last executing test programs:

2m12.950420674s ago: executing program 0 (id=1050):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000440)={'batadv_slave_0\x00', <r1=>0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="280000001e00150d2cbd7000fddbdf2507000000", @ANYRES32=r2, @ANYBLOB="020000000000000008000a00", @ANYRES32=r1], 0x28}}, 0x48010)

2m12.860397046s ago: executing program 0 (id=1052):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x818, &(0x7f00000008c0)=ANY=[@ANYRES32=0x0, @ANYRESOCT, @ANYRESOCT, @ANYRESHEX=r0], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1/file3\x00', 0x11e)

2m12.802535797s ago: executing program 0 (id=1054):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(r0, 0x0, 0x80000000, 0x0)
syz_clone(0xa4384211, 0x0, 0x0, 0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000340)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffffffb}, {0x6, 0x2, 0x0, 0xffff0001}]})

2m11.932425445s ago: executing program 0 (id=1073):
syz_mount_image$exfat(&(0x7f0000000080), &(0x7f0000000240)='./bus\x00', 0x3010050, &(0x7f0000000600)=ANY=[], 0x1, 0x1500, &(0x7f0000003080)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c8/rGu+dvjDX2mvv/zPmstecez/8yxt7fdhxctX61ynWZGf4p+OcvqQCQAgD9AOAaAIgAoFS2UtkAh0Emjan/3JuIf62Hpl3pFYgrSfqfvkn/0zfpf/om/U/fpP/pm/Q/fZP+p2/SfyHSs63Tc18rI/2O/7nn/yDP//+/I+f//0UOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J//+XiwAq/TeHpf/pm/RfiPTsSj9/lnFlx5X+/RNCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIkT6cC5cZAPjL/EqvSwghhBBCCCGEEP86IeOVXoEQQgghhBBCCCH+/RAUaDAQQQbICCmQCTLDVZAFroascA0k4FrIBtdBdrgeckBOyAW5IQ/khXxggcABQwz5oQAk4QYoCDdCISgMRaAoeCgGxeEmKAE3Q0m4BUrBrVAaboMyUBbKQXm4HSrAHVARKkFluBOqwF1QFarB3VAd7oEacC/UhPugFtwPteEBqAMPQl14COrBw1AfHoEG8Cg0hEbQGJpA0/+n/BehK7wE3aA7pEIP6AkvQy/oDX2gL/SDV6A/vAoD4DUYCINgMLwOQ+ANGApvwjAYDiPgLRgJo2A0jIGxMA7Gw9swAd6BifAuTILJMAWmwjSYDjPgPZgJs2A2vA9z4AOYC/NgPiyAhfAhLILFkAYfwRL4GJbCMlgOK2AlrILVsAbWwjpYDxtgI2yCzbAFtsInsA22ww7YCbtgN+yBT2EvfAb74HPYD1/8g/ln/1N+JwQEVKjQoMEMmAFTMAUzY2bMglkwK2bFBCYwG2bD7Jgdc2AOzIW5MA/mwXyYDwkJGRnzY35MYhILYkEshIWwCBZBjx6LY3EsgTdjSSyJpbAUlsbSWAbLYlksj+WxAlbAilgRK2NlrIJVsCpWxbvxbrwHa2ANrIk1sRbWwtpYG+tgHayLdbEe1sP6WB8bYANsiA2xMTbGptgUm2EzbI7NsSW2xFbYCltja2yDbbAttsV22A7bY3vsgB2wI3bETtgZO+OL+CK+hC9hd6yiemBP7Im9sBf2wb7YF1/B/vgqvoqv4UAchIPxdXwd38CheAaH4XAcgSOwghqFo3EMshqH43E8TsAJOBEn4iScjJNxKk7D6TgDZ+BMnIWz8H2cgx/gBzgP5+ECXIgLcREuxjRMwyV4FpfiMlyOK3AlrsKVuAbX4hpcjxtwPW7CTbgFt+An+Alux+24E3fibtyNn+Kn+Bl+hgNxP+7HA3gAD+JBPISH8DAexiN4BI/iUTyGx/A4HscTeBJP4Uk8jafxDJ7Fc3gOz+N5vIDP5/m63u7C6waCusQoozKoDCpFpajMKrPKorKorCqrSqiEyqayqewqu8qhcqhcKpfKo/KofCqfIkWKVazyq/wqqZKqoCqoCqlCqogqorzyqrgqrkqoEqqkKqlKqVtVaXWbKqPKqha+vCqvKqiWvqKqpCqryqqKuktVVdVUNVVdVVc1VA1VU9VUtVQtVVs9oOqoHtgHH1KXOlNfDcIGajA2VI1UY9VEvYGPqWZqKDZXLVRL9YQajsOwtWrm26inVVs1GtupZ9UYfE51UOOwo3pBdVKdVRf1ouqqmvtuGX77CFRTsZfqrfqovmom3qUudayqek0NVIPUYPW6WoBvqKHqTTVMDVcj1FtqpBqlRqsxaqwap8art9UE9Y6aqN5Vk9RkNUVNVdPUdDVDvadmqllqtnpfzVEfqLlqnpqvFqiF6kO1SC1WaeojtUR9rJaqZWq5WqFWqlVqtVqj1qp1ar3aoDaqTWqz2qK2qk/UNrVd7VA71S61W+1Rn6q96jO1T32u9qsv1AH1J3VQfakOqa/UYfW1OqK+UUfVt+qY+k4dV9+rE+qkOqV+UKfVj+qMOqvOqZ/UefWzuqB+URdVUKBRK6210ZHOoDPqFJ1JZ9ZX6Sz6ap1VX6MT+lqdTV+ns+vrdQ6dU+fSuXUenVfn01aTdpp1rPPrAjqpb9AF9Y26kC6si+ii2utiuri+SZfQN+uS+hZdSt+qS+vbdBldVpfT5fXtuoK+Q1fUlXRlfaeuou/SVXU1fbeuru/RNfS9uqa+T9fS9+va+gFdRz+o6+qHdD39sK6vH9EN9KO6oW6kG+smuql+TDfTj+vmuoVuqZ/QrfSTurV+SrfRT+u2+hndTj+r2+vndAf9vO6oX9CddGfdRf+iL+qgu+nuOlX30D31y7qX7q376L66n35F99ev6gH6NT1QD9KD9et6iH5DD9Vv6mF6uB6h39Ij9Sg9Wo/RY/U4PV6/rSfod/RE/a6epCfrKXqqnqan6z6/VZr9d+S/8zfyB/z67lv0Vv2J3qa36x16p96ld+s9eo/eq/fqfXqf3q/36wP6gD6oD+pD+pA+rA/rI/qIPqqP6mP6mD6uj+sT+qT+Sf+gT+sf9Rl9Vp/VP+nz+ry+8NvPAAwaZbQxJjIZTEaTYjKZzOYqk8VcbbKaa0zCXGuymetMdnO9yWFymlwmt8lj8pp8xhoyzrCJTX5TwCTNDaagudEUMoVNEVPUeFPMFDc3/dP5f7S+pqapaWaameamuWlpWppWppVpbVqbNqaNaWvamnamnWlv2psOpoPpaDqaTqaT6WK6mK6mq+lmuplUDQDmZdPL9DZ9TF/Tz7xi+pv+ZoAZYAaagWawGWyGmCFmqBlqhplhZoQZYUaakWa0GW3GmrFmvBlvJpgJZqKZaCaZSWaKmWKmmWlmhplhZpqZZraZbeaYOWaumWvmm/lmoVloFplFJs2kmSVmiVlqlpllZoVZYVaZVWaNWWPWmXVmg9lgNplNZqnZaraabWab2WF2mF1ml9lj9pi9Zq/ZZ/aZ/Wa/OWAOmIPmoDlkDpnD5rA5Yo6Yo+aoOWaOmePmuDlhTphT5pQ5bU6bM+aMOWfOmfPmvLlgLpiL5uKly75IRSoykYkyRBmilCglyhxljrJEWaKsUdYoESWibFG2KHt0fZQjyhnlinJHeaK8USrYiCIXcRRH+aMCUTK6ISoY3RgVigpHRaKikY+KRcWjm6IS0c1RyeiWqFR0a1Q6ui0qE5WNykXlo9ujCtEdUcWoUlQ5ujOqEt0VVY2qRXdH1aN7ohrRvVHN6L6oVnR/VDt6IKoTPRjVjR6K6kUPR/WjR6IG0aNRw6hR1DhqEjX9l9YP4UzOx303292m2h62p33Z9rK9bR/b1/azr9j+9lU7wL5mB9pBdrB93Q6xb9ih9k07zA63I+xbdqQdZUfbMXasHWfH27ftBPuOnWjftZPsZDvFTrXT7HQ7w75nZ9pZdrZ9386xH9i5dp6dbxfYhfZDu8gutmn2I7vEfmyX2mV2uV1hV9pVdrVdY9fadXa93WA32k12s91it9pP7Da73e6wO+0uu9vusZ/avfYzu89+bvfbL+wB+yd70H5pD9mv7GH7tT1iv7FH7bf2mP3OHrff2xP2pD1lf7Cn7Y/2jD1rz9mf7Hn7s71gf7EXbbh0cX/p9E6GDGWgDJRCKZSZMlMWykJZKSslKEHZKBtlp+yUg3JQLspFeSgP5aN8dAkTU37KT0lKUkEqSIWoEBWhIuTJU3EqTiWoBJWkklSKSlFpKk1lqAyVo3J0O91Od9AdVIkq0Z10J91Fd1E1qkbVqTrVoBpUk2pSLapFtak21aE6VJfqUj2qR/WpPjWgBtSQGlJjakxNqSk1o2bUnJpTS2pJragVtabW1IbaUFtqS+2oHbWn9tSBOlBH6kidqBN1oS7UlbpSN+pGqZRKPakn9aJe1If6UD/qR/2pPw2gATSQBtJgGkxDaAgNpaE0jIbTCHqLRtIoGk1jaCyNo/E0nibQBJpIE2kSTaIpNIWm0TSaQTNoJs2k2TSb5tAcmktzaT7Np4W0kBbRIkqjNFpCS2gpLaXltJxW0kpaTatpLa2l9bSeNtJG2kybaSttpW20jXbQDtpFu2gP7aG9tJf20T7aT/vpAB2gg3SQDtEhOkyH6QgdoaN0lI7RMTpOx+kEnaBTdIpO02k6Q2foHJ2j8/QzXaBf6CIFSnEKMrurXBZ3tcvqrnEpLpO7FEcAcCnO5XK7PC6vy+esy+Fy/lVMzrlCrrAr4oo674q54u6m38VlXFlXzpV3t7sK7g5X8XdxdXePq+HudTXdfa6au/uv4lruflfbPeLquEddXdfI1XNNXH33iGvgHnUNXSPX2DVxrdyTrrV7yrVxT7u27pnfxYvcYrfWrXPr3Qa3133mzrmf3FH3rTvvfnbdXHfXz73i+rtX3QD3mhvoBv0uHuHeciPdKDfajXFj3bjfxVPcVDfNTXcz3Htuppv1u3ih+9DNcWlurpvn5rsFv8aX1pTmPnJL3MduqVvmlrsVbqVb5Va7Nf93rSvcJrfZbXF73Kdum9vudridbpfb/Wt8aR/73Oduv/vCHXHfuIPuS3fIHXOH3de/xpf2d8x95467790Jd9Kdcj+40+5Hd8ad/XX/l/b+g/vFXXTBASMr1mw44gyckVM4E2fmqzgLX81Z+RpO8LWcja/j7Hw95+CcnItzcx7Oy/nYMrFj5pjzcwFO8g1ckG/kQlyYi3BR9lyMi/NNXIJv5pJ8C5fiW7k038ZluCyX4/J8O1fgO7giV+LKfCdXCYGrcjW+m6vzPVyD7+WafB/X4vu5Nj/AdfhBrssPcT1+mOvzI9yAH+WG3IgbcxNuyo9xM36cm3MLbslPcCt+klvzU9yGn+a2/Ay342e5PT/HHfh57sgvcCfuzF34Re7KL3E37s6p3IN78svci3tzH+7L/fgV7s+v8gB+jQfyIB7Mr/MQfoOH8ps8jIfzCH6LR/IoHs1jeCyP4/H8Nk/gd3giv8uTeDJP4ak8jafzDH6PZ/Isns3v8xz+gOfyPJ7PC3ghf8iLeDGn8Ue8hD/mpbyMl/MKXsmreDWv4bW8jtfzBt7Im3gzb+Gt/Alv4+28g3fyLt7Ne/hT3suf8T7+nPfzF3yA/8QH+Us+xF/xYf6aj/A3fJS/5WP8HR/n7/kEn+RT/AOf5h/5DJ/lc/wTn+ef+QL/whc5MMQYq1jHJo7iDHHGOCXOFGeOr4qzxFfHWeNr4kR8bZwtvi7OHl8f54hzxrni3HGeOG+cL7YxxS7mOI7zxwXiZHzD2oLxjXGhuHBcJC4a+7hYXDy+KS4R3xyXjG+JS8W3xqXj2+Iycdn4kfvKx7fHFeI74opxpbhyfGdcJb4rrhpXi++Oq8f3xDXie+Oa8X1xyfj+uHb8QFwnfjCuGz8U14sfjuvHj8QN4kfjhnGjuHHcJG4aPxY3ix+Pm8ct4pbxE3Gr+Mm4dfxU3CZ+Om4bP/OHx1PjHnHP+OX45TiEe/X85ILkwuSHyUXJxcm05EfJJcmPk0uTy5LLkyuSK5OrkquTa5Jrk+uS65MbkhuTm5Kbk1uSIVTLCB698tobH/kMPqNP8Zl8Zn+Vz+Kv9ln9NT7hr/XZ/HU+u7/e5/A5fS6f2+fxeX0+bz1559nHPr8v4JP+Bl/Q3+gL+cK+iC/qvS/mi/smvqlv6pv5x31z38K39E/4J/yT/kn/lH/KP+3b+md8O/+sb++f8x388/55/4Lv5Dv7Lv5F39W/5Lv57j7Vp/qevqfv5Xv5Pr6P7+f7+f6+vx/gB/iBfqAf7Af7IX6IH+qH+mF+mB/hR/iRfqQf7Uf7sX6sH+/H+wl+gp/oJ/pJfpKf4qf4aX6an+Fn+Jl+pp/tZ/s5heb4uX6un+/n+4V+oV/kF/k0n+aX+CV+qV/ql/vlfqVf6Vf71X6tX+vX+/V+o9/oN/vNfqvf6rf5bX6H3+F3+V1+j9/j9/q9fp/f5/f7/f6AP+AP+oP+kP/KH/Zf+yP+G3/Uf+uP+e/8cf+9P+FP+lP+B3/a/+jP+LP+nP/Jn/c/+wv+F3/RBz8+8XZiQuKdxMTEu4lJicmJKYmpiWmJ6YkZifcSMxOzErMT7yfmJD5IzE3MS8xPLEgsTHyYWJRYnEhLfJRYkvg4sTSxLLE8sSKxMrEqEULebXHIHwqEZLghFAw3hkKhcCgSigYfioXi4aZQItwcSoZbQqlwaygdbgtlQtlQLjwaGoZGoXFoEpqGx0Kz8HhoHlqEluGJ0Co8GVqHp0Kb8HRoG54J7cKzoX14LnQIz4eO4YXQKXQOXcKLoWt4KXQL3UNq6BF6hpdDr9A79Al9Q7/wSugfXg0DwmthYBgUBofXw5DwRhga3gzDwvAwIrwVRoZRYXQYE8aGcWF8eDtMCO+EieHdMClMDlPC1DAtTA8zwnthZpgVZof3w5zwQZgb5oX5YUFYGD4Mi8LikBY+CkvCx2FpWBaWhxVhZVgVVoc1YW1YF9aHDWFj2BQ2hy1ha/gkbAvbw46wM+wKu8Oe8GnYGz4L+8LnYX/4IhwIfwoHw5fhUPgqHA5fhyPhm3A0fBuOhe/C8fB9OBFOhlPhh3A6/BjOhLPhXPgpnA8/hwvhl3BR/mZNCCGEEOLvov/geI+/8b0MAKB+m/cEgKu35z78n2tuzPHneW+Vp1UCAJ7u3vGhv4wqVVJTU3977VINUYF5AJD46/p/iZdBS3gS2kALKPE319dbdT7Pf1A/eStA5v+QkwKX48v1b/4v6j/2xIhFpeNz2f6b+vMAChW4nJMJLseX65f8L+rnbPYH68/05XiA5v8hJwtcji/XLw6PwzPQ5q9eKYQQQgghhBBC/FlvVa79H90/X7o/z2Mu52SEy/Ef3Z8LIYQQQgghhBDiynuuc5enHmvTpkX7v2+Cvz0X+MeyZCITmfwbJ+rfUPlKfzIJIYQQQggh/tUuX/Rf6ZUIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBDp1//E/ye70nsUQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghrrT/EwAA//+9yTig")
mount$incfs(&(0x7f0000000580)='./file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000005c0), 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x8c)
getdents64(r0, &(0x7f00000002c0)=""/173, 0xad)

2m11.659852919s ago: executing program 0 (id=1078):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_SUPPORTED_HV_CPUID_cpu(r2, 0xc008aec1, &(0x7f00000002c0)={0x9, 0x0, [{0xd, 0x7, 0x0, 0x7, 0xffff6dc7, 0x101, 0x9}, {0x1, 0x1ff, 0x9, 0x2, 0x80000000, 0x6, 0xb}, {0x80000001, 0x78d, 0x0, 0xfffffffd, 0x6, 0x800, 0xb7e1}, {0x80000019, 0xb, 0x1, 0x9, 0x9, 0x2}, {0x1, 0x7, 0x9, 0x6, 0x7, 0x6, 0xb33}, {0x40000001, 0xae, 0x0, 0x2, 0x2974c2b7, 0xafc, 0x80000000}, {0x80000019, 0xa85, 0x4, 0x8000, 0x4, 0x2, 0x2}, {0x1, 0x1, 0x1, 0x9, 0x7ff, 0xfcd, 0x10}, {0x80000008, 0x2000, 0x2, 0x6ae09a83, 0x7, 0x6, 0xff}]})

2m11.165857299s ago: executing program 0 (id=1086):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth1_vlan\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x80, 0x2}, [@NDA_LLADDR={0xa, 0x2, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}]}, 0x28}}, 0x0)

2m11.084965141s ago: executing program 32 (id=1086):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth1_vlan\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x80, 0x2}, [@NDA_LLADDR={0xa, 0x2, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}]}, 0x28}}, 0x0)

1m12.255633704s ago: executing program 4 (id=2404):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x2)
readv(r0, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0x940}], 0x1)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

1m12.128262356s ago: executing program 4 (id=2410):
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x25)
setresuid(0xee01, 0xee01, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')

1m12.080730137s ago: executing program 4 (id=2411):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
fstat(r0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
setreuid(0x0, r1)
setuid(r1)

1m11.889406381s ago: executing program 4 (id=2416):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
rt_tgsigqueueinfo(0x0, 0x0, 0x8, 0x0)

1m11.836946162s ago: executing program 4 (id=2418):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x83)
sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0xf0, 0x32, 0x205, 0x70bd2d, 0x25dfdbfc, {}, [{0xc9}]}, 0xf0}, 0x1, 0x0, 0x0, 0x85}, 0x8000)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40086602, &(0x7f0000000000))
fstat(r0, &(0x7f0000000340))

1m11.824550542s ago: executing program 4 (id=2419):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, 0x0, 0x0}, 0x94)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000040), 0x10)
sendmsg$netlink(r0, &(0x7f0000005d80)={&(0x7f0000000440)=@proc={0x10, 0x0, 0x25dfdbff, 0x80000}, 0x7, &(0x7f0000005cc0)=[{&(0x7f0000001380)=ANY=[], 0x38}], 0x1, 0x0, 0x0, 0x44011}, 0x0)

1m10.564593407s ago: executing program 5 (id=2431):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x101801, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x2})
ioctl$TUNSETDEBUG(r0, 0x400454c9, 0xffffffffffffffff)
ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000580)={0x1, 0x3, [@empty, @empty, @broadcast]})

1m10.40908673s ago: executing program 5 (id=2434):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000080)=0x3d, 0x4)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x86, &(0x7f00000010c0)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @local}, @redirect={0x4, 0x0, 0x0, @broadcast=0x1000000, {0x17, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x15}, {[@timestamp_addr={0x44, 0xc, 0x0, 0x1, 0x5, [{@remote, 0x4e20fffc}]}, @timestamp_addr={0x44, 0x3c, 0x0, 0x1, 0x0, [{@multicast1}, {}, {@loopback}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@empty, 0x800}, {@multicast2}, {@dev, 0x4}]}]}}}}}}}, 0x0)

1m10.284453723s ago: executing program 5 (id=2437):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x54, 0x24, 0xd0f, 0x4703d2d, 0xfffffffd, {0x60, 0x0, 0x0, r2, {0x0, 0xfff2}, {0xfff1, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0xb, 0x1, {0x0, 0x7, 0x1, 0xfff, 0x2, 0x5, 0x102}}, {0x4}}]}]}, 0x54}}, 0x44080)

1m10.277753532s ago: executing program 5 (id=2439):
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x25)
setresuid(0xee01, 0xee01, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')

1m10.214456434s ago: executing program 5 (id=2440):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x83)
sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0xf0, 0x32, 0x205, 0x70bd2d, 0x25dfdbfc, {}, [{0xc9}]}, 0xf0}, 0x1, 0x0, 0x0, 0x85}, 0x8000)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40086602, &(0x7f0000000000))
fstat(r0, &(0x7f0000000340))

1m10.165853585s ago: executing program 5 (id=2443):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/4\x00')
preadv(r1, &(0x7f0000001240)=[{&(0x7f0000000040)=""/18, 0x12}], 0x1, 0x0, 0x3)

56.809435346s ago: executing program 33 (id=2419):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, 0x0, 0x0}, 0x94)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000040), 0x10)
sendmsg$netlink(r0, &(0x7f0000005d80)={&(0x7f0000000440)=@proc={0x10, 0x0, 0x25dfdbff, 0x80000}, 0x7, &(0x7f0000005cc0)=[{&(0x7f0000001380)=ANY=[], 0x38}], 0x1, 0x0, 0x0, 0x44011}, 0x0)

55.119347219s ago: executing program 34 (id=2443):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/4\x00')
preadv(r1, &(0x7f0000001240)=[{&(0x7f0000000040)=""/18, 0x12}], 0x1, 0x0, 0x3)

54.998244502s ago: executing program 6 (id=2476):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, 0x0, &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000000)={0x80, 0x6, 0x321, 0xffff, 0x4c, 0x101, 0x0})

54.939893403s ago: executing program 6 (id=2478):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
clock_gettime(0x0, &(0x7f0000001b00))

54.621262429s ago: executing program 6 (id=2488):
io_submit(0x0, 0x1, &(0x7f0000004500)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x5, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}])
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000002800000028000000050000000400000000000001000e00000800000000000000000000030000000001"], &(0x7f0000001540)=""/4096, 0x45, 0x1000, 0x1}, 0x28)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x1}, 0x28)

