EXT4-fs (loop4): unmounting filesystem.
[  318.023402][T10094] fuse: Bad value for 'fd'
[  322.153238][T10140] loop2: detected capacity change from 0 to 40427
[  322.364960][T10140] F2FS-fs (loop2): Found nat_bits in checkpoint
[  322.468902][T10140] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  323.532883][T10153] loop0: detected capacity change from 0 to 128
[  323.641586][T10153] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  323.657563][T10153] ext4 filesystem being mounted at /158/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  323.987848][T10165] loop2: detected capacity change from 0 to 512
[  324.104414][T10165] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  324.113636][T10165] EXT4-fs (loop2): Test dummy encryption mode enabled
[  324.470472][T10165] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.3727: casefold flag without casefold feature
[  324.559860][T10165] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.3727: couldn't read orphan inode 15 (err -117)
[  324.573060][T10165] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  324.573239][ T7489] EXT4-fs (loop0): unmounting filesystem.
[  324.677611][T10183] loop1: detected capacity change from 0 to 128
[  325.068370][   T24] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  325.084121][T10185] overlayfs: failed to resolve './file1': -2
[  325.145429][ T8086] EXT4-fs (loop2): unmounting filesystem.
[  325.237349][T10183] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  325.246902][T10183] ext4 filesystem being mounted at /116/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  325.267232][   T24] usb 5-1: Using ep0 maxpacket: 32
[  325.281509][   T24] usb 5-1: config 0 has an invalid interface number: 67 but max is 0
[  325.506505][   T24] usb 5-1: config 0 has no interface number 0
[  325.611566][   T24] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  325.639159][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  326.002079][   T24] usb 5-1: Product: syz
[  326.006343][   T24] usb 5-1: Manufacturer: syz
[  326.011208][   T24] usb 5-1: SerialNumber: syz
[  326.020708][   T24] usb 5-1: config 0 descriptor??
[  326.028032][   T24] smsc95xx v2.0.0
[  326.086941][ T8316] EXT4-fs (loop1): unmounting filesystem.
[  326.133663][T10197] loop1: detected capacity change from 0 to 1024
[  326.143136][T10197] EXT4-fs: Ignoring removed orlov option
[  326.179408][T10197] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  326.190580][T10200] 9pnet_fd: Insufficient options for proto=fd
[  326.309424][ T8316] EXT4-fs (loop1): unmounting filesystem.
[  326.468550][   T24] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  326.481435][   T24] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  326.689506][T10218] loop0: detected capacity change from 0 to 128
[  326.841090][T10218] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  326.850996][T10218] ext4 filesystem being mounted at /161/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  327.577469][T10224] loop1: detected capacity change from 0 to 8192
[  327.620563][ T7489] EXT4-fs (loop0): unmounting filesystem.
[  327.650577][T10224]  loop1: p1 < > p2 < p5 p6 > p3 p4
[  327.655944][T10224] loop1: partition table partially beyond EOD, truncated
[  327.688422][T10224] loop1: p1 start 67108864 is beyond EOD, truncated
[  327.728466][T10224] loop1: p3 start 100859904 is beyond EOD, truncated
[  327.738448][T10224] loop1: p4 size 393216 extends beyond EOD, truncated
[  327.762849][T10224] loop1: p5 start 100859904 is beyond EOD, truncated
[  327.779690][T10224] loop1: p6 size 393216 extends beyond EOD, truncated
[  327.827899][   T24] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -32
[  328.212329][   T24] smsc95xx: probe of 5-1:0.67 failed with error -32
[  328.566553][T10237] loop2: detected capacity change from 0 to 128
[  329.751799][   T19] usb 5-1: USB disconnect, device number 11
[  329.759129][ T8316] __loop_clr_fd: partition scan of loop1 failed (rc=-16)
[  329.766760][ T7849] I/O error, dev loop1, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  329.776721][ T7847] I/O error, dev loop1, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  329.803795][ T7849] I/O error, dev loop1, sector 8064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  329.813337][ T7849] Buffer I/O error on dev loop1p4, logical block 1008, async page read
[  329.824507][ T7847] I/O error, dev loop1, sector 8064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  329.857699][ T7847] Buffer I/O error on dev loop1p6, logical block 1008, async page read
[  329.875194][T10237] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  329.884024][T10237] ext4 filesystem being mounted at /137/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  329.914026][ T7850] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  329.936060][T10247] 9pnet_fd: Insufficient options for proto=fd
[  329.960679][ T7850] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  329.971029][ T7850] Buffer I/O error on dev loop1p2, logical block 0, async page read
[  329.987682][ T7850] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  329.998500][ T7850] Buffer I/O error on dev loop1p2, logical block 0, async page read
[  330.024727][ T7850] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  330.038290][ T7850] Buffer I/O error on dev loop1p2, logical block 0, async page read
[  330.056594][ T7850] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  330.065891][ T7850] Buffer I/O error on dev loop1p2, logical block 0, async page read
[  330.077782][ T8086] EXT4-fs (loop2): unmounting filesystem.
[  330.114017][ T5191] Bluetooth: hci0: Frame reassembly failed (-84)
[  330.120352][ T7850] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  330.129682][ T7850] Buffer I/O error on dev loop1p2, logical block 0, async page read
[  330.242827][ T7852] udevd[7852]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  330.252676][   T19] usb 5-1: new full-speed USB device number 12 using dummy_hcd
[  330.262106][ T7850] udevd[7850]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  330.262146][ T7849] udevd[7849]: inotify_add_watch(7, /dev/loop1p6, 10) failed: No such file or directory
[  330.632567][ T7849] udevd[7849]: inotify_add_watch(7, /dev/loop1p6, 10) failed: No such file or directory
[  330.632593][ T7852] udevd[7852]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  330.692722][ T7850] udevd[7850]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  331.538664][T10268] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3760'.
[  331.548026][T10268] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3760'.
[  331.599547][   T19] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  331.610702][   T19] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  331.621034][   T19] usb 5-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  331.630347][   T19] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  331.646727][   T19] usb 5-1: config 0 descriptor??
[  331.652436][T10271] loop1: detected capacity change from 0 to 512
[  331.670843][T10271] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  331.679945][T10271] ext4 filesystem being mounted at /124/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  331.692885][T10271] EXT4-fs error (device loop1): ext4_do_update_inode:5256: inode #4: comm syz.1.3762: corrupted inode contents
[  331.704955][T10271] EXT4-fs error (device loop1): ext4_dirty_inode:6121: inode #4: comm syz.1.3762: mark_inode_dirty error
[  331.716669][T10271] EXT4-fs error (device loop1): ext4_do_update_inode:5256: inode #4: comm syz.1.3762: corrupted inode contents
[  331.728737][T10271] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #4: comm syz.1.3762: mark_inode_dirty error
[  331.740301][T10271] Quota error (device loop1): write_blk: dquota write failed
[  331.747805][T10271] Quota error (device loop1): find_free_dqentry: Can't write quota data block 5
[  331.757101][T10271] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  331.767199][T10271] EXT4-fs error (device loop1): ext4_acquire_dquot:6803: comm syz.1.3762: Failed to acquire dquot type 1
[  331.859948][T10276] EXT4-fs error (device loop1): ext4_do_update_inode:5256: inode #4: comm +}[@: corrupted inode contents
[  331.871446][T10276] EXT4-fs error (device loop1): ext4_dirty_inode:6121: inode #4: comm +}[@: mark_inode_dirty error
[  331.882514][T10276] EXT4-fs error (device loop1): ext4_do_update_inode:5256: inode #4: comm +}[@: corrupted inode contents
[  331.893931][T10276] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #4: comm +}[@: mark_inode_dirty error
[  331.904891][T10276] Quota error (device loop1): write_blk: dquota write failed
[  331.912368][T10276] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  331.922366][T10276] EXT4-fs error (device loop1): ext4_acquire_dquot:6803: comm +}[@: Failed to acquire dquot type 1
[  332.055617][   T19] hid-generic 0003:04F3:0755.0005: failed to start in urb: -90
[  332.063907][   T19] hid-generic 0003:04F3:0755.0005: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.4-1/input0
[  332.188361][ T3051] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  332.188384][ T2437] Bluetooth: hci0: command 0x1003 tx timeout
[  332.257589][   T24] usb 5-1: USB disconnect, device number 12
[  332.845261][ T8316] EXT4-fs (loop1): unmounting filesystem.
[  333.385007][T10295] loop2: detected capacity change from 0 to 1024
[  333.411557][T10295] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  333.585629][   T24] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  334.498330][ T8086] EXT4-fs (loop2): unmounting filesystem.
[  334.653523][   T24] usb 5-1: Using ep0 maxpacket: 32
[  334.660069][   T24] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  334.688303][   T24] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  334.704562][   T24] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  334.714033][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  334.726251][   T24] usb 5-1: config 0 descriptor??
