last executing test programs:

1m15.772642168s ago: executing program 3 (id=509):
syz_mount_image$fuse(0x0, &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x8, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2a00a9, &(0x7f0000000980)=ANY=[@ANYBLOB='l'])

1m15.732651619s ago: executing program 3 (id=511):
r0 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000140)=ANY=[@ANYBLOB="00020201"], 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018", @ANYBLOB="0000000000000000b7"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0x40)

1m15.716537659s ago: executing program 3 (id=512):
r0 = syz_io_uring_setup(0x94f, &(0x7f0000000300)={0x0, 0xd27d, 0x100}, &(0x7f0000000080)=<r1=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r0, 0xcb, 0x44464f, 0x1, 0x0, 0x0)
io_uring_enter(r0, 0x1815, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r0, 0x62dd, 0x0, 0x0, 0x0, 0x0)

1m15.558102581s ago: executing program 3 (id=521):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000240)={[{@grpquota}, {@auto_da_alloc}, {@minixdf}]}, 0x1, 0x50c, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLEaGVEHsEqRsSN4pix1HsLJvQQ3rmikQlTvTIH8C5Jw7cuCC4cSkHJH5EoAaJg9GMJ6mb2o3VJHYUfz7SaObNm/r7fXH8Xuc59gtgZF2PiP2ImIiITyNiNjufy7b4qL0l1z05uLdyeHBvJRet1if/zKX1ybno+DeJa9ljFiPihw8jfpJ7Pm5jd29juVqtbGfl+WZta76xu3drvba8VlmrbJbLS4tLCx/cfr98bm19qzaRHX318R/2v/WzJK2Z7ExnO85Tu+mF4ziJ8Yj4/kUEG4KxrD0Tw06El5KPiNcj4u309T8bY+mzCQBcZa3WbLRmO8sAwFWXT+fAcvlSNhcwE/l8qdSew3sjpvPVeqN58259Z3O1PVc2F4X83fVqZSGbK5yLQi4pL6bHT8vlE+XbEfFaRPxiciotl1bq1dVh/scHAEbYtRPj/38m2+M/AHDFFYedAAAwcD3G//1B5wEADI77fwAYPcZ/ABg97fF/athpAAAD5P4fAEaP8R8ARsoPPv442VqH2fdfr362u7NR/+zWaqWxUartrJRW6ttbpbV6fS39zp7aaY9Xrde3Ft+Lnc/nvr3VaM43dvfu1Oo7m8076fd636kU0qt8sgAAhum1tx79OZeMyB9OpVt0rOVQGGpmwEXLDzsBYGjGhp0AMDRW+4LRdYZ7fNMDcEV0WaL3GcVuHxBqtVqti0sJuGA3vmT+H0ZVx/y/vwKGEWP+H0aX+X8YXa1Wrt81/6PfCwGAy80cP9Dj/f/Xs/1vsjcHfrx68ooHF5kVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXG5H6/+WsrXAZyKfL5UiXomIuSjk7q5XKwsR8WpE/GmyMJmUF4ecMwBwVvm/5bL1v27MvjvzTNWb144PJyLip7/65JefLzeb23+MmMj9a/LofPNBdr48+OwBgNMdjdPpvuNG/snBvZWjbZD5/P27EVFsxz88mIjD4/jjMZ7ui1GIiOl/57JyW65j7uIs9u9HxBe7tT8XM+kcSHvl05Pxk9ivDDR+/pn4+bSuvU9+Fl84h1xg1DxK+p+Pur3+8nE93Xd//RfTHurssv4veaiVw7QPfBr/qP8b69H/Xe83xnu/+177aOr5uvsRXx6POIp92NH/HMXP9Yj/bp/x//KVN9/uVdf6dcSN6B6/M9Z8s7Y139jdu7VeW16rrFU2y+WlxaWFD26/X55P56jne48G//jw5qu96pL2T/eIXzyl/V/vs/0P//fpj772gvjffKdb/Hy88YL4yZj4jT7jL0//ttirLom/2qP9pz3/N/uM//ive88tGw4ADE9jd29juVqtbI/kQfR38e+zH9alyHmkD5Jn4RKk0fXgO4OKNRHdq37+TvvXdDKi8xe71XqpWL16jPOYdQMug+MXfUT8d9jJAAAAAAAAAAAAAAAAXQ3iE0vDbiMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABX1/8DAAD//9RMyv0=")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x60142, 0x0)
fallocate(r0, 0x11, 0x0, 0x2000)

1m15.427800573s ago: executing program 3 (id=526):
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r1, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

1m11.201659721s ago: executing program 3 (id=581):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000080000085000000d0000000a50000009700000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = dup2(r0, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
fchownat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)

1m11.139262532s ago: executing program 32 (id=581):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000080000085000000d0000000a50000009700000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = dup2(r0, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
fchownat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)

55.789688875s ago: executing program 4 (id=1008):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x7, 0x10000, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000080), &(0x7f0000000180)}, 0x20)
getpgid(0x0)

55.661752937s ago: executing program 4 (id=1009):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x480, &(0x7f0000000180)={[{@oldalloc}, {@grpjquota}]}, 0x1, 0x765, &(0x7f0000000800)="$eJzs3c1rHOUfAPDvbJKmv7Q/E0HQegoIGijdmBpbBQ8VDyJYKOjZdtlsQ80mW7Kb0oSAFhG8CCoeBL307Eu9efXlqv+FB2mpmhYrHiQyu7PpNtltN22SRffzgWmf55nZPPPdZ2aeZ/cZdgLoW+PpP7mIQxHxQRIxmpUnETFUTw1GnGhsd2tttZguSayvv/ZbUt/m5tpqMVpekzqQZR6LiO/fjTic21pvdXllrlAulxaz/GRt/vxkdXnlyLn5wmxptrRwbGp6+ujxZ48f27lY//hp5eC1D19+6qsTf73z6JX3f0jiRBzM1rXGsVPGYzx7T4bSt/AOL+10ZT2W9HoHuC/pqTnQOMvjUIzGQD0FAPyXvRUR6wBAn0n0/wDQZ5rfA9xcWy02l95+I7G3rr8YEfsb8TfnNxtrBrM5u/31edCRm0k2M9KYzEwiYmwH6h+PiM++eeOLdIldmocEaOftSxFxZmx86/U/2XLPwnY93cU245vyrn+wd75Nxz/PtRv/5TbGP3HH+KdhuM25ez/uff7nru5ANR2l478XWu5tu9USf2ZsIMv9vz7mG0rOniuX0mvbQxExEUPDaX7qLnVM3Pj7Rqd1reO/3z968/O0/vT/21vkrg4O3/mamUKt8CAxt7p+KeLxwXbxJxvtn7Rp/7TsVJd1vPL8e592WpfGn8bbXLbGv7vWL0c82bb9b9/Rltz1/sTJ+uEw2Two2vj6509G2pUf2dT+6ZLW3/wssBfS9h+5e/xjSev9mtXt1/Hj5dHvOq27d/ztj/99yev19L6s7GKhVlucitiXvLq1/Ojt1zbzze3T+CeeaH/+bz7+11v2If1MeKbL+Aev/frl/ce/u9L4Z7bV/ttPXLk1N9Cp/u7af7qemshKurn+dbuDD/LeAQAAAAAAAAAAAAAAAAAAAAAAAEC3chFxMJJcfiOdy+XzjWd4PxIjuXKlWjt8trK0MBP1Z2WPxVCu+VOXoy2/hzqV/R5+M390U/6ZiHg4Ij4e/l89ny9WyjO9Dh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMgc6PP8/9ctwr/cOANg1+3u9AwDAntP/A0D/0f8DQP/R/wNA/9H/A0D/0f8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwy06dPJku63+urRbT/MyF5aW5yoUjM6XqXH5+qZgvVhbP52crldlyKV+szN/r75UrlfPTsbB0cbJWqtYmq8srp+crSwu10+fmC7Ol06WhPYkKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALanurwyVyiXS4sSEhISG4leX5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/h3+CQAA///Q6StZ")
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x8, &(0x7f0000000a40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000b0000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb9afcfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff90326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b74da42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0f34d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf790842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc9da71c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd7040000000094235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa12d52d21b4b36326f88546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920386f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26ab471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf974fcf36cbf6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f63af851c66ee7e30393cd574d63105c687967ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a148c364c2098fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b263d95d1d3aa737cb04a33615ff2a730e51067d5d675d0104361c37c61a43b5afd865b60d4cae89b873220f17d25979a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d4b55178bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e64701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4faa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a2689217380400a9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a20ffffffff682139c58ac1deb039a691ad640e12c12fe11d70fe495906f2d5d71778acbd4eee53a3996cb0de84bd2b059d60c0f96a53ea44e0b293865aa68df494f87db976e36ad6c06912244d4c883c4aaa60b4a1392ce0b2f2c51966504652ff871e0f6dfff9f7d34ecf04be0a58c3d53174b67d1886e34b81ad8c60da56acc64739c3acab24aa8d0ac92d465074f915608b1b60a948bad401b1a7fb3627bbe6c45123ed44bfdf8cc143bd1b7a663dc3d0476b8e39becffc429e41f66b1e37ae52aacaff0f1dc8ea70b68c25072e20586b19127d75fa71577f265c51000000000000000000000000003bba840af6f8027be80d975ac49b00f711dcc824e3b1ba21795d1dc80c87d9c042cb79706a556d58"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x49)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='sys_enter\x00', r0}, 0x10)
getitimer(0x0, &(0x7f00000000c0))

55.576980048s ago: executing program 4 (id=1010):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000580)={0x0, r1})

55.426563871s ago: executing program 4 (id=1013):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000080)='./file0\x00', 0x300001a, &(0x7f0000000f00)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c666d61736b3d30313700373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be29df17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fef3eb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf70c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e6760094145e542e426bceaab9b2cf261046247bce0565db3ac5888b74efd48bc9f455e60f4d496ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9ffffffffffffff7f561421488c9de8d3739a94bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4672e47fe5a25502919954242f8d779d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d4ada887dcc71e35f364baa1b93fd5ee36c02aa4628511442992ced893ab946472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893fe9b664421a40f4822ffcc284dfe9aea76e4a04293c970f2dae776decf07b085e16511b0bd365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2df3c2b99b9fa31631ad27727f740db9ca926ecd9e6acfc4b744d22d3e85db3344ba0f3569a01ae19d8256cc3d682862e2e75d21bcca3818a919c65f6cb43a798aacb568cffa05ae0f1f02ab2f0688f307aed6f31d08c066188ae0bd9059acda1341aafa899325e892764292e0a0c6f3ddce6b5d1bde7763d9e2cab5d13634e1202a28e323af77f83e82c5711a5fc53cd1b411d08f20623f92412c10e21f03910da72f0f08c0fe7bcf3440c1ed6f318fdf795c9faf2cc014b6f11e0ef4d6c39c3a5309a085f70a32af27d00"/1023, @ANYRESOCT, @ANYRESOCT, @ANYRESOCT], 0xd, 0x2a7, &(0x7f0000000c40)="$eJzs3T9rc2UUAPBzkzSNOiSIiyJ4QQen8tbVpVFeQeykRFAHDb4tSBIKLQSsYOzUzc3R7+FHcHHxGwiugls7VK7c3HubhKZ/qDGFvr/fdLjPPec5uU9JIZCTr14fDZ4dJHFy9ke0WknUdmInzpPoRC0qP0QjAIDH4zzL4u/sPpmN2uq7AQDWofj/X3joXgCA9fjks88/6u7uPv04TVvxavt03EsiYnQ67hXr3f34JoaxF0+iHRcR2aUi/uDD3afRSHOdeGs0GffyzNGXv5X1u39FTPO3ox2d5fnbaWEufzLubcSLkUZ3f6NqtR2vLM9/ZyG/+liiGW+/Odf/VrTj96/jIIbxLPLcWf7322n6fvbT2Xdf5Hn5/kktepvT+2ay+rrOBAAAAAAAAAAAAAAAAAAAAACAx28rTZNifM90fk9+qZy/U7+Yrm+llc7ifJ4iP6kKFfOBsihH9Eyy+Lmar/MkTdOsvHGW34jXGn5YAAAAAAAAAAAAAAAAAAAAAHJH3x4P+sPh3uFKgmoaQPW1/vvW2Zm78kYcD/r16wtu3mGvH4tgftpA3uuNbUSjESt6LLcFL+T9rLzy5uxwP40iqA5mpXu9/F5R9HjQT8ul6iEP+slte7Wqg/slYrbUjP/aWDb9k7jIFs+0ddnqYlZzRU+j+dLSpX+yLLtbnXf/LM6ovJJMR2zcbfeNMlj6AvOgdfUsfr2+4LVvGfWVvPEAAAAAAAAAAAAAAAAAAABXzL70u2Tx5MbU2v/WFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACs2ez3/6ugFRGLV64EkzL5pnvKoBmHRw/8EgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgO/BsAAP//8J5NUw==")
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
creat(&(0x7f0000000000)='./file0/file0\x00', 0x0)
mount$incfs(&(0x7f0000000240)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