54.56970455s ago: executing program 6 (id=2491):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000000)={[{@errors_remount}, {@grpquota}]}, 0x4, 0x4f2, &(0x7f0000000c80)="$eJzs3c9vVF0ZAOD3Tjttv34DBWWhRgURRUOY/gAaggthozGExEhcuYDaDk3TGabptEgri7J0byKJK/0T3LkwYeXCnTvducGFCSrRUBMXY+6dSzu0HVqk7dDO8yR37j3nXuY9Z4ZzztzDDCeAnnUuItYiYiAi7kfESJ6f5FvcbG3pda9fPZlef/VkOolm8+4/kux8mhdtfyb1af6cQxHxg+9G/DjZHrexsjo/Va1WFvP06FJtYbSxsnp5rpDnTEyOT45dv3JtYt/qerb2m5ffmbv9w9/99ksv/rj2zZ+mxSr97ER2rr0e+6lV9WKU2vL6I+L2QQTrkv787w9HT9raPhMR57P2PxJ92bsJABxnzeZINEfa0wDAcZfe/5ciKZTzuYBSFArlcmsO70wMF6r1xtKlkfryw5nI5rBORbHwYK5aGcvnCk9FMUnT49nxZnpiS/pKRJyOiJ8PfpKly9P16kw3P/gAQA/7dMv4/+/B1vgPABxzQ+95va8IAMDR977jPwBw9Bn/AaD3vMf4b+ofAI4J9/8A0HuM/wDQe3Yd/58eTjkAgEPx/Tt30q25nv//1zOPVpa/VXp0eabSmC/XlqfL0/XFhfJsvT5brZSnm83dnq9ary+MX91INlZW79Xqyw+X7s3VpmYr9yrFA64PALC702ef/zmJiLUbn2RbtK3lYKyG463Q7QIAXdPX7QIAXeP3PNC79nCPbxoAjrkdluh9S8evCD2z+CscVRc/b/4fepX5f+hd/9/8/7f3vRzA4TP/D72r2Uys+Q8APcYcP/BB//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPaqUbUmhnK0FvpY+FsrliBMRcSqKyYO5amUsIk5GxJ8Gi4NperzbhQYAPlDhb0m+/tfFkQulrWcHkv8MZvuI+Mkv7/7i8dTS0uJ4mv/PjfylZ3n+xEA3KgAAtLu5Pas1Tuf7thv516+eTL/ZDrOIL2+1FhdN467nW+tMf/Rn+6EoRsTwv5I83ZJ+Xunbh/hrTyPic5v1f9wWoZTNgbRWPt0aP4194gDib77+W+MX3opfyM6l+2L2Wnx2H8oCveb5rVY/mbe9tInl7a8Q57L9zu1/KOuhPtyb/m99W/9X2Oj/+rbFT7I2f24j/e6SvLz6++9ty2yOtM49jfhC/07xk434SYf+98Ie6/iXL375fKdzzV9FXIyd47fUsm52dKm2MNpYWb08V5uarcxWHk5MTI5Pjl2/cm1iNJujbj3+YacYf79x6WSn+Gn9hzvEH9ql/l/bY/1//d/7P/rKO+J/46s7v/9n3hE/HRO/vsf4U8M3Oy7fncaf6VD/3d7/S3uM/+KvqzN7vBQAOASNldX5qWq1srjLQfpZc7drHBzNg1iL+AiKkR8MxEdRjJ4/6HbPBBy0zUbf7ZIAAAAAAAAAAAAAAACdNFZW5wfjYH9O1O06AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHz9LwAA//9Jt84K")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]})
lsetxattr$trusted_overlay_upper(&(0x7f0000000040)='./file0/file1\x00', &(0x7f0000000140), 0x0, 0x0, 0x1)

54.448653323s ago: executing program 6 (id=2496):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
ppoll(&(0x7f0000000180)=[{r0}], 0x1, 0x0, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000100)=0xfffffffe, 0x4)

53.998899582s ago: executing program 6 (id=2500):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x8800, &(0x7f0000000200)={0x5, 0x84, 0x100000}, 0x20)

53.913418193s ago: executing program 35 (id=2500):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x8800, &(0x7f0000000200)={0x5, 0x84, 0x100000}, 0x20)

44.90206317s ago: executing program 2 (id=2774):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$RTC_AIE_ON(r0, 0x7001)
pread64(r0, &(0x7f0000000000)=""/4, 0x4, 0x7)

44.062098126s ago: executing program 2 (id=2790):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="05000000050000000200000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000007000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00', r1}, 0x10)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)

44.046053677s ago: executing program 2 (id=2792):
unshare(0x22020600)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r0)

44.033838787s ago: executing program 2 (id=2793):
syz_mount_image$exfat(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x2008802, &(0x7f00000001c0)=ANY=[@ANYBLOB='allow_utime=00000000000000000006605,errors=remount-ro,uid=', @ANYRESHEX=0xee00, @ANYBLOB="2c696f636861727365743d69736f383835392d1e2c6e616d65636173653d312c6b6565705f6c6173745f646f74732c6769643d", @ANYRESHEX=0xee01, @ANYBLOB=',dmask=00000000000000000000001,errors=remount-ro,iocharset=cp1255,\x00'], 0x1, 0x1532, &(0x7f0000000940)="$eJzs3AucTVX7OPDnWWvtMSSdJrkMa61nc5LLIklySZJLkiRJkltCkuSVhMSQW9KQhOQyLrkMIblMTBr3+/2SkCRNkoTklqz/Z2L+6q33/77v7+2X3/83z/fz2Z9Zz1n7WXvtec7ZZ+99zsy3XYbWaFSzagMigv8IXvqRAACxADAQAK4DgAAAysaVjcvozy4x4T/bCPtzPZJ8tWfAriauf9bG9c/auP5ZG9c/a+P6Z21c/6yN65+1cf0Zy8q2zMh/PS9Zd+H7/1kZv///L5JecuyX60re2BUg5l9N4fr//w//g1yu//9awb+yEtc/a+P6Z1WxV3sC7H8Afv1nBdn+YQ/XP2vj+jOWlf36XnAsXP370X/1ApGs/RnI1X7+McYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLGs76KxQAZLav9rwYY4wxxhhjjDH25/HZrvYMGGOMMcYYY4wx9t8PQYAEBQHEQDaIheyQAwRATGb/9RAHN0BuuBHyQF7IB/khHgpAQdBgwAJBCIWgMEThJigCN0NRKAbFoQQ4KAml4BYoDbdCGbgNysLtUA7ugPJQASpCJbgTKsNdUAXuhqpwD1SD6lADasK9UAvug9pwP9SBB6AuPAj14CGoDw9DA3gEGsKj0Ageg8bwODSBptAMmkOL/1L+S9ADXoae0AsSoDf0gVegL/SD/jAABsKrMAheg8HwOiTCEBgKb8AweBOGw1swAkbCKHgbRsM7MAbGwjgYD0kwASbCJJgM78IUmArTYDokwwyYCe/BLJgNc+B9mAsfwDyYDwtgIaTAh7AIFkMqfARL4GNIg6WwDJbDClgJq2A1rIG1sA7WwwbYCJtgM2yBrbANtsMO2Am74BPYDZ/CHtgL++Az2A+f/5v5Z/4uvysCAgoUqFBhDMZgLMZiDsyBOTEn5sJcGMEIxmEc5sbcmAfzYD7Mh/EYjwWxIBo0SEhYCAthFKNYBItgUSyKxbE4OnRYCkthabwVy2AZLItlsRyWw/JYAStgJayElbEyVsEqWBWrYjWshjWwBt6L92JvrI21sQ7WwbpYN/P2FDbABtgQG2IjbISNsTE2wSbYDJthC2yBLbEltsJW2AbbYFtsi+2wHbbH9tgBO2BH7IidsBN2xs7YBbtgV+yG3dJfygb4Mr6MvbCa6I19sA/2xcRs/XEADsBXcRC+hq/h65iIQ3AovoFv4Js4HE/jCByJo3AUVhbv4BgciyTGYxIm4USciJNxMk7BqTgVp2MyzsCZOBNn4Wycje/jXPwAP8D5OB8XYgqm4CJcjKmYikvwDKbhUlyGy3EFrsQVuBrX4Gpch+txHW7EjbgZN+NW3IrbcTvuxJ34CSoA/BT34l5MxP24Hw/gATyIB/EQHsJ0TMfDeBiP4BE8ikfxGB7D43gCT+IJPIWn8DSewbN4Fs/jebyAL8R/3fCTYmsTQWRQQokYESNiRazIIXKInCKnyCVyiYiIiDgRJ3KL3CKPyCPyiXwiXsSLgqKgMMIIEmHGkUJERVQUEUVEUVFUFBfFhRNOlBKlRGlRWpQRZURZcbsoJ+4Q5UUF0dpVEpVEZdHGVRF3i6qiqqgmqosaoqaoKWqJWqK2qC3qiDqirqgr6omHRH3RG/vjIyKjMo3EEGwshmIT0VTIy0eolmI4thKtRRvxlBiJI7CdaOnai2dFBzEGO4q/ibH4vOgsxmMX8aLoKrqJ7uIl0UO0cj1FLzEFe4s+Yjr2Ff1EfzFAzMLq4n2cm72GeF0kiiFiqHhDLMQ3xXDxlhghRopR4m0xWrwjxoixYpwYL5LEBDFRTBKTxbtiipgqponpIlnMEDPFe2KWmC3miPfFXPGBmCfmiwVioUgRH4pFYrFIFR+JJeJjkSaWimViuVghVopVYrVYI9aKdWK92CA2ik1is9gitoptYrvYIXaKXeITsVt8KvaIvWKf+EzsF5+LA+ILcVB8KQ6Jr0S6+FocFt+II+JbcVR8J46J78VxcUKcFD+IU+JHcVqcEWfFOXFe/CQuiJ/FReEFSJRCSqlkIGNkNhkrs8sc8hqZUwaZx38ZJ2+QueWNMo/MK/PJ/DJeFpAFpZZGWkkylIVkYRmVN8ki8mZZVBaTxWUJ6WRJWUreIkvLW2UZeZssK2+X5eQdsrysICvKSvJOWVneJSFyaRvVZHVZQ9aU98oEuE/WlvfLOvIBWVc+KOvJh2R9+bBsIB+RDeWjspF8TDaWj8smsqlsJpvLFvIJ2VI+KVvJ1rKNfEq2lU/LdvIZ2V4+KztIf/kp8rzsLF+QXeSLsqvsJrvLn+VF6WVP2UtCb5B95Cuyr+wn+8sBcqB8VQ6Sr8nB8nWZKIfIofINOUy+KYfLt+QIOVKOkm/L0fIdOUaOlePkeJkkJ8iJcpKcLN+VU+RUOU1Ol8lyhux/eaQ5Uv7T/Elyksz+d/mDf9n6ZrlFbpXb5Ha5Q+6Uu+QncrfcLffIPXKf3Cf3y/3ygDwgD8qD8pA8JNNlujwsD8sj8og8Ko/KY/KYPC5PyHPyB3lK/ihPyzPyjDwnz8vz8sLl3wEoVEJJpVSgYlQ2FauyqxzqGpVTXatyqetURF2v4tQNKre6UeVReVU+lV/FqwKqoNLKKKtIhaqQKqyi6ia8/IRRxVUJ5VRJVUrd8u/kqyLqZlVUFftNfub8Ev7B/FqoFqqlaqlaqVaqjWqj2qq2qp1qp9qr9qqD6qA6qo6qk+qkOqvOqovqorqqrqq76q56qB6qp+qpElSC6qNeUX1VP9VfDVAD1asiYx8Gq8EqUSWqoWqoGqaGqeFquBqhRqhRapQarUarMWqMGqfGqSSVpCaqiWqymqymqClqmpqmklWymqlmqllqlpqj5qi5aq6ap+apBWqBSlEpapFapFJVqlqilqg0tVQtVcvVcrVSrVSr1Wq1Vq1V69V6tVFtVGlqi9qitqltaofaoXapXWq32q32qD1qn9qn9qv96oA6oA6qg+qQOqTSVbo6rA6rI+qIOqqOqmPqmDqujquT6qQ6pU6p0+q0OqvOqvPqvLqgLqiL6mLGaV8gAhGoQAUxQUwQG8QGOYIcQc4gZ5AryBVEgkgQF8QFuYMbgzxB3iBfkD+IDwoEBQMdmMAG4nLRo8FNQZHg5qBoUCwoHpQIXFAyKBXcEpQObg3KBLcFZYPbg3LBHUH5oEJQMagU3BlUDu4KqgR3B1WDe4JqQfWgRlAzuDeoFdwX1A7uD+oEDwR1gweDesFDQf3g4aBB8EjQMHg0aBQ8FjQOHg+aBE2DZkHzoMWfOr73p/M+6XrqXjpB99Z99Cu6r+6n++sBeqB+VQ/Sr+nB+nWdqIfoofoNPUy/qYfrt/QIPVKP0m/r0fodPUaP1eP0eJ2kJ+iJepKerN/VU/RUPU1P18l6hp6p39Oz9Gw9R7+v5+oP9Dw9Xy/QC3WK/lAv0ot1qv5IL9Ef6zS9VC/Ty/UKvVKv0qv1Gr1Wr9Pr9Qa9UW/Sm/UWvVVv09v1Dr1T79Kf6N36U71H79X79Gd6v/5cH9Bf6IP6S31If6XT9df6sP5GH9Hf6qP6O31Mf6+P6xP6pP5Bn9I/6tP6jD6rz+nz+id9Qf+sL2qfcXKf8fZulFEmxsSYWBNrcpgcJqfJaXKZXCZiIibOxJncJrfJY/KYfCafiTfxpqApaDKQIVPIFDJREzVFTBFT1BQ1xU1x44wzpUwpU9qUNmVMGVPWlDXlTDlT3pQ3FU1Fc6e509xl7jJ3m7vNPeYeU91UNzVNTVPL1DK1TW1Tx9QxdU1dU8/UM/VNfdPANDANTUPTyDQyjU1j08Q0Mc1MM9PCtDAtTUvTyrQybUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn09l0Nl1MF9PVdDXdTXfTw/QwPU1Pk2ASTB/Tx/Q1fU1/098MNAPNIDPIDDaDTaJJNEPNUDPMDDPDzXAzwow0ozJOVM07ZowZa8aZ8SbJJJmJZqKZbCabKWaKmWammWSTbGaamWaWmWXmmDlmrplr5pl5ZoFZYFJMillkFplUk2qWmCUmzaSZZWaZWWFWmFVmlVlj1ph1Zp3ZABvMJrPJbDFbzDazzewwO8wus8vsNrvNHrPH7DP7zH6z3xwwB8xBc9AcModMukk3h81hc8QcMUfNUXPMHDPHzXFz0pw0p8wpc9qcNmfNWXPe5L38fulNrM1uc9hrbE57rc1lr7N/H+ez+W28LWALWm3z2Ly/iY21tqgtZovbEtbZkraUveV3cXlbwVa0leydtrK9y1b5XVzL3mdr2/ttHfuArWnv/U1c1z5o69nHbH1EANvUNrTNbSP7mG1sH7dNbFPbzDa3be3Ttp19xra3z9oO9rnfxYvsYrvGrrXr7Hq7x+61Z+05e8R+a8/bn2xP28sOtK/aQfY1O9i+bhPtkN/Fo+zbdrR9x46xY+04O/538TQ73SbbGXamfc/OsrN/F6fYD+1cm2rn2fl2gV34S5wxp1T7kV1iP7ZpNoBldrldYVfaVXb1/53rcrvRbrKb7W77qd1mt9sddqfdlXkibPfaffYzu99+bg/bb+xB+6U9ZI/adPv1L3HG/h2139lj9nt73J6wJ+0P9pT9UWVmZ+z7D/Zne9F6C4QEJElRQDGUjWIpO+WgaygnXUu56DqK0PUURzdQbrqR8lBeykf5KZ4KUEHSZMgSUUiFqDBF6SbKnF5xKkGOSlIpuoVK061Uhm6jsnQ7laM7qDxVoIpUie6kynQXVaG7qSrdQ9WoOtWgmnQv1aL7qDbdT3XoAapLD1I9eojq08PUgB6hhvQoNaLHqDE9Tk2oKTWj5tSCnqCW9CS1otbUhp6itvQ0taNnqD09Sx3oOepIf6NO9Dx1pheoC71IXakbdaeXqAe9TD2pFyVQb+pDr1Bf6kf9aQANpFdpEL1Gg+l1SqQhNJTeoGH0Jg2nt2gEjaRR9DaNpndoDI2lcTSekmgCTaRJNJnepSk0labRdEqmGTST3qNZNJvm0Ps0lz6geTSfFtBCSqEPaREtplT6iJbQx5RGS2kZLacVtJJW0WpaQ2tpHa2nDbSRNtFm2kJbaRttpx20k3bRJ7SbPqU9tJf20We0nz6nA/QFHaQv6RB9Ren0NR2mb+gIfUtH6Tvfi76n43SCTtIPdIp+pNN0hs7SOTpPP9EF+pkukicIMRShDFUYhDFhtjA2zB7mCK8Jc4bXhrnC68JIeH0YF94Q5g5vDPOEecN8Yf4wPiwQFgx1aEIbUhiGhcLCYTS8KSwS3hwWDYuFxcMSoQtLhqXCW8LS4a1hmfC2sGx4e1guvCMsH1YIH3ugUnhnWDm8K6wS3h1WDe8Jq4XVwxphzfDesFZ4X1g7vD+sEz4QlgkfDOuFD4X1w4fDBuEjYcPw0bBR+FjYOHw8bBI2DZuFzcMW4RNhy/DJsFXYOmwTXhO2DZ8O24XPhO3DZ8MO4XO/9D+4OLP/qd/1J4S9wz7hK+Eroff3ywXRhdGU6IfRRdHF0dToR9El0Y+jadGl0WXR5dEV0ZXRVdHV0TXRtdF10fXRDdGN0U3RzVHva2YDh0446ZQLXIzL5mJddpfDXeNyumtdLnedi7jrXZy7weV2N7o8Lq/L5/K7eFfAFXTaGWcdudAVcoVd1N3kiribXVFXzBV3JZxzJV0p19y1cC1cS/eka+VauzbuKfeUe9o97Z5xz7hnXQf3nOvo/uY6ueddZ/eCe8G96Lq6bq67e8n1cBNyXXpNJrg+ro/r6/q6/q6/G+gGukFukBvsBrtEl+iGuqFumBvmhrvhboQb4Ua5UW60G+3GuDFunBvnklySm+gmusluspviprhpbppLdsluppvpZrlZrvLsS1uZ5+a5BW6BS3EpbpHLOGdMdUvcEpfm0twyt8ytcCvcKrfKrXFr3Dq3zm1wG9wmt8ltcVvcNrfN7XA73C63y+12u90ef92lQd1+d8AdcAfdQXfIfeXS3dfusPvGHXHfuqPuO3fMfe+OuxPupPvBnXI/utPujDvrzrnz7id3wf3sLjrvkiITIhMjkyKTI+9GpkSmRqZFpkeSIzMiMyPvRWZFZkfmRN6PzI18EJkXmR9ZEFkYSYl8GFkUWRxJjXwUWRL5OJIWWRpZFlkeWRFZGfG+wLbQF/KFfdTf5Iv4m31RX8wX9yW88yV9KX+LL+1v9WX8bb6sv92X83f48r6Cr+gf9018U9/MN/ct/BO+pX/St/KtfRv/lG/rn/bt/DO+vX/Wd/DP+Y7+b76Tf9539i/4Lv5F39V38939S76Hf9n39L18gu/t+/hXfF/fz/f3A/xA/6of5F/zg/3rPtEP8UP9G36Yf9MP92/5EX6kHxXzth+deYkM432Sn+An+kl+sn/XT/FT/TQ/3Sf7GX6mf8/P8rP9HP++n+s/8PP8fL/AL/Qp/kO/yC/2qf4jv8R/7NP80sybxn6VX+3X+LV+nV/vN/iNfpPf7Lf4rX6b3+53+J1+l//E7/af+j1+r9/nP/P7/ef+gP/CH/Rf+kP+K5/uv/aH/Tf+iP/WH/Xf+WP+e3/cn/An/Q/+lP/Rn/Zn/Fl/zp/3P/kL/md/kf9mjTHGGGPsXzLhSlP8tufS7fzef5AjfrVyHwC4dnv+9F/3Z5xRbshzqd1PxLeNAMCzvbo8krlUq5aQkHB53TQJQeH5AJmfBGX45asHl+Ol0AaehvbQGkr/4fz7iW7n6Z+MH70dIMevcmLhSnxl/C8AMOEPxn/iqVGLyoVn4/4f488HKFr4Sk52uBIvhTa/3F9pDWX+wfzztvwn88/+ZRJAq1/l5IQr8ZX5l4In4Tlo/5s1GWOMMcYYY4yxS/qJip0yrz8zv/H5R9fn8epKTja4Ev+z63PGGGOMMcYYY4xdfc936/7ME+3bt+707zeq/Jey/uVGY/jvGpkbf9jwHiDzEQUA/+GAABkN+Vfuxda/ZFuJl186f9+14pwP4H9GKf+MxlU+MDHGGGOMMcb+dFdO+n/7uLpaE2KMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxrKgv+LfiV3tfWSMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcautv8TAAD//6O//3M=")
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x404, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})

43.903801689s ago: executing program 2 (id=2797):
syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000040)='./bus\x00', 0x1a00040, &(0x7f0000000080)=ANY=[@ANYBLOB="757466383d312c726f6469722c726f6469722c696f636861727365743d6d61637475726b6973682c73686f72746e616d653d77696e39352c756e695f786c6174653d302c757466383d312c636f6465706167653d3835352c726f6469722c756e695f786c6174653d302c6e6f6e756d7461696c3d302c757466383d302c00eeef8c3c326587d86f966fac08a4c22bcfaba06b4d1165fdac8f487bca54f75bdbde755c5d6e6f377cebb8901f16e87217f92669cbe891591d3ca5f4681598a187b2a98d901632d0b6354b8f8c5f82e1bcb90aa934dc4a899f63d712b6ef075de38e5981b558b3546e706dcdcb3d41638bb0aea89f841f208fded088d9fba1c3f7a0616c"], 0x3, 0x350, &(0x7f0000000900)="$eJzs3U9oW3UcAPBv9tKkHcz2IAwF4elN0LJWPOipZXQwzEUl+OcgBtepNHXQYLA7NKsX8Sh41JM3D3rwsLMIinjz4NUJMhUPutvA4ZMkL81Lk3adkM3i53MI331/329+v7c8mtfX5tdXV2LjwkxcvHHjeszOlqK8cnYlbpZiIZIYuBLjKhNyAMDxcDPL4s+s74gtpSkvCQCYst77/+unCpl3vz6sPvPuDwDHXv79/9xhNbMHDVyaypIAgCkbu///yMhwZfRH/eXCbwUAAMfV8y+9/MxqLeK5NJ2N2HyvXW/X4+nh+OrFeDOasR5nYj5uRfQvFLoPpd7jufO1tTNpmnbil4Wodzva9YjNTrvev1JYTXr91ViK+VjI+/OrjSzLknNf1NaW0p6IuNLpzR+bpXZ9Jk7m8/94MtZjOdK4f6w/4nxtbTnNn6C+OejvROwO71t0178Y8/H9a3EpmnEhur2Dy5ra2s5Smp7NaiP97Xq1V9d34B0QAAAAAAAAAAAAAAAAAAAAAAD4VxbTPQt7+99kw/17FhcnjPf2x+n35/sD7fb3B8qqWWTZH+88Xn8/iZH9gfbvz9Oul+PEvT10AAAAAAAAAAAAAAAAAAAA+M9obVei0Wyub7W2L28Ug85Wa/tERHQzb3372VdzMV5zm6Ccz1EYSvPU5Y1GlgyKs2SkJg+S7uSDzKdX91ZcrKnuHcXEZVQPHmo2Tz3880fDzEPJ4Jn/HtYkMfkAk33LKAab9/WXdCf/UXvB8m1qrmVZdlD7zivjXVGKKN/5C3d4kHWDb66/8cATrdNP9jJfZn2PPjb/wrUPP/lto9Hszhy9V7Cy1bqVbTTyf08+2Q4OksL5U4p+UCqeCeXD2ndHM43kh99ffPCD7442e1bMvD2hJukfzuf7hyr9oLvMfUNzk+aamXDyTyE4/fFK4+rOT78etavwRcJGHQAAAAAAAAAAAAAAAAAAcFcUPiueyz/sO3NY11PPTn9lAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHD3DP/+fyHYHcscJfirE+ND1fWtVkTlXh8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/c/8EAAD//9HQbnk=")
rename(&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)='.\x02\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x90)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