[  334.735103][T10315] incfs: Can't find or create .index dir in ./file0
[  334.742941][   T24] hub 5-1:0.0: bad descriptor, ignoring hub
[  334.749005][T10315] incfs: mount failed -14
[  334.753415][   T24] hub: probe of 5-1:0.0 failed with error -5
[  334.766787][   T24] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  335.337397][T10326] loop0: detected capacity change from 0 to 40427
[  335.347721][T10326] F2FS-fs (loop0): invalid crc value
[  335.354655][T10326] F2FS-fs (loop0): Found nat_bits in checkpoint
[  336.218380][T10326] F2FS-fs (loop0): Start checkpoint disabled!
[  336.248880][T10326] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  336.398520][   T24] usb 5-1: USB disconnect, device number 13
[  338.504251][T10363] loop3: detected capacity change from 0 to 512
[  340.960931][T10363] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  340.972382][T10363] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  341.133432][   T39] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  341.389289][T10363] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2195: inode #15: comm syz.3.3788: corrupted in-inode xattr
[  341.402399][T10363] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.3788: couldn't read orphan inode 15 (err -117)
[  341.415583][T10363] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  341.524435][ T5170] kworker/u4:60: attempt to access beyond end of device
[  341.524435][ T5170] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  341.526090][ T7327] EXT4-fs (loop3): unmounting filesystem.
[  343.529721][T10377] loop1: detected capacity change from 0 to 40427
[  345.254133][T10377] F2FS-fs (loop1): Failed to initialize F2FS segment manager (-4)
[  345.286881][T10383] loop4: detected capacity change from 0 to 512
[  345.345520][T10383] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  345.399493][T10383] ext4 filesystem being mounted at /142/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  345.536186][T10399] incfs: Can't find or create .index dir in ./file0
[  345.544526][ T8213] EXT4-fs (loop4): unmounting filesystem.
[  345.557690][T10399] incfs: mount failed -14
[  345.657074][T10406] loop2: detected capacity change from 0 to 512
[  345.895889][T10406] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  345.928382][   T39] usb 2-1: device descriptor read/64, error -71
[  345.949478][T10406] EXT4-fs (loop2): Test dummy encryption mode enabled
[  346.022070][T10406] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.3802: casefold flag without casefold feature
[  346.035997][T10406] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.3802: couldn't read orphan inode 15 (err -117)
[  346.050140][T10406] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  346.095893][ T7255] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  346.699374][ T8086] EXT4-fs (loop2): unmounting filesystem.
[  346.718313][   T39] usb 2-1: Using ep0 maxpacket: 32
[  346.742452][   T39] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  346.772977][   T39] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  346.790337][   T39] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  346.799767][   T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  346.812712][   T39] usb 2-1: config 0 descriptor??
[  346.826403][   T39] hub 2-1:0.0: bad descriptor, ignoring hub
[  346.997007][T10419] loop0: detected capacity change from 0 to 512
[  347.007609][T10419] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  347.019140][T10419] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  347.090879][   T39] hub: probe of 2-1:0.0 failed with error -5
[  347.138100][T10419] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2195: inode #15: comm syz.0.3804: corrupted in-inode xattr
[  347.150984][T10419] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.3804: couldn't read orphan inode 15 (err -117)
[  347.164296][T10419] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  348.086271][   T39] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  348.509966][T10428] loop3: detected capacity change from 0 to 40427
[  349.234910][ T7489] EXT4-fs (loop0): unmounting filesystem.
[  349.257221][ T7255] usb 5-1: Using ep0 maxpacket: 32
[  349.390825][T10428] F2FS-fs (loop3): Found nat_bits in checkpoint
[  349.518075][T10428] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  349.588795][ T7255] usb 5-1: device descriptor read/all, error -71
[  350.763602][T10451] loop2: detected capacity change from 0 to 512
[  350.770330][   T39] usb 2-1: USB disconnect, device number 19
[  350.773580][T10451] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  350.855435][T10446] loop4: detected capacity change from 0 to 256
[  350.863869][T10446] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  350.910382][ T7852] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  352.459391][T10451] EXT4-fs (loop2): Test dummy encryption mode enabled
[  352.507411][T10451] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.3813: casefold flag without casefold feature
[  352.540736][T10451] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.3813: couldn't read orphan inode 15 (err -117)
[  352.569131][T10451] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  352.621495][T10464] loop1: detected capacity change from 0 to 512
[  352.662128][T10464] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  352.671332][T10464] ext4 filesystem being mounted at /137/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  352.722902][T10468] loop3: detected capacity change from 0 to 8192
[  352.730278][T10464] EXT4-fs error (device loop1): ext4_do_update_inode:5256: inode #4: comm syz.1.3816: corrupted inode contents
[  352.818987][T10468]  loop3: p1 < > p2 < p5 p6 > p3 p4
[  352.839390][T10468] loop3: partition table partially beyond EOD, truncated
[  352.854645][T10464] EXT4-fs error (device loop1): ext4_dirty_inode:6121: inode #4: comm syz.1.3816: mark_inode_dirty error
[  353.035929][T10464] EXT4-fs error (device loop1): ext4_do_update_inode:5256: inode #4: comm syz.1.3816: corrupted inode contents
[  353.052011][T10468] loop3: p1 start 67108864 is beyond EOD, truncated
[  353.064454][ T8086] EXT4-fs (loop2): unmounting filesystem.
[  353.065110][T10464] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #4: comm syz.1.3816: mark_inode_dirty error
[  353.113103][T10468] loop3: p3 start 100859904 is beyond EOD, truncated
[  353.159917][T10464] Quota error (device loop1): write_blk: dquota write failed
[  353.177463][T10468] loop3: p4 size 393216 extends beyond EOD, truncated
[  353.188791][T10464] Quota error (device loop1): find_free_dqentry: Can't write quota data block 5
[  353.226340][T10468] loop3: p5 start 100859904 is beyond EOD, truncated
[  353.244529][T10464] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  353.269094][T10468] loop3: p6 size 393216 extends beyond EOD, truncated
[  353.300514][T10472] EXT4-fs error (device loop1): ext4_do_update_inode:5256: inode #4: comm +}[@: corrupted inode contents
[  353.430837][T10464] EXT4-fs error (device loop1): ext4_acquire_dquot:6803: comm syz.1.3816: Failed to acquire dquot type 1
[  353.778384][T10472] EXT4-fs error (device loop1): ext4_dirty_inode:6121: inode #4: comm +}[@: mark_inode_dirty error
[  354.254119][T10472] EXT4-fs error (device loop1): ext4_do_update_inode:5256: inode #4: comm +}[@: corrupted inode contents
[  354.282868][T10483] loop3: detected capacity change from 0 to 40427
[  354.447608][T10472] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #4: comm +}[@: mark_inode_dirty error
[  354.472759][T10483] F2FS-fs (loop3): Found nat_bits in checkpoint
[  354.607633][T10483] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  354.685882][T10492] incfs: Can't find or create .index dir in ./file0
[  354.739014][T10492] incfs: mount failed -14
[  354.743490][T10472] Quota error (device loop1): write_blk: dquota write failed
[  354.751009][T10472] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  354.760986][T10472] EXT4-fs error (device loop1): ext4_acquire_dquot:6803: comm +}[@: Failed to acquire dquot type 1
[  354.774792][ T7852] udevd[7852]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  354.779896][ T7849] udevd[7849]: inotify_add_watch(7, /dev/loop3p6, 10) failed: No such file or directory
[  354.800106][ T7850] udevd[7850]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  354.917430][ T8316] EXT4-fs (loop1): unmounting filesystem.
[  356.233541][T10504] loop4: detected capacity change from 0 to 40427
[  356.437410][T10504] F2FS-fs (loop4): Found nat_bits in checkpoint
[  356.538048][T10504] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  356.856819][T10514] loop0: detected capacity change from 0 to 512
[  356.881312][T10514] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  356.899857][T10514] EXT4-fs (loop0): Test dummy encryption mode enabled
[  356.918003][T10514] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.3829: casefold flag without casefold feature
[  356.946795][T10514] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.3829: couldn't read orphan inode 15 (err -117)
[  356.962096][T10514] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  357.434634][T10522] loop2: detected capacity change from 0 to 256
[  357.470366][T10522] FAT-fs (loop2): Directory bread(block 64) failed
[  357.477100][T10522] FAT-fs (loop2): Directory bread(block 65) failed
[  357.484693][T10522] FAT-fs (loop2): Directory bread(block 66) failed
[  357.491469][T10522] FAT-fs (loop2): Directory bread(block 67) failed
[  357.498081][T10522] FAT-fs (loop2): Directory bread(block 68) failed
[  357.538884][T10522] FAT-fs (loop2): Directory bread(block 69) failed
[  357.554675][T10522] FAT-fs (loop2): Directory bread(block 70) failed
[  357.732275][ T7489] EXT4-fs (loop0): unmounting filesystem.