55.306421103s ago: executing program 4 (id=1016):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a00000029"], 0xb8}}, 0x4004)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a00200000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000089d400000000020000000000000000000000000000000000000000000000000000000000000000000000000000ecff000000000000000000feffffffffffff"], 0xb8}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x29}, {0x0, 0x0, 0x9, 0x0, 0x0, 0x2, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x7}}, 0xb8}}, 0x10)

55.130397815s ago: executing program 4 (id=1017):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000d00)={[{@noblock_validity}, {@nolazytime}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000dc0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
execve(&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000840)='./file0/file0\x00', &(0x7f00000007c0), &(0x7f0000000800)=ANY=[], 0x15, 0x2)

55.075831326s ago: executing program 33 (id=1017):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000d00)={[{@noblock_validity}, {@nolazytime}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000dc0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
execve(&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000840)='./file0/file0\x00', &(0x7f00000007c0), &(0x7f0000000800)=ANY=[], 0x15, 0x2)

31.347931993s ago: executing program 2 (id=1673):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={0x34, r2, 0x1, 0x0, 0x0, {0x23}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x1}]}, 0x34}}, 0x0)

31.347220143s ago: executing program 2 (id=1674):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x2000000e, 0x0)

31.149120486s ago: executing program 2 (id=1665):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
mlockall(0x0)

31.148420165s ago: executing program 2 (id=1666):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000340)={[{@nodiscard}, {@nocheckpoint_merge}, {@alloc_mode_def}, {@six_active_logs}, {@flush_merge}, {@fault_injection={'fault_injection', 0x3d, 0x4ee}}, {@discard_unit_section}, {@noacl}, {@compress_cache}, {@alloc_mode_def}, {@noextent_cache}, {@compress_cache}, {@fault_type={'fault_type', 0x3d, 0x3}}]}, 0x3, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1d1)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@userxattr}]})

30.801420771s ago: executing program 2 (id=1675):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000400)={[{@nodiscard}, {@errors_continue}, {@barrier}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@jqfmt_vfsold}, {@jqfmt_vfsv1}, {@noquota}, {@discard}]}, 0xff, 0x551, &(0x7f0000002940)="$eJzs3d9vU1UcAPDv7Tp+KyMhJPpgFnkQg3Rs8wcmPuCjUSKJvmOzXRaylpK1I2ySCA/y4oshJsZIYvwDfPeR+A/4V5AoCTFk0Qdfam53ywprt9EVNuznk9xyzj23nHt67vdwbs8lDWBojWcvhYhXIuLbJOJwR1kx8sLx1eNWHl6fybYkms3P/koiyfe1j0/yPw+2M8WI376OOFl4rMqx7KW+tDxfrlTShXznRKN6ZaK+tHzqUrU8l86ll6emp8+8Mz31/nvvDqytb57/54dP73505pvjK9//cv/I7STOxqG8rLMd23CjMzMe4/lnMhpnnzhwcgCV7SbJTp8AfRnJ43w0sjHgcIzkUQ/8/30VEU1gSCXiH4ZUex7Qvrcf0H3wC+PBh6s3QOvbX1z9biT2te6NDqwkj90ZJe0vMrYpq+PXP+/czrYY3PcQAJu6cTMiTheL68e/JB//+nd6C8c8WYfxD56fu9n8561u85/Co/lPdJn/HOwSu/3YPP4L9wdQTU/Z/O+DrvPffNFqLMZG8txLrexocvFSJc3Gtpcj4kSM7s3yG63nnFm51+xV1jn/y7as/vZcMD+P+8W9j79nttwob6/Vax7cjHi16/w3edT/SZf+zz6P81us41h657VeZZu3/9lq/hzxRtf+X1vRSjZen5xoXQ8T7ativb9vHfu9V/073f6s/w9s3P6xpHO9tv70dfy079+0V1m/1/+e5PNWek++71q50ViYjNiTfLJ+/9Tae9v59vFZ+08c33j863b974+IL7bY/ltHb/U8dFv9P4BF16z9s0/V/0+fuPfxlz/23/6s/99upU7ke7Yy/m31BLfz2QEAAAAAAMBuU4iIQ5EUSo/ShUKptPp8x9E4UKjU6o2TF2uvR6us9fxDob3SfbjjeYjJ/HnYdn7qifx0RByJiO9G9rfypZlaZXanGw8AAAAAAAAAAAAAAAAAAAC7xMEe//8/88fITp8d8Mz5yW8YXpvG/yB+6QnYlfz7D8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8wvMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAADNT5c+eyrbny8PpMlp+9urQ4X7t6ajatz5eqizOlmdrCldJcrTZXSUsztepmf1+lVrsyORWL1yYaab0xUV9avlCtLV5uXLhULc+lF9LR59IqAAAAAAAAAAAAAAAAAAAAeLHUl5bny5VKuiAh0VeiuDtOQ2LAiZ0emQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgzX8BAAD//7VBN58=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
r1 = open(&(0x7f0000000000)='./file1\x00', 0x109042, 0x80)
fallocate(r1, 0x20, 0x0, 0x7000000)

30.406044377s ago: executing program 2 (id=1678):
sendmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x208}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x44}}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x2a0, 0x210, 0x9403, 0x3002, 0x210, 0x2c0, 0x2f0, 0x3d8, 0x3d8, 0x2f0, 0x3d8, 0x3, 0x0, {[{{@ipv6={@private2, @remote, [0xffffff00, 0x0, 0xffffffff], [0xffffffff, 0xffffff00, 0xffffffff], 'macvlan1\x00', 'wg2\x00', {}, {0xa4c8dd0ffa9b1578}, 0x73, 0x9, 0x4, 0x48}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@private1}}}, {{@uncond, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff, 0x0, 0x2}, {0x4, 0x5, 0x5}, {0x3, 0x4}, 0xbf, 0xb}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x300)

30.328162869s ago: executing program 34 (id=1678):
sendmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x208}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x44}}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x2a0, 0x210, 0x9403, 0x3002, 0x210, 0x2c0, 0x2f0, 0x3d8, 0x3d8, 0x2f0, 0x3d8, 0x3, 0x0, {[{{@ipv6={@private2, @remote, [0xffffff00, 0x0, 0xffffffff], [0xffffffff, 0xffffff00, 0xffffffff], 'macvlan1\x00', 'wg2\x00', {}, {0xa4c8dd0ffa9b1578}, 0x73, 0x9, 0x4, 0x48}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@private1}}}, {{@uncond, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff, 0x0, 0x2}, {0x4, 0x5, 0x5}, {0x3, 0x4}, 0xbf, 0xb}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x300)

29.055384929s ago: executing program 7 (id=1708):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x1, 0xbf22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r1, <r2=>0xffffffffffffffff}, &(0x7f00000003c0), &(0x7f0000000400)}, 0x20)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000280), &(0x7f0000000380), 0xffffd6c0, r2}, 0x38)

28.770440643s ago: executing program 7 (id=1711):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000dc0)=@base={0x1, 0x100007, 0x220104, 0xe2a4, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240), &(0x7f0000001940), 0x2000cc0, r1}, 0x38)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x1b, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240), 0x0, 0x2, r1}, 0x38)

28.452723569s ago: executing program 7 (id=1719):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000885000000b000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000680), 0x4a503, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
close(r1)

28.36688474s ago: executing program 7 (id=1720):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8f1018, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f00000003c0)='./file0/../file0\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file0/../file0/file0\x00', 0x102)

28.33064231s ago: executing program 7 (id=1722):
unshare(0x400)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000140)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r1, &(0x7f0000001f80)=""/4089, 0xff9)

28.198472572s ago: executing program 7 (id=1724):
mount$overlay(0x0, 0x0, 0x0, 0x20a4000, &(0x7f0000000200)={[], [{@defcontext={'defcontext', 0x3d, 'sysadm_u'}}]})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r2, 0x5000aea5, &(0x7f0000000000)=ANY=[])

28.127316763s ago: executing program 35 (id=1724):
mount$overlay(0x0, 0x0, 0x0, 0x20a4000, &(0x7f0000000200)={[], [{@defcontext={'defcontext', 0x3d, 'sysadm_u'}}]})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r2, 0x5000aea5, &(0x7f0000000000)=ANY=[])

3.047818731s ago: executing program 0 (id=2562):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
rt_tgsigqueueinfo(0x0, 0x0, 0x1c, 0x0)

3.002480382s ago: executing program 0 (id=2563):
r0 = creat(&(0x7f0000000200)='./file0\x00', 0x20)
close(r0)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x402, 0x0)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

2.187349475s ago: executing program 0 (id=2595):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, &(0x7f0000000040)=""/155, 0x1000000, 0x9b, 0x1, 0x0, 0x0, @void, @value}, 0x20)

2.124143426s ago: executing program 0 (id=2597):
r0 = socket(0x11, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @dev}, 0x14)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, 0x0}, 0x0)

2.105592726s ago: executing program 0 (id=2599):
setresuid(0xee01, 0x0, 0x0)
timer_create(0x3, 0x0, &(0x7f00000003c0))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6}]})
bpf$MAP_CREATE(0x0, 0x0, 0xfffffffffffffe5e)
timer_delete(0x0)

1.26399188s ago: executing program 0 (id=2639):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000004200)={{0x12, 0x1, 0x0, 0xe2, 0x79, 0x3b, 0x10, 0x5d1, 0x2001, 0x900, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x4d, 0x2f, 0x9c}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000040)={0x44, &(0x7f00000003c0)={0x20, 0x3a, 0x2, "8380"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000c00)={0x44, &(0x7f0000000980)=ANY=[@ANYBLOB="4010a000"], &(0x7f0000000a40)={0x0, 0xa, 0x1, 0x4}, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000b80)={0x20, 0x84, 0x2, "d195"}, 0x0})

913.313535ms ago: executing program 5 (id=2654):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000050000f56005"])

854.351536ms ago: executing program 5 (id=2660):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

800.200137ms ago: executing program 6 (id=2663):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000a80)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000a40)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="64000000020301020000feffffffffffffff0001080001000100000a080005400000001808000540000000000800034000000002090002000000080002000000080004400000000f080003400000ee940800054000000005090002000000000401"], 0x64}, 0x1, 0x0, 0x0, 0x4000}, 0x44800)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x22400049, &(0x7f00000002c0)={[{@dioread_nolock}, {@noinit_itable}, {@nomblk_io_submit}, {@noblock_validity}, {@data_err_abort}, {@jqfmt_vfsold}, {@jqfmt_vfsv0}, {@barrier_val={'barrier', 0x3d, 0xd95a}}, {@debug}]}, 0x84, 0x471, &(0x7f0000000bc0)="$eJzs3M9vFFUcAPDvzLZFfpQuiD9AlFUkNqItLagcvGg04WJiogc91lIJsoChNRFCBI3Bo/EvUI8m/gWe9GLUk8ar3o0JMVxED2bN7M7Att3WdrfLgvP5JNN9b3699+bN67yZt7MBlFYt+5NEbIuIXyJirBVdvEKt9XH92sXZv65dnE2i0Xjlj6S53p/XLs4Wq27LP7fm+xxPI9IPk7jcId358xdOzdTrc+fy+OTC6bcn589fePLk6ZkTcyfmzkwfPXrk8NQzT08/tSHlHM3yuue9s3t3H3v9k5dmG/HG919m+a/ky9vL0VLtOc1a1KLRaDTSRXNHmn8P9Lz328toWzgZGmBGWJfs/M+qa7jZ/seiEjcrbyxe/GCgmQP6Krs+7Vg2t3VVTA8kzeXA/5U2DmVVXPGz+99iurU9kMG6+lzrBigr9/V8ai0Ziuy+Pam27tgrfUp/W0S8dvnvT7MpOj6HAADYWF9n/Z8nOvX/0ri3bb3t+dhQNSIORsTOiLg7InZFxD0RzXXvi4j715l+bUl8ef/np81dFWyNsv7fs/nY1uL+341Rm2olj402yz+cvHmyPncoPybjMbwpi0+tksY3L/z88UrLam39v2zK0i/6gnk+fh/atHib4zMLM72Uud3V9yP2DHUqf3JjJCCJiN0RsaeL/WfH7OTjX+zNwtu3Ll/+3+VfxQaMMzU+j3isVf+XY0n5C0krpZXGJyfvivrcocnirFjuhx+vvNweH24L91T+DZDV/5aO539e/qIZFOO18+tP48qvH614T9Pt+T+SvNoMj+Tz3p1ZWDg3FTGSz1g0f/rmtkW8WD8r//j+zu1/Z8Q/n+XbPRAR2Un8YEQ8FBH78rw/HBGPRMT+Vcr/3fOPvrX6ERps/R9frf4jqkn7eH0Xgcqpb79aKf211f+RZmg8n7OW/39rzWAvxw4AAADuFGlzDDpJJ26E03RiovUd/l2xJa2fnV84WIt3zhxvjVVXYzgtnnSNtT0PncqfDRfx6SXxwxGxo/lNo83N+MTs2frooAsPJbd1hfaf+a1fX3oBbh/rGkdL+pcP4NbzviaUl/YP5aX9Q3lp/1Bendr/pYjrA8gKcIu5/kN5af9QXto/lJf2D6W0/JX44udWunnT/2Zg57GeNi9RoNKnPUf7j3b0IRDpwA9d94H0dsjGvjywKSLWutWlvtbp0vMHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgzvdvAAAA//+bHeQQ")
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r1, 0x0, 0x3f)