43.700470783s ago: executing program 2 (id=2800):
r0 = epoll_create(0x1000)
r1 = eventfd2(0x1, 0x1)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000)={0x10})
read$FUSE(r1, &(0x7f0000001fc0)={0x2020}, 0x2020)

43.683680733s ago: executing program 36 (id=2800):
r0 = epoll_create(0x1000)
r1 = eventfd2(0x1, 0x1)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000)={0x10})
read$FUSE(r1, &(0x7f0000001fc0)={0x2020}, 0x2020)

4.467190732s ago: executing program 7 (id=3743):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, &(0x7f0000000140)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x0, 0x9dc5, 0x0, 0x0, 0xf})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)

4.377795264s ago: executing program 7 (id=3747):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
r1 = socket$inet6(0xa, 0x3, 0x2)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x4e24, 0x3, @empty}, 0x1c)
sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0)

4.288220995s ago: executing program 8 (id=3750):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f00000003c0)={[{@nodiscard}, {}, {@background_gc_on}, {@alloc_mode_reuse}, {@noquota}, {@disable_roll_forward}, {@gc_merge}, {@nouser_xattr}, {@alloc_mode_reuse}, {@user_xattr}, {@fsync_mode_strict}, {@adaptive_mode}, {@block_mode}, {@noinline_dentry}]}, 0x2, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x183341, 0x2)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x9b00000000000009)
write$uinput_user_dev(r1, 0x0, 0x0)

3.766314576s ago: executing program 8 (id=3756):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000002c0)='mm_page_alloc\x00', r2}, 0x63)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50)

3.700557547s ago: executing program 7 (id=3758):
unshare(0x62040200)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000640)=ANY=[@ANYBLOB="3400000014000b032bbd7000fcdbdf250a281000", @ANYRES32=r1, @ANYBLOB="080008000604000014000100ff"], 0x34}}, 0x0)

3.499803911s ago: executing program 8 (id=3761):
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e21, @broadcast}, 0x10)
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000440)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x50d, 0x3201, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x60, 0xb1, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x101, 0x8, 0x1, {0x22, 0x3}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0xc, 0x0, 0x3}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000340)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00220f020000"], 0x0, 0x0, 0x0, 0x0}, 0x0)

3.499446851s ago: executing program 7 (id=3771):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000000000207d1e5a2d00000000000109022400010000000009040000010300000009210000000122080009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000940)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="002208000000a20100c3"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r1, 0xd01c4813, &(0x7f0000000000)={0x2, 0x6a975436e8823d8, 0x0, 0x0, 0x9, 0x6})

3.459502932s ago: executing program 1 (id=3764):
r0 = syz_usb_connect$rtl8150(0x3, 0x3f, &(0x7f00000003c0)={{0x12, 0x1, 0x110, 0xff, 0xff, 0x0, 0x40, 0xbda, 0x8150, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x5, 0x80, 0x0, {{0x9, 0x4, 0x0, 0x7f, 0x3, 0xff, 0x11, 0x1, 0x5, "", {{0x9, 0x5, 0x81, 0x2, 0x40, 0x6, 0x9, 0x4}, {0x9, 0x5, 0x2, 0x2, 0x20, 0x2, 0x57, 0x6e}, {0x9, 0x5, 0x83, 0x3, 0x240, 0x3, 0x82, 0x8}}}}}}]}}, 0x0)
syz_usb_control_io$rtl8150(r0, &(0x7f0000000580)={0x14, 0x0, &(0x7f0000000480)={0x0, 0x3, 0x3}}, 0x0)
syz_usb_control_io$rtl8150(r0, &(0x7f0000002980)={0x14, 0x0, &(0x7f00000028c0)={0x0, 0x3, 0x3}}, 0x0)
syz_usb_control_io$rtl8150(r0, 0x0, 0x0)
syz_usb_control_io$rtl8150(r0, 0x0, &(0x7f0000004280)={0x2c, 0x0, 0x0, 0x0, 0x0, &(0x7f0000004240)={0x40, 0x5, 0x2, "2bd8"}})

3.079464269s ago: executing program 9 (id=3768):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000000000000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7050000000000008500000094"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

3.066624199s ago: executing program 9 (id=3769):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
recvmmsg(r0, &(0x7f0000000e80)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000080)=""/9, 0x9}], 0x1, 0x0, 0x18}, 0xb7}], 0x1, 0x40002021, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r1, &(0x7f0000000240)={&(0x7f00000003c0)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, &(0x7f0000000340)=[{&(0x7f00000002c0)='/', 0x1}], 0x1, 0x0, 0x0, 0x1000a8d0}, 0x0)

2.592578069s ago: executing program 3 (id=3774):
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18020000ffffffff00000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000007d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r0}, 0x10)
r1 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r1, &(0x7f0000000180)="900000001c001f4d154a817393278bff0a80a578020000000404840014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000766436c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)

2.592379659s ago: executing program 3 (id=3775):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_clone3(&(0x7f00000006c0)={0x102102180, 0x0, 0x0, 0x0, {0x40}, 0x0, 0x0, 0x0, &(0x7f0000000680)=[0x0], 0x1}, 0x58)

2.575378389s ago: executing program 3 (id=3776):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000300)="2ef36644f7e62e3e672e450f078f29d095abaa960000b890a4f084efb9800000c00f3235000800000f306d8f297812cf66ba4100f3400fbc698a48b800100000000000000f23d00f21f835100000080f23f866baf80cb88ef01480ef66bafc0c66b80c0066efc7442402d8650000c7442406000000000f011c2466ba4200ec2e64f30f5a8e6c000000", 0x89}], 0x1, 0x52, &(0x7f0000000000)=[@vmwrite={0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x85200000c}], 0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.450570242s ago: executing program 3 (id=3777):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='percpu_create_chunk\x00', r0}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50)

2.391647493s ago: executing program 3 (id=3778):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r1, 0x400448e1, &(0x7f00000000c0))

2.217325906s ago: executing program 9 (id=3779):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000100), 0xff, 0x4a6, &(0x7f0000000980)="$eJzs3MtvVFUYAPDvTh+8aUVEQdAqGomPlhZUFi7UaOJCExNd4LK2BZGBGloTIY0WY3BpSNwblyb+Be7cGHVhTNxq4tKQEG1MKK5q7gum02mZlpYpnd8vmc45c1/nu+eemXPv6b0BtK2+9E8SsT0ifo+Injw7f4a+/G12Zmrk+szUSBJzc2/9nWTzXZuZGilnLZfbVmQOVSIqnyXxYrJwuxPnL5werlbHzhX5gckzHwxMnL/wzKkzwyfHTo6dHTp27OiRweefG3p2VeJM47q27+Px/Xtfe+fyGyPHL7/707dpsfYcyKfXxnFL1xsE1EBfutf+mcvUT3t8GWW/G+yoSSedLSwIy9IREWl1dWXtvyc64mbl9cSrn7a0cMCaSn+bNi0+eXoO2MCSaHUJgNYof+jT89/ydYe6HuvC1Zciuov07MzUyOyN+DujUnzetYbb74uI49P/fZW+YrnXIQAAViDr2zzdqP9XiT3Zez7WsbMYQ+mNiHsiYldE3BsRuyPivohs3vujOx7IF57raXL7fXX5hf2fypWGZV4laf/vhZq+32xN/MVbb0eR25HF35WcOFUdO1zsk0PRtSnNDy6xje9f+e2LxabV9v/SV7r9si9YFOBKZ90FutHhyeHV2glXL0bs62wUf3JjJCA9AvZGxL7lrXpnmTj15Df7F5vp1vEvYRXGmea+jngir//pqIu/lCw9PjmwOapjhwfKo2Khn3+99GaR7K6fdlvxr4K0/rfOP/6LKReL955/k3y8tiuq1bFzE8vfxqU/Pl/0nGalx3938nY2Zv3Le/lnHw1PTp4bjOhOXs/y5Y7OPh+6uWyZL+dP4z90sHH731Usk8b/YESkB/GBiHgoIh4uyv5IRDwaEQeXiP/Hlx97f4n4k0iipfU/2vD7L4nYnCV6k9rx+hUkOk7/8N1iI+bN1f/RmM6+a3PZ998tNFvA29+DAAAAsP5VImJ7JJX+PN23PSqV/v78f/h3x9ZKdXxi8qkT4x+eHc3vEeiNrkp5paun5nroYDJdrDHPDxXXisvpR4rrxl92bMny/SPj1dEWxw7tbtv89h9l+0/91dHq0gFrzv1a0L7q23+lReUA7rxmfv+dC8DG1KD9b2lFOYA7z/k/tK9G7f+Turz+P2xMC9v/nw0eWQdsRPr/0L60f2hf2j+0pWbv4i+fp7DihwDMS5Q3C6x8PZubvsN//SX61mTNZQ2tZeG3xM1PorKMxcurSY3nmV4HlbLOE2mLWcnisbP5Z2HMTzR4WA0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBd6P8AAAD//9FR4Lw=")
r0 = creat(&(0x7f0000000000)='./file1\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x46400)
io_setup(0x200, &(0x7f0000000140)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r0, 0x0}])

2.071678529s ago: executing program 9 (id=3780):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x3)
syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x5, 0xc2}}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000180)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ca9646", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

2.050796639s ago: executing program 9 (id=3781):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000080)={'batadv_slave_0\x00', <r2=>0x0})
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f00000000c0)={@remote, r2}, 0x14)
sendmmsg$inet6(r0, &(0x7f0000000500)=[{{&(0x7f0000000040)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="24000000000000002900000032000000fe8000000000bd0000000000000000bb", @ANYRES32=r2, @ANYBLOB="0000000018"], 0x40}}], 0x1, 0x4000001)

324.187133ms ago: executing program 3 (id=3782):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
r1 = syz_create_resource$binfmt(&(0x7f0000000040)='./file3\x00')
execveat$binfmt(0xffffffffffffffff, r1, 0x0, &(0x7f0000000780)={[], 0xf000}, 0x800)

323.931233ms ago: executing program 8 (id=3783):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f00000001c0)="c4023d3238b9210800000f320f2264510f01e4f42e660f5828c44261bcb302000000364d0fc71ab9341001c00f3248b83ab8556001c2af130f23d00f21f872100000080f0f005a92", 0x48}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

321.275353ms ago: executing program 7 (id=3792):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_clone(0x40089000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000740)={[{@test_dummy_encryption}, {@i_version}, {@noblock_validity}, {@commit={'commit', 0x3d, 0x5}}, {@inlinecrypt}, {@max_batch_time}, {@abort}, {@auto_da_alloc}, {@lazytime}, {@noauto_da_alloc}, {@block_validity}]}, 0xd, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")

320.853913ms ago: executing program 1 (id=3784):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110e22fff6)
ioctl$TUNGETVNETLE(r0, 0x4010744d, &(0x7f0000000180))

320.645433ms ago: executing program 9 (id=3785):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x101880a, &(0x7f0000000400)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c646973636172645f756e69743d7365676d656e742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c617467632c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303031343033302c00271d57a599b8b169a579679e220c689eaaec4fa6229021e75c68a687d319b615573b0b0ceefba8e2e2419434463974ef8174b66469344931de0ccad650792761"], 0x1, 0x550b, &(0x7f00000079c0)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000e0ff00000000000000bd0000000000000000000000e4ec010000000040000000000000000000000000000000000000013da51fd47aa2e2f70000000000000000000000000000000000000000000000000000000000000067ff0000000000000005"], 0x310)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000500)={0x1, {{0xa, 0x0, 0x0, @mcast1}}, 0x1}, 0x90)

271.893284ms ago: executing program 1 (id=3786):
syz_clone(0x100000, &(0x7f0000000940)="c6d413ca34d80bbed356b7e55e8119f33c4bf23b", 0x14, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001780)={0x0, 0x0, 0x0}, 0x8000)
recvmsg$unix(r0, &(0x7f0000001b40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000940)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x46, &(0x7f0000000040)=r2, 0x4)

202.448665ms ago: executing program 1 (id=3787):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0xe, 0x4, 0x4, 0x6, 0x0, 0x1, 0xffffffff}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000d40)=ANY=[@ANYBLOB="180000000000e3ff000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000800000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
fcntl$setsig(0xffffffffffffffff, 0xa, 0x12)
pidfd_send_signal(0xffffffffffffffff, 0x0, 0x0, 0x0)

154.536206ms ago: executing program 1 (id=3788):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0x7, 0x4, 0x100, 0x3fe, 0x28}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000400)='sys_enter\x00', r1}, 0x18)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
vmsplice(r2, 0x0, 0x0, 0x0)

134.052007ms ago: executing program 1 (id=3789):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000007c0)=ANY=[@ANYBLOB="1201000000000040450402f0000000000001090224000100002038090400b90503000000092167bd020122050009058103"], 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="002205000000392b83"], 0x0}, 0x0)

76.860098ms ago: executing program 7 (id=3790):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x86}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r1, 0x2000012, 0xe, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r2}, 0xc)

59.972869ms ago: executing program 8 (id=3791):
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000280), 0x121000, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
ioctl$PTP_EXTTS_REQUEST(r0, 0x40103d02, &(0x7f0000000300)={0x80000001, 0x1})

0s ago: executing program 8 (id=3793):
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f00000000c0)='./file0\x00', 0x204888, &(0x7f0000000380)=ANY=[@ANYBLOB="756e695f786c6174653d312c696f636861727365743d757466382c0097b75cbdde02821d0f899c2377ee9577397fc18b433d0c59e692b381740ca495e1c145c5922679338b5ff21c0653a98440a5725268a242c0263564f988d3c178704feaf8a412df818275708882ea9a4048c6e458a1f05b83f2e69b965b1df203b21de2b0ee375647f886a5310889982079aa7b1fb42e2382d40feefe7f768eec58b19cf50faaf129503175f4262df740183df51d3641ff78b86127c1db8ef165bfa3bd20797fde6ff91a0e45d3d7c1c6d1ce0a72be8c1fdb00000000"], 0x1, 0x336, &(0x7f0000000880)="$eJzs3cFrI1UcB/DfxrXdXe2mBxEUxIde9DK09R8wyC6IBaVuZfUgzNqphswmJRNWsoi7N/Hm37F49CaI4LkX79689eJxD4uRJm23ienBhTSWfD4Q3i/z8mXeJEz4XZJ3cPuHu63dKtvNe1F7N8XViKg9jliNWhy7dDTWhvVSnPYw3q7f/uO1jz/97IPG5uaNrZRuNm69s5FSuv76L19/8+Mbv/Ze+OSn6z8vx/7q5wd/bfy5//L+Kwd/3/qqWaVmldqdXsrTnU6nl98pi7TTrFpZSh+VRV4Vqdmuiu7Y/G7Z2dvrp7y9s3Jtr1tUVcrb/dQq+qnXSb1uP+Vf5s12yrIsrVyLxfIs17v9aGsrb8xgMZyj7ycPXB1/2u028sN7ePlfye1HM10YAPC/NNn/1+LK8Pic+v/jFuW/9/+XFr3/fxb6/0Vw2P8vHd2/4/T/AAAAAAAAAAAAAABwETweDOqDwaB+PE4+5r0+Zsvnv9hO/XDvSkT53b3te9ujcTTf2I1mlFHEWtTjScTgxKi++f7mjbU0tBordx+M8ofjc+P59ajH6vT8ekpp8CCl8fzzw3+0OMlvRD1emp7fGJ1/Ir8Ub715Kp9FPX7/IjpRxk4cZp/mv11P6b0PNyfyy8PXAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALAYsnRi6v79WXbW/Ch/sr/+WtTjyfT9+dem7s9/OV69PN9rBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBjVf9+Ky/Lonv+xcM4Y2pwZF4LO/8iYman+O3FOOt9VijOLub9zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADn7+mm3/NeCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPNU9e+38rIsujMs5n2NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF8k/AQAA//8A7ioD")
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaa"], 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)

kernel console output (not intermixed with test programs):