[  357.773900][T10522] FAT-fs (loop2): Directory bread(block 71) failed
[  357.848379][T10522] FAT-fs (loop2): Directory bread(block 72) failed
[  357.854993][T10522] FAT-fs (loop2): Directory bread(block 73) failed
[  357.872416][T10529] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3832'.
[  358.001423][T10540] incfs: Can't find or create .index dir in ./file0
[  358.010946][T10540] incfs: mount failed -14
[  358.759991][T10553] loop2: detected capacity change from 0 to 512
[  358.915583][T10553] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  358.933260][T10553] ext4 filesystem being mounted at /156/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  359.005766][T10553] EXT4-fs error (device loop2): ext4_do_update_inode:5256: inode #4: comm syz.2.3842: corrupted inode contents
[  359.022988][T10559] xt_bpf: check failed: parse error
[  359.047669][T10553] EXT4-fs error (device loop2): ext4_dirty_inode:6121: inode #4: comm syz.2.3842: mark_inode_dirty error
[  359.072608][T10562] loop3: detected capacity change from 0 to 512
[  359.093546][T10553] EXT4-fs error (device loop2): ext4_do_update_inode:5256: inode #4: comm syz.2.3842: corrupted inode contents
[  359.113822][T10562] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  359.131727][T10567] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3846'.
[  359.135120][T10562] EXT4-fs (loop3): Test dummy encryption mode enabled
[  359.158488][T10553] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #4: comm syz.2.3842: mark_inode_dirty error
[  359.178457][T10553] Quota error (device loop2): write_blk: dquota write failed
[  359.196127][T10553] Quota error (device loop2): find_free_dqentry: Can't write quota data block 5
[  359.206448][T10562] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.3844: casefold flag without casefold feature
[  359.219574][T10570] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3847'.
[  359.228304][T10553] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  359.246038][T10562] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.3844: couldn't read orphan inode 15 (err -117)
[  359.258783][T10562] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  359.305888][T10565] EXT4-fs error (device loop2): ext4_do_update_inode:5256: inode #4: comm +}[@: corrupted inode contents
[  359.357800][T10553] EXT4-fs error (device loop2): ext4_acquire_dquot:6803: comm syz.2.3842: Failed to acquire dquot type 1
[  359.479140][T10565] EXT4-fs error (device loop2): ext4_dirty_inode:6121: inode #4: comm +}[@: mark_inode_dirty error
[  359.817066][T10565] EXT4-fs error (device loop2): ext4_do_update_inode:5256: inode #4: comm +}[@: corrupted inode contents
[  359.998075][ T7327] EXT4-fs (loop3): unmounting filesystem.
[  360.219797][T10565] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #4: comm +}[@: mark_inode_dirty error
[  360.240778][T10565] Quota error (device loop2): write_blk: dquota write failed
[  360.248276][T10565] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  360.258334][T10565] EXT4-fs error (device loop2): ext4_acquire_dquot:6803: comm +}[@: Failed to acquire dquot type 1
[  360.358749][ T8086] EXT4-fs (loop2): unmounting filesystem.
[  360.383782][T10587] loop0: detected capacity change from 0 to 512
[  360.390961][T10587] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  360.410187][T10587] EXT4-fs (loop0): Test dummy encryption mode enabled
[  360.428174][T10587] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.3853: casefold flag without casefold feature
[  360.441716][T10587] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.3853: couldn't read orphan inode 15 (err -117)
[  360.454677][T10587] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  361.265900][ T7489] EXT4-fs (loop0): unmounting filesystem.
[  362.240549][T10618] xt_bpf: check failed: parse error
[  362.293921][T10621] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3862'.
[  364.767985][T10647] loop4: detected capacity change from 0 to 512
[  364.774605][T10647] ext3: Unknown parameter 'subj_type'
[  365.404572][T10653] loop3: detected capacity change from 0 to 256
[  365.411090][   T28] audit: type=1400 audit(1761860883.639:3636): avc:  denied  { getattr } for  pid=10652 comm="syz.3.3871" name="/" dev="incremental-fs" ino=1180 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  365.442561][T10646] loop1: detected capacity change from 0 to 8192
[  365.473001][T10653] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d)
[  365.688286][T10662] xt_bpf: check failed: parse error
[  365.724659][T10666] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3877'.
[  365.887261][T10675] loop0: detected capacity change from 0 to 512
[  365.904121][T10669] loop2: detected capacity change from 0 to 4096
[  365.919005][T10669] EXT4-fs (loop2): Test dummy encryption mode enabled
[  365.932322][T10669] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  365.942626][T10675] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  365.989377][T10675] ext4 filesystem being mounted at /189/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  366.697931][T10675] Quota error (device loop0): do_check_range: Getting dqdh_next_free 256 out of range 0-6
[  366.761124][T10675] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  366.799169][T10675] EXT4-fs error (device loop0): ext4_acquire_dquot:6803: comm syz.0.3880: Failed to acquire dquot type 0
[  366.982895][ T7489] EXT4-fs (loop0): unmounting filesystem.
[  367.793329][T10691] loop4: detected capacity change from 0 to 8192
[  367.938140][T10694] loop4: detected capacity change from 0 to 256
[  367.975419][T10694] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d)
[  368.075220][ T5149] Bluetooth: hci0: Frame reassembly failed (-84)
[  368.090927][T10698] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3882'.
[  368.193205][T10708] xt_bpf: check failed: parse error
[  368.252065][T10718] loop1: detected capacity change from 0 to 512
[  368.299153][T10718] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  368.328500][T10718] ext4 filesystem being mounted at /148/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  368.340643][T10718] Quota error (device loop1): do_check_range: Getting dqdh_next_free 256 out of range 0-6
[  368.350942][T10718] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  368.361097][T10718] EXT4-fs error (device loop1): ext4_acquire_dquot:6803: comm syz.1.3893: Failed to acquire dquot type 0
[  368.387332][ T8316] EXT4-fs (loop1): unmounting filesystem.
[  368.395017][ T8086] EXT4-fs (loop2): unmounting filesystem.
[  368.427954][T10724] loop0: detected capacity change from 0 to 8192
[  368.435909][T10725] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3895'.
[  368.445203][T10725] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3895'.
[  368.477255][T10729] loop2: detected capacity change from 0 to 256
[  368.493821][T10729] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d)
[  368.499690][T10724]  loop0: p1 < > p2 < p5 p6 > p3 p4
[  368.517399][T10724] loop0: partition table partially beyond EOD, truncated
[  368.525018][T10724] loop0: p1 start 67108864 is beyond EOD, truncated
[  368.532555][T10724] loop0: p3 start 100859904 is beyond EOD, truncated
[  368.539517][T10724] loop0: p4 size 393216 extends beyond EOD, truncated
[  368.549666][T10724] loop0: p5 start 100859904 is beyond EOD, truncated
[  368.556432][T10724] loop0: p6 size 393216 extends beyond EOD, truncated
[  369.364170][T10737] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3899'.
[  369.457827][ T7852] udevd[7852]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  369.470667][ T7850] udevd[7850]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[  369.503124][ T7849] udevd[7849]: inotify_add_watch(7, /dev/loop0p6, 10) failed: No such file or directory
[  369.667127][T10748] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3904'.
[  370.108382][ T3051] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  370.108414][ T7875] Bluetooth: hci0: command 0x1003 tx timeout
[  370.138431][  T287] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  370.474480][  T287] usb 2-1: Using ep0 maxpacket: 32
[  370.481715][  T287] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[  370.510547][  T287] usb 2-1: config 0 has no interface number 0
[  370.528699][  T287] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  370.548069][  T287] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  370.558159][  T287] usb 2-1: Product: syz
[  370.585727][  T287] usb 2-1: Manufacturer: syz
[  370.606823][  T287] usb 2-1: SerialNumber: syz
[  370.630317][  T287] usb 2-1: config 0 descriptor??
[  370.655314][  T287] smsc95xx v2.0.0
[  370.839992][T10760] loop3: detected capacity change from 0 to 512
[  370.921732][T10760] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  370.959123][T10760] ext4 filesystem being mounted at /219/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  371.219864][  T287] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  371.231584][  T287] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  371.241472][T10760] Quota error (device loop3): do_check_range: Getting dqdh_next_free 256 out of range 0-6
[  371.256625][T10760] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  371.267291][T10760] EXT4-fs error (device loop3): ext4_acquire_dquot:6803: comm syz.3.3907: Failed to acquire dquot type 0
[  371.281715][T10768] loop2: detected capacity change from 0 to 512
[  371.310307][T10768] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  371.310749][ T7327] EXT4-fs (loop3): unmounting filesystem.