799.819467ms ago: executing program 5 (id=2664):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000040)=0x8, 0x4)
recvmmsg(r0, &(0x7f0000007f80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000007600)=""/17, 0x14}, 0x7}], 0x1, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

713.893318ms ago: executing program 5 (id=2667):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000800850000000500000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000480)={0x30, r1, 0x62c21a4ade68aba1, 0x0, 0x0, {{0x32}, {@val={0x8, 0x117, 0x56}, @val={0x8}, @val={0xc, 0x99, {0x2, 0x77}}}}}, 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x0)

626.80666ms ago: executing program 5 (id=2669):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="540000001c000103000000000000000007000000", @ANYRES32=r2, @ANYBLOB="4000a6080a000200ff"], 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x0)

550.666131ms ago: executing program 6 (id=2671):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0xa, 0x1, 0x201, 0x8, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000002380)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10)
io_setup(0x7f, &(0x7f0000000300)=<r2=>0x0)
io_pgetevents(r2, 0x1, 0x1, &(0x7f0000000580)=[{}], &(0x7f00000006c0)={0x0, 0x3938700}, 0x0)

503.225411ms ago: executing program 5 (id=2673):
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x2, 0x842)
ioctl$EVIOCGBITSND(r0, 0x40044591, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000340)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})

394.435363ms ago: executing program 6 (id=2682):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="12000000160000000800000002"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r1}, &(0x7f0000000180), &(0x7f0000000100)=r0}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r1, &(0x7f0000000300), 0x0}, 0x20)

380.331143ms ago: executing program 6 (id=2684):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0xa0880, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000080)=ANY=[@ANYBLOB="07000000000000000d00000001000000ffffffff07000000db09000000000000010000401000000081c7000007000000ff0000000000000000000000000000000100000071000000fbffffff0000000014000080ffffff7f0800000007000000080000000000000001000040ff7f000006000000ffffffff07000000000000000400000023000000020000000600000010000000ffffffff07"])

333.238975ms ago: executing program 1 (id=2686):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)={0x24, r2, 0x601, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x10, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x5, 0x2}]}]}]}, 0x24}}, 0x0)
sendmsg$TIPC_NL_NET_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000240)={0x2c, r2, 0x1, 0x0, 0xfffffffd, {}, [@TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x6b32}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x0)

332.800165ms ago: executing program 8 (id=2687):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f000001a2c0)={0x18, 0x2, &(0x7f000001a240)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}], &(0x7f0000000240)='syzkaller\x00', 0xd, 0x0, 0x0, 0xc1000, 0x1c, '\x00', 0x0, 0x0, r1, 0xc, &(0x7f00000000c0)={0x0, 0xffffffff}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

332.476605ms ago: executing program 1 (id=2688):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r0, 0x40045402, &(0x7f0000000040)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000440)={0x7, 0x8, 0x0, 0x0, 0x6})
readv(r0, &(0x7f0000000200)=[{&(0x7f0000003140)=""/4096, 0x20}], 0x1)

332.305035ms ago: executing program 8 (id=2689):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

332.159475ms ago: executing program 1 (id=2690):
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
unshare(0x22020600)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2000002, 0x4052, r0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b80)={0xd, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r1, @ANYBLOB="00000000ffffff1fb705000008000000850000005d00000095", @ANYRES32], &(0x7f0000000300)='GPL\x00', 0x2, 0x100d, &(0x7f0000003540)=""/4109, 0x0, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x5c)

317.125175ms ago: executing program 8 (id=2691):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000059c0)='./bus\x00', 0x201c006, &(0x7f00000000c0)={[{@quota}]}, 0x1, 0x439, &(0x7f0000000580)="$eJzs28tvG8UfAPDvrp3219cvpiqPPoBAQVQ8kiYtpQcuIJA4gIQEh3IMSVqVug1qgkSrCgJC5YgqcUcckfgLOMEFASckrnBHlSqUSwsno7V3G8exncY4ccGfj7TtzO5EM1/PTjyzkw1gaI1l/yQRuyPi14gYbWRXFxhr/Hdr+crMn8tXZpKo1d74I6mXu7l8ZaYoWvzcriJTjkg/SeJgm3oXLl0+N12tzl3M8xOL59+dWLh0+Zmz56fPzJ2ZuzB18uTxY5PPnZh6ti9xZnHdPPDB/KH9r7x17bWZU9fe/vHrpIi/JY4+Get28fFarc/VDdaepnRSHmBD2JBSY5jGSH38j0YpVjpvNF7+eKCNAzZVrVar3df58lIN+A9LYtAtAAaj+KLP1r/FsUVTj7vCjRcaC6As7lv50bhSjjQvM9Kyvu2nsYg4tfTXF9kRm/McAgBglW+z+c/T7eZ/aTQ/F/p/vodSiYh7ImJvRJyIiH0RcW9Evez9EfHAButv3SRZO/9Jr/cU2B3K5n/P53tbq+d/xewvKqU8t6ce/0hy+mx17mj+mRyJke1ZfrJLHd+99Mtnna41z/+yI6u/mAvm7bhe3t6nYNu48VHEgXK7+JPbOwFJROyPiAM91nH2ya8Odbq2fvxd9GGfqfZlxBON/l+KlvgLSff9yYn/RXXu6ERxV6z1089XX+9U/z+Kvw+y/t/Z9v4v4t9TSZr3axc2XsfV3z7tuKbp5f6fnV6c3pa8uerc+9OLixcnI7Ylr9bzlebzUy3lplbKZ/EfOdx+/O+NlU/iYERkN/GDEfFQRDyct/2RiHg0Ig53if+HFx97p/f4N1cW/2zX/o+W/l9JbIvWM+0TpXPff7Oq0spG4s/6/3g9dSQ/k/X/enHdSbt6u5sBAADg3yeNiN2RpOO302k6Pt74G/59sTOtzi8sPnV6/r0Ls413BCoxkhZPukabnodO5sv6Ij/Vkj+WPzf+vLSjnh+fma/ODjp4GHK7Ooz/zO+lQbcO2HTe14LhZfzD8DL+YXgZ/zC82oz/HYNoB7D12n3/fziAdgBbr2X82/aDIWL9D8OrbL0PQ8v3PwylhR2x/kvyEhJrEpHeFc2Q6DGRRkS3MoP+zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAffwcAAP//KvHjlA==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2, 0x28011, r0, 0x0)
ftruncate(r0, 0x5)

314.832975ms ago: executing program 1 (id=2692):
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000280)={'veth0_to_team\x00', &(0x7f00000000c0)=@ethtool_coalesce={0xf, 0x5, 0x3, 0x9, 0x6, 0x10001, 0xf0, 0xb, 0x4, 0x6, 0x3, 0x0, 0xbc, 0xe, 0x7fffffff, 0x3, 0x3, 0x3ff, 0x6dc, 0x350, 0x4, 0xa, 0xfffffff7}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="0100000000000000830000c0"])

222.440336ms ago: executing program 6 (id=2693):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SMI(r2, 0xaeb7)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x8040ae9f, &(0x7f0000000080))

222.141516ms ago: executing program 8 (id=2694):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x4, 0x0, 0x0)

221.886846ms ago: executing program 8 (id=2695):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)

215.205286ms ago: executing program 1 (id=2696):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)
chdir(&(0x7f00000003c0)='./file0\x00')
rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

194.108036ms ago: executing program 1 (id=2697):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x5, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70200001400ea00b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001140)={{r0}, &(0x7f00000010c0), &(0x7f0000001100)}, 0x20)

78.729309ms ago: executing program 6 (id=2698):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r2, 0x4c80, 0xffffffffffffffb6)

0s ago: executing program 8 (id=2699):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000001ffffeb00000000eb658e0d850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000640)='console\x00', r0}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'macsec0\x00', @random="06517dc2e6ea"})

kernel console output (not intermixed with test programs):

472] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[   65.846816][  T472] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   65.856572][  T472] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   65.866316][  T472] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[   65.876022][  T472] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[   65.897300][  T472] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   65.923211][  T472] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   65.952313][  T472] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   65.961801][ T3080] F2FS-fs (loop6): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[   65.984617][  T472] usb 6-1: config 0 descriptor??
[   65.989988][   T19] usb 2-1: USB disconnect, device number 8
[   65.995668][   T28] audit: type=1400 audit(2000000002.260:8373): avc:  denied  { create } for  pid=3079 comm="syz.6.1161" name="file4" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=fifo_file permissive=1
[   66.064430][ T3098] xt_hashlimit: size too large, truncated to 1048576
[   66.095294][ T1687] kworker/u4:32: attempt to access beyond end of device
[   66.095294][ T1687] loop6: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[   66.134621][ T3102] loop2: detected capacity change from 0 to 2048
[   66.172821][ T3102]  loop2: p1 < > p3
[   66.177596][ T3102] loop2: p3 size 134217728 extends beyond EOD, truncated
[   66.192736][  T472] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 5 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   66.211637][  T102]  loop2: p1 < > p3
[   66.216251][  T102] loop2: p3 size 134217728 extends beyond EOD, truncated
[   66.232463][   T28] audit: type=1400 audit(2000000002.490:8374): avc:  denied  { write } for  pid=3101 comm="syz.2.1169" name="loop2p1" dev="devtmpfs" ino=776 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   66.303638][ T1032] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   66.330381][  T325] udevd[325]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[   66.345523][ T1032] udevd[1032]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   66.407103][  T472] usb 6-1: USB disconnect, device number 5
[   66.416673][  T472] usblp0: removed
[   66.518411][ T3117] loop1: detected capacity change from 0 to 512
[   66.554530][ T3117] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   66.563506][ T3117] ext4 filesystem being mounted at /243/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.583666][ T3117] EXT4-fs (loop1): unmounting filesystem.
[   66.688727][ T3131] loop0: detected capacity change from 0 to 128
[   66.720954][ T3131] EXT4-fs: Ignoring removed nobh option
[   66.747922][ T3131] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   66.757384][ T3131] ext4 filesystem being mounted at /261/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   66.778725][ T3131] fscrypt (loop0, inode 12): Sub-block data units not yet supported with IV_INO_LBLK_32
[   66.831831][  T293] EXT4-fs (loop0): unmounting filesystem.
[   66.855513][ T3144] loop6: detected capacity change from 0 to 2048
[   66.909099][ T3144] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[   66.946838][ T2738] EXT4-fs (loop6): unmounting filesystem.
[   67.057157][ T3167] loop1: detected capacity change from 0 to 512
[   67.065275][ T3170] netem: change failed
[   67.093415][ T3167] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   67.142517][  T472] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[   67.170571][  T292] EXT4-fs (loop1): unmounting filesystem.
[   67.333749][  T472] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   67.348384][  T472] usb 3-1: config 0 has no interfaces?
[   67.362403][  T472] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[   67.381396][  T472] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   67.398970][  T472] usb 3-1: config 0 descriptor??
[   67.482454][  T316] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   67.532258][ T3209] syz.1.1212[3209] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   67.533671][ T3209] syz.1.1212[3209] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   67.667005][   T24] usb 3-1: USB disconnect, device number 10
[   67.682417][  T316] usb 7-1: Using ep0 maxpacket: 32
[   67.696784][  T316] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[   67.712595][  T316] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   67.728616][  T316] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[   67.739990][  T316] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   67.752505][  T316] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   67.762055][  T316] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[   67.772419][  T316] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[   67.781964][  T316] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   67.795213][  T316] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   67.814571][  T316] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   67.823506][  T316] usb 7-1: config 0 descriptor??
[   67.858854][   T28] kauditd_printk_skb: 65 callbacks suppressed
[   67.858869][   T28] audit: type=1400 audit(2000000004.120:8440): avc:  denied  { create } for  pid=3221 comm="syz.0.1217" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   67.893286][   T28] audit: type=1400 audit(2000000004.150:8441): avc:  denied  { connect } for  pid=3221 comm="syz.0.1217" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   68.034731][  T316] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 2 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   68.076583][   T28] audit: type=1400 audit(2000000004.340:8442): avc:  denied  { create } for  pid=3232 comm="syz.5.1222" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   68.098040][ T3233] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1222'.
[   68.102258][   T28] audit: type=1400 audit(2000000004.360:8443): avc:  denied  { write } for  pid=3232 comm="syz.5.1222" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   68.127650][   T28] audit: type=1400 audit(2000000004.380:8444): avc:  denied  { execute } for  pid=3236 comm="syz.0.1224" path="/276/cpu.stat" dev="tmpfs" ino=1443 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   68.248686][   T24] usb 7-1: USB disconnect, device number 2
[   68.259444][   T24] usblp0: removed
[   68.429654][   T28] audit: type=1400 audit(2000000004.690:8445): avc:  denied  { sqpoll } for  pid=3249 comm="syz.1.1227" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   68.453028][ T3248] loop2: detected capacity change from 0 to 2048
[   68.460763][   T28] audit: type=1400 audit(2000000004.720:8446): avc:  denied  { bind } for  pid=3251 comm="syz.5.1229" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   68.481531][   T28] audit: type=1400 audit(2000000004.720:8447): avc:  denied  { name_bind } for  pid=3251 comm="syz.5.1229" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[   68.522173][   T28] audit: type=1400 audit(2000000004.720:8448): avc:  denied  { node_bind } for  pid=3251 comm="syz.5.1229" saddr=ff02::1 src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[   68.546825][ T3248] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   68.562535][ T3248] ext4 filesystem being mounted at /199/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.584763][   T28] audit: type=1400 audit(2000000004.850:8449): avc:  denied  { mount } for  pid=3263 comm="syz.0.1232" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[   68.633370][ T3248] fs-verity: sha512 using implementation "sha512-avx2"
[   68.659355][ T3248] syz.2.1228 (3248) used greatest stack depth: 19968 bytes left
[   68.677506][  T295] EXT4-fs (loop2): unmounting filesystem.
[   68.734142][ T3275] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1240'.
[   68.778634][ T3278] tc_dump_action: action bad kind
[   68.828932][ T3284] device pim6reg1 entered promiscuous mode
[   68.969203][ T3292] input: syz1 as /devices/virtual/input/input17
[   69.312456][  T316] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   69.432657][ T3308] loop1: detected capacity change from 0 to 40427
[   69.439490][ T3308] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[   69.447283][ T3308] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   69.456023][ T3308] F2FS-fs (loop1): invalid crc value
[   69.462728][ T3308] F2FS-fs (loop1): Found nat_bits in checkpoint
[   69.482414][   T39] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[   69.504070][  T316] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   69.520440][  T316] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   69.534072][ T3317] device vlan2 entered promiscuous mode
[   69.544388][  T316] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   69.548828][ T3308] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   69.557189][  T316] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   69.557215][  T316] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   69.564586][ T3308] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   69.576870][  T316] usb 7-1: config 0 descriptor??
[   69.672405][   T39] usb 1-1: Using ep0 maxpacket: 8
[   69.687764][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   69.706498][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   69.717226][   T39] usb 1-1: New USB device found, idVendor=045e, idProduct=009d, bcdDevice= 0.00
[   69.726500][   T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   69.751842][   T39] usb 1-1: config 0 descriptor??
[   69.833395][ T3338] loop5: detected capacity change from 0 to 1024
[   69.856094][ T3338] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   69.881478][ T3342] syz.1.1268[3342] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   69.881583][ T3342] syz.1.1268[3342] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   69.992528][  T472] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[   70.012856][  T316] plantronics 0003:047F:FFFF.000F: No inputs registered, leaving
[   70.021578][  T316] plantronics 0003:047F:FFFF.000F: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[   70.062109][ T3358] x_tables: duplicate underflow at hook 4
[   70.152394][   T24] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[   70.164078][   T39] microsoft 0003:045E:009D.0010: global environment stack underflow
[   70.171888][   T39] microsoft 0003:045E:009D.0010: item 0 1 1 11 parsing failed
[   70.179483][   T39] microsoft 0003:045E:009D.0010: parse failed
[   70.185406][   T39] microsoft: probe of 0003:045E:009D.0010 failed with error -22
[   70.203542][  T472] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   70.214725][  T472] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[   70.223626][  T472] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   70.232395][  T472] usb 3-1: config 0 descriptor??
[   70.293277][  T315] usb 7-1: USB disconnect, device number 3
[   70.332421][   T24] usb 6-1: Using ep0 maxpacket: 16
[   70.338607][   T24] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   70.348925][   T24] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[   70.359078][   T24] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   70.367965][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   70.375772][   T24] usb 6-1: Product: syz
[   70.379738][   T24] usb 6-1: Manufacturer: syz
[   70.384304][   T24] usb 6-1: SerialNumber: syz
[   70.401147][   T19] usb 1-1: USB disconnect, device number 6
[   70.462416][  T316] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[   70.593352][ T3338] netlink: 71 bytes leftover after parsing attributes in process `syz.5.1266'.
[   70.605805][   T24] usb 6-1: invalid UAC_HEADER (v1)
[   70.612205][   T24] snd-usb-audio: probe of 6-1:1.0 failed with error -22
[   70.625661][  T325] udevd[325]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   70.641613][   T24] usb 6-1: USB disconnect, device number 6
[   70.642179][  T472] keytouch 0003:0926:3333.0011: fixing up Keytouch IEC report descriptor
[   70.655888][  T316] usb 2-1: Using ep0 maxpacket: 32
[   70.661851][  T316] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[   70.670634][  T472] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0011/input/input18
[   70.681876][  T316] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   70.690269][  T316] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81
[   70.699183][  T316] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   70.711486][  T316] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   70.720986][  T316] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   70.733726][  T316] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   70.742614][  T316] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   70.751019][  T316] usb 2-1: config 0 descriptor??
[   70.775011][  T472] keytouch 0003:0926:3333.0011: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0
[   70.851547][ T3327] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   70.860749][ T3327] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   70.959390][  T316] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 9 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   71.010112][ T3379] SELinux: failed to load policy
[   71.122194][ T1697] EXT4-fs (loop5): unmounting filesystem.
[   71.124724][ T3396] binder: 3395:3396 ioctl c00c620f 200000000240 returned -22
[   71.174134][    C1] usblp0: nonzero read bulk status received: -71
[   71.182121][   T24] usb 2-1: USB disconnect, device number 9
[   71.208167][  T298] usb 3-1: USB disconnect, device number 11
[   71.262432][  T315] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[   71.389562][ T3365] usblp0: removed
[   71.443552][  T315] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   71.453859][  T315] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[   71.464627][  T315] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[   71.474299][  T315] usb 7-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   71.487373][  T315] usb 7-1: Duplicate descriptor for config 1 interface 2 altsetting 1, skipping
[   71.498894][  T315] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   71.507915][  T315] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   71.515898][  T315] usb 7-1: Product: syz
[   71.520104][  T315] usb 7-1: Manufacturer: syz
[   71.524571][  T315] usb 7-1: SerialNumber: syz
[   71.532422][  T316] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[   71.555227][ T3434] syz.0.1310[3434] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   71.555297][ T3434] syz.0.1310[3434] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   71.723612][  T316] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[   71.750077][  T315] usb 7-1: USB disconnect, device number 4
[   71.771048][  T316] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[   71.792862][  T316] usb 6-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[   71.801717][  T316] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   71.809601][  T316] usb 6-1: Product: syz
[   71.813679][  T316] usb 6-1: Manufacturer: syz
[   71.818094][  T316] usb 6-1: SerialNumber: syz
[   71.825705][  T316] usb 6-1: config 0 descriptor??
[   71.830762][ T3413] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[   71.838067][ T3413] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[   72.047042][ T3413] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[   72.054445][ T3413] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[   72.149191][ T3487] bridge0: port 2(bridge_slave_1) entered learning state
[   72.311895][ T3501] loop6: detected capacity change from 0 to 128
[   72.867000][  T316] dm9601 6-1:0.0 (unnamed net_device) (uninitialized): MDIO read error: -71
[   72.872428][  T315] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[   72.878174][  T316] dm9601 6-1:0.0 eth1: register 'dm9601' at usb-dummy_hcd.5-1, Davicom DM96xx USB 10/100 Ethernet, d2:13:f7:ea:8b:84