esystem without journal. Quota mode: writeback.
[  164.057669][  T283] EXT4-fs (loop3): unmounting filesystem.
[  164.090087][ T1442] usb 9-1: Using ep0 maxpacket: 16
[  164.096486][ T1442] usb 9-1: config 0 interface 0 has no altsetting 0
[  164.114649][ T1442] usb 9-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  164.126476][ T1442] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.137017][ T1442] usb 9-1: config 0 descriptor??
[  164.157144][   T24] usb 8-1: USB disconnect, device number 4
[  164.267690][ T7093] loop3: detected capacity change from 0 to 40427
[  164.277184][ T7093] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  164.284475][ T7093] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  164.293694][ T7093] F2FS-fs (loop3): invalid crc value
[  164.301511][ T7093] F2FS-fs (loop3): Found nat_bits in checkpoint
[  164.336974][ T7093] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  164.344323][ T7093] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  164.380974][  T283] syz-executor: attempt to access beyond end of device
[  164.380974][  T283] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  164.554952][ T1442] hid (null): bogus close delimiter
[  164.598289][  T335] Bluetooth: hci0: Frame reassembly failed (-84)
[  164.681713][ T7119] loop2: detected capacity change from 0 to 256
[  164.699405][   T28] audit: type=1326 audit(2000000004.292:6386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7122 comm="syz.7.2795" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f081f18eec9 code=0x0
[  164.699633][ T7119] exfat: Deprecated parameter 'namecase'
[  164.729629][   T28] audit: type=1400 audit(2000000004.322:6387): avc:  denied  { read write } for  pid=7114 comm="syz.3.2791" name="uhid" dev="devtmpfs" ino=267 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  164.732830][ T7119] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf4419509, utbl_chksum : 0xe619d30d)
[  164.753941][   T28] audit: type=1400 audit(2000000004.322:6388): avc:  denied  { open } for  pid=7114 comm="syz.3.2791" path="/dev/uhid" dev="devtmpfs" ino=267 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  164.817677][ T1442] usb 9-1: USB disconnect, device number 3
[  164.851674][ T3124] bridge0: port 3(syz_tun) entered disabled state
[  164.880914][ T3124] device syz_tun left promiscuous mode
[  164.886455][ T3124] bridge0: port 3(syz_tun) entered disabled state
[  165.173018][ T7134] bridge0: port 1(bridge_slave_0) entered blocking state
[  165.180256][ T7134] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.187841][ T7134] device bridge_slave_0 entered promiscuous mode
[  165.195098][ T7134] bridge0: port 2(bridge_slave_1) entered blocking state
[  165.202366][ T7134] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.209975][ T7134] device bridge_slave_1 entered promiscuous mode
[  165.291607][ T7134] bridge0: port 2(bridge_slave_1) entered blocking state
[  165.298701][ T7134] bridge0: port 2(bridge_slave_1) entered forwarding state
[  165.306035][ T7134] bridge0: port 1(bridge_slave_0) entered blocking state
[  165.313112][ T7134] bridge0: port 1(bridge_slave_0) entered forwarding state
[  165.342861][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  165.355405][  T369] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.364722][  T369] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.399224][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  165.411550][  T369] bridge0: port 1(bridge_slave_0) entered blocking state
[  165.418673][  T369] bridge0: port 1(bridge_slave_0) entered forwarding state
[  165.427621][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  165.441776][  T369] bridge0: port 2(bridge_slave_1) entered blocking state
[  165.449153][  T369] bridge0: port 2(bridge_slave_1) entered forwarding state
[  165.456996][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  165.476409][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  165.493054][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  165.511541][  T335] device bridge_slave_1 left promiscuous mode
[  165.517766][  T335] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.525804][  T335] device bridge_slave_0 left promiscuous mode
[  165.538500][  T335] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.559877][  T335] device veth1_macvtap left promiscuous mode
[  165.572480][  T335] device veth0_vlan left promiscuous mode
[  165.707394][ T7158] loop8: detected capacity change from 0 to 40427
[  165.715654][ T7158] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12
[  165.723644][ T7158] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  165.732949][ T7158] F2FS-fs (loop8): invalid crc value
[  165.747087][ T7158] F2FS-fs (loop8): Found nat_bits in checkpoint
[  165.794503][ T7158] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  165.801838][ T7158] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  165.822379][ T7134] device veth0_vlan entered promiscuous mode
[  165.829477][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  165.849687][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  165.857233][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  165.871001][ T7134] device veth1_macvtap entered promiscuous mode
[  165.882872][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  165.892315][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  165.900403][ T1442] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  165.910580][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  166.089228][ T1442] usb 8-1: Using ep0 maxpacket: 16
[  166.098794][ T1442] usb 8-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  166.108354][ T1442] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.116592][ T1442] usb 8-1: Product: syz
[  166.120952][ T1442] usb 8-1: Manufacturer: syz
[  166.125627][ T1442] usb 8-1: SerialNumber: syz
[  166.129070][   T24] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  166.149324][ T1442] r8152-cfgselector 8-1: config 0 descriptor??
[  166.320098][   T24] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  166.328161][   T24] usb 4-1: config 0 has no interface number 0
[  166.334392][   T24] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  166.345337][   T24] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  166.355227][   T24] usb 4-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  166.358935][ T1442] r8152-cfgselector 8-1: Unknown version 0x0000
[  166.368078][   T24] usb 4-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.00
[  166.376073][ T1442] r8152-cfgselector 8-1: Unknown version 0x0000
[  166.383539][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.390218][ T1442] r8152-cfgselector 8-1: bad CDC descriptors
[  166.398586][   T24] usb 4-1: config 0 descriptor??
[  166.608795][ T1774] Bluetooth: hci0: command 0x1003 tx timeout
[  166.614921][ T1353] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  166.626970][ T1442] usb 8-1: USB disconnect, device number 5
[  166.642869][ T7181] loop1: detected capacity change from 0 to 256
[  166.655440][ T7181] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d)
[  166.850330][ T7192] loop1: detected capacity change from 0 to 1024
[  166.867496][ T7192] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  166.885064][ T7192] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c800e02c, mo2=0000]
[  166.895663][ T7192] EXT4-fs error (device loop1): ext4_free_blocks:6205: comm syz.1.2819: Freeing blocks not in datazone - block = 0, count = 4096
[  166.916342][ T7192] EXT4-fs (loop1): Remounting filesystem read-only
[  166.923241][ T7192] EXT4-fs (loop1): 1 orphan inode deleted
[  166.932877][ T7192] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  166.971466][  T285] EXT4-fs (loop1): unmounting filesystem.
[  167.006999][ T7211] loop9: detected capacity change from 0 to 256
[  167.015785][   T24] input: HID 28bd:0042 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.1/0003:28BD:0042.002A/input/input31
[  167.036872][ T7211] exFAT-fs (loop9): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d)
[  167.038877][   T24] uclogic 0003:28BD:0042.002A: input,hidraw0: USB HID v0.00 Keypad [HID 28bd:0042] on usb-dummy_hcd.3-1/input1
[  167.076082][   T24] usb 4-1: USB disconnect, device number 12
[  167.102888][ T7216] fido_id[7216]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  167.228945][  T336] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  167.385970][ T7239] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2842'.
[  167.428411][  T336] usb 9-1: Using ep0 maxpacket: 8
[  167.444103][  T336] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  167.466824][  T336] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  167.488376][  T336] usb 9-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  167.508705][  T336] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  167.516160][  T336] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  167.516666][ T7231] loop9: detected capacity change from 0 to 40427
[  167.534113][  T336] usb 9-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  167.551261][  T336] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  167.560426][  T336] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  167.572160][  T336] usb 9-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  167.585139][ T7231] F2FS-fs (loop9): Found nat_bits in checkpoint
[  167.590913][ T7254] loop1: detected capacity change from 0 to 256
[  167.601822][  T336] usb 9-1: string descriptor 0 read error: -22
[  167.610653][ T7254] exfat: Deprecated parameter 'namecase'
[  167.618359][  T336] usb 9-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  167.627462][  T336] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.636143][ T7254] exfat: Deprecated parameter 'namecase'
[  167.644934][ T7254] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d)
[  167.653193][ T7231] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  167.666907][ T7254] exFAT-fs (loop1): invalid start cluster (4278190088)
[  167.719678][ T7134] syz-executor: attempt to access beyond end of device
[  167.719678][ T7134] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  167.818196][    T6] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  167.867723][ T1442] usb 9-1: USB disconnect, device number 4
[  167.899654][ T7271] tun0: tun_chr_ioctl cmd 1074025676
[  167.905049][ T7271] tun0: owner set to 0
[  168.009514][    T6] usb 4-1: Using ep0 maxpacket: 16
[  168.016410][    T6] usb 4-1: config 0 interface 0 has no altsetting 0
[  168.023417][    T6] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  168.038388][    T6] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  168.052425][    T6] usb 4-1: config 0 descriptor??
[  168.118106][   T24] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  168.202503][   T28] kauditd_printk_skb: 3 callbacks suppressed
[  168.202523][   T28] audit: type=1400 audit(2000000007.803:6392): avc:  denied  { name_bind } for  pid=7288 comm="syz.9.2864" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  168.298036][   T24] usb 2-1: Using ep0 maxpacket: 32
[  168.304961][   T24] usb 2-1: config 0 has an invalid interface number: 217 but max is 0
[  168.313528][   T24] usb 2-1: config 0 has no interface number 0
[  168.319998][   T24] usb 2-1: config 0 interface 217 has no altsetting 0
[  168.332082][   T24] usb 2-1: New USB device found, idVendor=5372, idProduct=2303, bcdDevice=a1.0d
[  168.341441][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.349766][   T24] usb 2-1: Product: syz
[  168.354074][   T24] usb 2-1: Manufacturer: syz
[  168.359335][   T24] usb 2-1: SerialNumber: syz
[  168.364760][   T24] usb 2-1: config 0 descriptor??
[  168.370900][   T24] pl2303 2-1:0.217: required endpoints missing
[  168.455914][ T7310] loop8: detected capacity change from 0 to 128
[  168.465318][    T6] hid (null): bogus close delimiter
[  168.537937][ T1442] usb 8-1: new full-speed USB device number 6 using dummy_hcd
[  168.574869][  T336] usb 2-1: USB disconnect, device number 16
[  168.675301][    T6] usb 4-1: USB disconnect, device number 13
[  168.729414][ T1442] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  168.739701][ T1442] usb 8-1: config 0 has no interfaces?
[  168.746753][ T1442] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  168.755880][ T1442] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.763933][ T1442] usb 8-1: Product: syz
[  168.768175][ T1442] usb 8-1: Manufacturer: syz
[  168.772792][ T1442] usb 8-1: SerialNumber: syz
[  168.778527][ T1442] usb 8-1: config 0 descriptor??
[  168.957728][   T24] usb 9-1: new full-speed USB device number 5 using dummy_hcd
[  168.988748][  T336] usb 8-1: USB disconnect, device number 6
[  169.148976][   T24] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  169.160120][   T24] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  169.173573][   T24] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[  169.179044][ T7334] loop1: detected capacity change from 0 to 512
[  169.191339][   T24] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  169.207871][   T24] usb 9-1: SerialNumber: syz
[  169.213804][   T28] audit: type=1400 audit(2000000008.814:6393): avc:  denied  { bind } for  pid=7335 comm="syz.3.2885" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  169.241882][   T24] cdc_ether: probe of 9-1:1.0 failed with error -22
[  169.247675][ T7334] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.2884: casefold flag without casefold feature
[  169.256660][   T24] usb-storage 9-1:1.0: USB Mass Storage device detected
[  169.269679][   T24] usb-storage 9-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[  169.276521][ T7334] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.2884: couldn't read orphan inode 15 (err -117)
[  169.291041][   T28] audit: type=1326 audit(2000000008.894:6394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7308 comm="syz.9.2873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd20098eec9 code=0x7fc00000
[  169.322217][ T7334] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  169.334648][   T24] scsi host1: usb-storage 9-1:1.0
[  169.392487][  T285] EXT4-fs (loop1): unmounting filesystem.
[  169.419722][ T7358] netlink: 'syz.3.2894': attribute type 8 has an invalid length.
[  169.427699][ T7358] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2894'.
[  169.470837][ T7363] loop3: detected capacity change from 0 to 1024
[  169.495042][ T7363] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  169.503874][ T7363] ext4 filesystem being mounted at /563/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  169.521480][ T7363] EXT4-fs error (device loop3): ext4_map_blocks:745: inode #15: block 3: comm syz.3.2896: lblock 3 mapped to illegal pblock 3 (length 3)
[  169.547706][ T7363] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  169.560322][ T7363] EXT4-fs (loop3): This should not happen!! Data will be lost
[  169.560322][ T7363] 
[  169.573909][ T7373] loop9: detected capacity change from 0 to 7
[  169.579673][ T7363] EXT4-fs error (device loop3): ext4_map_blocks:745: inode #15: block 8: comm syz.3.2896: lblock 8 mapped to illegal pblock 8 (length 8)
[  169.599487][ T7363] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  169.612252][ T7363] EXT4-fs (loop3): This should not happen!! Data will be lost
[  169.612252][ T7363] 
[  169.623277][ T7363] EXT4-fs error (device loop3): ext4_map_blocks:635: inode #15: block 3: comm syz.3.2896: lblock 3 mapped to illegal pblock 3 (length 1)
[  169.652032][   T28] audit: type=1400 audit(2000000009.254:6395): avc:  denied  { listen } for  pid=7378 comm="syz.7.2903" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  169.677973][  T283] EXT4-fs (loop3): unmounting filesystem.
[  169.702144][   T24] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  169.730128][   T28] audit: type=1400 audit(2000000009.334:6396): avc:  denied  { map } for  pid=7389 comm="syz.7.2908" path="socket:[47208]" dev="sockfs" ino=47208 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  169.772609][ T7392] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2910'.
[  169.784807][ T7394] kvm [7393]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010002) = 0xffffffffffffffff
[  169.897184][   T24] usb 10-1: Using ep0 maxpacket: 32
[  169.903612][   T24] usb 10-1: config 0 has an invalid interface number: 217 but max is 0
[  169.937098][   T24] usb 10-1: config 0 has no interface number 0
[  169.962367][   T24] usb 10-1: config 0 interface 217 has no altsetting 0
[  169.983395][   T28] audit: type=1326 audit(2000000009.584:6397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7419 comm="syz.7.2923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f081f18eec9 code=0x7ffc0000
[  170.014437][   T28] audit: type=1326 audit(2000000009.584:6398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7419 comm="syz.7.2923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f081f18eec9 code=0x7ffc0000
[  170.047950][   T24] usb 10-1: New USB device found, idVendor=5372, idProduct=2303, bcdDevice=a1.0d
[  170.048628][ T7426] loop1: detected capacity change from 0 to 512
[  170.066468][   T24] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  170.075147][   T24] usb 10-1: Product: syz
[  170.080015][   T24] usb 10-1: Manufacturer: syz
[  170.094201][   T24] usb 10-1: SerialNumber: syz
[  170.096221][ T7426] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  170.105212][   T28] audit: type=1326 audit(2000000009.584:6399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7419 comm="syz.7.2923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f081f18eec9 code=0x7ffc0000
[  170.116418][ T7426] EXT4-fs (loop1): orphan cleanup on readonly fs
[  170.137738][ T7426] EXT4-fs warning (device loop1): ext4_enable_quotas:7055: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  170.146422][   T24] usb 10-1: config 0 descriptor??
[  170.157240][ T7426] EXT4-fs (loop1): Cannot turn on quotas: error -22
[  170.164537][ T7426] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #13: comm syz.1.2924: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  170.183681][ T7426] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.2924: couldn't read orphan inode 13 (err -117)
[  170.196868][ T7426] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  170.219471][ T7426] EXT4-fs error (device loop1): ext4_lookup:1858: comm syz.1.2924: inode #15: comm syz.1.2924: iget: illegal inode #
[  170.219801][   T24] pl2303 10-1:0.217: required endpoints missing
[  170.237078][   T28] audit: type=1326 audit(2000000009.624:6400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7419 comm="syz.7.2923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f081f18eec9 code=0x7ffc0000
[  170.263055][ T7426] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  170.273245][   T28] audit: type=1326 audit(2000000009.624:6401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7419 comm="syz.7.2923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f081f18eec9 code=0x7ffc0000
[  170.296813][ T7426] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  170.315228][ T7426] EXT4-fs warning (device loop1): ext4_enable_quotas:7055: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  170.349417][  T285] EXT4-fs (loop1): unmounting filesystem.
[  170.363611][ T7443] loop7: detected capacity change from 0 to 2048
[  170.388100][ T7443] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  170.412106][ T7452] loop3: detected capacity change from 0 to 256
[  170.441170][ T6366] EXT4-fs (loop7): unmounting filesystem.
[  170.446010][  T336] usb 10-1: USB disconnect, device number 2
[  170.501347][ T7460] loop1: detected capacity change from 0 to 256
[  170.531196][ T7460] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x76936814, utbl_chksum : 0xe619d30d)
[  170.591028][ T7460] syz.1.2938: attempt to access beyond end of device
[  170.591028][ T7460] loop1: rw=524288, sector=440, nr_sectors = 256 limit=256
[  170.608447][ T7460] syz.1.2938: attempt to access beyond end of device
[  170.608447][ T7460] loop1: rw=524288, sector=696, nr_sectors = 256 limit=256
[  170.624057][ T7460] syz.1.2938: attempt to access beyond end of device
[  170.624057][ T7460] loop1: rw=0, sector=440, nr_sectors = 8 limit=256
[  170.637570][ T7460] syz.1.2938: attempt to access beyond end of device
[  170.637570][ T7460] loop1: rw=0, sector=440, nr_sectors = 8 limit=256
[  170.650916][ T7460] syz.1.2938: attempt to access beyond end of device
[  170.650916][ T7460] loop1: rw=0, sector=440, nr_sectors = 8 limit=256
[  170.664338][ T7460] syz.1.2938: attempt to access beyond end of device
[  170.664338][ T7460] loop1: rw=0, sector=440, nr_sectors = 8 limit=256
[  170.677962][ T7460] syz.1.2938: attempt to access beyond end of device
[  170.677962][ T7460] loop1: rw=0, sector=440, nr_sectors = 8 limit=256
[  170.692049][ T7460] syz.1.2938: attempt to access beyond end of device
[  170.692049][ T7460] loop1: rw=0, sector=440, nr_sectors = 8 limit=256
[  170.715312][ T7460] syz.1.2938: attempt to access beyond end of device
[  170.715312][ T7460] loop1: rw=0, sector=440, nr_sectors = 8 limit=256
[  170.728913][ T7460] syz.1.2938: attempt to access beyond end of device
[  170.728913][ T7460] loop1: rw=0, sector=440, nr_sectors = 8 limit=256
[  170.740047][ T7462] loop3: detected capacity change from 0 to 40427
[  170.762185][ T7462] F2FS-fs (loop3): invalid crc value
[  170.789540][ T7462] F2FS-fs (loop3): Found nat_bits in checkpoint
[  170.850395][ T7478] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2946'.
[  170.861589][ T7462] F2FS-fs (loop3): Start checkpoint disabled!
[  170.892819][ T7462] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  171.099326][ T7485] netlink: 40 bytes leftover after parsing attributes in process `syz.7.2950'.
[  171.185536][ T7487] loop8: detected capacity change from 0 to 8192
[  171.387001][ T7483] loop9: detected capacity change from 0 to 40427
[  171.403481][ T7497] FAT-fs (loop8): error, corrupted directory (invalid entries)
[  171.407911][  T334] usb 9-1: USB disconnect, device number 5
[  171.424370][ T7483] F2FS-fs (loop9): Insane cp_payload (553648128 >= 504)
[  171.431430][ T7497] FAT-fs (loop8): Filesystem has been set read-only
[  171.444542][ T7483] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  171.461595][ T7483] F2FS-fs (loop9): heap/no_heap options were deprecated
[  171.484439][ T7483] F2FS-fs (loop9): invalid crc value
[  171.497338][ T7483] F2FS-fs (loop9): Found nat_bits in checkpoint
[  171.582322][ T7483] F2FS-fs (loop9): Start checkpoint disabled!
[  171.595353][ T7483] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[  171.606155][ T7483] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e6
[  171.772624][ T7534] loop8: detected capacity change from 0 to 1024
[  171.806330][   T24] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  171.824524][ T7534] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  171.833454][ T7534] ext4 filesystem being mounted at /82/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.873325][ T6432] EXT4-fs (loop8): unmounting filesystem.
[  171.882961][ T7544] loop9: detected capacity change from 0 to 128
[  171.986148][   T24] usb 4-1: Using ep0 maxpacket: 16
[  171.991492][ T7557] loop8: detected capacity change from 0 to 1024
[  171.992599][   T24] usb 4-1: config 0 interface 0 has no altsetting 0
[  171.999995][ T7557] EXT4-fs: Ignoring removed nomblk_io_submit option
[  172.005326][   T24] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  172.034116][ T7560] loop7: detected capacity change from 0 to 128
[  172.040702][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.055050][   T24] usb 4-1: config 0 descriptor??
[  172.060517][ T7557] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  172.076155][ T7557] ext4 filesystem being mounted at /85/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  172.128139][ T6432] EXT4-fs (loop8): unmounting filesystem.
[  172.217619][ T7576] loop9: detected capacity change from 0 to 2048
[  172.248266][ T7576] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  172.257739][ T7576] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  172.290231][ T7134] EXT4-fs (loop9): unmounting filesystem.
[  172.391916][ T7595] loop8: detected capacity change from 0 to 256
[  172.472020][ T7509] loop3: detected capacity change from 0 to 256
[  172.492363][   T24] hid (null): invalid report_size 1953394281
[  172.505018][   T24] hid (null): unknown global tag 0xc
[  172.523986][   T24] hid (null): unknown global tag 0xe
[  172.537986][   T24] hid (null): nested delimiters
[  172.538778][ T7608] loop1: detected capacity change from 0 to 256
[  172.543053][   T24] hid (null): unknown global tag 0xe
[  172.586508][ T7608] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d)
[  172.588170][ T7615] loop8: detected capacity change from 0 to 16
[  172.601581][ T7608] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  172.609934][ T7615] erofs: dax options not supported
[  172.635820][  T334] usb 10-1: new full-speed USB device number 3 using dummy_hcd
[  172.719909][    T6] usb 4-1: USB disconnect, device number 14
[  172.826795][  T334] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  172.844176][  T334] usb 10-1: New USB device found, idVendor=050d, idProduct=3201, bcdDevice= 0.00
[  172.862211][  T334] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.878643][  T334] usb 10-1: config 0 descriptor??
[  172.888860][ T7593] raw-gadget.1 gadget.9: fail, usb_ep_enable returned -22
[  173.205482][  T288] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  173.223281][   T28] kauditd_printk_skb: 2433 callbacks suppressed
[  173.223299][   T28] audit: type=1326 audit(2000000012.796:8835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7628 comm="syz.1.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f304f32af79 code=0x7ffc0000
[  173.259664][   T28] audit: type=1326 audit(2000000012.846:8836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7628 comm="syz.1.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f304f32af79 code=0x7ffc0000