[  371.319364][T10768] ext4 filesystem being mounted at /164/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  371.340988][T10768] EXT4-fs error (device loop2): ext4_do_update_inode:5256: inode #4: comm syz.2.3908: corrupted inode contents
[  371.353280][T10768] EXT4-fs error (device loop2): ext4_dirty_inode:6121: inode #4: comm syz.2.3908: mark_inode_dirty error
[  371.365244][T10768] EXT4-fs error (device loop2): ext4_do_update_inode:5256: inode #4: comm syz.2.3908: corrupted inode contents
[  371.379412][T10768] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #4: comm syz.2.3908: mark_inode_dirty error
[  371.392497][T10768] Quota error (device loop2): write_blk: dquota write failed
[  371.399989][T10768] Quota error (device loop2): find_free_dqentry: Can't write quota data block 5
[  371.409557][T10768] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  371.419775][T10768] EXT4-fs error (device loop2): ext4_acquire_dquot:6803: comm syz.2.3908: Failed to acquire dquot type 1
[  371.434357][T10768] EXT4-fs error (device loop2): ext4_do_update_inode:5256: inode #4: comm syz.2.3908: corrupted inode contents
[  371.452247][T10768] EXT4-fs error (device loop2): ext4_dirty_inode:6121: inode #4: comm syz.2.3908: mark_inode_dirty error
[  371.464162][T10768] EXT4-fs error (device loop2): ext4_do_update_inode:5256: inode #4: comm syz.2.3908: corrupted inode contents
[  371.476285][T10768] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #4: comm syz.2.3908: mark_inode_dirty error
[  371.487840][T10768] Quota error (device loop2): write_blk: dquota write failed
[  371.495537][T10768] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  371.505554][T10768] EXT4-fs error (device loop2): ext4_acquire_dquot:6803: comm syz.2.3908: Failed to acquire dquot type 1
[  371.527081][ T8086] EXT4-fs (loop2): unmounting filesystem.
[  374.571064][T10805] loop2: detected capacity change from 0 to 40427
[  374.632074][T10799] loop0: detected capacity change from 0 to 256
[  374.656018][T10799] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  374.688955][T10803] tty tty26: ldisc open failed (-12), clearing slot 25
[  374.874850][T10805] F2FS-fs (loop2): Found nat_bits in checkpoint
[  375.014637][T10805] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  375.227699][  T287] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  375.262595][  T287] smsc95xx: probe of 2-1:0.67 failed with error -71
[  375.289977][  T287] usb 2-1: USB disconnect, device number 20
[  375.335791][T10818] loop1: detected capacity change from 0 to 256
[  375.429904][T10818] FAT-fs (loop1): Directory bread(block 64) failed
[  375.472068][T10818] FAT-fs (loop1): Directory bread(block 65) failed
[  375.505986][T10818] FAT-fs (loop1): Directory bread(block 66) failed
[  375.537127][T10818] FAT-fs (loop1): Directory bread(block 67) failed
[  375.570905][T10818] FAT-fs (loop1): Directory bread(block 68) failed
[  375.592675][T10818] FAT-fs (loop1): Directory bread(block 69) failed
[  375.599524][T10818] FAT-fs (loop1): Directory bread(block 70) failed
[  375.606181][T10818] FAT-fs (loop1): Directory bread(block 71) failed
[  375.612845][T10818] FAT-fs (loop1): Directory bread(block 72) failed
[  375.619460][T10818] FAT-fs (loop1): Directory bread(block 73) failed
[  375.911580][T10825] loop2: detected capacity change from 0 to 512
[  375.945874][T10825] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  375.957141][T10825] ext4 filesystem being mounted at /169/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  375.989398][T10825] EXT4-fs error (device loop2): ext4_do_update_inode:5256: inode #4: comm syz.2.3922: corrupted inode contents
[  376.038409][T10825] EXT4-fs error (device loop2): ext4_dirty_inode:6121: inode #4: comm syz.2.3922: mark_inode_dirty error
[  376.078458][T10825] EXT4-fs error (device loop2): ext4_do_update_inode:5256: inode #4: comm syz.2.3922: corrupted inode contents
[  376.138301][T10825] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #4: comm syz.2.3922: mark_inode_dirty error
[  376.179408][T10825] Quota error (device loop2): write_blk: dquota write failed
[  376.204692][T10825] Quota error (device loop2): find_free_dqentry: Can't write quota data block 5
[  376.229121][T10825] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  376.266862][T10829] EXT4-fs error (device loop2): ext4_do_update_inode:5256: inode #4: comm +}[@: corrupted inode contents
[  376.291521][T10829] EXT4-fs error (device loop2): ext4_dirty_inode:6121: inode #4: comm +}[@: mark_inode_dirty error
[  376.309003][T10835] 9pnet_fd: Insufficient options for proto=fd
[  376.315194][T10825] EXT4-fs error (device loop2): ext4_acquire_dquot:6803: comm syz.2.3922: Failed to acquire dquot type 1
[  376.358562][T10829] EXT4-fs error (device loop2): ext4_do_update_inode:5256: inode #4: comm +}[@: corrupted inode contents
[  376.380073][T10829] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #4: comm +}[@: mark_inode_dirty error
[  376.429147][T10829] Quota error (device loop2): write_blk: dquota write failed
[  378.391386][T10841] loop1: detected capacity change from 0 to 40427
[  378.632829][T10841] F2FS-fs (loop1): Found nat_bits in checkpoint
[  378.711740][T10829] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  378.746601][T10841] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  378.959260][T10829] EXT4-fs error (device loop2): ext4_acquire_dquot:6803: comm +}[@: Failed to acquire dquot type 1
[  379.040656][ T8086] EXT4-fs (loop2): unmounting filesystem.
[  379.281511][T10856] loop3: detected capacity change from 0 to 512
[  379.533453][T10856] EXT4-fs (loop3): 1 orphan inode deleted
[  379.539346][T10856] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  379.550297][T10856] ext4 filesystem being mounted at /225/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  380.431817][ T5063] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  380.451805][T10853] loop2: detected capacity change from 0 to 128
[  380.466513][ T5063] EXT4-fs error (device loop3): ext4_release_dquot:6839: comm kworker/u4:10: Failed to release dquot type 1
[  380.479077][T10853] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  380.480637][ T7327] EXT4-fs (loop3): unmounting filesystem.
[  380.498325][ T7257] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  380.545819][T10853] ext4 filesystem being mounted at /170/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  380.671243][ T8086] EXT4-fs (loop2): unmounting filesystem.
[  381.925155][ T7257] usb 2-1: Using ep0 maxpacket: 32
[  381.933346][ T7257] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[  381.948297][ T7257] usb 2-1: config 0 has no interface number 0
[  382.213898][T10891] loop4: detected capacity change from 0 to 40427
[  382.355033][T10896] loop2: detected capacity change from 0 to 512
[  382.381751][T10896] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  382.393211][T10896] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  382.680696][T10896] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2195: inode #15: comm syz.2.3941: corrupted in-inode xattr
[  382.694948][T10896] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.3941: couldn't read orphan inode 15 (err -117)
[  382.709010][T10896] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  382.788976][T10891] F2FS-fs (loop4): Found nat_bits in checkpoint
[  383.621438][ T8086] EXT4-fs (loop2): unmounting filesystem.
[  383.742713][T10891] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  384.930835][T10908] loop1: detected capacity change from 0 to 512
[  385.022740][T10914] xt_bpf: check failed: parse error
[  385.048899][T10917] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3949'.
[  385.070880][ T7257] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  385.080220][ T7257] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  385.088390][T10908] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  385.090166][ T7257] usb 2-1: Product: syz
[  385.101536][ T7257] usb 2-1: Manufacturer: syz
[  385.108950][T10908] ext4 filesystem being mounted at /157/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  385.119711][ T7257] usb 2-1: config 0 descriptor??
[  385.125037][ T7257] usb 2-1: can't set config #0, error -71
[  385.132784][ T7257] usb 2-1: USB disconnect, device number 21
[  385.144268][T10908] EXT4-fs error (device loop1): ext4_do_update_inode:5256: inode #4: comm +}[@: corrupted inode contents
[  385.181234][T10908] EXT4-fs error (device loop1): ext4_dirty_inode:6121: inode #4: comm +}[@: mark_inode_dirty error
[  385.192343][T10908] EXT4-fs error (device loop1): ext4_do_update_inode:5256: inode #4: comm +}[@: corrupted inode contents
[  385.221025][T10908] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #4: comm +}[@: mark_inode_dirty error
[  385.238126][T10908] Quota error (device loop1): write_blk: dquota write failed
[  385.245797][T10908] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  385.256360][T10908] EXT4-fs error (device loop1): ext4_acquire_dquot:6803: comm +}[@: Failed to acquire dquot type 1
[  385.299893][ T8316] EXT4-fs (loop1): unmounting filesystem.