[   72.896103][   T28] kauditd_printk_skb: 82 callbacks suppressed
[   72.896117][   T28] audit: type=1400 audit(2000000265.159:8532): avc:  denied  { read } for  pid=84 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   72.928682][  T316] usb 6-1: USB disconnect, device number 7
[   72.939238][  T316] dm9601 6-1:0.0 eth1: unregister 'dm9601' usb-dummy_hcd.5-1, Davicom DM96xx USB 10/100 Ethernet
[   72.942998][   T28] audit: type=1400 audit(2000000265.159:8533): avc:  denied  { search } for  pid=84 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   72.974109][   T28] audit: type=1400 audit(2000000265.159:8534): avc:  denied  { open } for  pid=84 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   72.999906][   T28] audit: type=1400 audit(2000000265.159:8535): avc:  denied  { getattr } for  pid=84 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   73.022488][   T28] audit: type=1400 audit(2000000265.189:8536): avc:  denied  { mounton } for  pid=3511 comm="syz.6.1345" path="/48/file1" dev="tmpfs" ino=267 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   73.045254][   T28] audit: type=1400 audit(2000000265.189:8537): avc:  denied  { mount } for  pid=3511 comm="syz.6.1345" name="/" dev="ramfs" ino=28778 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   73.067520][  T298] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[   73.072459][   T28] audit: type=1400 audit(2000000265.309:8538): avc:  denied  { unmount } for  pid=293 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[   73.102460][  T315] usb 3-1: Using ep0 maxpacket: 16
[   73.108808][  T315] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[   73.118795][  T315] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   73.131292][  T315] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[   73.141716][  T315] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   73.150715][  T315] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   73.158760][  T315] usb 3-1: Product: syz
[   73.162861][  T315] usb 3-1: Manufacturer: syz
[   73.167272][  T315] usb 3-1: SerialNumber: syz
[   73.184768][   T28] audit: type=1400 audit(2000000265.449:8539): avc:  denied  { create } for  pid=3522 comm="syz.6.1350" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   73.204784][   T28] audit: type=1400 audit(2000000265.469:8540): avc:  denied  { connect } for  pid=3522 comm="syz.6.1350" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   73.224525][   T28] audit: type=1400 audit(2000000265.469:8541): avc:  denied  { write } for  pid=3522 comm="syz.6.1350" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   73.273483][  T298] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   73.288596][  T298] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[   73.304135][  T298] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   73.313209][  T298] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   73.321090][  T298] usb 2-1: SerialNumber: syz
[   73.383687][   T19] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[   73.417522][ T3540] block device autoloading is deprecated and will be removed.
[   73.430499][ T3542] xt_hashlimit: size too large, truncated to 1048576
[   73.479645][ T3546] syz.6.1361[3546] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   73.479763][ T3546] syz.6.1361[3546] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   73.563505][   T19] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   73.585668][  T315] usb 3-1: 0:2 : does not exist
[   73.602383][   T19] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[   73.613001][   T19] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[   73.632592][   T19] usb 1-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   73.662555][   T19] usb 1-1: Duplicate descriptor for config 1 interface 2 altsetting 1, skipping
[   73.683493][   T19] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   73.692380][   T19] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   73.700170][   T19] usb 1-1: Product: syz
[   73.704245][   T19] usb 1-1: Manufacturer: syz
[   73.708583][   T19] usb 1-1: SerialNumber: syz
[   73.763327][ T3549] loop6: detected capacity change from 0 to 40427
[   73.789268][ T3549] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[   73.797138][ T3549] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[   73.808245][ T3549] F2FS-fs (loop6): Found nat_bits in checkpoint
[   73.853581][ T3549] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[   73.860823][ T3549] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   73.881373][ T3549] syz.6.1362: attempt to access beyond end of device
[   73.881373][ T3549] loop6: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   74.101936][ T3574] loop6: detected capacity change from 0 to 1024
[   74.117511][ T3578] xt_hashlimit: size too large, truncated to 1048576
[   74.125640][ T3574] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[   74.151017][ T3574] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:3841: comm syz.6.1372: Allocating blocks 497-513 which overlap fs metadata
[   74.168130][ T3573] EXT4-fs (loop6): pa ffff888131d7de70: logic 128, phys. 273, len 15
[   74.176127][ T3573] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[   74.192234][  T298] usb 2-1: 0:2 : does not exist
[   74.197112][  T315] usb 3-1: USB disconnect, device number 12
[   74.204758][  T298] usb 2-1: USB disconnect, device number 10
[   74.222421][   T19] usb 1-1: USB disconnect, device number 7
[   74.222737][ T2738] EXT4-fs (loop6): unmounting filesystem.
[   74.265345][ T3584] loop6: detected capacity change from 0 to 512
[   74.284933][ T3584] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   74.299073][ T3584] ext4 filesystem being mounted at /66/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   74.334308][ T2738] EXT4-fs (loop6): unmounting filesystem.
[   74.432873][ T1032] udevd[1032]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card1/controlC1/../uevent} for writing: No such file or directory
[   74.786826][ T3632] xt_bpf: check failed: parse error
[   74.847809][ T3645] loop5: detected capacity change from 0 to 512
[   75.055185][ T3665] loop5: detected capacity change from 0 to 512
[   75.062459][   T19] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[   75.074383][ T3665] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   75.123046][ T3665] EXT4-fs (loop5): 1 truncate cleaned up
[   75.140429][ T3665] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   75.193855][ T3653] loop6: detected capacity change from 0 to 40427
[   75.203321][ T1697] EXT4-fs (loop5): unmounting filesystem.
[   75.208711][ T3653] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[   75.218152][ T3653] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[   75.248369][ T3653] F2FS-fs (loop6): Found nat_bits in checkpoint
[   75.271948][   T19] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   75.294054][   T19] usb 3-1: New USB device found, idVendor=044f, idProduct=b324, bcdDevice= 0.00
[   75.313133][   T19] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   75.328259][   T19] usb 3-1: config 0 descriptor??
[   75.351573][ T3653] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[   75.359930][ T3653] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   75.444748][ T3700] device batadv_slave_1 entered promiscuous mode
[   75.471506][ T3698] device batadv_slave_1 left promiscuous mode
[   75.541007][ T2738] syz-executor: attempt to access beyond end of device
[   75.541007][ T2738] loop6: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[   75.758719][   T19] thrustmaster 0003:044F:B324.0012: unknown main item tag 0x0
[   75.772417][   T19] thrustmaster 0003:044F:B324.0012: unknown main item tag 0x0
[   75.782813][   T19] thrustmaster 0003:044F:B324.0012: item fetching failed at offset 2/7
[   75.799293][   T19] thrustmaster 0003:044F:B324.0012: parse failed
[   75.807931][   T19] thrustmaster: probe of 0003:044F:B324.0012 failed with error -22
[   75.970684][  T315] usb 3-1: USB disconnect, device number 13
[   76.092415][   T24] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[   76.283544][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   76.294492][   T24] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[   76.303737][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   76.322078][   T24] usb 7-1: config 0 descriptor??
[   76.342393][  T298] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[   76.523499][  T298] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   76.542858][  T298] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   76.555850][ T3767] loop2: detected capacity change from 0 to 256
[   76.562827][  T298] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   76.576413][ T3761] loop5: detected capacity change from 0 to 40427
[   76.576676][  T298] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   76.603246][  T298] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   76.613058][ T3761] F2FS-fs (loop5): heap/no_heap options were deprecated
[   76.620615][ T3761] F2FS-fs (loop5): invalid crc value
[   76.633248][ T3761] F2FS-fs (loop5): Found nat_bits in checkpoint
[   76.639666][  T298] usb 2-1: config 0 descriptor??
[   76.679537][ T3761] F2FS-fs (loop5): Start checkpoint disabled!
[   76.686108][ T3761] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[   76.737085][   T24] keytouch 0003:0926:3333.0013: fixing up Keytouch IEC report descriptor
[   76.746400][ T3761] F2FS-fs (loop5): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[   76.753714][   T24] input: HID 0926:3333 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:0926:3333.0013/input/input19
[   76.809371][  T499] kworker/u4:5: attempt to access beyond end of device
[   76.809371][  T499] loop5: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[   76.855677][   T24] keytouch 0003:0926:3333.0013: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.6-1/input0
[   76.993074][ T3781] device batadv_slave_0 entered promiscuous mode
[   77.000953][ T3780] device batadv_slave_0 left promiscuous mode
[   77.010138][ T3783] xt_hashlimit: size too large, truncated to 1048576
[   77.051529][  T298] plantronics 0003:047F:FFFF.0014: No inputs registered, leaving
[   77.065754][  T298] plantronics 0003:047F:FFFF.0014: hiddev96,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[   77.288219][  T298] usb 7-1: USB disconnect, device number 5
[   77.303394][ T3789] block device autoloading is deprecated and will be removed.
[   77.707125][ T3826] 9pnet: p9_errstr2errno: server reported unknown error 184467
[   77.781484][ T3837] loop2: detected capacity change from 0 to 256
[   77.791642][ T3837] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe9e488b, utbl_chksum : 0xe619d30d)
[   77.805874][ T3837] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 1)
[   77.815360][ T3837] exFAT-fs (loop2): failed to load alloc-bitmap
[   77.838578][ T3837] exFAT-fs (loop2): failed to recognize exfat type
[   77.867266][ T3847] loop0: detected capacity change from 0 to 512
[   77.930929][ T3847] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #16: comm syz.0.1488: corrupted inode contents
[   77.948121][ T3847] EXT4-fs error (device loop0): ext4_dirty_inode:6091: inode #16: comm syz.0.1488: mark_inode_dirty error
[   77.964184][ T3847] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #16: comm syz.0.1488: corrupted inode contents
[   77.976509][ T3847] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #16: comm syz.0.1488: mark_inode_dirty error
[   77.988836][ T3847] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #16: comm syz.0.1488: corrupted inode contents
[   78.001277][ T3847] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[   78.010194][ T3847] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #16: comm syz.0.1488: corrupted inode contents
[   78.022219][ T3847] EXT4-fs error (device loop0): ext4_truncate:4313: inode #16: comm syz.0.1488: mark_inode_dirty error
[   78.033518][ T3847] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[   78.045586][ T3847] EXT4-fs (loop0): 1 truncate cleaned up
[   78.051129][ T3847] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   78.061670][ T3847] ext4 filesystem being mounted at /359/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.072588][  T499] __quota_error: 98 callbacks suppressed
[   78.072601][  T499] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   78.087965][  T499] EXT4-fs error (device loop0): ext4_release_dquot:6805: comm kworker/u4:5: Failed to release dquot type 1
[   78.109562][  T293] EXT4-fs (loop0): unmounting filesystem.
[   78.129599][   T28] audit: type=1400 audit(2000000270.389:8640): avc:  denied  { mount } for  pid=3870 comm="syz.0.1498" name="/" dev="incremental-fs" ino=1882 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   78.153790][   T28] audit: type=1400 audit(2000000270.389:8641): avc:  denied  { read } for  pid=3870 comm="syz.0.1498" name=".pending_reads" dev="incremental-fs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   78.183341][   T28] audit: type=1400 audit(2000000270.389:8642): avc:  denied  { open } for  pid=3870 comm="syz.0.1498" path="/360/file0/.pending_reads" dev="incremental-fs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   78.210602][   T28] audit: type=1400 audit(2000000270.389:8643): avc:  denied  { ioctl } for  pid=3870 comm="syz.0.1498" path="/360/file0/.pending_reads" dev="incremental-fs" ino=2 ioctlcmd=0x6725 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   78.237141][   T28] audit: type=1400 audit(2000000270.389:8644): avc:  denied  { unmount } for  pid=293 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   78.273342][ T3879] loop2: detected capacity change from 0 to 512
[   78.294704][ T3879] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.1502: casefold flag without casefold feature
[   78.307673][ T3879] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.1502: couldn't read orphan inode 15 (err -117)
[   78.320432][ T3879] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   78.344804][   T28] audit: type=1400 audit(2000000270.609:8645): avc:  denied  { setattr } for  pid=3878 comm="syz.2.1502" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   78.380769][  T295] EXT4-fs (loop2): unmounting filesystem.
[   78.386671][   T28] audit: type=1400 audit(2000000270.639:8646): avc:  denied  { create } for  pid=3878 comm="syz.2.1502" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   78.407423][   T28] audit: type=1400 audit(2000000270.639:8647): avc:  denied  { setattr } for  pid=3878 comm="syz.2.1502" name="file0" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   78.436924][ T3877] loop0: detected capacity change from 0 to 40427
[   78.445978][ T3877] F2FS-fs (loop0): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[   78.453662][ T3877] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   78.462120][ T3877] F2FS-fs (loop0): invalid crc value
[   78.468879][ T3877] F2FS-fs (loop0): Found nat_bits in checkpoint
[   78.504373][ T3877] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   78.511312][ T3877] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[   78.526462][ T3877] syz.0.1501: attempt to access beyond end of device
[   78.526462][ T3877] loop0: rw=2051, sector=36912, nr_sectors = 8144 limit=40427
[   78.540595][ T3877] syz.0.1501: attempt to access beyond end of device
[   78.540595][ T3877] loop0: rw=2051, sector=45096, nr_sectors = 20440 limit=40427
[   78.557836][ T3877] F2FS-fs (loop0): Issue discard(4614, 4614, 1018) failed, ret: -5
[   78.557865][ T3877] F2FS-fs (loop0): Issue discard(5637, 5637, 2555) failed, ret: -5
[   78.633010][ T3889] devtmpfs: Unknown parameter 'dirsync�'
[   78.682414][ T2555] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[   78.763628][ T3898] loop6: detected capacity change from 0 to 512