[  173.283260][   T28] audit: type=1326 audit(2000000012.846:8837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7628 comm="syz.1.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f304f32af79 code=0x7ffc0000
[  173.306982][   T28] audit: type=1326 audit(2000000012.846:8838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7628 comm="syz.1.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f304f38eec9 code=0x7ffc0000
[  173.308068][  T334] belkin 0003:050D:3201.002D: item fetching failed at offset 0/3
[  173.346938][   T28] audit: type=1326 audit(2000000012.846:8839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7628 comm="syz.1.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f304f38eec9 code=0x7ffc0000
[  173.356857][  T334] belkin 0003:050D:3201.002D: parse failed
[  173.387274][  T334] belkin: probe of 0003:050D:3201.002D failed with error -22
[  173.423950][   T28] audit: type=1326 audit(2000000012.846:8840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7628 comm="syz.1.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f304f38eec9 code=0x7ffc0000
[  173.447564][  T288] usb 9-1: Using ep0 maxpacket: 16
[  173.453895][  T288] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  173.477190][   T28] audit: type=1326 audit(2000000012.846:8841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7628 comm="syz.1.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f304f32af79 code=0x7ffc0000
[  173.495734][  T288] usb 9-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[  173.511984][  T334] usb 10-1: USB disconnect, device number 3
[  173.535920][   T28] audit: type=1326 audit(2000000012.846:8842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7628 comm="syz.1.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f304f32af79 code=0x7ffc0000
[  173.540474][  T288] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.565237][   T28] audit: type=1326 audit(2000000012.846:8843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7628 comm="syz.1.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f304f38eec9 code=0x7ffc0000
[  173.601678][   T28] audit: type=1326 audit(2000000012.846:8844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7628 comm="syz.1.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f304f32af79 code=0x7ffc0000
[  173.628718][  T288] usb 9-1: config 0 descriptor??
[  173.781235][ T7667] loop3: detected capacity change from 0 to 512
[  174.040856][  T288] hid-steam 0003:28DE:1102.002E: item fetching failed at offset 3/5
[  174.062122][  T288] hid-steam 0003:28DE:1102.002E: steam_probe:parse of hid interface failed
[  174.095068][  T288] hid-steam: probe of 0003:28DE:1102.002E failed with error -22
[  174.175757][ T7689] loop9: detected capacity change from 0 to 512
[  174.198814][ T7689] EXT4-fs: Ignoring removed bh option
[  174.204695][ T7695] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3039'.
[  174.220774][ T7689] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem
[  174.233110][ T7695] netlink: 7 bytes leftover after parsing attributes in process `syz.3.3039'.
[  174.266440][ T7689] EXT4-fs (loop9): 1 truncate cleaned up
[  174.276019][ T7689] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  174.293725][  T334] usb 9-1: USB disconnect, device number 6
[  174.352572][ T7702] loop3: detected capacity change from 0 to 128
[  174.403949][ T7134] EXT4-fs (loop9): unmounting filesystem.
[  174.419453][ T7697] loop7: detected capacity change from 0 to 8192
[  174.559628][ T7708] loop3: detected capacity change from 0 to 2048
[  174.619695][ T7708] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  174.634580][ T7708] EXT4-fs (loop3): unmounting filesystem.
[  174.663069][ T7709] FAT-fs (loop7): error, corrupted directory (invalid entries)
[  174.683894][ T7709] FAT-fs (loop7): Filesystem has been set read-only
[  174.764960][   T24] usb 10-1: new full-speed USB device number 4 using dummy_hcd
[  174.887919][ T7723] tun0: tun_chr_ioctl cmd 2147767511
[  174.955783][   T24] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  174.974599][ T7732] netlink: 80 bytes leftover after parsing attributes in process `syz.7.3053'.
[  174.987723][   T24] usb 10-1: config 0 has no interfaces?
[  174.996899][   T24] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  175.012701][   T24] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.023720][   T24] usb 10-1: Product: syz
[  175.042558][   T24] usb 10-1: Manufacturer: syz
[  175.055938][   T24] usb 10-1: SerialNumber: syz
[  175.067752][   T24] usb 10-1: config 0 descriptor??
[  175.130958][ T7747] loop7: detected capacity change from 0 to 512
[  175.160487][ T7747] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  175.170081][ T7747] ext4 filesystem being mounted at /101/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  175.196862][ T6366] EXT4-fs (loop7): unmounting filesystem.
[  175.290713][  T288] usb 10-1: USB disconnect, device number 4
[  175.325359][ T7760] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3065'.
[  175.386521][ T7762] device wireguard0 entered promiscuous mode
[  175.698445][ T7774] loop7: detected capacity change from 0 to 1024
[  175.717667][ T7774] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  175.729300][ T7774] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (49802!=20869)
[  175.745375][ T7774] EXT4-fs error (device loop7): ext4_get_journal_inode:5724: inode #5: comm syz.7.3070: unexpected bad inode w/o EXT4_IGET_BAD
[  175.768941][ T7774] EXT4-fs (loop7): no journal found
[  175.777637][ T7774] EXT4-fs (loop7): can't get journal size
[  175.784512][ T7774] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  175.801252][ T7774] EXT4-fs (loop7): shut down requested (1)
[  175.818923][ T6366] EXT4-fs (loop7): unmounting filesystem.
[  175.887995][ T7784] netem: change failed
[  175.954140][    T6] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  176.145270][    T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  176.166446][    T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  176.197048][    T6] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  176.208567][ T7805] loop3: detected capacity change from 0 to 4096
[  176.223977][    T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.243208][    T6] usb 2-1: config 0 descriptor??
[  176.250649][ T7805] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  176.366405][  T283] EXT4-fs (loop3): unmounting filesystem.
[  176.431541][ T7827] loop9: detected capacity change from 0 to 512
[  176.449548][ T7827] EXT4-fs: Ignoring removed oldalloc option
[  176.456620][ T7827] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  176.477829][ T7827] EXT4-fs (loop9): 1 truncate cleaned up
[  176.493883][ T7827] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  176.531145][ T7134] EXT4-fs (loop9): unmounting filesystem.
[  176.566486][ T7830] loop9: detected capacity change from 0 to 256
[  176.597329][ T7830] exFAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  176.619563][ T7819] loop8: detected capacity change from 0 to 40427
[  176.627596][ T7830] exFAT-fs (loop9): Medium has reported failures. Some data may be lost.
[  176.634499][ T7819] F2FS-fs (loop8): Invalid SB checksum offset: 0
[  176.645180][ T7830] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  176.653396][ T7819] F2FS-fs (loop8): Can't find valid F2FS filesystem in 2th superblock
[  176.669285][    T6] keytouch 0003:0926:3333.002F: fixing up Keytouch IEC report descriptor
[  176.677371][ T7819] F2FS-fs (loop8): invalid crc value
[  176.694348][    T6] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.002F/input/input32
[  176.726985][ T7819] F2FS-fs (loop8): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  176.741555][ T7837] loop9: detected capacity change from 0 to 256
[  176.756589][ T7837] exfat: Deprecated parameter 'utf8'
[  176.762039][ T7837] exfat: Deprecated parameter 'utf8'
[  176.770051][ T7825] loop3: detected capacity change from 0 to 40427
[  176.787370][ T7825] F2FS-fs (loop3): fault_injection options not supported
[  176.800802][ T7839] loop7: detected capacity change from 0 to 2048
[  176.804258][ T7837] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  176.821026][    T6] keytouch 0003:0926:3333.002F: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0
[  176.837302][ T7825] F2FS-fs (loop3): invalid crc value
[  176.848839][ T7819] F2FS-fs (loop8): Try to recover 2th superblock, ret: 0
[  176.848878][ T7839] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  176.864156][ T7819] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  176.872826][ T7825] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  176.887396][ T7839] EXT4-fs (loop7): Online defrag not supported with bigalloc
[  176.905733][ T6366] EXT4-fs (loop7): unmounting filesystem.
[  177.003759][ T7825] F2FS-fs (loop3): Start checkpoint disabled!
[  177.014111][ T6432] bio_check_eod: 15087 callbacks suppressed
[  177.014129][ T6432] syz-executor: attempt to access beyond end of device
[  177.014129][ T6432] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  177.044963][ T7825] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  177.095945][  T288] usb 2-1: USB disconnect, device number 17
[  177.261219][ T7874] loop7: detected capacity change from 0 to 128
[  177.278203][ T7874] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  177.293319][ T7874] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  177.303466][    T6] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  177.306550][ T7877] netem: change failed
[  177.337218][   T10] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  177.384267][ T7886] loop3: detected capacity change from 0 to 512
[  177.391916][ T7886] EXT4-fs: Ignoring removed oldalloc option
[  177.398477][ T7886] EXT4-fs: Ignoring removed bh option
[  177.414259][ T7886] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802c118, mo2=0002]
[  177.422467][ T7886] System zones: 1-12
[  177.428466][ T7886] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2195: inode #15: comm syz.3.3114: corrupted in-inode xattr
[  177.444078][ T7886] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.3114: couldn't read orphan inode 15 (err -117)
[  177.456440][ T7886] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  177.493465][    T6] usb 10-1: Using ep0 maxpacket: 8
[  177.500035][    T6] usb 10-1: config 179 has an invalid interface number: 65 but max is 0
[  177.513719][    T6] usb 10-1: config 179 has no interface number 0
[  177.522667][    T6] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  177.534289][    T6] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  177.547849][    T6] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  177.559756][    T6] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  177.571918][    T6] usb 10-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  177.585974][    T6] usb 10-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  177.595457][    T6] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.610165][ T7856] raw-gadget.1 gadget.9: fail, usb_ep_enable returned -22
[  177.886544][ T7856] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  177.903639][ T7856] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  177.962804][  T283] EXT4-fs (loop3): unmounting filesystem.
[  178.116024][ T7919] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  178.135795][    T6] usb 10-1: USB disconnect, device number 5
[  178.135845][    C0] xpad 10-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  178.141785][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  178.142373][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  178.150285][    C0] xpad 10-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  178.220221][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  178.229732][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  178.238399][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  178.247288][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  178.256309][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  178.265444][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  178.306770][ T7929] syz.3.3133[7929] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  178.306865][ T7929] syz.3.3133[7929] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  178.321071][   T28] kauditd_printk_skb: 7235 callbacks suppressed
[  178.321088][   T28] audit: type=1400 audit(2000000017.918:16080): avc:  denied  { read } for  pid=7928 comm="syz.3.3133" name="loop-control" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  178.370935][   T28] audit: type=1400 audit(2000000017.918:16081): avc:  denied  { open } for  pid=7928 comm="syz.3.3133" path="/dev/loop-control" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  178.397154][   T28] audit: type=1400 audit(2000000017.918:16082): avc:  denied  { ioctl } for  pid=7928 comm="syz.3.3133" path="/dev/loop-control" dev="devtmpfs" ino=117 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  178.464831][   T28] audit: type=1400 audit(2000000018.069:16083): avc:  denied  { mount } for  pid=7932 comm="syz.3.3135" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  178.513154][   T28] audit: type=1326 audit(2000000018.069:16084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7934 comm="syz.8.3136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2078d8eec9 code=0x7ffc0000
[  178.557821][   T28] audit: type=1326 audit(2000000018.069:16085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7934 comm="syz.8.3136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2078d8d710 code=0x7ffc0000
[  178.597219][ T7943] input: syz0 as /devices/virtual/input/input33
[  178.608568][   T28] audit: type=1326 audit(2000000018.069:16086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7934 comm="syz.8.3136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2078d8eec9 code=0x7ffc0000
[  178.661521][   T28] audit: type=1326 audit(2000000018.069:16087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7934 comm="syz.8.3136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=296 compat=0 ip=0x7f2078d8eec9 code=0x7ffc0000
[  178.707961][   T28] audit: type=1326 audit(2000000018.069:16088): auid=0 uid=0 gid=0 ses=1 subj=root:sysadm_r:sysadm_t pid=7934 comm="syz.8.3136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2078d8eec9 code=0x7ffc0000
[  178.743953][ T7953] loop8: detected capacity change from 0 to 256
[  178.750261][   T28] audit: type=1326 audit(2000000018.069:16089): auid=0 uid=0 gid=0 ses=1 subj=root:sysadm_r:sysadm_t pid=7934 comm="syz.8.3136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f2078d8eec9 code=0x7ffc0000
[  178.789019][ T7957] input: syz1 as /devices/virtual/input/input34
[  178.821626][ T7953] FAT-fs (loop8): Directory bread(block 64) failed
[  178.846766][ T7953] FAT-fs (loop8): Directory bread(block 65) failed
[  178.862997][ T7953] FAT-fs (loop8): Directory bread(block 66) failed
[  178.870405][ T7953] FAT-fs (loop8): Directory bread(block 67) failed
[  178.892724][ T7953] FAT-fs (loop8): Directory bread(block 68) failed
[  178.899298][ T7953] FAT-fs (loop8): Directory bread(block 69) failed
[  178.942976][ T7953] FAT-fs (loop8): Directory bread(block 70) failed
[  178.949555][ T7953] FAT-fs (loop8): Directory bread(block 71) failed
[  178.972632][ T7953] FAT-fs (loop8): Directory bread(block 72) failed
[  178.979236][ T7953] FAT-fs (loop8): Directory bread(block 73) failed
[  179.150652][ T7976] loop8: detected capacity change from 0 to 4096
[  179.167441][ T7983] loop1: detected capacity change from 0 to 512
[  179.209680][ T7983] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  179.209745][ T7976] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  179.227269][ T7983] ext4 filesystem being mounted at /622/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  179.253014][ T7990] loop9: detected capacity change from 0 to 512
[  179.284088][  T285] EXT4-fs (loop1): unmounting filesystem.
[  179.294932][ T7990] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  179.304039][ T7990] ext4 filesystem being mounted at /62/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  179.376823][ T8002] Invalid ELF header magic: != ELF
[  179.389193][ T7134] EXT4-fs (loop9): unmounting filesystem.
[  179.420433][ T6432] EXT4-fs (loop8): unmounting filesystem.
[  179.615591][ T8029] loop9: detected capacity change from 0 to 128
[  179.653683][ T8029] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  179.662292][    T6] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  179.691784][ T8029] ext4 filesystem being mounted at /66/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  179.744775][ T8018] loop8: detected capacity change from 0 to 40427
[  179.763413][ T8018] F2FS-fs (loop8): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288)
[  179.773166][ T8018] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  179.781605][ T8018] F2FS-fs (loop8): fault_type options not supported
[  179.788550][ T8018] F2FS-fs (loop8): fault_injection options not supported
[  179.789491][ T7134] EXT4-fs (loop9): unmounting filesystem.
[  179.795684][ T8018] F2FS-fs (loop8): Image doesn't support compression
[  179.809022][ T8018] F2FS-fs (loop8): invalid crc value
[  179.821916][ T8018] F2FS-fs (loop8): Found nat_bits in checkpoint
[  179.855588][    T6] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  179.876276][    T6] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  179.880734][ T8036] loop9: detected capacity change from 0 to 1024
[  179.897178][    T6] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  179.910885][ T8018] F2FS-fs (loop8): Start checkpoint disabled!
[  179.917731][    T6] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  179.927420][ T8018] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  179.939005][ T8036] EXT4-fs (loop9): couldn't mount as ext3 due to feature incompatibilities
[  179.946283][ T8018] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[  179.955275][    T6] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.973299][    T6] usb 8-1: config 0 descriptor??
[  180.039096][ T8018] syz.8.3169: attempt to access beyond end of device
[  180.039096][ T8018] loop8: rw=2049, sector=77824, nr_sectors = 1928 limit=40427
[  180.077711][ T8018] syz.8.3169: attempt to access beyond end of device
[  180.077711][ T8018] loop8: rw=0, sector=79744, nr_sectors = 8 limit=40427
[  180.101324][ T8043] loop1: detected capacity change from 0 to 512
[  180.127212][ T8043] EXT4-fs: Ignoring removed nobh option
[  180.168379][ T8043] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.3182: bg 0: block 248: padding at end of block bitmap is not set
[  180.198603][ T8043] EXT4-fs error (device loop1): ext4_acquire_dquot:6803: comm syz.1.3182: Failed to acquire dquot type 1
[  180.209301][  T369] kworker/u4:9: attempt to access beyond end of device
[  180.209301][  T369] loop8: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  180.225303][ T8043] EXT4-fs (loop1): 1 truncate cleaned up
[  180.231002][ T8043] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  180.255804][ T8043] ext4 filesystem being mounted at /631/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  180.368070][  T285] EXT4-fs (loop1): unmounting filesystem.
[  180.395628][    T6] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0
[  180.405980][    T6] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0
[  180.421922][    T6] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0
[  180.432124][    T6] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0
[  180.448460][    T6] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0
[  180.482616][    T6] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0
[  180.493492][    T6] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0
[  180.501414][    T6] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0
[  180.517674][    T6] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0
[  180.518039][ T8066] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  180.533539][    T6] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0
[  180.551869][    T6] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0
[  180.559577][    T6] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0
[  180.571654][ T8069] loop1: detected capacity change from 0 to 512
[  180.581818][    T6] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0
[  180.589348][    T6] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0
[  180.592422][ T8069] EXT4-fs: Ignoring removed oldalloc option
[  180.597700][    T6] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0
[  180.613299][    T6] plantronics 0003:047F:FFFF.0030: No inputs registered, leaving
[  180.627653][ T8069] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.3192: dx entry: limit 1024 != root limit 124
[  180.632466][    T6] plantronics 0003:047F:FFFF.0030: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0
[  180.639979][ T8069] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.3192: Corrupt directory, running e2fsck is recommended
[  180.656337][    T6] usb 8-1: USB disconnect, device number 7
[  180.682164][ T8069] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[  180.721419][ T8069] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2195: inode #15: comm syz.1.3192: corrupted in-inode xattr
[  180.738634][ T8069] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.3192: couldn't read orphan inode 15 (err -117)
[  180.753062][ T8069] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  180.773768][ T8069] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.3192: dx entry: limit 1024 != root limit 124
[  180.786061][ T8069] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.3192: Corrupt directory, running e2fsck is recommended
[  180.799958][ T8069] EXT4-fs error (device loop1): ext4_readdir:263: inode #2: block 3: comm syz.1.3192: path /633/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[  180.830117][  T285] EXT4-fs (loop1): unmounting filesystem.
[  180.861428][ T8090] loop1: detected capacity change from 0 to 128
[  180.934325][ T8103] syz.1.3205[8103] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  180.934397][ T8103] syz.1.3205[8103] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  181.342095][ T8121] input: syz1 as /devices/virtual/input/input35
[  181.436332][ T8129] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  181.444188][ T8129] SELinux: failed to load policy
[  181.528279][ T8124] loop7: detected capacity change from 0 to 40427
[  181.537994][ T8124] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[  181.545959][ T8124] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  181.559831][ T8124] F2FS-fs (loop7): invalid crc value
[  181.567199][ T8124] F2FS-fs (loop7): Found nat_bits in checkpoint
[  181.605834][ T8124] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  181.613053][ T8124] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  181.661872][ T6366] syz-executor: attempt to access beyond end of device
[  181.661872][ T6366] loop7: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  181.676194][  T369] F2FS-fs (loop7): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  181.685516][  T369] F2FS-fs (loop7): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  181.686158][  T288] hid-generic 07B7:80004:0000.0031: unknown main item tag 0x0
[  181.702248][  T288] hid-generic 07B7:80004:0000.0031: unknown main item tag 0x0
[  181.709808][  T288] hid-generic 07B7:80004:0000.0031: unknown main item tag 0x0
[  181.717480][  T288] hid-generic 07B7:80004:0000.0031: unknown main item tag 0x0
[  181.725071][  T288] hid-generic 07B7:80004:0000.0031: unknown main item tag 0x0
[  181.732643][  T288] hid-generic 07B7:80004:0000.0031: unknown main item tag 0x0
[  181.740184][  T288] hid-generic 07B7:80004:0000.0031: unknown main item tag 0x0
[  181.751212][  T336] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  181.761064][  T288] hid-generic 07B7:80004:0000.0031: unknown main item tag 0x0
[  181.781230][  T288] hid-generic 07B7:80004:0000.0031: unknown main item tag 0x0
[  181.788858][  T288] hid-generic 07B7:80004:0000.0031: unknown main item tag 0x0
[  181.796746][  T288] hid-generic 07B7:80004:0000.0031: unknown main item tag 0x0
[  181.804288][  T288] hid-generic 07B7:80004:0000.0031: unknown main item tag 0x0
[  181.811802][  T288] hid-generic 07B7:80004:0000.0031: unknown main item tag 0x0
[  181.819307][  T288] hid-generic 07B7:80004:0000.0031: unknown main item tag 0x0
[  181.826865][  T288] hid-generic 07B7:80004:0000.0031: unknown main item tag 0x0
[  181.834634][  T288] hid-generic 07B7:80004:0000.0031: unknown main item tag 0x0
[  181.843920][  T288] hid-generic 07B7:80004:0000.0031: unknown main item tag 0x0
[  181.852454][  T288] hid-generic 07B7:80004:0000.0031: unknown main item tag 0x0
[  181.861813][  T288] hid-generic 07B7:80004:0000.0031: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  181.903689][ T8144] loop3: detected capacity change from 0 to 128
[  181.939192][ T8144] ext4 filesystem being mounted at /637/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  181.945997][ T8141] fido_id[8141]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  181.971155][  T336] usb 10-1: Using ep0 maxpacket: 8
[  181.971486][ T8144] fscrypt (loop3, inode 12): Direct key flag not allowed with different contents and filenames modes
[  181.977712][  T336] usb 10-1: config 179 has an invalid interface number: 65 but max is 0
[  181.995981][  T336] usb 10-1: config 179 has no interface number 0
[  182.003374][  T336] usb 10-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  182.015394][  T336] usb 10-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  182.028593][  T336] usb 10-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  182.042109][  T336] usb 10-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  182.055508][  T336] usb 10-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  182.087540][  T336] usb 10-1: config 179 interface 65 has no altsetting 0
[  182.095149][  T336] usb 10-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  182.104544][  T336] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.115933][  T336] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:179.65/input/input36