[  386.275955][T10937] tty tty23: ldisc open failed (-12), clearing slot 22
[  386.319072][T10940] tty tty20: ldisc open failed (-12), clearing slot 19
[  387.366192][  T371] Bluetooth: hci0: Frame reassembly failed (-84)
[  388.915462][T10990] loop1: detected capacity change from 0 to 256
[  388.997729][T10992] loop3: detected capacity change from 0 to 16
[  389.049197][T10992] erofs: (device loop3): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 125300)
[  389.194782][T10990] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d)
[  389.388366][ T3051] Bluetooth: hci0: command 0x1003 tx timeout
[  389.388406][ T2437] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  389.402153][T10966] Bluetooth: hci0: Opcode 0x080f failed: -22
[  392.041335][T11003] loop4: detected capacity change from 0 to 40427
[  392.256521][T11003] F2FS-fs (loop4): Found nat_bits in checkpoint
[  392.360714][T11003] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  392.708078][T11023] overlayfs: failed to resolve './file1': -2
[  392.714895][ T5147] device bridge_slave_1 left promiscuous mode
[  392.721803][ T5147] bridge0: port 2(bridge_slave_1) entered disabled state
[  392.737850][ T5147] device bridge_slave_0 left promiscuous mode
[  392.746360][T11023] loop0: detected capacity change from 0 to 256
[  392.753447][ T5147] bridge0: port 1(bridge_slave_0) entered disabled state
[  392.763233][ T5147] device veth0_vlan left promiscuous mode
[  392.770510][T11023] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d)
[  392.912438][T11016] bridge0: port 1(bridge_slave_0) entered blocking state
[  392.919891][T11016] bridge0: port 1(bridge_slave_0) entered disabled state
[  392.927438][T11016] device bridge_slave_0 entered promiscuous mode
[  392.934836][T11016] bridge0: port 2(bridge_slave_1) entered blocking state
[  392.942377][T11016] bridge0: port 2(bridge_slave_1) entered disabled state
[  392.950103][T11016] device bridge_slave_1 entered promiscuous mode
[  393.048250][  T481] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  393.228332][  T481] usb 3-1: Using ep0 maxpacket: 32
[  393.235718][  T481] usb 3-1: config 0 has an invalid interface number: 67 but max is 0
[  393.254192][T11048] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3987'.
[  393.266147][T11050] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3987'.
[  393.320437][  T481] usb 3-1: config 0 has no interface number 0
[  393.376294][T11016] device veth0_vlan entered promiscuous mode
[  393.383740][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  393.391706][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  393.405385][  T481] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  393.413052][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  393.414722][  T481] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  393.429272][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  393.430793][  T481] usb 3-1: Product: syz
[  393.442907][  T481] usb 3-1: Manufacturer: syz
[  393.447701][  T481] usb 3-1: SerialNumber: syz
[  393.447989][ T5149] bridge0: port 1(bridge_slave_0) entered blocking state
[  393.453208][  T481] usb 3-1: config 0 descriptor??
[  393.459398][ T5149] bridge0: port 1(bridge_slave_0) entered forwarding state
[  393.465208][  T481] smsc95xx v2.0.0
[  393.472769][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  393.483905][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  393.492357][ T5149] bridge0: port 2(bridge_slave_1) entered blocking state
[  393.499574][ T5149] bridge0: port 2(bridge_slave_1) entered forwarding state
[  393.507528][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  393.516148][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  393.524382][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  393.532613][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  393.540964][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  393.549641][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  393.560002][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  393.568328][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  393.584287][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  393.592358][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  393.602057][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  393.609726][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  393.618143][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  393.637356][T11016] device veth1_macvtap entered promiscuous mode
[  393.654156][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  393.665112][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  393.679900][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  393.704250][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  393.720008][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  393.789416][   T28] audit: type=1400 audit(1761860912.029:3637): avc:  denied  { add_name } for  pid=11016 comm="syz-executor" name="syz5" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  393.849174][T11067] loop5: detected capacity change from 0 to 512
[  393.869841][  T481] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  393.880696][T11067] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  393.898190][   T28] audit: type=1400 audit(1761860912.029:3638): avc:  denied  { associate } for  pid=11016 comm="syz-executor" name="syz5" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  393.901525][T11067] EXT4-fs (loop5): Test dummy encryption mode enabled
[  393.912714][  T481] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  393.978165][T11067] EXT4-fs error (device loop5): ext4_orphan_get:1400: inode #15: comm syz.5.3977: casefold flag without casefold feature
[  393.991616][T11067] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.3977: couldn't read orphan inode 15 (err -117)
[  394.013888][T11067] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  394.325444][T11084] overlayfs: failed to resolve './file1': -2
[  394.669016][T11094] loop4: detected capacity change from 0 to 16
[  394.679379][T11094] erofs: (device loop4): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 125300)
[  394.728630][T11016] EXT4-fs (loop5): unmounting filesystem.
[  394.970655][T11098] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4001'.
[  395.001631][T11098] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4001'.
[  395.217241][  T481] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -61
[  395.241207][  T481] smsc95xx: probe of 3-1:0.67 failed with error -61
[  395.864580][T11108] netlink: 52 bytes leftover after parsing attributes in process `syz.5.4004'.
[  395.873914][T11108] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4004'.
[  395.883693][T11108] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4004'.
[  396.079562][T11119] loop3: detected capacity change from 0 to 512
[  396.093796][T11119] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  396.110876][T11119] EXT4-fs (loop3): Test dummy encryption mode enabled
[  396.125563][T11119] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.4009: casefold flag without casefold feature
[  396.138500][T11119] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.4009: couldn't read orphan inode 15 (err -117)
[  396.150701][T11119] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  396.612565][ T7257] usb 3-1: USB disconnect, device number 14
[  396.656836][T11140] loop2: detected capacity change from 0 to 512
[  396.741795][T11140] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  396.753871][T11140] ext4 filesystem being mounted at /180/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  396.767068][T11140] EXT4-fs error (device loop2): ext4_do_update_inode:5256: inode #4: comm +}[@: corrupted inode contents
[  396.778786][T11140] EXT4-fs error (device loop2): ext4_dirty_inode:6121: inode #4: comm +}[@: mark_inode_dirty error
[  396.789915][T11140] EXT4-fs error (device loop2): ext4_do_update_inode:5256: inode #4: comm +}[@: corrupted inode contents
[  396.801477][T11140] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #4: comm +}[@: mark_inode_dirty error
[  396.812441][T11140] Quota error (device loop2): write_blk: dquota write failed
[  396.820016][T11140] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  396.830523][T11140] EXT4-fs error (device loop2): ext4_acquire_dquot:6803: comm +}[@: Failed to acquire dquot type 1
[  396.847113][T11144] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4014'.
[  396.857264][ T8086] EXT4-fs (loop2): unmounting filesystem.
[  396.863275][T11144] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4014'.
[  396.911911][T11146] loop2: detected capacity change from 0 to 512
[  396.960811][ T7327] EXT4-fs (loop3): unmounting filesystem.
[  396.977554][T11146] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  397.007265][T11146] EXT4-fs (loop2): Test dummy encryption mode enabled
[  397.104374][T11146] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.4015: casefold flag without casefold feature
[  397.126198][T11146] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.4015: couldn't read orphan inode 15 (err -117)
[  397.148785][T11146] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  397.209335][T11155] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4017'.
[  397.798348][ T8086] EXT4-fs (loop2): unmounting filesystem.
[  397.991914][T11177] loop5: detected capacity change from 0 to 512
[  398.010190][T11177] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  398.019180][T11177] ext4 filesystem being mounted at /10/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  398.033836][T11177] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #4: comm +}[@: corrupted inode contents
[  398.045645][T11177] EXT4-fs error (device loop5): ext4_dirty_inode:6121: inode #4: comm +}[@: mark_inode_dirty error
[  398.056997][T11177] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #4: comm +}[@: corrupted inode contents
[  398.068459][T11177] EXT4-fs error (device loop5): __ext4_ext_dirty:202: inode #4: comm +}[@: mark_inode_dirty error
[  398.079426][T11177] Quota error (device loop5): write_blk: dquota write failed
[  398.086889][T11177] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  398.096924][T11177] EXT4-fs error (device loop5): ext4_acquire_dquot:6803: comm +}[@: Failed to acquire dquot type 1
[  398.119075][T11016] EXT4-fs (loop5): unmounting filesystem.