[   78.770405][ T3898] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   78.783824][ T3898] EXT4-fs (loop6): 1 truncate cleaned up
[   78.799796][ T3898] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   78.825713][ T2738] EXT4-fs (loop6): unmounting filesystem.
[   78.843084][ T3903] tmpfs: Unknown parameter 'm'
[   78.847786][   T28] audit: type=1400 audit(2000000271.109:8648): avc:  denied  { ioctl } for  pid=3905 comm="syz.5.1513" path="socket:[30288]" dev="sockfs" ino=30288 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   78.891207][ T3911] 9pnet: p9_errstr2errno: server reported unknown error 184467
[   78.900398][ T3913] incfs: Options parsing error. -22
[   78.903743][ T2555] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   78.906360][ T3913] incfs: mount failed -22
[   78.931380][ T2555] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   78.941075][ T2555] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   78.953939][ T2555] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   78.963362][ T2555] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   78.986079][ T2555] usb 3-1: config 0 descriptor??
[   79.187144][ T3936] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[   79.201520][  T472] usb 2-1: USB disconnect, device number 11
[   79.208241][ T3936] overlayfs: overlapping lowerdir path
[   79.406582][ T2555] plantronics 0003:047F:FFFF.0015: No inputs registered, leaving
[   79.431211][ T2555] plantronics 0003:047F:FFFF.0015: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   79.503720][ T3961] loop5: detected capacity change from 0 to 1024
[   79.582792][ T3961] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   79.673440][   T24] usb 3-1: USB disconnect, device number 14
[   79.691119][ T1697] EXT4-fs (loop5): unmounting filesystem.
[   80.198950][ T4005] loop2: detected capacity change from 0 to 512
[   80.243712][ T4005] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   80.253116][ T4005] ext4 filesystem being mounted at /230/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.294478][ T4005] EXT4-fs error (device loop2): ext4_xattr_block_get:546: inode #15: comm syz.2.1556: corrupted xattr block 33
[   80.306558][ T4005] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[   80.315437][ T4005] EXT4-fs error (device loop2): ext4_xattr_block_get:546: inode #15: comm syz.2.1556: corrupted xattr block 33
[   80.330683][ T4009] binder: 4008:4009 ioctl c0306201 200000000680 returned -14
[   80.338000][ T4005] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[   80.348591][ T4005] EXT4-fs error (device loop2): ext4_xattr_block_get:546: inode #15: comm syz.2.1556: corrupted xattr block 33
[   80.360583][ T4005] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[   80.370164][ T4005] EXT4-fs error (device loop2): ext4_get_first_dir_block:3591: inode #12: block 32: comm syz.2.1556: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=2048 fake=0
[   80.390782][ T4005] EXT4-fs error (device loop2): ext4_get_first_dir_block:3594: inode #12: comm syz.2.1556: directory missing '.'
[   80.421288][  T295] EXT4-fs (loop2): unmounting filesystem.
[   80.673702][ T4039] loop6: detected capacity change from 0 to 512
[   80.689648][ T4039] EXT4-fs: Ignoring removed bh option
[   80.706961][ T4039] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[   80.726148][ T4046] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   80.735268][ T4046] FAT-fs (loop3): unable to read boot sector
[   80.735929][ T4039] EXT4-fs (loop6): 1 truncate cleaned up
[   80.746940][ T4039] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[   80.772410][  T316] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[   80.814314][ T2738] EXT4-fs (loop6): unmounting filesystem.
[   80.830722][ T4056] tipc: Started in network mode
[   80.839818][ T4056] tipc: Node identity 7f000001, cluster identity 4711
[   80.848135][ T4056] tipc: Enabled bearer <udp:syz2>, priority 10
[   80.878840][ T4063] loop5: detected capacity change from 0 to 128
[   80.895690][ T4063] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   80.904910][ T4063] ext4 filesystem being mounted at /209/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.927055][ T1697] EXT4-fs (loop5): unmounting filesystem.
[   80.962440][  T316] usb 3-1: Using ep0 maxpacket: 16
[   80.973982][  T316] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[   80.988042][  T316] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   81.010165][  T316] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[   81.036872][  T316] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   81.055693][  T316] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   81.064453][  T316] usb 3-1: Product: syz
[   81.068491][  T316] usb 3-1: Manufacturer: syz
[   81.072949][  T316] usb 3-1: SerialNumber: syz
[   81.205314][ T4094] block device autoloading is deprecated and will be removed.
[   81.221130][ T4094] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   81.237992][ T4094] FAT-fs (loop1): unable to read boot sector
[   81.327052][ T4109] loop5: detected capacity change from 0 to 512
[   81.361041][ T4109] EXT4-fs error (device loop5): ext4_do_update_inode:5226: inode #16: comm syz.5.1601: corrupted inode contents
[   81.364459][ T4117] loop0: detected capacity change from 0 to 1024
[   81.373036][ T4109] EXT4-fs error (device loop5): ext4_dirty_inode:6091: inode #16: comm syz.5.1601: mark_inode_dirty error
[   81.384553][ T4117] EXT4-fs: Ignoring removed orlov option
[   81.390687][ T4109] EXT4-fs error (device loop5): ext4_do_update_inode:5226: inode #16: comm syz.5.1601: corrupted inode contents
[   81.407822][ T4109] EXT4-fs error (device loop5): __ext4_ext_dirty:202: inode #16: comm syz.5.1601: mark_inode_dirty error
[   81.408081][ T4117] EXT4-fs (loop0): Test dummy encryption mode enabled
[   81.424829][ T4109] EXT4-fs error (device loop5): ext4_do_update_inode:5226: inode #16: comm syz.5.1601: corrupted inode contents
[   81.427410][ T4117] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   81.437932][ T4109] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[   81.454661][ T4109] EXT4-fs error (device loop5): ext4_do_update_inode:5226: inode #16: comm syz.5.1601: corrupted inode contents
[   81.467033][ T4109] EXT4-fs error (device loop5): ext4_truncate:4313: inode #16: comm syz.5.1601: mark_inode_dirty error
[   81.478085][ T4109] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[   81.487454][ T4109] EXT4-fs (loop5): 1 truncate cleaned up
[   81.491707][  T316] usb 3-1: 0:2 : does not exist
[   81.493611][ T4109] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   81.506637][ T1674] EXT4-fs error (device loop5): ext4_release_dquot:6805: comm kworker/u4:20: Failed to release dquot type 1
[   81.507150][ T4109] ext4 filesystem being mounted at /215/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.519187][  T293] EXT4-fs (loop0): unmounting filesystem.
[   81.566784][ T1697] EXT4-fs (loop5): unmounting filesystem.
[   81.634763][ T4129] loop0: detected capacity change from 0 to 512
[   81.644612][ T4129] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   81.653517][ T4129] ext4 filesystem being mounted at /395/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.670401][ T4132] loop5: detected capacity change from 0 to 4096
[   81.682502][ T4129] EXT4-fs (loop0): shut down requested (0)
[   81.690362][ T4132] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   81.716341][  T293] EXT4-fs (loop0): unmounting filesystem.
[   81.726328][ T4137] loop6: detected capacity change from 0 to 512
[   81.738766][ T4137] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   81.755874][ T4137] EXT4-fs (loop6): 1 truncate cleaned up
[   81.761622][ T4137] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   81.773700][ T4137] EXT4-fs warning (device loop6): verify_group_input:151: Cannot add at group 1953002597 (only 1 groups)
[   81.795243][ T2738] EXT4-fs (loop6): unmounting filesystem.
[   81.842470][  T472] tipc: Node number set to 2130706433
[   81.920945][ T4154] SELinux:  Context system_u:object_r:lib_t:s0 is not valid (left unmapped).
[   81.991049][ T4164] loop6: detected capacity change from 0 to 512
[   81.998014][ T4164] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   82.045978][ T4164] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1625'.
[   82.104794][  T316] usb 3-1: 1:0: failed to get current value for ch 0 (-22)
[   82.119969][  T316] usb 3-1: USB disconnect, device number 15
[   82.222238][ T4174] loop6: detected capacity change from 0 to 40427
[   82.227197][ T4178] loop1: detected capacity change from 0 to 128
[   82.238130][ T4174] F2FS-fs (loop6): fault_injection options not supported
[   82.245883][ T4174] F2FS-fs (loop6): invalid crc value
[   82.271982][ T4174] F2FS-fs (loop6): Found nat_bits in checkpoint
[   82.329664][ T4174] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   82.353090][ T3368] udevd[3368]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   82.362834][ T4188] loop0: detected capacity change from 0 to 256
[   82.385287][ T4188] FAT-fs (loop0): Directory bread(block 64) failed
[   82.398245][ T4188] FAT-fs (loop0): Directory bread(block 65) failed
[   82.406980][ T2738] syz-executor: attempt to access beyond end of device
[   82.406980][ T2738] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   82.410512][ T4188] FAT-fs (loop0): Directory bread(block 66) failed
[   82.440483][ T4193] loop1: detected capacity change from 0 to 128
[   82.440936][ T4188] FAT-fs (loop0): Directory bread(block 67) failed
[   82.457135][ T1697] EXT4-fs (loop5): unmounting filesystem.
[   82.478194][ T4188] FAT-fs (loop0): Directory bread(block 68) failed
[   82.489710][ T4188] FAT-fs (loop0): Directory bread(block 69) failed
[   82.501445][ T4188] FAT-fs (loop0): Directory bread(block 70) failed
[   82.513057][ T4188] FAT-fs (loop0): Directory bread(block 71) failed
[   82.529024][ T4188] FAT-fs (loop0): Directory bread(block 72) failed
[   82.552452][ T4188] FAT-fs (loop0): Directory bread(block 73) failed
[   82.753778][ T4227] SELinux:  policydb magic number 0x6c65732f does not match expected magic number 0xf97cff8c
[   82.764128][ T4227] SELinux: failed to load policy
[   82.787915][ T4229] loop0: detected capacity change from 0 to 256
[   82.858779][ T4234] loop0: detected capacity change from 0 to 1024
[   82.897645][ T4234] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   82.950973][  T293] EXT4-fs (loop0): unmounting filesystem.
[   83.252409][  T223] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[   83.340483][ T4266] loop2: detected capacity change from 0 to 40427
[   83.347899][ T4266] F2FS-fs (loop2): fault_injection options not supported
[   83.356625][ T4266] F2FS-fs (loop2): Image doesn't support compression
[   83.363516][ T4266] F2FS-fs (loop2): Image doesn't support compression
[   83.370403][ T4266] F2FS-fs (loop2): fault_type options not supported
[   83.384689][ T4266] F2FS-fs (loop2): invalid crc value
[   83.390751][ T4266] F2FS-fs (loop2): Found nat_bits in checkpoint
[   83.422464][  T316] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[   83.430708][ T4275] loop1: detected capacity change from 0 to 1024
[   83.445546][  T223] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   83.445761][ T4275] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   83.456479][  T223] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   83.472498][ T4266] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   83.474152][  T223] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   83.494276][  T223] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   83.503290][  T223] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   83.511734][  T223] usb 6-1: config 0 descriptor??
[   83.528386][  T292] EXT4-fs (loop1): unmounting filesystem.
[   83.537584][   T28] kauditd_printk_skb: 31 callbacks suppressed
[   83.537598][   T28] audit: type=1400 audit(2000000275.799:8679): avc:  denied  { mounton } for  pid=4265 comm="syz.2.1666" path="/243/file0/bus" dev="loop2" ino=17 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   83.567034][   T28] audit: type=1400 audit(2000000275.799:8680): avc:  denied  { remove_name } for  pid=4265 comm="syz.2.1666" name="#c" dev="loop2" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   83.576800][  T295] syz-executor: attempt to access beyond end of device
[   83.576800][  T295] loop2: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[   83.605721][   T28] audit: type=1400 audit(2000000275.799:8681): avc:  denied  { rename } for  pid=4265 comm="syz.2.1666" name="#c" dev="loop2" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   83.633556][  T295] syz-executor: attempt to access beyond end of device
[   83.633556][  T295] loop2: rw=0, sector=45064, nr_sectors = 8 limit=40427
[   83.637212][   T28] audit: type=1400 audit(2000000275.799:8682): avc:  denied  { unlink } for  pid=4265 comm="syz.2.1666" name="#c" dev="loop2" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[   83.669734][   T28] audit: type=1400 audit(2000000275.799:8683): avc:  denied  { unlink } for  pid=4265 comm="syz.2.1666" name="#d" dev="loop2" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   83.682962][  T316] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   83.705266][  T316] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[   83.710514][  T499] kworker/u4:5: attempt to access beyond end of device
[   83.710514][  T499] loop2: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[   83.726979][  T316] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   83.736789][  T316] usb 1-1: config 0 descriptor??
[   83.925554][  T223] plantronics 0003:047F:FFFF.0016: No inputs registered, leaving
[   83.957749][  T223] plantronics 0003:047F:FFFF.0016: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[   84.146243][  T316] keytouch 0003:0926:3333.0017: fixing up Keytouch IEC report descriptor
[   84.163881][  T316] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0017/input/input22
[   84.180833][   T28] audit: type=1400 audit(2000000276.439:8684): avc:  denied  { mounton } for  pid=4297 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   84.203973][  T223] usb 6-1: USB disconnect, device number 8
[   84.246045][  T316] keytouch 0003:0926:3333.0017: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[   84.331308][ T1674] device bridge_slave_1 left promiscuous mode
[   84.339081][ T1674] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.360021][ T4261] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   84.378395][ T1674] device bridge_slave_0 left promiscuous mode
[   84.384451][ T4261] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   84.392071][ T1674] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.416813][ T1674] device veth1_macvtap left promiscuous mode
[   84.422806][ T1674] device veth0_vlan left promiscuous mode
[   84.588355][ T4297] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.605913][ T4297] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.622723][ T4297] device bridge_slave_0 entered promiscuous mode
[   84.643773][ T4297] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.650634][ T4297] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.658247][ T4297] device bridge_slave_1 entered promiscuous mode
[   84.760201][  T223] usb 1-1: USB disconnect, device number 8