[  182.233886][ T8168] block device autoloading is deprecated and will be removed.
[  182.254907][ T8168] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  182.355777][ T8188] 9pnet: p9_errstr2errno: server reported unknown error �@cƒF	S
[  182.359304][  T336] usb 10-1: USB disconnect, device number 6
[  182.372640][  T336] xpad 10-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  182.452500][ T8190] kvm [8189]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x7
[  182.460774][ T8190] kvm [8189]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x7
[  182.483204][ T8190] kvm [8189]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x187) = 0xa0a00000
[  182.492129][ T8190] kvm [8189]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x186) = 0xa0a00000
[  182.533979][ T8204] loop8: detected capacity change from 0 to 1024
[  182.576161][ T8204] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:3836: comm syz.8.3247: Allocating blocks 449-513 which overlap fs metadata
[  182.612157][ T8203] EXT4-fs (loop8): pa ffff888114e96bd0: logic 48, phys. 177, len 21
[  182.620236][ T8203] EXT4-fs error (device loop8): ext4_mb_release_inode_pa:4876: group 0, free 0, pa_free 4
[  182.730809][   T24] usb 8-1: new full-speed USB device number 8 using dummy_hcd
[  182.921785][   T24] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  182.933662][   T24] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  182.949770][   T24] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[  182.959725][   T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  182.969530][   T24] usb 8-1: SerialNumber: syz
[  182.980673][  T288] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  182.990755][   T24] cdc_ether: probe of 8-1:1.0 failed with error -22
[  182.997941][   T24] usb-storage 8-1:1.0: USB Mass Storage device detected
[  183.008472][   T24] usb-storage 8-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[  183.021748][   T24] scsi host1: usb-storage 8-1:1.0
[  183.111280][ T8264] loop9: detected capacity change from 0 to 1024
[  183.118257][ T8264] EXT4-fs: Ignoring removed nobh option
[  183.124194][ T8264] EXT4-fs: Ignoring removed bh option
[  183.136027][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.144436][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.152573][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.160677][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.168944][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.170637][  T288] usb 4-1: Using ep0 maxpacket: 32
[  183.177255][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.190749][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.198551][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.206393][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.214439][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.221263][  T288] usb 4-1: config 1 interface 0 altsetting 77 bulk endpoint 0x3 has invalid maxpacket 1023
[  183.222316][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.240082][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.245748][  T288] usb 4-1: config 1 interface 0 altsetting 77 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  183.248047][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.268882][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.276985][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.284819][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.285144][  T288] usb 4-1: config 1 interface 0 has no altsetting 0
[  183.292898][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.307528][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.315422][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.324282][  T288] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  183.324461][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.339376][  T288] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  183.349615][  T288] usb 4-1: SerialNumber: syz
[  183.351059][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.355943][ T8221] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  183.369297][ T8275] block device autoloading is deprecated and will be removed.
[  183.378032][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.385919][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.393888][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.402062][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.409910][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.422597][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.431650][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.439621][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.447546][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.455620][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.463464][    T6] hid-generic 0000:FFFFFFFF:0000.0032: unknown main item tag 0x0
[  183.472246][    T6] hid-generic 0000:FFFFFFFF:0000.0032: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  183.486963][ T8279] loop9: detected capacity change from 0 to 256
[  183.513232][ T8279] exFAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  183.532654][ T8279] exFAT-fs (loop9): Medium has reported failures. Some data may be lost.
[  183.538791][ T8280] fido_id[8280]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  183.568667][ T8279] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  183.579429][ T8221] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  183.592919][   T28] kauditd_printk_skb: 80 callbacks suppressed
[  183.592938][   T28] audit: type=1400 audit(2000000023.201:16168): avc:  denied  { execute } for  pid=8278 comm="syz.9.3276" path="/82/file0/file1" dev="loop9" ino=1048766 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  183.600968][ T8284] loop8: detected capacity change from 0 to 256
[  183.640791][ T8286] SELinux:  Context system_u:object_r:man_t:s0 is not valid (left unmapped).
[  183.649779][   T28] audit: type=1400 audit(2000000023.251:16169): avc:  denied  { mac_admin } for  pid=8285 comm="syz.9.3281" capability=33  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  183.671119][   T28] audit: type=1400 audit(2000000023.261:16170): avc:  denied  { relabelto } for  pid=8285 comm="syz.9.3281" name="83" dev="tmpfs" ino=446 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:man_t:s0"
[  183.700321][  T624] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  183.711933][   T28] audit: type=1400 audit(2000000023.261:16171): avc:  denied  { associate } for  pid=8285 comm="syz.9.3281" name="83" dev="tmpfs" ino=446 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:man_t:s0"
[  183.716543][ T8284] exFAT-fs (loop8): failed to load upcase table (idx : 0x00011d5f, chksum : 0x09863542, utbl_chksum : 0x000cd30d)
[  183.739012][   T28] audit: type=1400 audit(2000000023.311:16172): avc:  denied  { write } for  pid=7134 comm="syz-executor" name="83" dev="tmpfs" ino=446 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:man_t:s0"
[  183.777998][   T28] audit: type=1400 audit(2000000023.311:16173): avc:  denied  { remove_name } for  pid=7134 comm="syz-executor" name="binderfs" dev="tmpfs" ino=450 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:man_t:s0"
[  183.805028][   T28] audit: type=1400 audit(2000000023.311:16174): avc:  denied  { rmdir } for  pid=7134 comm="syz-executor" name="83" dev="tmpfs" ino=446 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:man_t:s0"
[  183.811783][ T8284] exFAT-fs (loop8): hint_cluster is invalid (1)
[  183.837399][ T8284] exFAT-fs (loop8): error, invalid access to exfat cache (entry 0x00000000)
[  183.847888][ T8284] exFAT-fs (loop8): Filesystem has been set read-only
[  183.854861][ T8284] exFAT-fs (loop8): error, failed to bmap (inode : ffff888117b625f0 iblock : 9, err : -5)
[  183.870232][ T8284] exFAT-fs (loop8): error, tried to truncate zeroed cluster.
[  183.878025][ T8284] exFAT-fs (loop8): error, tried to truncate zeroed cluster.
[  183.950137][  T624] usb 2-1: Using ep0 maxpacket: 32
[  183.958933][  T624] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  183.971205][  T624] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  183.981540][  T624] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  183.991026][  T624] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.000379][  T624] usb 2-1: config 0 descriptor??
[  184.006460][  T624] hub 2-1:0.0: USB hub found
[  184.026133][ T8300] loop9: detected capacity change from 0 to 128
[  184.038207][ T8300] ext4 filesystem being mounted at /88/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  184.054616][  T288] cdc_ether 4-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.3-1, CDC Ethernet Device, 42:42:42:42:42:42
[  184.062336][ T8300] fscrypt (loop9, inode 12): Direct key flag not allowed with different contents and filenames modes
[  184.084491][   T28] audit: type=1400 audit(2000000023.691:16175): avc:  denied  { read } for  pid=142 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[  184.106743][   T28] audit: type=1400 audit(2000000023.691:16176): avc:  denied  { search } for  pid=142 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  184.128545][   T28] audit: type=1400 audit(2000000023.691:16177): avc:  denied  { read } for  pid=142 comm="dhcpcd" name="n20" dev="tmpfs" ino=23037 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  184.207425][  T624] hub 2-1:0.0: 1 port detected
[  184.242290][    T6] usb 8-1: USB disconnect, device number 8
[  184.384936][ T8338] syz.9.3297[8338] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  184.385018][ T8338] syz.9.3297[8338] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  184.409121][  T624] hub 2-1:0.0: hub_hub_status failed (err = -71)
[  184.427150][  T624] hub 2-1:0.0: config failed, can't get hub status (err -71)
[  184.436332][  T624] usbhid 2-1:0.0: can't add hid device: -71
[  184.442509][  T624] usbhid: probe of 2-1:0.0 failed with error -71
[  184.480585][  T624] usb 2-1: USB disconnect, device number 18
[  184.526071][   T24] usb 4-1: USB disconnect, device number 15
[  184.532558][   T24] cdc_ether 4-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.3-1, CDC Ethernet Device
[  184.763322][ T8369] loop7: detected capacity change from 0 to 1024
[  184.835674][ T8375] loop8: detected capacity change from 0 to 512
[  184.849358][ T8375] EXT4-fs error (device loop8): ext4_orphan_get:1400: inode #15: comm syz.8.3302: casefold flag without casefold feature
[  184.862976][ T8375] EXT4-fs error (device loop8): ext4_orphan_get:1405: comm syz.8.3302: couldn't read orphan inode 15 (err -117)
[  184.953454][ T8392] netlink: 96 bytes leftover after parsing attributes in process `syz.1.3308'.
[  184.994835][ T8398] netlink: 'syz.1.3310': attribute type 1 has an invalid length.
[  185.003573][ T8398] netlink: 'syz.1.3310': attribute type 2 has an invalid length.
[  185.012701][ T8398] netlink: 'syz.1.3310': attribute type 1 has an invalid length.
[  185.020752][ T8398] netlink: 'syz.1.3310': attribute type 2 has an invalid length.
[  185.258766][   T24] kernel write not supported for file /vcsa1 (pid: 24 comm: kworker/1:0)
[  185.300640][ T8431] loop9: detected capacity change from 0 to 256
[  185.318521][ T8432] SELinux:  Context system_u:object_r:inetd_exec_t:s0 is not valid (left unmapped).
[  185.519721][    T6] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  185.640387][ T8459] device syz_tun entered promiscuous mode
[  185.646338][ T8459] device macsec2 entered promiscuous mode
[  185.653624][ T8459] device syz_tun left promiscuous mode
[  185.719219][    T6] usb 4-1: Using ep0 maxpacket: 16
[  185.727014][    T6] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  185.738532][    T6] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.746696][    T6] usb 4-1: Product: syz
[  185.750902][    T6] usb 4-1: Manufacturer: syz
[  185.755515][    T6] usb 4-1: SerialNumber: syz
[  185.779432][    T6] r8152-cfgselector 4-1: config 0 descriptor??
[  185.799357][ T1442] usb 2-1: new full-speed USB device number 19 using dummy_hcd
[  185.870572][ T8476] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3348'.
[  186.002700][ T8485] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3351'.
[  186.011706][ T1442] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  186.022992][ T1442] usb 2-1: New USB device found, idVendor=050d, idProduct=3201, bcdDevice= 0.00
[  186.032152][ T1442] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.041196][ T1442] usb 2-1: config 0 descriptor??
[  186.046467][ T8454] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  186.119087][  T624] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  186.191082][    T6] r8152-cfgselector 4-1: Unknown version 0x0000
[  186.197454][    T6] r8152-cfgselector 4-1: bad CDC descriptors
[  186.204047][    T6] r8152-cfgselector 4-1: Unknown version 0x0000
[  186.211036][    T6] r8152-cfgselector 4-1: USB disconnect, device number 16
[  186.239017][  T288] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  186.298996][  T624] usb 8-1: Using ep0 maxpacket: 16
[  186.305722][  T624] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  186.316143][  T624] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 2
[  186.326711][  T624] usb 8-1: New USB device found, idVendor=1189, idProduct=0893, bcdDevice= 0.00
[  186.335845][  T624] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  186.343917][  T624] usb 8-1: Product: syz
[  186.348108][  T624] usb 8-1: Manufacturer: syz
[  186.352790][  T624] usb 8-1: SerialNumber: syz
[  186.358361][  T624] usb 8-1: config 0 descriptor??
[  186.419956][  T288] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  186.431124][  T288] usb 10-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  186.442694][  T288] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  186.451916][  T288] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  186.460081][  T288] usb 10-1: Product: syz
[  186.461848][ T1442] belkin 0003:050D:3201.0033: item fetching failed at offset 0/3
[  186.464647][  T288] usb 10-1: Manufacturer: syz
[  186.472724][ T1442] belkin 0003:050D:3201.0033: parse failed
[  186.476896][  T288] usb 10-1: SerialNumber: syz
[  186.483108][ T1442] belkin: probe of 0003:050D:3201.0033 failed with error -22
[  186.495821][  T288] cdc_mbim 10-1:1.0: skipping garbage
[  186.681044][   T24] usb 2-1: USB disconnect, device number 19
[  186.696608][ T8484] raw-gadget.3 gadget.9: fail, usb_ep_enable returned -22
[  186.797505][   T10] tipc: Subscription rejected, illegal request
[  186.830555][ T8503] device wireguard0 entered promiscuous mode
[  186.950305][ T8508] netlink: 'syz.8.3362': attribute type 10 has an invalid length.
[  186.970052][  T624] asix 8-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  186.982161][  T624] asix: probe of 8-1:0.0 failed with error -71
[  186.990136][  T624] usb 8-1: USB disconnect, device number 9
[  187.207482][ T8530] loop8: detected capacity change from 0 to 1024
[  187.227014][ T8530] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  187.236254][ T8530] EXT4-fs (loop8): orphan cleanup on readonly fs
[  187.243876][ T8530] EXT4-fs error (device loop8): ext4_free_blocks:6205: comm syz.8.3371: Freeing blocks not in datazone - block = 0, count = 4096
[  187.258584][ T8530] EXT4-fs (loop8): 1 orphan inode deleted
[  187.289390][ T8537] loop8: detected capacity change from 0 to 512
[  187.296133][ T8537] EXT4-fs: Ignoring removed mblk_io_submit option
[  187.302874][ T8537] EXT4-fs: Ignoring removed nomblk_io_submit option
[  187.305525][ T8484] raw-gadget.3 gadget.9: fail, usb_ep_enable returned -22
[  187.317711][  T288] cdc_mbim 10-1:1.0: setting tx_max = 56
[  187.317719][ T8537] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  187.317738][ T8537] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  187.325777][  T288] cdc_mbim 10-1:1.0: cdc-wdm0: USB WDM device
[  187.349309][  T288] cdc_mbim 10-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.9-1, CDC MBIM, de:03:9e:87:22:e0
[  187.354587][ T8537] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:3836: comm syz.8.3375: Allocating blocks 41-42 which overlap fs metadata
[  187.374082][ T8537] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:3836: comm syz.8.3375: Allocating blocks 41-42 which overlap fs metadata
[  187.388306][ T8537] EXT4-fs error (device loop8): ext4_acquire_dquot:6803: comm syz.8.3375: Failed to acquire dquot type 1
[  187.400771][ T8537] EXT4-fs error (device loop8): mb_free_blocks:1810: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  187.415644][ T8537] EXT4-fs error (device loop8): ext4_do_update_inode:5256: inode #12: comm syz.8.3375: corrupted inode contents
[  187.427800][ T8537] EXT4-fs error (device loop8): ext4_dirty_inode:6121: inode #12: comm syz.8.3375: mark_inode_dirty error
[  187.439689][ T8537] EXT4-fs error (device loop8): ext4_do_update_inode:5256: inode #12: comm syz.8.3375: corrupted inode contents
[  187.451976][ T8537] EXT4-fs error (device loop8): __ext4_ext_dirty:202: inode #12: comm syz.8.3375: mark_inode_dirty error
[  187.463617][ T8537] EXT4-fs error (device loop8): ext4_do_update_inode:5256: inode #12: comm syz.8.3375: corrupted inode contents
[  187.475975][ T8537] EXT4-fs error (device loop8) in ext4_orphan_del:305: Corrupt filesystem
[  187.484790][ T8537] EXT4-fs error (device loop8): ext4_do_update_inode:5256: inode #12: comm syz.8.3375: corrupted inode contents
[  187.511156][  T288] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  187.519022][ T8537] EXT4-fs error (device loop8): ext4_truncate:4314: inode #12: comm syz.8.3375: mark_inode_dirty error
[  187.536877][ T8537] EXT4-fs error (device loop8) in ext4_process_orphan:347: Corrupt filesystem
[  187.553862][    T6] usb 10-1: USB disconnect, device number 7
[  187.563877][    T6] cdc_mbim 10-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.9-1, CDC MBIM
[  187.573068][ T8537] EXT4-fs (loop8): 1 truncate cleaned up
[  187.597940][ T8558] loop7: detected capacity change from 0 to 256
[  187.615982][ T8558] exFAT-fs (loop7): failed to load upcase table (idx : 0x00011d5f, chksum : 0x09863542, utbl_chksum : 0x000cd30d)
[  187.631861][ T8537] EXT4-fs (loop8): re-mounted. Quota mode: writeback.
[  187.653310][ T8558] exFAT-fs (loop7): hint_cluster is invalid (1)
[  187.664437][ T8558] exFAT-fs (loop7): error, invalid access to exfat cache (entry 0x00000000)
[  187.685306][ T8558] exFAT-fs (loop7): Filesystem has been set read-only
[  187.693501][ T8558] exFAT-fs (loop7): error, failed to bmap (inode : ffff888117b62e30 iblock : 9, err : -5)
[  187.707116][ T8558] exFAT-fs (loop7): error, tried to truncate zeroed cluster.
[  187.708352][  T288] usb 2-1: Using ep0 maxpacket: 32
[  187.714839][ T8558] exFAT-fs (loop7): error, tried to truncate zeroed cluster.
[  187.735307][  T288] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[  187.770688][  T288] usb 2-1: config 0 has no interface number 0
[  187.792088][  T288] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  187.820733][  T288] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  187.820865][  T288] usb 2-1: Product: syz
[  187.820883][  T288] usb 2-1: Manufacturer: syz
[  187.820911][  T288] usb 2-1: SerialNumber: syz
[  187.821648][  T288] usb 2-1: config 0 descriptor??
[  187.822576][  T288] smsc95xx v2.0.0
[  188.048394][  T368] Bluetooth: hci0: Frame reassembly failed (-84)
[  188.078318][ T8590] loop3: detected capacity change from 0 to 40427
[  188.094576][ T8590] F2FS-fs (loop3): fault_type options not supported
[  188.101524][ T8590] F2FS-fs (loop3): fault_injection options not supported
[  188.108800][ T8590] F2FS-fs (loop3): Image doesn't support compression
[  188.116664][ T8590] F2FS-fs (loop3): invalid crc value
[  188.123361][ T8590] F2FS-fs (loop3): Found nat_bits in checkpoint
[  188.173990][ T8590] F2FS-fs (loop3): Start checkpoint disabled!
[  188.181437][ T8590] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  188.224084][  T288] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  188.236224][ T8590] syz.3.3386: attempt to access beyond end of device
[  188.236224][ T8590] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  188.257540][  T288] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  188.282313][  T370] kworker/u4:10: attempt to access beyond end of device
[  188.282313][  T370] loop3: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  188.483082][ T8621] loop3: detected capacity change from 0 to 256
[  188.547848][    T6] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  188.678894][ T8633] device wireguard0 entered promiscuous mode
[  188.682595][  T288] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  188.696412][  T288] smsc95xx: probe of 2-1:0.67 failed with error -71
[  188.704604][  T288] usb 2-1: USB disconnect, device number 20
[  188.748960][    T6] usb 10-1: config 220 has an invalid interface number: 76 but max is 2
[  188.757365][    T6] usb 10-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  188.767209][    T6] usb 10-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  188.777691][    T6] usb 10-1: config 220 has no interface number 2
[  188.784633][    T6] usb 10-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  188.797975][    T6] usb 10-1: config 220 interface 0 has no altsetting 0
[  188.804867][    T6] usb 10-1: config 220 interface 76 has no altsetting 0
[  188.811900][    T6] usb 10-1: config 220 interface 1 has no altsetting 0
[  188.821171][    T6] usb 10-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  188.830379][    T6] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  188.838529][    T6] usb 10-1: Product: syz
[  188.842788][    T6] usb 10-1: Manufacturer: syz
[  188.847469][    T6] usb 10-1: SerialNumber: syz
[  188.874573][ T8638] loop3: detected capacity change from 0 to 1024
[  188.913331][ T8638] EXT4-fs mount: 16 callbacks suppressed
[  188.913353][ T8638] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  188.963092][  T283] EXT4-fs (loop3): unmounting filesystem.
[  189.057914][    T6] usb 10-1: Found UVC 7.01 device syz (8086:0b07)
[  189.065399][    T6] usb 10-1: No valid video chain found.
[  189.071961][    T6] usb 10-1: selecting invalid altsetting 0
[  189.094375][    T6] usb 10-1: USB disconnect, device number 8
[  189.104042][ T8647] loop7: detected capacity change from 0 to 40427
[  189.120037][ T8647] F2FS-fs (loop7): invalid crc value
[  189.132547][ T8647] F2FS-fs (loop7): Found nat_bits in checkpoint
[  189.169894][ T8659] loop3: detected capacity change from 0 to 512
[  189.179667][ T8659] EXT4-fs: Ignoring removed oldalloc option
[  189.186454][ T8659] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  189.190372][ T8647] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e4
[  189.198862][ T8659] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #16: comm syz.3.3413: invalid indirect mapped block 4294967295 (level 0)
[  189.221724][ T8659] EXT4-fs (loop3): Remounting filesystem read-only
[  189.229151][ T8659] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #16: comm syz.3.3413: invalid indirect mapped block 4294967295 (level 1)
[  189.248685][ T8659] EXT4-fs (loop3): Remounting filesystem read-only
[  189.255492][ T8659] EXT4-fs (loop3): 1 orphan inode deleted
[  189.262650][ T8659] EXT4-fs (loop3): 1 truncate cleaned up
[  189.269107][ T8659] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  189.278759][   T28] kauditd_printk_skb: 40 callbacks suppressed
[  189.278776][   T28] audit: type=1400 audit(2000000028.894:16214): avc:  denied  { link } for  pid=8644 comm="syz.7.3409" name="file1" dev="loop7" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  189.313509][ T6366] syz-executor: attempt to access beyond end of device
[  189.313509][ T6366] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  189.328662][   T28] audit: type=1400 audit(2000000028.894:16215): avc:  denied  { remove_name } for  pid=8644 comm="syz.7.3409" name="file1" dev="loop7" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  189.378119][  T283] EXT4-fs (loop3): unmounting filesystem.
[  189.379455][   T28] audit: type=1400 audit(2000000028.894:16216): avc:  denied  { unlink } for  pid=8644 comm="syz.7.3409" name="file1" dev="loop7" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  189.407921][   T28] audit: type=1400 audit(2000000028.974:16217): avc:  denied  { rename } for  pid=8658 comm="syz.3.3413" name="file7" dev="loop3" ino=17 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  189.449152][   T28] audit: type=1400 audit(2000000028.974:16218): avc:  denied  { unlink } for  pid=8658 comm="syz.3.3413" name="file1" dev="loop3" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  189.622667][ T8677] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check.
[  189.641301][ T8678] loop7: detected capacity change from 0 to 128
[  189.662269][ T8676] loop9: detected capacity change from 0 to 1024
[  189.699477][ T8676] EXT4-fs: Ignoring removed orlov option
[  189.708581][ T8676] EXT4-fs: Invalid want_extra_isize 1234
[  189.807313][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  189.814949][   T28] audit: type=1400 audit(2000000029.424:16219): avc:  denied  { bind } for  pid=8699 comm="syz.9.3431" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  189.937126][    T6] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  190.000552][ T8704] loop9: detected capacity change from 0 to 40427
[  190.017070][   T60] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  190.017544][ T8704] F2FS-fs (loop9): fault_injection options not supported
[  190.032156][ T8704] F2FS-fs (loop9): fault_type options not supported
[  190.039727][ T8704] F2FS-fs (loop9): invalid crc value
[  190.046330][ T8704] F2FS-fs (loop9): Found nat_bits in checkpoint
[  190.083645][ T8704] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  190.114024][ T8704] syz.9.3433: attempt to access beyond end of device
[  190.114024][ T8704] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  190.128034][ T1774] Bluetooth: hci0: command 0x1003 tx timeout