[  398.150223][   T28] audit: type=1400 audit(1761860916.389:3639): avc:  denied  { ioctl } for  pid=11185 comm="syz.5.4027" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=52688 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  398.246505][T11188] overlayfs: failed to resolve './file0': -2
[  398.255066][T11188] loop5: detected capacity change from 0 to 256
[  398.274647][T11188] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d)
[  398.305592][T11193] loop5: detected capacity change from 0 to 512
[  398.313372][T11193] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  398.322569][T11193] EXT4-fs (loop5): Test dummy encryption mode enabled
[  398.334305][T11193] EXT4-fs error (device loop5): ext4_orphan_get:1400: inode #15: comm syz.5.4031: casefold flag without casefold feature
[  398.347387][T11193] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.4031: couldn't read orphan inode 15 (err -117)
[  398.398559][T11193] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  398.464895][T11201] __nla_validate_parse: 1 callbacks suppressed
[  398.464908][T11201] netlink: 44 bytes leftover after parsing attributes in process `syz.4.4034'.
[  398.516225][T11199] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4032'.
[  398.526451][T11199] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4032'.
[  398.546406][T11211] loop4: detected capacity change from 0 to 512
[  398.570304][T11211] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  398.579367][T11211] ext4 filesystem being mounted at /202/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  398.592681][T11211] EXT4-fs error (device loop4): ext4_do_update_inode:5256: inode #4: comm +}[@: corrupted inode contents
[  398.604177][T11211] EXT4-fs error (device loop4): ext4_dirty_inode:6121: inode #4: comm +}[@: mark_inode_dirty error
[  398.615499][T11211] EXT4-fs error (device loop4): ext4_do_update_inode:5256: inode #4: comm +}[@: corrupted inode contents
[  398.627072][T11211] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #4: comm +}[@: mark_inode_dirty error
[  398.637946][T11211] Quota error (device loop4): write_blk: dquota write failed
[  398.645494][T11211] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  398.655471][T11211] EXT4-fs error (device loop4): ext4_acquire_dquot:6803: comm +}[@: Failed to acquire dquot type 1
[  398.675352][ T8213] EXT4-fs (loop4): unmounting filesystem.
[  399.142849][T11016] EXT4-fs (loop5): unmounting filesystem.
[  399.202800][T11227] overlayfs: failed to resolve './file0': -2
[  399.213226][T11227] loop5: detected capacity change from 0 to 256
[  399.229752][T11227] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d)
[  399.296568][T11235] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4047'.
[  399.354196][ T5147] Bluetooth: hci0: Frame reassembly failed (-84)
[  399.701603][T11244] loop4: detected capacity change from 0 to 512
[  399.729114][T11244] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  399.738824][T11244] ext4 filesystem being mounted at /205/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  399.744984][T11250] loop2: detected capacity change from 0 to 512
[  399.752809][T11244] EXT4-fs error (device loop4): ext4_do_update_inode:5256: inode #4: comm +}[@: corrupted inode contents
[  399.767432][T11244] EXT4-fs error (device loop4): ext4_dirty_inode:6121: inode #4: comm +}[@: mark_inode_dirty error
[  399.779438][T11250] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  399.780268][T11244] EXT4-fs error (device loop4): ext4_do_update_inode:5256: inode #4: comm +}[@: corrupted inode contents
[  399.788550][T11250] EXT4-fs (loop2): Test dummy encryption mode enabled
[  399.806468][T11244] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #4: comm +}[@: mark_inode_dirty error
[  399.808188][T11250] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.4052: casefold flag without casefold feature
[  399.817715][T11244] Quota error (device loop4): write_blk: dquota write failed
[  399.830989][T11250] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.4052: couldn't read orphan inode 15 (err -117)
[  399.837252][T11244] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  399.849738][T11250] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  399.859534][T11244] EXT4-fs error (device loop4): ext4_acquire_dquot:6803: comm +}[@: Failed to acquire dquot type 1
[  399.896408][ T8213] EXT4-fs (loop4): unmounting filesystem.
[  400.007906][T11255] loop4: detected capacity change from 0 to 40427
[  400.018305][T11255] F2FS-fs (loop4): invalid crc value
[  400.025017][T11255] F2FS-fs (loop4): Found nat_bits in checkpoint
[  400.060400][T11255] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  400.277669][ T8213] syz-executor: attempt to access beyond end of device
[  400.277669][ T8213] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  400.308227][T11266] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4055'.
[  400.317481][T11266] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4055'.
[  400.402828][T11270] overlayfs: failed to resolve './file0': -2
[  400.410955][T11270] loop4: detected capacity change from 0 to 256
[  400.432293][T11270] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d)
[  400.480609][T11274] netlink: 44 bytes leftover after parsing attributes in process `syz.4.4059'.
[  400.504570][T11276] loop4: detected capacity change from 0 to 512
[  400.519201][T11276] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  400.528045][T11276] EXT4-fs (loop4): Test dummy encryption mode enabled
[  400.536461][T11276] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.4060: casefold flag without casefold feature
[  400.549529][T11276] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.4060: couldn't read orphan inode 15 (err -117)
[  400.569024][T11276] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  400.586132][ T8086] EXT4-fs (loop2): unmounting filesystem.
[  401.370348][ T8213] EXT4-fs (loop4): unmounting filesystem.
[  401.388281][ T2437] Bluetooth: hci0: command 0x1003 tx timeout
[  401.394462][ T3051] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  401.402086][T11241] Bluetooth: hci0: Opcode 0x080f failed: -22
[  402.313755][T11310] netlink: 44 bytes leftover after parsing attributes in process `syz.5.4070'.
[  402.337233][T11312] overlayfs: failed to resolve './file0': -2
[  402.574462][T11312] loop5: detected capacity change from 0 to 256
[  403.478224][    C1] ==================================================================
[  403.486351][    C1] BUG: KASAN: use-after-free in __run_timers+0x32b/0x9a0
[  403.493416][    C1] Write of size 8 at addr ffff88811f4e8a00 by task syz.4.4068/11314
[  403.501936][    C1] 
[  403.504280][    C1] CPU: 1 PID: 11314 Comm: syz.4.4068 Tainted: G        W          syzkaller #0
[  403.513379][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  403.523462][    C1] Call Trace:
[  403.526747][    C1]  <IRQ>
[  403.529694][    C1]  __dump_stack+0x21/0x24
[  403.534030][    C1]  dump_stack_lvl+0xee/0x150
[  403.538629][    C1]  ? __cfi_dump_stack_lvl+0x8/0x8
[  403.543658][    C1]  ? __run_timers+0x32b/0x9a0
[  403.548345][    C1]  print_address_description+0x71/0x200
[  403.553897][    C1]  print_report+0x4a/0x60
[  403.558231][    C1]  kasan_report+0x122/0x150
[  403.562755][    C1]  ? __run_timers+0x32b/0x9a0
[  403.567461][    C1]  __asan_report_store8_noabort+0x17/0x20
[  403.573204][    C1]  __run_timers+0x32b/0x9a0
[  403.577724][    C1]  ? sched_clock+0x9/0x10
[  403.582072][    C1]  ? sched_clock_cpu+0x6e/0x250
[  403.586944][    C1]  ? calc_index+0x200/0x200
[  403.591460][    C1]  ? kvm_sched_clock_read+0x18/0x40
[  403.596675][    C1]  run_timer_softirq+0x6a/0xf0