[   84.905125][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   84.913612][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   84.923768][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   84.932755][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   84.945583][  T499] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.952547][  T499] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.973045][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   84.980894][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   84.989009][   T28] audit: type=1400 audit(2000000277.249:8685): avc:  denied  { ioctl } for  pid=4338 comm="syz.5.1699" path="socket:[32088]" dev="sockfs" ino=32088 ioctlcmd=0x48d2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   84.990329][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   85.038861][  T499] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.045763][  T499] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.055564][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   85.068326][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   85.076446][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   85.094333][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   85.131902][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   85.141451][   T28] audit: type=1400 audit(2000000277.399:8686): avc:  denied  { getattr } for  pid=4347 comm="syz.5.1703" name="KEY" dev="sockfs" ino=32782 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   85.150178][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   85.191375][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   85.200925][ T4350] loop5: detected capacity change from 0 to 1024
[   85.215383][ T4297] device veth0_vlan entered promiscuous mode
[   85.230536][   T28] audit: type=1400 audit(2000000277.489:8687): avc:  denied  { mount } for  pid=4352 comm="syz.1.1705" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   85.255664][ T1667] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   85.257619][ T4297] device veth1_macvtap entered promiscuous mode
[   85.258505][ T4350] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   85.262158][ T1667] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   85.262482][ T1667] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   85.264041][ T1667] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   85.264310][ T1667] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   85.276388][   T28] audit: type=1400 audit(2000000277.529:8688): avc:  denied  { write } for  pid=84 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   85.304696][ T4350] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:3841: comm syz.5.1704: Allocating blocks 497-513 which overlap fs metadata
[   85.311065][ T4350] EXT4-fs (loop5): pa ffff88811943c5e8: logic 256, phys. 385, len 8
[   85.311096][ T4350] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[   85.339030][ T4360] loop6: detected capacity change from 0 to 1024
[   85.369310][ T4360] EXT4-fs: Ignoring removed orlov option
[   85.373914][ T4360] EXT4-fs (loop6): Test dummy encryption mode enabled
[   85.378112][ T4360] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   85.405930][ T1697] EXT4-fs (loop5): unmounting filesystem.
[   85.424256][ T4360] 9pnet_fd: Insufficient options for proto=fd
[   85.542241][ T2738] EXT4-fs (loop6): unmounting filesystem.
[   85.592429][   T24] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[   85.650678][ T4374] netlink: 'syz.5.1712': attribute type 4 has an invalid length.
[   85.702924][ T4384] netlink: 'syz.5.1715': attribute type 3 has an invalid length.
[   85.759237][ T4391] syz.5.1718[4391] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   85.759317][ T4391] syz.5.1718[4391] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   85.774064][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   85.805607][   T24] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[   85.842374][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   85.856620][   T24] usb 2-1: config 0 descriptor??
[   86.070430][ T4389] loop6: detected capacity change from 0 to 40427
[   86.081425][ T4389] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[   86.095914][ T4389] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[   86.140032][ T4389] F2FS-fs (loop6): Found nat_bits in checkpoint
[   86.256011][ T4389] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[   86.271070][   T24] keytouch 0003:0926:3333.0018: fixing up Keytouch IEC report descriptor
[   86.277801][ T4389] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   86.294082][   T24] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.0018/input/input23
[   86.406499][   T24] keytouch 0003:0926:3333.0018: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0
[   86.654625][ T4415] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.661595][ T4415] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.669352][ T4415] device bridge_slave_0 entered promiscuous mode
[   86.678210][ T4415] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.685277][ T4415] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.693451][ T4415] device bridge_slave_1 entered promiscuous mode
[   86.807073][  T472] usb 2-1: USB disconnect, device number 12
[   86.808705][   T24] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[   86.846955][ T4415] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.853844][ T4415] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.861040][ T4415] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.867827][ T4415] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.911585][ T1690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   86.928849][ T1690] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.946009][ T1690] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.968567][ T1690] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   86.977227][ T1690] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.984094][ T1690] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.992061][ T1690] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   87.006866][ T1690] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.013742][ T1690] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.013759][   T24] usb 7-1: Using ep0 maxpacket: 16
[   87.021375][ T1690] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   87.042117][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   87.051292][ T4415] device veth0_vlan entered promiscuous mode
[   87.058983][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   87.070381][ T1690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   87.087155][   T24] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00
[   87.087412][ T1690] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   87.102375][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   87.111959][ T4441] loop5: detected capacity change from 0 to 1024
[   87.123334][ T4441] EXT4-fs: Ignoring removed orlov option
[   87.129033][ T1690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   87.137832][   T24] usb 7-1: config 0 descriptor??
[   87.141429][ T1690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   87.143642][ T4441] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   87.152642][ T1690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   87.162534][ T1667] tipc: Subscription rejected, illegal request
[   87.169904][ T1690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   87.184712][ T1674] device bridge_slave_1 left promiscuous mode
[   87.190661][ T1674] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.198439][ T1674] device bridge_slave_0 left promiscuous mode
[   87.204982][ T1674] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.215495][ T4441] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   87.224278][ T1674] device veth1_macvtap left promiscuous mode
[   87.230168][ T1674] device veth0_vlan left promiscuous mode
[   87.261962][ T1697] EXT4-fs (loop5): unmounting filesystem.
[   87.305262][  T102] udevd[102]: worker [1032] terminated by signal 33 (Unknown signal 33)
[   87.321684][  T102] udevd[102]: worker [1032] failed while handling '/devices/virtual/block/loop5'
[   87.347177][ T4459] binder: 4458:4459 ioctl c0306201 200000000640 returned -22
[   87.415631][ T1690] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   87.432730][ T1690] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   87.448159][ T1690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   87.462910][ T1690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   87.483504][ T4415] device veth1_macvtap entered promiscuous mode
[   87.511385][ T1690] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   87.523966][ T1690] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   87.532173][ T1690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   87.540768][ T1690] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   87.549003][ T1690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   87.580168][   T24] konepure 0003:1E7D:2DB4.0019: unknown main item tag 0x0
[   87.592473][   T24] konepure 0003:1E7D:2DB4.0019: unknown main item tag 0x0
[   87.601996][   T24] konepure 0003:1E7D:2DB4.0019: unknown main item tag 0x0
[   87.609068][ T2555] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[   87.624838][   T24] konepure 0003:1E7D:2DB4.0019: unknown main item tag 0x0
[   87.634546][   T24] konepure 0003:1E7D:2DB4.0019: hidraw0: USB HID v0.00 Device [HID 1e7d:2db4] on usb-dummy_hcd.6-1/input0
[   87.775051][ T4477] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1753'.
[   87.790305][  T298] usb 7-1: USB disconnect, device number 6
[   87.813579][ T2555] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   87.824502][ T2555] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   87.834359][ T2555] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   87.847385][ T2555] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   87.856321][  T472] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[   87.856594][ T2555] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   87.872729][ T2555] usb 1-1: config 0 descriptor??
[   87.912497][   T19] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   87.919881][  T316] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[   87.947946][ T1674] Bluetooth: hci0: Frame reassembly failed (-84)
[   87.962601][   T19] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   88.012489][   T19] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   88.042490][   T19] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   88.050854][  T472] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   88.063135][  T472] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   88.072143][  T472] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   88.080172][  T472] usb 2-1: Product: syz
[   88.084279][  T472] usb 2-1: Manufacturer: syz
[   88.088657][  T472] usb 2-1: SerialNumber: syz
[   88.094179][   T19] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   88.102403][  T316] usb 9-1: Using ep0 maxpacket: 16
[   88.108599][  T316] usb 9-1: config 0 has an invalid interface number: 105 but max is 0
[   88.116659][  T316] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   88.126549][  T316] usb 9-1: config 0 has no interface number 0
[   88.132610][   T19] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   88.141192][  T316] usb 9-1: New USB device found, idVendor=046c, idProduct=14e8, bcdDevice= b.28
[   88.150090][  T316] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   88.157901][  T316] usb 9-1: Product: syz
[   88.161857][  T316] usb 9-1: Manufacturer: syz
[   88.166320][  T316] usb 9-1: SerialNumber: syz
[   88.171696][  T316] usb 9-1: config 0 descriptor??
[   88.176783][   T19] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   88.282471][ T4484] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   88.283748][ T2555] plantronics 0003:047F:FFFF.001A: unknown main item tag 0xd
[   88.298424][ T2555] plantronics 0003:047F:FFFF.001A: No inputs registered, leaving
[   88.318836][ T2555] plantronics 0003:047F:FFFF.001A: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[   88.336668][ T4487] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[   88.345692][ T4487] overlayfs: missing 'lowerdir'
[   88.353034][ T4484] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   88.386902][  T316] usb 9-1: Found UVC 0.00 device syz (046c:14e8)
[   88.393237][  T316] usb 9-1: No valid video chain found.
[   88.398895][   T19] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   88.477908][ T4494] loop6: detected capacity change from 0 to 512
[   88.491294][ T4494] EXT4-fs: Ignoring removed oldalloc option
[   88.499646][ T4494] EXT4-fs error (device loop6): ext4_xattr_inode_iget:400: comm syz.6.1760: Parent and EA inode have the same ino 15
[   88.513162][ T4494] EXT4-fs (loop6): Remounting filesystem read-only
[   88.519629][ T4494] EXT4-fs error (device loop6): ext4_xattr_inode_iget:400: comm syz.6.1760: Parent and EA inode have the same ino 15
[   88.531966][ T4494] EXT4-fs (loop6): Remounting filesystem read-only
[   88.538459][ T4494] EXT4-fs (loop6): 1 orphan inode deleted
[   88.544158][ T4494] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[   88.561437][ T2738] EXT4-fs (loop6): unmounting filesystem.
[   88.574133][   T24] usb 1-1: USB disconnect, device number 9
[   88.596184][ T2555] usb 9-1: USB disconnect, device number 2
[   88.657080][ T4501] loop6: detected capacity change from 0 to 512
[   88.663883][ T4501] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[   88.673024][ T4501] EXT4-fs (loop6): orphan cleanup on readonly fs
[   88.679254][ T4501] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2
[   88.687791][ T4501] EXT4-fs (loop6): 1 truncate cleaned up
[   88.693327][ T4501] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   88.749678][ T2738] EXT4-fs (loop6): unmounting filesystem.
[   89.117859][  T472] cdc_ncm 2-1:1.0: failed to get mac address
[   89.126938][  T472] cdc_ncm 2-1:1.0: bind() failure
[   89.136134][  T472] cdc_ncm: probe of 2-1:1.1 failed with error -71
[   89.145631][  T472] cdc_mbim: probe of 2-1:1.1 failed with error -71
[   89.157711][  T472] usb 2-1: USB disconnect, device number 13
[   89.191885][ T4515] incfs: Options parsing error. -22
[   89.201576][ T4515] incfs: mount failed -22
[   89.220610][   T28] kauditd_printk_skb: 19 callbacks suppressed
[   89.220623][   T28] audit: type=1400 audit(2000000281.479:8708): avc:  denied  { write } for  pid=4518 comm="syz.0.1771" name="event2" dev="devtmpfs" ino=271 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   89.260402][   T28] audit: type=1400 audit(2000000281.509:8709): avc:  denied  { open } for  pid=4518 comm="syz.0.1771" path="/dev/input/event2" dev="devtmpfs" ino=271 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   89.301424][   T28] audit: type=1400 audit(2000000281.509:8710): avc:  denied  { read } for  pid=4518 comm="syz.0.1771" name="event2" dev="devtmpfs" ino=271 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   89.326490][   T28] audit: type=1326 audit(2000000281.559:8711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4523 comm="syz.0.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f351b18d169 code=0x7ffc0000
[   89.350910][   T28] audit: type=1326 audit(2000000281.559:8712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4523 comm="syz.0.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f351b18d169 code=0x7ffc0000
[   89.374860][   T28] audit: type=1326 audit(2000000281.559:8713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4523 comm="syz.0.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f351b18d169 code=0x7ffc0000
[   89.421900][   T28] audit: type=1326 audit(2000000281.559:8714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4523 comm="syz.0.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f351b18d169 code=0x7ffc0000
[   89.447113][   T28] audit: type=1326 audit(2000000281.559:8715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4523 comm="syz.0.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f351b18d169 code=0x7ffc0000
[   89.474273][ T4533] loop0: detected capacity change from 0 to 512
[   89.481296][   T28] audit: type=1326 audit(2000000281.559:8716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4523 comm="syz.0.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f351b18d169 code=0x7ffc0000