[  190.132735][ T1353] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  190.134075][    T6] usb 2-1: Using ep0 maxpacket: 32
[  190.147877][    T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  190.159476][    T6] usb 2-1: New USB device found, idVendor=04e7, idProduct=0009, bcdDevice= 0.00
[  190.168714][    T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.180801][    T6] usb 2-1: config 0 descriptor??
[  190.224196][   T60] usb 8-1: Using ep0 maxpacket: 8
[  190.230442][   T60] usb 8-1: config 179 has an invalid interface number: 65 but max is 0
[  190.239403][   T60] usb 8-1: config 179 has no interface number 0
[  190.246239][   T60] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  190.257623][   T60] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  190.268922][   T60] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  190.280147][   T60] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  190.292193][   T60] usb 8-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  190.305796][   T60] usb 8-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  190.315305][   T60] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.344690][ T8691] raw-gadget.1 gadget.7: fail, usb_ep_enable returned -22
[  190.372860][   T28] audit: type=1400 audit(2000000029.984:16220): avc:  denied  { remount } for  pid=8727 comm="syz.8.3442" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  190.474645][ T8735] loop3: detected capacity change from 0 to 4096
[  190.489783][ T8735] EXT4-fs (loop3): Test dummy encryption mode enabled
[  190.503950][   T28] audit: type=1400 audit(2000000030.115:16221): avc:  denied  { shutdown } for  pid=8742 comm="syz.8.3448" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  190.522553][ T8735] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  190.534435][   T28] audit: type=1400 audit(2000000030.135:16222): avc:  denied  { write } for  pid=8742 comm="syz.8.3448" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  190.555924][ T8735] System zones: 0-5
[  190.562897][ T8735] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  190.591699][ T8691] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  190.596070][ T8735] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  190.608607][ T8691] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  190.617670][    T6] elo 0003:04E7:0009.0034: ignoring exceeding usage max
[  190.631620][    T6] elo 0003:04E7:0009.0034: hidraw0: USB HID v0.00 Device [HID 04e7:0009] on usb-dummy_hcd.1-1/input0
[  190.632448][ T8735] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  190.642830][   T28] audit: type=1400 audit(2000000030.245:16223): avc:  denied  { write } for  pid=8733 comm="syz.3.3444" name="bus" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  190.673609][  T283] EXT4-fs (loop3): unmounting filesystem.
[  190.820400][   T24] usb 2-1: USB disconnect, device number 21
[  190.836546][   T60] usb 8-1: USB disconnect, device number 10
[  190.842622][    C0] xpad 8-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  190.842665][    C0] xpad 8-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  190.880416][ T8773] netlink: 96 bytes leftover after parsing attributes in process `syz.3.3461'.
[  190.889647][  T288] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  190.910856][ T8775] loop3: detected capacity change from 0 to 1024
[  190.937839][ T8775] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  190.952659][ T8775] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.3462: bg 0: block 88: padding at end of block bitmap is not set
[  190.974088][  T283] EXT4-fs (loop3): unmounting filesystem.
[  191.079428][  T288] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  191.092581][  T288] usb 10-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00
[  191.102020][  T288] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.111339][  T288] usb 10-1: config 0 descriptor??
[  191.293868][ T8797] loop3: detected capacity change from 0 to 256
[  191.304512][ T8797] FAT-fs (loop3): bogus number of FAT sectors
[  191.311062][ T8797] FAT-fs (loop3): Can't find a valid FAT filesystem
[  191.521907][  T288] usbhid 10-1:0.0: can't add hid device: -71
[  191.536384][  T288] usbhid: probe of 10-1:0.0 failed with error -71
[  191.557160][  T288] usb 10-1: USB disconnect, device number 9
[  191.738074][ T8821] loop7: detected capacity change from 0 to 4096
[  191.767291][ T8821] EXT4-fs (loop7): Test dummy encryption mode enabled
[  191.781390][ T8821] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  191.791264][ T8821] System zones: 0-5
[  191.799887][ T8821] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  191.835000][ T6366] EXT4-fs (loop7): unmounting filesystem.
[  191.867611][ T8835] incfs: ino conflict with backing FS 1
[  191.874036][ T8835] incfs: ino conflict with backing FS 2
[  191.879749][  T624] usb 4-1: new full-speed USB device number 17 using dummy_hcd
[  192.069840][  T624] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  192.081268][  T624] usb 4-1: New USB device found, idVendor=050d, idProduct=3201, bcdDevice= 0.00
[  192.090675][  T624] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.106079][    T6] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  192.111530][  T624] usb 4-1: config 0 descriptor??
[  192.131213][ T8815] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  192.145282][  T335] Bluetooth: hci0: Frame reassembly failed (-84)
[  192.268142][ T8873] loop8: detected capacity change from 0 to 2048
[  192.307567][    T6] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  192.317951][    T6] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  192.328804][ T8873] Alternate GPT is invalid, using primary GPT.
[  192.335049][ T8873]  loop8: p1 p2 p3
[  192.339680][    T6] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  192.349421][    T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  192.358633][    T6] usb 2-1: SerialNumber: syz
[  192.426541][ T7848] udevd[7848]: inotify_add_watch(7, /dev/loop8p2, 10) failed: No such file or directory
[  192.439843][ T6738] udevd[6738]: inotify_add_watch(7, /dev/loop8p3, 10) failed: No such file or directory
[  192.440680][ T6309] udevd[6309]: inotify_add_watch(7, /dev/loop8p1, 10) failed: No such file or directory
[  192.542506][  T624] belkin 0003:050D:3201.0035: item fetching failed at offset 0/3
[  192.565122][  T624] belkin 0003:050D:3201.0035: parse failed
[  192.571091][  T624] belkin: probe of 0003:050D:3201.0035 failed with error -22
[  192.580021][    T6] usb 2-1: 0:2 : does not exist
[  192.598680][    T6] usb 2-1: USB disconnect, device number 22
[  192.689775][ T8880] loop8: detected capacity change from 0 to 40427
[  192.699231][ T8880] F2FS-fs (loop8): invalid crc value
[  192.714976][ T8880] F2FS-fs (loop8): Found nat_bits in checkpoint
[  192.749079][   T24] usb 4-1: USB disconnect, device number 17
[  192.765437][ T8880] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  192.802259][ T8880] syz.8.3508: attempt to access beyond end of device
[  192.802259][ T8880] loop8: rw=2049, sector=77824, nr_sectors = 136 limit=40427
[  192.822704][ T6432] syz-executor: attempt to access beyond end of device
[  192.822704][ T6432] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  192.839194][ T6309] udevd[6309]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  193.266908][ T8923] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  193.385456][  T624] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  193.428476][ T8939] loop8: detected capacity change from 0 to 1024
[  193.436856][ T8939] EXT4-fs: Ignoring removed i_version option
[  193.467701][ T8939] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  193.476391][ T8939] ext4 filesystem being mounted at /211/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  193.491119][ T8939] EXT4-fs error (device loop8): ext4_map_blocks:745: inode #15: comm syz.8.3532: lblock 0 mapped to illegal pblock 0 (length 4)
[  193.506461][ T8939] EXT4-fs error (device loop8): ext4_map_blocks:745: inode #15: block 3: comm syz.8.3532: lblock 3 mapped to illegal pblock 3 (length 1)
[  193.520911][ T8939] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  193.533424][ T8939] EXT4-fs (loop8): This should not happen!! Data will be lost
[  193.533424][ T8939] 
[  193.550732][  T368] EXT4-fs error (device loop8): ext4_map_blocks:745: inode #15: block 8: comm kworker/u4:8: lblock 8 mapped to illegal pblock 8 (length 8)
[  193.565346][  T368] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  193.578263][  T624] usb 2-1: Using ep0 maxpacket: 16
[  193.583458][  T368] EXT4-fs (loop8): This should not happen!! Data will be lost
[  193.583458][  T368] 
[  193.594871][ T6432] EXT4-fs (loop8): unmounting filesystem.
[  193.601927][  T624] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  193.611097][  T624] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.627680][ T8948] SELinux:  policydb version 0 does not match my version range 15-33
[  193.637009][ T8948] SELinux: failed to load policy
[  193.648279][  T624] usb 2-1: Product: syz
[  193.652498][  T624] usb 2-1: Manufacturer: syz
[  193.658901][  T624] usb 2-1: SerialNumber: syz
[  193.668369][  T624] r8152-cfgselector 2-1: config 0 descriptor??
[  193.880199][  T624] r8152-cfgselector 2-1: Unknown version 0x0000
[  193.965163][ T8486] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  194.082174][  T624] r8152-cfgselector 2-1: Unknown version 0x0000
[  194.088688][  T624] r8152-cfgselector 2-1: bad CDC descriptors
[  194.096439][  T624] r8152-cfgselector 2-1: Unknown version 0x0000
[  194.112420][  T624] r8152-cfgselector 2-1: USB disconnect, device number 23
[  194.147079][ T8486] usb 10-1: unable to get BOS descriptor or descriptor too short
[  194.156586][ T8486] usb 10-1: config 6 has an invalid interface number: 200 but max is 0
[  194.164896][ T8486] usb 10-1: config 6 has no interface number 0
[  194.177522][ T8486] usb 10-1: config 6 interface 200 altsetting 8 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  194.195008][ T1774] Bluetooth: hci0: command 0x1003 tx timeout
[  194.195143][ T1353] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  194.209562][ T8486] usb 10-1: config 6 interface 200 has no altsetting 0
[  194.231123][ T8486] usb 10-1: New USB device found, idVendor=05d8, idProduct=810c, bcdDevice=18.5f
[  194.240715][ T8486] usb 10-1: New USB device strings: Mfr=9, Product=2, SerialNumber=3
[  194.249166][ T8486] usb 10-1: Product: syz
[  194.253624][ T8486] usb 10-1: Manufacturer: syz
[  194.259009][ T8486] usb 10-1: SerialNumber: syz
[  194.462413][ T8984] loop3: detected capacity change from 0 to 40427
[  194.493402][ T8984] F2FS-fs (loop3): invalid crc value
[  194.515300][   T28] kauditd_printk_skb: 14 callbacks suppressed
[  194.515322][   T28] audit: type=1400 audit(2000000034.087:16238): avc:  denied  { create } for  pid=8992 comm="syz.8.3553" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  194.525412][ T8991] loop7: detected capacity change from 0 to 40427
[  194.547635][ T8486] usb 10-1: USB disconnect, device number 10
[  194.554571][ T8991] F2FS-fs (loop7): fault_injection options not supported
[  194.561808][ T8991] F2FS-fs (loop7): fault_type options not supported
[  194.569407][ T8991] F2FS-fs (loop7): invalid crc value
[  194.569534][   T28] audit: type=1400 audit(2000000034.097:16239): avc:  denied  { connect } for  pid=8992 comm="syz.8.3553" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  194.596135][ T8991] F2FS-fs (loop7): Found nat_bits in checkpoint
[  194.596485][ T8984] F2FS-fs (loop3): Found nat_bits in checkpoint
[  194.638585][ T8991] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  194.642393][ T8984] F2FS-fs (loop3): Start checkpoint disabled!
[  194.669687][ T8984] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  194.683032][ T8991] F2FS-fs (loop7): Can't enable fs-verity on inode 3: the verity feature is not enabled on this filesystem
[  194.744335][   T28] audit: type=1400 audit(2000000034.347:16240): avc:  denied  { rename } for  pid=8983 comm="syz.3.3549" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  194.835199][  T368] kworker/u4:8: attempt to access beyond end of device
[  194.835199][  T368] loop3: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  194.862643][   T28] audit: type=1400 audit(2000000034.347:16241): avc:  denied  { rmdir } for  pid=8983 comm="syz.3.3549" name="file0" dev="loop3" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  194.903370][ T9012] I/O error, dev loop15, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  194.913030][   T28] audit: type=1400 audit(2000000034.507:16242): avc:  denied  { mounton } for  pid=9011 comm="syz.7.3560" path="/184/file0" dev="tmpfs" ino=967 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  194.937383][ T9012] FAT-fs (loop15): unable to read boot sector
[  194.974836][   T28] audit: type=1400 audit(2000000034.567:16243): avc:  denied  { getopt } for  pid=9013 comm="syz.1.3571" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  194.987486][ T9016] loop8: detected capacity change from 0 to 1024
[  195.009101][ T9016] EXT4-fs: Ignoring removed nobh option
[  195.022740][ T9016] EXT4-fs: Ignoring removed bh option
[  195.030762][ T9016] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  195.065505][   T28] audit: type=1400 audit(2000000034.677:16244): avc:  denied  { sys_nice } for  pid=9021 comm="syz.7.3564" capability=23  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  195.105087][ T9016] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  195.121360][ T9032] loop3: detected capacity change from 0 to 128
[  195.208241][ T9032] EXT4-fs (loop3): Test dummy encryption mode enabled
[  195.232106][ T9016] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:3836: comm syz.8.3561: Allocating blocks 497-513 which overlap fs metadata
[  195.263227][ T9032] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  195.299034][ T9032] ext4 filesystem being mounted at /720/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  195.319313][ T9016] EXT4-fs (loop8): pa ffff888114e96348: logic 256, phys. 385, len 8
[  195.327520][ T9016] EXT4-fs error (device loop8): ext4_mb_release_inode_pa:4876: group 0, free 0, pa_free 1
[  195.338087][ T9040] x_tables: ip6_tables: CT target: only valid in raw table, not ethtool
[  195.376494][ T9032] EXT4-fs (loop3): shut down requested (1)
[  195.424381][  T283] EXT4-fs (loop3): unmounting filesystem.
[  195.498459][ T9016] EXT4-fs error (device loop8): mb_free_blocks:1810: group 0, inode 15: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  196.118271][ T6432] EXT4-fs (loop8): unmounting filesystem.
[  197.323443][ T1442] usb 9-1: new full-speed USB device number 7 using dummy_hcd
[  197.353671][ T9078] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  197.504853][ T1442] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  197.530439][ T1442] usb 9-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00
[  197.539628][    T6] usb 8-1: new full-speed USB device number 11 using dummy_hcd
[  197.561664][ T1442] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.584910][ T1442] usb 9-1: config 0 descriptor??
[  197.590690][ T9061] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  197.608151][   T28] audit: type=1400 audit(2000000037.218:16245): avc:  denied  { setopt } for  pid=9095 comm="syz.3.3596" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  197.734960][    T6] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  197.756142][    T6] usb 8-1: New USB device found, idVendor=050d, idProduct=3201, bcdDevice= 0.00
[  197.776317][    T6] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.797040][    T6] usb 8-1: config 0 descriptor??
[  197.802647][ T9068] raw-gadget.1 gadget.7: fail, usb_ep_enable returned -22
[  198.020412][ T1442] ryos 0003:1E7D:3138.0036: unknown main item tag 0x0
[  198.037763][ T1442] ryos 0003:1E7D:3138.0036: unknown main item tag 0x0
[  198.058691][ T1442] ryos 0003:1E7D:3138.0036: unknown main item tag 0x0
[  198.065814][ T1442] ryos 0003:1E7D:3138.0036: unknown main item tag 0x0
[  198.083064][ T1442] ryos 0003:1E7D:3138.0036: unknown main item tag 0x0
[  198.100360][ T1442] ryos 0003:1E7D:3138.0036: hidraw0: USB HID v1.01 Device [HID 1e7d:3138] on usb-dummy_hcd.8-1/input0
[  198.229719][ T1442] usb 9-1: USB disconnect, device number 7
[  198.243739][    T6] belkin 0003:050D:3201.0037: item fetching failed at offset 0/3
[  198.255325][    T6] belkin 0003:050D:3201.0037: parse failed
[  198.261278][    T6] belkin: probe of 0003:050D:3201.0037 failed with error -22
[  198.379527][ T9132] loop9: detected capacity change from 0 to 512
[  198.393292][ T9132] EXT4-fs: Ignoring removed oldalloc option
[  198.400324][ T9124] loop3: detected capacity change from 0 to 40427
[  198.408158][ T9132] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  198.425811][ T9124] F2FS-fs (loop3): invalid crc value
[  198.444743][    T6] usb 8-1: USB disconnect, device number 11
[  198.457592][ T9124] F2FS-fs (loop3): Found nat_bits in checkpoint
[  198.475476][   T28] audit: type=1400 audit(2000000038.089:16246): avc:  denied  { write } for  pid=9140 comm="syz.1.3613" name="nf_conntrack" dev="proc" ino=4026532520 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  198.503720][ T9132] EXT4-fs (loop9): 1 truncate cleaned up
[  198.509529][ T9132] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  198.539107][ T9124] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  198.557036][ T7134] EXT4-fs (loop9): unmounting filesystem.
[  198.581921][  T283] syz-executor: attempt to access beyond end of device
[  198.581921][  T283] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  198.602447][ T9149] netlink: 104 bytes leftover after parsing attributes in process `syz.1.3615'.
[  198.626073][ T9152] loop7: detected capacity change from 0 to 7
[  198.649479][  T335] loop: Write error at byte offset 4, length 3584.
[  198.656239][    C0] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[  198.665765][    C0] Buffer I/O error on dev loop7, logical block 0, lost async page write
[  198.875017][   T28] audit: type=1400 audit(2000000038.489:16247): avc:  denied  { write } for  pid=9165 comm="syz.1.3623" name="/" dev="configfs" ino=12966 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  198.952820][ T9173] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3627'.
[  199.082455][ T9161] loop3: detected capacity change from 0 to 40427
[  199.153451][ T9161] F2FS-fs (loop3): Found nat_bits in checkpoint
[  199.267740][ T9161] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  199.320055][  T334] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0
[  199.330939][  T334] hid-generic 0000:0000:0000.0038: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  199.363207][  T283] syz-executor: attempt to access beyond end of device
[  199.363207][  T283] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  199.410623][ T9208] fido_id[9208]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  199.576871][ T9227] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3642'.
[  199.652905][ T9236] loop9: detected capacity change from 0 to 512
[  199.683973][ T9236] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  199.693418][ T9236] ext4 filesystem being mounted at /153/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  199.708142][ T9236] EXT4-fs warning (device loop9): verify_group_input:169: Last group not full
[  199.717180][  T624] usb 2-1: new full-speed USB device number 24 using dummy_hcd
[  199.729247][ T7134] EXT4-fs (loop9): unmounting filesystem.
[  199.902178][ T8486] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  199.913343][  T624] usb 2-1: config 0 has an invalid interface number: 198 but max is 0
[  199.921684][  T624] usb 2-1: config 0 has no interface number 0
[  199.929300][  T624] usb 2-1: New USB device found, idVendor=9e88, idProduct=9e8f, bcdDevice=44.b1
[  199.938482][  T624] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.946594][  T624] usb 2-1: Product: syz
[  199.950791][  T624] usb 2-1: Manufacturer: syz
[  199.955431][  T624] usb 2-1: SerialNumber: syz
[  199.960682][  T624] usb 2-1: config 0 descriptor??
[  199.966779][  T624] ftdi_sio 2-1:0.198: FTDI USB Serial Device converter detected
[  199.974855][  T624] ftdi_sio ttyUSB0: unknown device type: 0x44b1
[  200.012173][  T334] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[  200.084892][ T8486] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  200.096084][ T8486] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  200.105905][ T8486] usb 4-1: New USB device found, idVendor=5543, idProduct=0003, bcdDevice= 0.00
[  200.115003][ T8486] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  200.124352][ T8486] usb 4-1: config 0 descriptor??
[  200.173708][    T6] usb 2-1: USB disconnect, device number 24
[  200.180025][    T6] ftdi_sio 2-1:0.198: device disconnected
[  200.191984][  T334] usb 10-1: Using ep0 maxpacket: 16
[  200.204974][  T334] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  200.216226][  T334] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  200.226361][  T334] usb 10-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  200.238059][  T334] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  200.249191][  T334] usb 10-1: config 0 descriptor??
[  200.337469][   T28] audit: type=1326 audit(2000000039.949:16248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9222 comm="syz.8.3647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2078d8eec9 code=0x7fc00000
[  200.362224][   T28] audit: type=1326 audit(2000000039.949:16249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9222 comm="syz.8.3647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2078d8eec9 code=0x7fc00000
[  200.387297][   T28] audit: type=1326 audit(2000000039.949:16250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9222 comm="syz.8.3647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2078d8eec9 code=0x7fc00000
[  200.411241][   T28] audit: type=1326 audit(2000000039.949:16251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9222 comm="syz.8.3647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2078d8eec9 code=0x7fc00000
[  200.435235][   T28] audit: type=1326 audit(2000000039.949:16252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9222 comm="syz.8.3647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2078d8eec9 code=0x7fc00000
[  200.460942][   T28] audit: type=1326 audit(2000000039.949:16253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9222 comm="syz.8.3647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2078d8eec9 code=0x7fc00000
[  200.494774][   T28] audit: type=1326 audit(2000000039.949:16254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9222 comm="syz.8.3647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2078d8eec9 code=0x7fc00000
[  200.530788][   T28] audit: type=1326 audit(2000000039.949:16255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9222 comm="syz.8.3647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2078d8eec9 code=0x7fc00000
[  200.532977][ T8486] uclogic 0003:5543:0003.0039: unknown main item tag 0x0
[  200.561692][ T8486] uclogic 0003:5543:0003.0039: unknown main item tag 0x0
[  200.569018][ T8486] uclogic 0003:5543:0003.0039: unknown main item tag 0x0
[  200.576170][   T28] audit: type=1326 audit(2000000039.949:16256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9222 comm="syz.8.3647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2078d8eec9 code=0x7fc00000
[  200.599905][ T8486] uclogic 0003:5543:0003.0039: unknown main item tag 0x0
[  200.607150][ T8486] uclogic 0003:5543:0003.0039: unknown main item tag 0x0
[  200.614588][ T8486] uclogic 0003:5543:0003.0039: No inputs registered, leaving
[  200.622090][  T624] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  200.630137][   T28] audit: type=1326 audit(2000000039.949:16257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9222 comm="syz.8.3647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2078d8eec9 code=0x7fc00000
[  200.654177][ T8486] uclogic 0003:5543:0003.0039: hidraw0: USB HID v0.00 Device [HID 5543:0003] on usb-dummy_hcd.3-1/input0
[  200.663642][  T334] hid-multitouch 0003:1FD2:6007.003A: hidraw1: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.9-1/input0
[  200.772901][ T8486] usb 4-1: USB disconnect, device number 18
[  200.841718][  T624] usb 8-1: Using ep0 maxpacket: 32
[  200.848080][  T624] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  200.859098][  T624] usb 8-1: New USB device found, idVendor=04e7, idProduct=0009, bcdDevice= 0.00
[  200.868331][  T624] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  200.869871][  T334] usb 10-1: USB disconnect, device number 11
[  200.887543][  T624] usb 8-1: config 0 descriptor??
[  201.061560][  T288] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  201.242847][  T288] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  201.253889][  T288] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  201.263710][  T288] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  201.272999][  T288] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.282450][  T288] usb 2-1: config 0 descriptor??
[  201.303052][  T624] elo 0003:04E7:0009.003B: ignoring exceeding usage max
[  201.318970][  T624] elo 0003:04E7:0009.003B: hidraw0: USB HID v0.00 Device [HID 04e7:0009] on usb-dummy_hcd.7-1/input0
[  201.538284][    T6] usb 8-1: USB disconnect, device number 12
[  201.550094][ T9310] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3682'.
[  201.559610][ T9310] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3682'.
[  201.578987][ T9310] device wireguard0 entered promiscuous mode
[  201.692206][  T288] pyra 0003:1E7D:2CF6.003C: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.1-1/input0
[  201.755786][ T9338] loop8: detected capacity change from 0 to 1024
[  201.766544][ T9338] EXT4-fs: Ignoring removed i_version option
[  201.773677][ T9338] EXT4-fs (loop8): Test dummy encryption mode enabled
[  201.792993][ T9335] kvm: MWAIT instruction emulated as NOP!