[  403.601458][    C1]  handle_softirqs+0x1d7/0x600
[  403.606254][    C1]  __irq_exit_rcu+0x52/0xf0
[  403.610763][    C1]  irq_exit_rcu+0x9/0x10
[  403.615005][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  403.620643][    C1]  </IRQ>
[  403.623577][    C1]  <TASK>
[  403.626516][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  403.632530][    C1] RIP: 0010:__sanitizer_cov_trace_const_cmp4+0x0/0x90
[  403.639494][    C1] Code: 11 10 48 89 74 11 18 48 89 44 11 20 5d c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 b8 7d 47 2f 67 <55> 48 89 e5 48 8b 45 08 65 48 8b 15 90 49 92 7e 65 8b 0d 91 49 92
[  403.659110][    C1] RSP: 0018:ffffc90003fdfa58 EFLAGS: 00000246
[  403.665183][    C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000002
[  403.673158][    C1] RDX: ffff88810f3a0000 RSI: 0000000000000000 RDI: 0000000000000000
[  403.681211][    C1] RBP: ffffc90003fdfc50 R08: 0000000000000000 R09: ffffc90003fdfd10
[  403.689188][    C1] R10: fffff520007fbfac R11: 1ffff920007fbfaa R12: ffffc90003fdfd00
[  403.697163][    C1] R13: dffffc0000000000 R14: 0000000000000002 R15: 1ffff920007fbf54
[  403.705179][    C1]  ? ___sys_recvmsg+0x187/0x510
[  403.710040][    C1]  ? __sys_recvmsg+0x270/0x270
[  403.714811][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  403.721232][    C1]  do_recvmmsg+0x359/0x7a0
[  403.725659][    C1]  ? __sys_recvmmsg+0x280/0x280
[  403.730542][    C1]  __x64_sys_recvmmsg+0x18d/0x240
[  403.735603][    C1]  ? __cfi___x64_sys_recvmmsg+0x10/0x10
[  403.741155][    C1]  ? fpregs_assert_state_consistent+0xb1/0xe0
[  403.747232][    C1]  x64_sys_call+0x3e7/0x9a0
[  403.751742][    C1]  do_syscall_64+0x4c/0xa0
[  403.756164][    C1]  ? clear_bhb_loop+0x30/0x80
[  403.760846][    C1]  ? clear_bhb_loop+0x30/0x80
[  403.765541][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  403.771433][    C1] RIP: 0033:0x7fe3e678efc9
[  403.775841][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  403.795615][    C1] RSP: 002b:00007fe3e51f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  403.804024][    C1] RAX: ffffffffffffffda RBX: 00007fe3e69e6090 RCX: 00007fe3e678efc9
[  403.811996][    C1] RDX: 03ffffffffffffbf RSI: 00002000000000c0 RDI: 0000000000000003
[  403.819971][    C1] RBP: 00007fe3e6811f91 R08: 0000000000000000 R09: 0000000000000000
[  403.827957][    C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  403.835937][    C1] R13: 00007fe3e69e6128 R14: 00007fe3e69e6090 R15: 00007ffc7dca9158
[  403.843926][    C1]  </TASK>
[  403.846948][    C1] 
[  403.849271][    C1] Allocated by task 11241:
[  403.853798][    C1]  kasan_set_track+0x4b/0x70
[  403.858394][    C1]  kasan_save_alloc_info+0x25/0x30
[  403.863514][    C1]  __kasan_kmalloc+0x95/0xb0
[  403.868122][    C1]  __kmalloc+0xb1/0x1e0
[  403.872284][    C1]  hci_alloc_dev_priv+0x27/0x1bd0
[  403.877347][    C1]  hci_uart_tty_ioctl+0x3d6/0xa20
[  403.882373][    C1]  tty_ioctl+0x8ef/0xc60
[  403.886619][    C1]  __se_sys_ioctl+0x12f/0x1b0
[  403.891292][    C1]  __x64_sys_ioctl+0x7b/0x90
[  403.895877][    C1]  x64_sys_call+0x58b/0x9a0
[  403.900379][    C1]  do_syscall_64+0x4c/0xa0
[  403.904795][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  403.910686][    C1] 
[  403.913006][    C1] Freed by task 11241:
[  403.917067][    C1]  kasan_set_track+0x4b/0x70
[  403.921658][    C1]  kasan_save_free_info+0x31/0x50
[  403.926690][    C1]  ____kasan_slab_free+0x132/0x180
[  403.931889][    C1]  __kasan_slab_free+0x11/0x20
[  403.936651][    C1]  slab_free_freelist_hook+0xc2/0x190
[  403.942031][    C1]  __kmem_cache_free+0xb7/0x1b0
[  403.946880][    C1]  kfree+0x6f/0xf0
[  403.950606][    C1]  hci_release_dev+0x12a3/0x13b0
[  403.955546][    C1]  bt_host_release+0x82/0x90
[  403.960152][    C1]  device_release+0xa4/0x1d0
[  403.964754][    C1]  kobject_put+0x19d/0x280
[  403.969173][    C1]  put_device+0x1f/0x30
[  403.973330][    C1]  hci_dev_cmd+0x265/0x720
[  403.977751][    C1]  hci_sock_ioctl+0x41e/0x7f0
[  403.982524][    C1]  sock_do_ioctl+0x101/0x310
[  403.987141][    C1]  sock_ioctl+0x4d8/0x6e0
[  403.991474][    C1]  __se_sys_ioctl+0x12f/0x1b0
[  403.996174][    C1]  __x64_sys_ioctl+0x7b/0x90
[  404.000781][    C1]  x64_sys_call+0x58b/0x9a0
[  404.005317][    C1]  do_syscall_64+0x4c/0xa0
[  404.009757][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  404.015746][    C1] 
[  404.018067][    C1] Last potentially related work creation:
[  404.023791][    C1]  kasan_save_stack+0x3a/0x60
[  404.028471][    C1]  __kasan_record_aux_stack+0xb6/0xc0
[  404.033882][    C1]  kasan_record_aux_stack_noalloc+0xb/0x10
[  404.039694][    C1]  insert_work+0x51/0x300
[  404.044021][    C1]  __queue_work+0x9b1/0xd30
[  404.048542][    C1]  queue_work_on+0xd2/0x140
[  404.053065][    C1]  __hci_cmd_sync_sk+0xa3e/0xcf0
[  404.058007][    C1]  hci_cmd_sync_status+0x53/0x120
[  404.063030][    C1]  hci_dev_cmd+0x628/0x720
[  404.067465][    C1]  hci_sock_ioctl+0x41e/0x7f0
[  404.072149][    C1]  sock_do_ioctl+0x101/0x310
[  404.076748][    C1]  sock_ioctl+0x4d8/0x6e0
[  404.081081][    C1]  __se_sys_ioctl+0x12f/0x1b0
[  404.085760][    C1]  __x64_sys_ioctl+0x7b/0x90
[  404.090349][    C1]  x64_sys_call+0x58b/0x9a0
[  404.094865][    C1]  do_syscall_64+0x4c/0xa0
[  404.099278][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  404.105171][    C1] 
[  404.107492][    C1] Second to last potentially related work creation:
[  404.114069][    C1]  kasan_save_stack+0x3a/0x60
[  404.118745][    C1]  __kasan_record_aux_stack+0xb6/0xc0
[  404.124118][    C1]  kasan_record_aux_stack_noalloc+0xb/0x10
[  404.129932][    C1]  insert_work+0x51/0x300
[  404.134258][    C1]  __queue_work+0x9b1/0xd30
[  404.138761][    C1]  queue_work_on+0xd2/0x140
[  404.143272][    C1]  hci_cmd_timeout+0x191/0x200
[  404.148036][    C1]  process_one_work+0x71f/0xc40
[  404.152883][    C1]  worker_thread+0xa29/0x11f0
[  404.157555][    C1]  kthread+0x281/0x320
[  404.161622][    C1]  ret_from_fork+0x1f/0x30
[  404.166039][    C1] 
[  404.168358][    C1] The buggy address belongs to the object at ffff88811f4e8000
[  404.168358][    C1]  which belongs to the cache kmalloc-8k of size 8192
[  404.182406][    C1] The buggy address is located 2560 bytes inside of
[  404.182406][    C1]  8192-byte region [ffff88811f4e8000, ffff88811f4ea000)
[  404.195854][    C1] 
[  404.198288][    C1] The buggy address belongs to the physical page:
[  404.204708][    C1] page:ffffea00047d3a00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11f4e8
[  404.215163][    C1] head:ffffea00047d3a00 order:3 compound_mapcount:0 compound_pincount:0
[  404.223498][    C1] flags: 0x4000000000010200(slab|head|zone=1)
[  404.229586][    C1] raw: 4000000000010200 0000000000000000 dead000000000001 ffff888100043500
[  404.238173][    C1] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000
[  404.246763][    C1] page dumped because: kasan: bad access detected
[  404.253184][    C1] page_owner tracks the page as allocated
[  404.258896][    C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 4358, tgid 4357 (syz.3.1589), ts 117501152468, free_ts 117493611913
[  404.281725][    C1]  post_alloc_hook+0x1f5/0x210
[  404.286498][    C1]  prep_new_page+0x1c/0x110
[  404.290999][    C1]  get_page_from_freelist+0x2c7b/0x2cf0
[  404.296545][    C1]  __alloc_pages+0x1c3/0x450
[  404.301132][    C1]  alloc_slab_page+0x6e/0xf0
[  404.305728][    C1]  new_slab+0x98/0x3d0
[  404.309798][    C1]  ___slab_alloc+0x6bd/0xb20
[  404.314473][    C1]  __slab_alloc+0x5e/0xa0
[  404.318807][    C1]  __kmem_cache_alloc_node+0x203/0x2c0
[  404.324267][    C1]  kmalloc_trace+0x29/0xb0
[  404.328679][    C1]  audit_log_d_path+0xc6/0x240
[  404.333446][    C1]  audit_log_d_path_exe+0x42/0x70
[  404.338473][    C1]  audit_log_task+0x205/0x2e0