[  201.799245][ T9338] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  201.846864][ T9346] loop9: detected capacity change from 0 to 1024
[  201.858683][ T9346] EXT4-fs: Ignoring removed nomblk_io_submit option
[  201.874815][ T9346] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  201.901371][ T9346] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  201.909635][ T9346] System zones: 0-1, 3-36
[  201.915859][ T9346] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  201.926500][ T6432] EXT4-fs (loop8): unmounting filesystem.
[  201.965678][ T9349] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  201.973834][ T9349] SELinux: failed to load policy
[  201.982196][ T7134] EXT4-fs (loop9): unmounting filesystem.
[  202.081267][ T9356] loop7: detected capacity change from 0 to 256
[  202.470234][ T9356] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xb5f96684, utbl_chksum : 0xe619d30d)
[  202.497476][  T288] pyra 0003:1E7D:2CF6.003C: couldn't init struct pyra_device
[  203.258394][  T288] pyra 0003:1E7D:2CF6.003C: couldn't install mouse
[  203.271392][  T288] pyra: probe of 0003:1E7D:2CF6.003C failed with error -71
[  203.282323][  T288] usb 2-1: USB disconnect, device number 25
[  203.308457][ T9362] fido_id[9362]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  203.377267][  T624] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=624 comm=kworker/1:4
[  203.394665][ T9370] 9pnet: p9_errstr2errno: server reported unknown error 184467
[  203.403792][ T9374] loop9: detected capacity change from 0 to 512
[  203.435567][ T9374] EXT4-fs: Ignoring removed nobh option
[  203.462991][ T9374] EXT4-fs (loop9): orphan cleanup on readonly fs
[  203.491624][ T9374] EXT4-fs (loop9): Cannot turn on journaled quota: type 1: error -13
[  203.500144][ T9374] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  203.515580][ T9374] EXT4-fs error (device loop9): ext4_clear_blocks:883: inode #13: comm syz.9.3708: attempt to clear invalid blocks 2 len 1
[  203.538870][ T9374] EXT4-fs error (device loop9): ext4_free_branches:1030: inode #13: comm syz.9.3708: invalid indirect mapped block 1819239214 (level 0)
[  203.556020][ T9374] EXT4-fs error (device loop9): ext4_free_branches:1030: inode #13: comm syz.9.3708: invalid indirect mapped block 1819239214 (level 1)
[  203.571061][ T9374] EXT4-fs (loop9): 1 truncate cleaned up
[  203.576770][ T9374] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  203.612400][ T7134] EXT4-fs (loop9): unmounting filesystem.
[  203.641338][ T9394] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9394 comm=syz.9.3718
[  203.809080][ T9408] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3726'.
[  203.860185][   T60] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  203.922449][ T9426] loop8: detected capacity change from 0 to 512
[  203.942960][ T9426] EXT4-fs: Ignoring removed bh option
[  203.948020][ T9428] loop7: detected capacity change from 0 to 1024
[  203.960406][ T9426] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem
[  203.970778][ T9426] EXT4-fs (loop8): 1 truncate cleaned up
[  203.973723][ T9428] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  203.979093][ T9426] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  203.994764][ T9428] ext4 filesystem being mounted at /204/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  204.027373][ T6366] EXT4-fs (loop7): unmounting filesystem.
[  204.035233][ T6432] EXT4-fs (loop8): unmounting filesystem.
[  204.047385][ T9434] loop7: detected capacity change from 0 to 512
[  204.054104][ T9434] EXT4-fs: Ignoring removed oldalloc option
[  204.062540][ T9434] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  204.073977][   T60] usb 4-1: Using ep0 maxpacket: 32
[  204.080550][   T60] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  204.094365][ T9434] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  204.105139][   T60] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  204.115964][   T60] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  204.125143][   T60] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.144220][ T9434] EXT4-fs (loop7): 1 truncate cleaned up
[  204.149988][ T9434] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  204.165654][   T60] hub 4-1:4.0: USB hub found
[  204.233702][ T6366] EXT4-fs (loop7): unmounting filesystem.
[  204.318017][ T9459] xt_hashlimit: size too large, truncated to 1048576
[  204.335811][ T9461] loop9: detected capacity change from 0 to 512
[  204.367986][   T60] hub 4-1:4.0: config failed, hub has too many ports! (err -19)
[  204.404205][ T9461] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  204.420108][ T9461] ext4 filesystem being mounted at /176/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  204.483098][ T9461] EXT4-fs (loop9): shut down requested (0)
[  204.555113][ T7134] EXT4-fs (loop9): unmounting filesystem.
[  204.572539][   T60] usbhid 4-1:4.0: can't add hid device: -71
[  204.578540][   T60] usbhid: probe of 4-1:4.0 failed with error -71
[  204.640134][   T60] usb 4-1: USB disconnect, device number 19
[  204.733970][ T9468] loop8: detected capacity change from 0 to 40427
[  204.752205][ T9468] F2FS-fs (loop8): invalid crc value
[  204.776757][ T9468] F2FS-fs (loop8): Found nat_bits in checkpoint
[  204.854006][ T9468] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  204.938019][ T6432] syz-executor: attempt to access beyond end of device
[  204.938019][ T6432] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  205.229656][ T9497] loop3: detected capacity change from 0 to 1024
[  205.251565][ T9497] EXT4-fs: Ignoring removed orlov option
[  205.489365][   T60] usb 9-1: new full-speed USB device number 8 using dummy_hcd
[  205.499692][   T39] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  205.509436][  T288] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  205.519965][   T28] kauditd_printk_skb: 88 callbacks suppressed
[  205.519981][   T28] audit: type=1400 audit(2000000045.142:16346): avc:  denied  { mount } for  pid=9506 comm="syz.3.3765" name="/" dev="ramfs" ino=57486 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  205.680475][   T60] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  205.692364][   T60] usb 9-1: New USB device found, idVendor=050d, idProduct=3201, bcdDevice= 0.00
[  205.701610][   T60] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.713335][   T60] usb 9-1: config 0 descriptor??
[  205.718637][ T9501] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[  205.718646][ T9509] loop3: detected capacity change from 0 to 40427
[  205.729219][   T39] usb 8-1: Using ep0 maxpacket: 32
[  205.737776][ T9509] F2FS-fs (loop3): invalid crc value
[  205.744605][  T288] usb 2-1: config 1 interface 0 altsetting 127 bulk endpoint 0x81 has invalid maxpacket 64
[  205.750886][ T9509] F2FS-fs (loop3): Found nat_bits in checkpoint
[  205.755061][  T288] usb 2-1: config 1 interface 0 altsetting 127 bulk endpoint 0x2 has invalid maxpacket 32
[  205.771260][   T39] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  205.782918][   T39] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  205.792995][  T288] usb 2-1: config 1 interface 0 has no altsetting 0
[  205.799833][   T39] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  205.804346][ T9509] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  205.809067][   T39] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.826070][  T288] usb 2-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.40
[  205.835650][   T39] usb 8-1: config 0 descriptor??
[  205.840870][  T288] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.849347][  T288] usb 2-1: Product: syz
[  205.853745][  T288] usb 2-1: Manufacturer: syz
[  205.859780][  T288] usb 2-1: SerialNumber: syz
[  205.866181][ T9503] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  205.873619][ T9503] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  205.875572][  T283] syz-executor: attempt to access beyond end of device
[  205.875572][  T283] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  206.075661][ T9529] netlink: 96 bytes leftover after parsing attributes in process `syz.3.3774'.
[  206.137243][   T60] belkin 0003:050D:3201.003D: item fetching failed at offset 0/3
[  206.145454][   T60] belkin 0003:050D:3201.003D: parse failed
[  206.151948][   T60] belkin: probe of 0003:050D:3201.003D failed with error -22
[  206.263279][   T39] savu 0003:1E7D:2D5A.003E: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.7-1/input0
[  206.331080][  T367] Bluetooth: hci0: Frame reassembly failed (-84)
[  206.341929][   T39] usb 9-1: USB disconnect, device number 8
[  206.487535][ T9541] loop9: detected capacity change from 0 to 512
[  206.501781][ T9541] EXT4-fs error (device loop9): ext4_orphan_get:1400: inode #15: comm syz.9.3779: casefold flag without casefold feature
[  206.514729][ T9541] EXT4-fs error (device loop9): ext4_orphan_get:1405: comm syz.9.3779: couldn't read orphan inode 15 (err -117)
[  206.526897][ T9541] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  206.537212][  T624] usb 8-1: USB disconnect, device number 13
[  206.625271][ T7134] EXT4-fs (loop9): unmounting filesystem.
[  206.886956][  T288] (unnamed net_device) (uninitialized): Assigned a random MAC address: e2:0f:85:3e:6a:1f
[  206.898506][  T288] rtl8150 2-1:1.0: eth1: rtl8150 is detected
[  206.906118][  T288] usb 2-1: USB disconnect, device number 26
[  208.348113][ T1774] Bluetooth: hci0: command 0x1003 tx timeout
[  208.348549][ T1353] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  208.360477][ T9539] Bluetooth: hci0: Opcode 0x080f failed: -22
[  208.460129][ T9562] loop7: detected capacity change from 0 to 1024
[  208.485437][ T9562] EXT4-fs: Ignoring removed i_version option
[  208.498931][ T9562] EXT4-fs (loop7): Test dummy encryption mode enabled
[  208.519722][ T9562] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  208.619060][ T6366] EXT4-fs (loop7): unmounting filesystem.
[  210.261762][ T9578] loop8: detected capacity change from 0 to 512
[  210.276348][ T9578] FAT-fs (loop8): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  210.426843][    C0] ==================================================================
[  210.434974][    C0] BUG: KASAN: use-after-free in __run_timers+0x32b/0x9a0
[  210.442115][    C0] Write of size 8 at addr ffff88812121ca00 by task syz.7.3790/9573
[  210.450009][    C0] 
[  210.452336][    C0] CPU: 0 PID: 9573 Comm: syz.7.3790 Not tainted syzkaller #0
[  210.459710][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  210.469779][    C0] Call Trace:
[  210.473067][    C0]  <IRQ>
[  210.475922][    C0]  __dump_stack+0x21/0x24
[  210.480270][    C0]  dump_stack_lvl+0xee/0x150
[  210.484868][    C0]  ? __cfi_dump_stack_lvl+0x8/0x8
[  210.489987][    C0]  ? __run_timers+0x32b/0x9a0
[  210.494721][    C0]  print_address_description+0x71/0x200
[  210.500303][    C0]  print_report+0x4a/0x60
[  210.504672][    C0]  kasan_report+0x122/0x150
[  210.509646][    C0]  ? __run_timers+0x32b/0x9a0
[  210.514463][    C0]  __asan_report_store8_noabort+0x17/0x20
[  210.520209][    C0]  __run_timers+0x32b/0x9a0
[  210.524736][    C0]  ? sched_clock+0x9/0x10
[  210.529082][    C0]  ? sched_clock_cpu+0x6e/0x250
[  210.533947][    C0]  ? calc_index+0x200/0x200
[  210.538548][    C0]  ? sched_clock+0x9/0x10
[  210.542903][    C0]  run_timer_softirq+0x6a/0xf0
[  210.547709][    C0]  handle_softirqs+0x1d7/0x600
[  210.552531][    C0]  __do_softirq+0xb/0xd
[  210.556736][    C0]  do_softirq+0xc6/0x120
[  210.561018][    C0]  </IRQ>
[  210.564047][    C0]  <TASK>
[  210.566997][    C0]  ? __cfi_do_softirq+0x10/0x10
[  210.572025][    C0]  ? xdp_return_buff+0x9e/0x270
[  210.576909][    C0]  __local_bh_enable_ip+0x75/0x80
[  210.581945][    C0]  bpf_test_run_xdp_live+0x175d/0x19e0
[  210.587525][    C0]  ? __cfi_mutex_unlock+0x10/0x10
[  210.592594][    C0]  ? 0xffffffffa0004440
[  210.596763][    C0]  ? bpf_test_run_xdp_live+0x490/0x19e0
[  210.602345][    C0]  ? xdp_convert_md_to_buff+0x370/0x370
[  210.607941][    C0]  ? __cfi_xdp_test_run_init_page+0x10/0x10
[  210.613870][    C0]  ? __kasan_check_write+0x14/0x20
[  210.619001][    C0]  ? _copy_from_user+0x8f/0xc0
[  210.623779][    C0]  bpf_prog_test_run_xdp+0x6f1/0xe50
[  210.629206][    C0]  ? __cfi_bpf_prog_test_run_xdp+0x10/0x10
[  210.635093][    C0]  ? __kasan_check_write+0x14/0x20
[  210.640251][    C0]  ? __cfi_bpf_prog_test_run_xdp+0x10/0x10
[  210.646182][    C0]  bpf_prog_test_run+0x3e3/0x630
[  210.651418][    C0]  ? bpf_prog_query+0x270/0x270
[  210.656286][    C0]  ? selinux_bpf+0xce/0xf0
[  210.660803][    C0]  ? security_bpf+0x93/0xb0
[  210.665350][    C0]  __sys_bpf+0x56d/0x780
[  210.669601][    C0]  ? bpf_link_show_fdinfo+0x320/0x320
[  210.674985][    C0]  ? fpregs_restore_userregs+0x128/0x260
[  210.680651][    C0]  __x64_sys_bpf+0x7c/0x90
[  210.685083][    C0]  x64_sys_call+0x488/0x9a0
[  210.689600][    C0]  do_syscall_64+0x4c/0xa0
[  210.694034][    C0]  ? clear_bhb_loop+0x30/0x80
[  210.698726][    C0]  ? clear_bhb_loop+0x30/0x80
[  210.703418][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  210.709347][    C0] RIP: 0033:0x7f081f18eec9
[  210.713769][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.733386][    C0] RSP: 002b:00007f081ff93038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  210.741811][    C0] RAX: ffffffffffffffda RBX: 00007f081f3e5fa0 RCX: 00007f081f18eec9
[  210.749822][    C0] RDX: 0000000000000050 RSI: 0000200000000b80 RDI: 000000000000000a
[  210.757949][    C0] RBP: 00007f081f211f91 R08: 0000000000000000 R09: 0000000000000000
[  210.765925][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  210.773990][    C0] R13: 00007f081f3e6038 R14: 00007f081f3e5fa0 R15: 00007ffda7b23288
[  210.781979][    C0]  </TASK>
[  210.785003][    C0] 
[  210.787407][    C0] Allocated by task 9539:
[  210.791746][    C0]  kasan_set_track+0x4b/0x70
[  210.796359][    C0]  kasan_save_alloc_info+0x25/0x30
[  210.801505][    C0]  __kasan_kmalloc+0x95/0xb0
[  210.806195][    C0]  __kmalloc+0xb1/0x1e0
[  210.810368][    C0]  hci_alloc_dev_priv+0x27/0x1bd0
[  210.815406][    C0]  hci_uart_tty_ioctl+0x3d6/0xa20
[  210.820439][    C0]  tty_ioctl+0x8ef/0xc60
[  210.824693][    C0]  __se_sys_ioctl+0x12f/0x1b0
[  210.829458][    C0]  __x64_sys_ioctl+0x7b/0x90
[  210.834049][    C0]  x64_sys_call+0x58b/0x9a0
[  210.838562][    C0]  do_syscall_64+0x4c/0xa0
[  210.842983][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  210.848882][    C0] 
[  210.851259][    C0] Freed by task 9539:
[  210.855266][    C0]  kasan_set_track+0x4b/0x70
[  210.859975][    C0]  kasan_save_free_info+0x31/0x50
[  210.865053][    C0]  ____kasan_slab_free+0x132/0x180
[  210.870439][    C0]  __kasan_slab_free+0x11/0x20
[  210.875218][    C0]  slab_free_freelist_hook+0xc2/0x190
[  210.880768][    C0]  __kmem_cache_free+0xb7/0x1b0
[  210.885665][    C0]  kfree+0x6f/0xf0
[  210.889409][    C0]  hci_release_dev+0x12a3/0x13b0
[  210.894392][    C0]  bt_host_release+0x82/0x90
[  210.899005][    C0]  device_release+0xa4/0x1d0
[  210.903604][    C0]  kobject_put+0x19d/0x280
[  210.908035][    C0]  put_device+0x1f/0x30
[  210.912235][    C0]  hci_dev_cmd+0x265/0x720
[  210.916702][    C0]  hci_sock_ioctl+0x41e/0x7f0
[  210.921403][    C0]  sock_do_ioctl+0x101/0x310
[  210.926008][    C0]  sock_ioctl+0x4d8/0x6e0
[  210.930353][    C0]  __se_sys_ioctl+0x12f/0x1b0
[  210.935054][    C0]  __x64_sys_ioctl+0x7b/0x90
[  210.939651][    C0]  x64_sys_call+0x58b/0x9a0
[  210.944182][    C0]  do_syscall_64+0x4c/0xa0
[  210.948608][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  210.954521][    C0] 
[  210.956851][    C0] Last potentially related work creation:
[  210.962565][    C0]  kasan_save_stack+0x3a/0x60
[  210.967292][    C0]  __kasan_record_aux_stack+0xb6/0xc0
[  210.972679][    C0]  kasan_record_aux_stack_noalloc+0xb/0x10
[  210.978512][    C0]  insert_work+0x51/0x300
[  210.982874][    C0]  __queue_work+0x9b1/0xd30
[  210.987428][    C0]  queue_work_on+0xd2/0x140
[  210.991961][    C0]  __hci_cmd_sync_sk+0xa3e/0xcf0
[  210.996921][    C0]  hci_cmd_sync_status+0x53/0x120
[  211.001954][    C0]  hci_dev_cmd+0x628/0x720
[  211.006489][    C0]  hci_sock_ioctl+0x41e/0x7f0
[  211.011204][    C0]  sock_do_ioctl+0x101/0x310
[  211.015810][    C0]  sock_ioctl+0x4d8/0x6e0
[  211.020151][    C0]  __se_sys_ioctl+0x12f/0x1b0
[  211.024833][    C0]  __x64_sys_ioctl+0x7b/0x90
[  211.029426][    C0]  x64_sys_call+0x58b/0x9a0
[  211.033945][    C0]  do_syscall_64+0x4c/0xa0
[  211.038469][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  211.044418][    C0] 
[  211.046748][    C0] Second to last potentially related work creation:
[  211.053417][    C0]  kasan_save_stack+0x3a/0x60
[  211.058199][    C0]  __kasan_record_aux_stack+0xb6/0xc0
[  211.063670][    C0]  kasan_record_aux_stack_noalloc+0xb/0x10
[  211.069483][    C0]  insert_work+0x51/0x300
[  211.073916][    C0]  __queue_work+0x9b1/0xd30
[  211.078431][    C0]  queue_work_on+0xd2/0x140
[  211.082946][    C0]  hci_cmd_timeout+0x191/0x200
[  211.087739][    C0]  process_one_work+0x71f/0xc40
[  211.092626][    C0]  worker_thread+0xa29/0x11f0
[  211.097306][    C0]  kthread+0x281/0x320
[  211.101471][    C0]  ret_from_fork+0x1f/0x30
[  211.105898][    C0] 
[  211.108228][    C0] The buggy address belongs to the object at ffff88812121c000
[  211.108228][    C0]  which belongs to the cache kmalloc-8k of size 8192
[  211.122368][    C0] The buggy address is located 2560 bytes inside of
[  211.122368][    C0]  8192-byte region [ffff88812121c000, ffff88812121e000)
[  211.135909][    C0] 
[  211.138245][    C0] The buggy address belongs to the physical page:
[  211.144658][    C0] page:ffffea0004848600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x121218
[  211.154906][    C0] head:ffffea0004848600 order:3 compound_mapcount:0 compound_pincount:0
[  211.163243][    C0] flags: 0x4000000000010200(slab|head|zone=1)
[  211.169341][    C0] raw: 4000000000010200 ffffea0004584600 dead000000000004 ffff888100043500
[  211.177944][    C0] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000
[  211.186539][    C0] page dumped because: kasan: bad access detected
[  211.192977][    C0] page_owner tracks the page as allocated
[  211.198721][    C0] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 6659, tgid 6658 (syz.3.2603), ts 158252524727, free_ts 158203765270
[  211.221656][    C0]  post_alloc_hook+0x1f5/0x210
[  211.226442][    C0]  prep_new_page+0x1c/0x110
[  211.230958][    C0]  get_page_from_freelist+0x2c7b/0x2cf0
[  211.236517][    C0]  __alloc_pages+0x1c3/0x450
[  211.241126][    C0]  alloc_slab_page+0x6e/0xf0
[  211.245721][    C0]  new_slab+0x98/0x3d0
[  211.249787][    C0]  ___slab_alloc+0x6bd/0xb20
[  211.254376][    C0]  __slab_alloc+0x5e/0xa0
[  211.258702][    C0]  __kmem_cache_alloc_node+0x203/0x2c0
[  211.264250][    C0]  kmalloc_trace+0x29/0xb0
[  211.268666][    C0]  fat_fill_super+0x116/0x4890
[  211.273430][    C0]  vfat_fill_super+0x2f/0x40
[  211.278019][    C0]  mount_bdev+0x2bc/0x3f0
[  211.282434][    C0]  vfat_mount+0x34/0x40
[  211.286588][    C0]  legacy_get_tree+0xfe/0x1a0
[  211.291370][    C0]  vfs_get_tree+0x9a/0x270
[  211.295845][    C0] page last free stack trace:
[  211.300536][    C0]  free_unref_page_prepare+0x742/0x750
[  211.306000][    C0]  free_unref_page+0x8f/0x530
[  211.310697][    C0]  __free_pages+0x67/0x100
[  211.315208][    C0]  __free_slab+0xca/0x1a0
[  211.319585][    C0]  __unfreeze_partials+0x160/0x190
[  211.324707][    C0]  put_cpu_partial+0xa9/0x100
[  211.329407][    C0]  __slab_free+0x1c4/0x280
[  211.333827][    C0]  ___cache_free+0xbf/0xd0
[  211.338349][    C0]  qlist_free_all+0xc6/0x140
[  211.343040][    C0]  kasan_quarantine_reduce+0x14a/0x170
[  211.348494][    C0]  __kasan_slab_alloc+0x24/0x80
[  211.353342][    C0]  slab_post_alloc_hook+0x4f/0x2d0
[  211.358472][    C0]  kmem_cache_alloc+0x16e/0x330
[  211.363318][    C0]  getname_flags+0xb9/0x500
[  211.367822][    C0]  user_path_at_empty+0x30/0x1c0
[  211.372848][    C0]  __x64_sys_umount+0xf1/0x160
[  211.377720][    C0] 
[  211.380049][    C0] Memory state around the buggy address:
[  211.385685][    C0]  ffff88812121c900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  211.393823][    C0]  ffff88812121c980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  211.402075][    C0] >ffff88812121ca00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  211.410125][    C0]                    ^
[  211.414187][    C0]  ffff88812121ca80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  211.422240][    C0]  ffff88812121cb00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  211.430286][    C0] ==================================================================
[  211.438334][    C0] Disabling lock debugging due to kernel taint
[  211.444551][    C0] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  211.456277][    C0] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  211.464874][    C0] CPU: 0 PID: 9573 Comm: syz.7.3790 Tainted: G    B              syzkaller #0
[  211.473725][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  211.483805][    C0] RIP: 0010:__queue_work+0x575/0xd30
[  211.489121][    C0] Code: 39 2b 0f 84 b9 00 00 00 e8 88 dc 28 00 4c 89 ff e8 70 db ac 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 bc 45 6d 00 49 8b 7d 00 e8 53 d7
[  211.508733][    C0] RSP: 0018:ffffc90000007c90 EFLAGS: 00010046
[  211.514902][    C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff88812aba5100
[  211.523054][    C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  211.531034][    C0] RBP: ffffc90000007d28 R08: fffffffffffffffb R09: 0000000000000007
[  211.539035][    C0] R10: ffffed1024243939 R11: 1ffff11024243939 R12: dffffc0000000000
[  211.547037][    C0] R13: 0000000000000000 R14: ffff88812121c9c8 R15: 0000000000000008
[  211.555014][    C0] FS:  00007f081ff936c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  211.564609][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  211.571406][    C0] CR2: 00007faaae885757 CR3: 0000000121cdd000 CR4: 00000000003506b0
[  211.579564][    C0] Call Trace:
[  211.582858][    C0]  <IRQ>
[  211.585750][    C0]  delayed_work_timer_fn+0x61/0x80
[  211.590990][    C0]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[  211.596821][    C0]  call_timer_fn+0x46/0x2a0
[  211.601349][    C0]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[  211.607180][    C0]  __run_timers+0x667/0x9a0
[  211.611697][    C0]  ? calc_index+0x200/0x200
[  211.616299][    C0]  ? sched_clock+0x9/0x10
[  211.620651][    C0]  run_timer_softirq+0x6a/0xf0
[  211.625434][    C0]  handle_softirqs+0x1d7/0x600
[  211.630209][    C0]  __do_softirq+0xb/0xd
[  211.634377][    C0]  do_softirq+0xc6/0x120
[  211.638646][    C0]  </IRQ>
[  211.641583][    C0]  <TASK>
[  211.644520][    C0]  ? __cfi_do_softirq+0x10/0x10
[  211.649380][    C0]  ? xdp_return_buff+0x9e/0x270
[  211.654248][    C0]  __local_bh_enable_ip+0x75/0x80
[  211.659275][    C0]  bpf_test_run_xdp_live+0x175d/0x19e0
[  211.664757][    C0]  ? __cfi_mutex_unlock+0x10/0x10
[  211.669899][    C0]  ? 0xffffffffa0004440
[  211.674070][    C0]  ? bpf_test_run_xdp_live+0x490/0x19e0
[  211.679648][    C0]  ? xdp_convert_md_to_buff+0x370/0x370
[  211.685232][    C0]  ? __cfi_xdp_test_run_init_page+0x10/0x10
[  211.691178][    C0]  ? __kasan_check_write+0x14/0x20
[  211.696313][    C0]  ? _copy_from_user+0x8f/0xc0
[  211.701098][    C0]  bpf_prog_test_run_xdp+0x6f1/0xe50
[  211.706521][    C0]  ? __cfi_bpf_prog_test_run_xdp+0x10/0x10
[  211.712369][    C0]  ? __kasan_check_write+0x14/0x20
[  211.717489][    C0]  ? __cfi_bpf_prog_test_run_xdp+0x10/0x10
[  211.723329][    C0]  bpf_prog_test_run+0x3e3/0x630
[  211.728280][    C0]  ? bpf_prog_query+0x270/0x270
[  211.733139][    C0]  ? selinux_bpf+0xce/0xf0
[  211.737571][    C0]  ? security_bpf+0x93/0xb0
[  211.742085][    C0]  __sys_bpf+0x56d/0x780
[  211.746334][    C0]  ? bpf_link_show_fdinfo+0x320/0x320
[  211.751716][    C0]  ? fpregs_restore_userregs+0x128/0x260
[  211.757416][    C0]  __x64_sys_bpf+0x7c/0x90
[  211.761850][    C0]  x64_sys_call+0x488/0x9a0
[  211.766366][    C0]  do_syscall_64+0x4c/0xa0
[  211.770795][    C0]  ? clear_bhb_loop+0x30/0x80
[  211.775482][    C0]  ? clear_bhb_loop+0x30/0x80
[  211.780170][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  211.786075][    C0] RIP: 0033:0x7f081f18eec9
[  211.790500][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  211.810121][    C0] RSP: 002b:00007f081ff93038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  211.818547][    C0] RAX: ffffffffffffffda RBX: 00007f081f3e5fa0 RCX: 00007f081f18eec9
[  211.826548][    C0] RDX: 0000000000000050 RSI: 0000200000000b80 RDI: 000000000000000a
[  211.834532][    C0] RBP: 00007f081f211f91 R08: 0000000000000000 R09: 0000000000000000
[  211.842537][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  211.850511][    C0] R13: 00007f081f3e6038 R14: 00007f081f3e5fa0 R15: 00007ffda7b23288
[  211.858493][    C0]  </TASK>
[  211.861528][    C0] Modules linked in:
[  211.865462][    C0] ---[ end trace 0000000000000000 ]---
[  211.870920][    C0] RIP: 0010:__queue_work+0x575/0xd30
[  211.876226][    C0] Code: 39 2b 0f 84 b9 00 00 00 e8 88 dc 28 00 4c 89 ff e8 70 db ac 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 bc 45 6d 00 49 8b 7d 00 e8 53 d7
[  211.895944][    C0] RSP: 0018:ffffc90000007c90 EFLAGS: 00010046
[  211.902037][    C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff88812aba5100
[  211.910034][    C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  211.918010][    C0] RBP: ffffc90000007d28 R08: fffffffffffffffb R09: 0000000000000007
[  211.925994][    C0] R10: ffffed1024243939 R11: 1ffff11024243939 R12: dffffc0000000000
[  211.934002][    C0] R13: 0000000000000000 R14: ffff88812121c9c8 R15: 0000000000000008
[  211.942130][    C0] FS:  00007f081ff936c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  211.951094][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  211.957697][    C0] CR2: 00007faaae885757 CR3: 0000000121cdd000 CR4: 00000000003506b0
[  211.965694][    C0] Kernel panic - not syncing: Fatal exception in interrupt
[  211.973292][    C0] Kernel Offset: disabled
[  211.977838][    C0] Rebooting in 86400 seconds..