[  404.343146][    C1]  audit_seccomp+0x7f/0x160
[  404.347650][    C1]  __seccomp_filter+0xacd/0x19d0
[  404.352585][    C1]  __secure_computing+0xea/0x290
[  404.357519][    C1] page last free stack trace:
[  404.362184][    C1]  free_unref_page_prepare+0x742/0x750
[  404.367639][    C1]  free_unref_page+0x8f/0x530
[  404.372313][    C1]  __free_pages+0x67/0x100
[  404.376735][    C1]  __free_slab+0xca/0x1a0
[  404.381067][    C1]  __unfreeze_partials+0x160/0x190
[  404.386180][    C1]  put_cpu_partial+0xa9/0x100
[  404.390857][    C1]  __slab_free+0x1c4/0x280
[  404.395279][    C1]  ___cache_free+0xbf/0xd0
[  404.399712][    C1]  qlist_free_all+0xc6/0x140
[  404.404318][    C1]  kasan_quarantine_reduce+0x14a/0x170
[  404.409783][    C1]  __kasan_slab_alloc+0x24/0x80
[  404.414643][    C1]  slab_post_alloc_hook+0x4f/0x2d0
[  404.419755][    C1]  kmem_cache_alloc_lru+0x104/0x280
[  404.424957][    C1]  sock_alloc_inode+0x28/0xc0
[  404.429635][    C1]  new_inode_pseudo+0x70/0x1f0
[  404.434393][    C1]  __sock_create+0x12c/0x7c0
[  404.438978][    C1] 
[  404.441289][    C1] Memory state around the buggy address:
[  404.446909][    C1]  ffff88811f4e8900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  404.454964][    C1]  ffff88811f4e8980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  404.463023][    C1] >ffff88811f4e8a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  404.471073][    C1]                    ^
[  404.475132][    C1]  ffff88811f4e8a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  404.483190][    C1]  ffff88811f4e8b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  404.491245][    C1] ==================================================================
[  404.499296][    C1] Disabling lock debugging due to kernel taint
[  404.505485][    C1] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  404.517196][    C1] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  404.525599][    C1] CPU: 1 PID: 11314 Comm: syz.4.4068 Tainted: G    B   W          syzkaller #0
[  404.534525][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  404.544579][    C1] RIP: 0010:__queue_work+0x575/0xd30
[  404.549870][    C1] Code: 39 2b 0f 84 b9 00 00 00 e8 a8 dc 28 00 4c 89 ff e8 b0 09 ad 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 ec 50 6d 00 49 8b 7d 00 e8 93 05
[  404.569475][    C1] RSP: 0018:ffffc900001b0c70 EFLAGS: 00010046
[  404.575543][    C1] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff88810f3a0000
[  404.583512][    C1] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  404.591577][    C1] RBP: ffffc900001b0d08 R08: fffffffffffffffb R09: 0000000000000007
[  404.599580][    C1] R10: ffffed1023e9d139 R11: 1ffff11023e9d139 R12: dffffc0000000000
[  404.607568][    C1] R13: 0000000000000000 R14: ffff88811f4e89c8 R15: 0000000000000008
[  404.615539][    C1] FS:  00007fe3e51f76c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  404.624465][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  404.631047][    C1] CR2: 0000200000d3e030 CR3: 000000012ff4f000 CR4: 00000000003506a0
[  404.639024][    C1] DR0: ffffffffffffffff DR1: 00000000000001f8 DR2: 0000000000000083
[  404.647083][    C1] DR3: ffffffffefffff15 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  404.655056][    C1] Call Trace:
[  404.658337][    C1]  <IRQ>
[  404.661181][    C1]  delayed_work_timer_fn+0x61/0x80
[  404.666311][    C1]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[  404.672118][    C1]  call_timer_fn+0x46/0x2a0
[  404.676630][    C1]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[  404.682441][    C1]  __run_timers+0x667/0x9a0
[  404.686955][    C1]  ? calc_index+0x200/0x200
[  404.691464][    C1]  ? kvm_sched_clock_read+0x18/0x40
[  404.696686][    C1]  run_timer_softirq+0x6a/0xf0
[  404.701458][    C1]  handle_softirqs+0x1d7/0x600
[  404.706231][    C1]  __irq_exit_rcu+0x52/0xf0
[  404.710731][    C1]  irq_exit_rcu+0x9/0x10
[  404.714978][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  404.720625][    C1]  </IRQ>
[  404.723554][    C1]  <TASK>
[  404.726484][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  404.732468][    C1] RIP: 0010:__sanitizer_cov_trace_const_cmp4+0x0/0x90
[  404.739236][    C1] Code: 11 10 48 89 74 11 18 48 89 44 11 20 5d c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 b8 7d 47 2f 67 <55> 48 89 e5 48 8b 45 08 65 48 8b 15 90 49 92 7e 65 8b 0d 91 49 92
[  404.758860][    C1] RSP: 0018:ffffc90003fdfa58 EFLAGS: 00000246
[  404.764927][    C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000002
[  404.772893][    C1] RDX: ffff88810f3a0000 RSI: 0000000000000000 RDI: 0000000000000000
[  404.780872][    C1] RBP: ffffc90003fdfc50 R08: 0000000000000000 R09: ffffc90003fdfd10
[  404.788853][    C1] R10: fffff520007fbfac R11: 1ffff920007fbfaa R12: ffffc90003fdfd00
[  404.796822][    C1] R13: dffffc0000000000 R14: 0000000000000002 R15: 1ffff920007fbf54
[  404.804799][    C1]  ? ___sys_recvmsg+0x187/0x510
[  404.809666][    C1]  ? __sys_recvmsg+0x270/0x270
[  404.814440][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  404.820603][    C1]  do_recvmmsg+0x359/0x7a0
[  404.825024][    C1]  ? __sys_recvmmsg+0x280/0x280
[  404.829897][    C1]  __x64_sys_recvmmsg+0x18d/0x240
[  404.834934][    C1]  ? __cfi___x64_sys_recvmmsg+0x10/0x10
[  404.840482][    C1]  ? fpregs_assert_state_consistent+0xb1/0xe0
[  404.846550][    C1]  x64_sys_call+0x3e7/0x9a0
[  404.851143][    C1]  do_syscall_64+0x4c/0xa0
[  404.855993][    C1]  ? clear_bhb_loop+0x30/0x80
[  404.860673][    C1]  ? clear_bhb_loop+0x30/0x80
[  404.865380][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  404.871275][    C1] RIP: 0033:0x7fe3e678efc9
[  404.875703][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  404.895305][    C1] RSP: 002b:00007fe3e51f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  404.903719][    C1] RAX: ffffffffffffffda RBX: 00007fe3e69e6090 RCX: 00007fe3e678efc9
[  404.911691][    C1] RDX: 03ffffffffffffbf RSI: 00002000000000c0 RDI: 0000000000000003
[  404.919667][    C1] RBP: 00007fe3e6811f91 R08: 0000000000000000 R09: 0000000000000000
[  404.927636][    C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  404.935605][    C1] R13: 00007fe3e69e6128 R14: 00007fe3e69e6090 R15: 00007ffc7dca9158
[  404.943576][    C1]  </TASK>
[  404.946589][    C1] Modules linked in:
[  404.950482][    C1] ---[ end trace 0000000000000000 ]---
[  404.955926][    C1] RIP: 0010:__queue_work+0x575/0xd30
[  404.961220][    C1] Code: 39 2b 0f 84 b9 00 00 00 e8 a8 dc 28 00 4c 89 ff e8 b0 09 ad 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 ec 50 6d 00 49 8b 7d 00 e8 93 05
[  404.980825][    C1] RSP: 0018:ffffc900001b0c70 EFLAGS: 00010046
[  404.986887][    C1] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff88810f3a0000
[  404.994855][    C1] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  405.002825][    C1] RBP: ffffc900001b0d08 R08: fffffffffffffffb R09: 0000000000000007
[  405.010799][    C1] R10: ffffed1023e9d139 R11: 1ffff11023e9d139 R12: dffffc0000000000
[  405.018770][    C1] R13: 0000000000000000 R14: ffff88811f4e89c8 R15: 0000000000000008
[  405.026740][    C1] FS:  00007fe3e51f76c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  405.035666][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  405.042252][    C1] CR2: 0000200000d3e030 CR3: 000000012ff4f000 CR4: 00000000003506a0
[  405.050223][    C1] DR0: ffffffffffffffff DR1: 00000000000001f8 DR2: 0000000000000083
[  405.058195][    C1] DR3: ffffffffefffff15 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  405.066171][    C1] Kernel panic - not syncing: Fatal exception in interrupt
[  405.073695][    C1] Kernel Offset: disabled
[  405.078018][    C1] Rebooting in 86400 seconds..