[   89.505019][   T28] audit: type=1326 audit(2000000281.559:8717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4523 comm="syz.0.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f351b18d169 code=0x7ffc0000
[   89.530046][ T4533] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   89.538935][ T4533] ext4 filesystem being mounted at /440/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.586366][  T293] EXT4-fs (loop0): unmounting filesystem.
[   89.664823][ T4543] input: syz0 as /devices/virtual/input/input25
[   89.776722][ T4559] loop8: detected capacity change from 0 to 256
[   89.871372][ T4569] loop8: detected capacity change from 0 to 1024
[   89.897446][ T4569] EXT4-fs: Ignoring removed orlov option
[   89.903487][ T4569] EXT4-fs (loop8): Test dummy encryption mode enabled
[   89.918390][ T4569] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[   89.936077][ T4575] SELinux:  Context system_u:object_r:iptables_unit_file_t:s0 is not valid (left unmapped).
[   89.973749][ T4415] EXT4-fs (loop8): unmounting filesystem.
[   90.019801][ T4579] loop1: detected capacity change from 0 to 8192
[   90.027966][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[   90.033873][ T1490] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   90.089880][ T4591] overlayfs: missing 'lowerdir'
[   90.176679][ T4605] loop0: detected capacity change from 0 to 1024
[   90.242964][ T4609] SELinux: security_context_str_to_sid (u) failed with errno=-22
[   90.283874][ T4615] netem: change failed
[   90.304584][ T4620] loop6: detected capacity change from 0 to 512
[   90.314095][ T4622] SELinux:  Context � is not valid (left unmapped).
[   90.378781][ T4620] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   90.389581][ T4620] ext4 filesystem being mounted at /152/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   90.462464][ T2738] EXT4-fs (loop6): unmounting filesystem.
[   90.629527][ T4647] loop0: detected capacity change from 0 to 1024
[   90.657410][ T4647] EXT4-fs: Ignoring removed orlov option
[   90.677797][ T4647] EXT4-fs (loop0): Test dummy encryption mode enabled
[   91.021256][ T4660] loop8: detected capacity change from 0 to 512
[   91.048311][ T4660] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem
[   91.076712][ T4660] EXT4-fs (loop8): orphan cleanup on readonly fs
[   91.091552][ T4660] EXT4-fs (loop8): Cannot turn on journaled quota: type 0: error -2
[   91.134548][ T4660] EXT4-fs (loop8): 1 truncate cleaned up
[   91.245511][ T4669] loop0: detected capacity change from 0 to 2048
[   91.330272][ T4683] loop1: detected capacity change from 0 to 256
[   91.340023][ T4685] netem: change failed
[   91.402715][ T4689] 9pnet: p9_errstr2errno: server reported unknown error �@
[   91.423069][ T4693] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1846'.
[   91.438576][ T4692] ������: renamed from vlan0
[   91.468646][ T4698] loop6: detected capacity change from 0 to 512
[   91.493580][ T4698] EXT4-fs error (device loop6): ext4_xattr_inode_iget:404: comm syz.6.1848: inode #1: comm syz.6.1848: iget: illegal inode #
[   91.534869][ T4698] EXT4-fs error (device loop6): ext4_xattr_inode_iget:409: comm syz.6.1848: error while reading EA inode 1 err=-117
[   91.566426][ T4698] EXT4-fs (loop6): 1 orphan inode deleted
[   91.608193][ T4714] incfs: Backing dir is not set, filesystem can't be mounted.
[   91.616122][ T4714] incfs: mount failed -2
[   91.649824][ T4718] loop8: detected capacity change from 0 to 512
[   91.664191][ T4718] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[   91.716770][ T4718] EXT4-fs (loop8): 1 truncate cleaned up
[   91.861442][ T4739] loop5: detected capacity change from 0 to 256
[   91.868345][ T4739] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   91.884156][ T4739] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   91.992384][ T4484] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[   92.184012][ T4484] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   92.198383][ T4484] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   92.208501][ T4484] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   92.223155][ T4484] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   92.224035][ T1690] kworker/u4:35: attempt to access beyond end of device
[   92.224035][ T1690] loop1: rw=1, sector=256, nr_sectors = 288 limit=256
[   92.232076][ T4484] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   92.246532][ T1690] kworker/u4:35: attempt to access beyond end of device
[   92.246532][ T1690] loop1: rw=1, sector=608, nr_sectors = 416 limit=256
[   92.259328][ T4484] usb 7-1: config 0 descriptor??
[   92.269231][ T1690] kworker/u4:35: attempt to access beyond end of device
[   92.269231][ T1690] loop1: rw=1, sector=1056, nr_sectors = 2984 limit=256
[   92.272959][ T4769] binder: 4768:4769 ioctl c0306201 200000000240 returned -14
[   92.288615][ T1690] kworker/u4:35: attempt to access beyond end of device
[   92.288615][ T1690] loop1: rw=1, sector=4040, nr_sectors = 2736 limit=256
[   92.309532][ T1690] kworker/u4:35: attempt to access beyond end of device
[   92.309532][ T1690] loop1: rw=1, sector=6776, nr_sectors = 4064 limit=256
[   92.327950][ T1690] kworker/u4:35: attempt to access beyond end of device
[   92.327950][ T1690] loop1: rw=1, sector=10840, nr_sectors = 4488 limit=256
[   92.346910][ T1690] kworker/u4:35: attempt to access beyond end of device
[   92.346910][ T1690] loop1: rw=1, sector=15328, nr_sectors = 5000 limit=256
[   92.379143][ T1690] kworker/u4:35: attempt to access beyond end of device
[   92.379143][ T1690] loop1: rw=1, sector=20328, nr_sectors = 3096 limit=256
[   92.405152][ T1690] kworker/u4:35: attempt to access beyond end of device
[   92.405152][ T1690] loop1: rw=1, sector=23424, nr_sectors = 3040 limit=256
[   92.428559][ T1690] kworker/u4:35: attempt to access beyond end of device
[   92.428559][ T1690] loop1: rw=1, sector=26464, nr_sectors = 2272 limit=256
[   92.709580][ T4484] plantronics 0003:047F:FFFF.001B: No inputs registered, leaving
[   92.721983][ T4484] plantronics 0003:047F:FFFF.001B: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[   92.763157][ T4820] I/O error, dev loop17, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   92.772528][ T4820] FAT-fs (loop17): unable to read boot sector
[   93.061758][ T4855] loop0: detected capacity change from 0 to 256
[   93.070774][ T4855] exfat: Deprecated parameter 'namecase'
[   93.076560][ T4855] exfat: Deprecated parameter 'utf8'
[   93.085978][ T4855] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6d3f72e, utbl_chksum : 0xe619d30d)
[   93.104997][  T472] hid-generic 0002:0003:0008.001C: item fetching failed at offset 0/1
[   93.113993][  T472] hid-generic: probe of 0002:0003:0008.001C failed with error -22
[   93.158350][ T4860] loop1: detected capacity change from 0 to 512
[   93.170768][ T4860] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.1920: casefold flag without casefold feature
[   93.183769][ T4860] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1920: couldn't read orphan inode 15 (err -117)
[   93.250652][ T4869] loop1: detected capacity change from 0 to 1024
[   93.259680][ T4869] EXT4-fs error (device loop1): ext4_orphan_get:1426: comm syz.1.1923: bad orphan inode 2304
[   93.296285][ T4872] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   93.305387][ T4872] FAT-fs (loop3): unable to read boot sector
[   93.668123][ T4893] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   93.675459][ T4893] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   93.747770][ T4901] netlink: 'syz.1.1937': attribute type 2 has an invalid length.
[   93.843572][ T4917] device bridge1 entered promiscuous mode
[   93.888433][ T4925] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   94.079794][ T4953] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[   94.279648][   T28] kauditd_printk_skb: 51 callbacks suppressed
[   94.279665][   T28] audit: type=1400 audit(2000000286.539:8769): avc:  denied  { name_bind } for  pid=4977 comm="syz.1.1973" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[   94.311930][   T28] audit: type=1400 audit(2000000286.539:8770): avc:  denied  { create } for  pid=4977 comm="syz.1.1973" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   94.332644][   T28] audit: type=1400 audit(2000000286.539:8771): avc:  denied  { write } for  pid=4977 comm="syz.1.1973" path="socket:[34751]" dev="sockfs" ino=34751 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   94.357825][   T28] audit: type=1400 audit(2000000286.539:8772): avc:  denied  { nlmsg_read } for  pid=4977 comm="syz.1.1973" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   94.417556][   T28] audit: type=1400 audit(2000000286.679:8773): avc:  denied  { create } for  pid=4984 comm="syz.1.1976" anonclass=[userfaultfd] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   94.439142][   T28] audit: type=1400 audit(2000000286.679:8774): avc:  denied  { ioctl } for  pid=4984 comm="syz.1.1976" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=34772 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   94.479452][   T28] audit: type=1400 audit(2000000286.739:8775): avc:  denied  { read } for  pid=4988 comm="syz.1.1977" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   94.502530][   T28] audit: type=1400 audit(2000000286.739:8776): avc:  denied  { open } for  pid=4988 comm="syz.1.1977" path="/dev/kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   94.525525][   T28] audit: type=1400 audit(2000000286.739:8777): avc:  denied  { ioctl } for  pid=4988 comm="syz.1.1977" path="/dev/kvm" dev="devtmpfs" ino=83 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   94.568372][   T28] audit: type=1400 audit(2000000286.829:8778): avc:  denied  { create } for  pid=4993 comm="syz.6.1979" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   94.569618][ T4994] xt_hashlimit: size too large, truncated to 1048576
[   94.643982][ T4999] syz.1.1981[4999] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   94.644063][ T4999] syz.1.1981[4999] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   94.658544][ T5001] Invalid ELF header magic: != ELF
[   94.853156][  T472] usb 7-1: USB disconnect, device number 7
[   95.472614][ T5037] loop1: detected capacity change from 0 to 40427
[   95.480069][ T5037] F2FS-fs (loop1): fault_injection options not supported
[   95.487838][ T5037] F2FS-fs (loop1): invalid crc value
[   95.494319][ T5037] F2FS-fs (loop1): Found nat_bits in checkpoint
[   95.529234][ T5037] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   95.562614][ T4484] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[   95.752394][ T4484] usb 9-1: Using ep0 maxpacket: 32
[   95.758848][ T4484] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   95.769967][ T4484] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   95.780505][ T4484] usb 9-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[   95.789877][ T4484] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.799172][ T4484] usb 9-1: config 0 descriptor??
[   96.026584][ T5068] loop1: detected capacity change from 0 to 128
[   96.033112][ T5068] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   96.045197][ T5068] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   96.073393][  T499] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   96.214093][ T4484] savu 0003:1E7D:2D5A.001D: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.8-1/input0
[   96.263944][ T5074] overlayfs: upper fs does not support file handles, falling back to index=off.
[   96.273360][ T5074] overlayfs: NFS export requires "index=on", falling back to nfs_export=off.
[   96.483269][   T39] usb 9-1: USB disconnect, device number 3
[   96.699160][ T5108] loop6: detected capacity change from 0 to 512
[   96.705558][ T5108] EXT4-fs: Ignoring removed orlov option
[   96.711808][ T5108] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   96.721048][ T5108] EXT4-fs (loop6): orphan cleanup on readonly fs
[   96.727928][ T5108] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.2029: bg 0: block 248: padding at end of block bitmap is not set
[   96.743597][ T5108] EXT4-fs error (device loop6): ext4_acquire_dquot:6782: comm syz.6.2029: Failed to acquire dquot type 1
[   96.755687][ T5108] EXT4-fs (loop6): 1 truncate cleaned up
[   96.761381][ T5108] EXT4-fs mount: 14 callbacks suppressed
[   96.761397][ T5108] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   96.782306][ T5108] EXT4-fs: Ignoring removed orlov option
[   96.787889][ T5108] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   96.796256][ T5108] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[   96.813469][ T5108] EXT4-fs error (device loop6): __ext4_remount:6598: comm syz.6.2029: Abort forced by user
[   96.823558][ T5108] EXT4-fs (loop6): Remounting filesystem read-only
[   96.829901][ T5108] EXT4-fs (loop6): re-mounted. Quota mode: writeback.
[   96.836655][ T5108] ext4 filesystem being remounted at /174/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   96.853780][ T5108] syz.6.2029 (5108) used greatest stack depth: 19432 bytes left
[   96.861820][ T2738] EXT4-fs (loop6): unmounting filesystem.
[   96.966940][ T5128] loop0: detected capacity change from 0 to 8192
[   97.197924][ T5155] loop1: detected capacity change from 0 to 1024
[   97.212006][ T5157] xt_bpf: check failed: parse error
[   97.220707][ T5155] EXT4-fs: Ignoring removed bh option
[   97.252002][ T5155] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   97.272490][ T5155] ext4 filesystem being mounted at /424/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.291016][ T5168] loop6: detected capacity change from 0 to 512
[   97.320834][  T292] EXT4-fs (loop1): unmounting filesystem.
[   97.364904][ T5168] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[   97.438715][ T2738] EXT4-fs (loop6): unmounting filesystem.
[   97.536043][ T5190] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2064'.
[   97.605463][ T5199] netlink: 96 bytes leftover after parsing attributes in process `syz.5.2069'.
[   98.039793][ T5227] syz.8.2081 (5227): /proc/5225/oom_adj is deprecated, please use /proc/5225/oom_score_adj instead.
[   98.122776][ T5237] overlayfs: failed to set xattr on upper
[   98.133080][ T5237] overlayfs: ...falling back to index=off,metacopy=off.
[   98.139834][ T5237] overlayfs: ...falling back to xino=off.
[   98.146024][ T5237] overlayfs: NFS export requires "index=on", falling back to nfs_export=off.
[   98.159117][ T5239] loop8: detected capacity change from 0 to 1024
[   98.182944][ T5239] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=f01cc01c, mo2=0002]
[   98.201038][ T5239] System zones: 0-1, 3-36
[   98.211594][ T5239] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[   98.241456][ T5244] xt_hashlimit: max too large, truncated to 1048576
[   98.255869][ T4415] EXT4-fs (loop8): unmounting filesystem.
[   98.261848][ T5244] xt_bpf: check failed: parse error
[   98.305187][ T5246] loop8: detected capacity change from 0 to 512
[   98.319704][ T5246] EXT4-fs: Ignoring removed orlov option
[   98.328876][ T5246] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   98.338563][ T5246] EXT4-fs (loop8): orphan cleanup on readonly fs
[   98.346948][ T5246] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm syz.8.2089: bg 0: block 248: padding at end of block bitmap is not set
[   98.361918][ T5246] EXT4-fs error (device loop8): ext4_acquire_dquot:6782: comm syz.8.2089: Failed to acquire dquot type 1
[   98.373678][ T5246] EXT4-fs (loop8): 1 truncate cleaned up
[   98.379457][ T5246] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[   98.401584][ T5246] EXT4-fs: Ignoring removed orlov option
[   98.418901][ T5246] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   98.437396][ T5246] EXT4-fs (loop8): warning: mounting fs with errors, running e2fsck is recommended
[   98.477029][ T5246] EXT4-fs error (device loop8): __ext4_remount:6598: comm syz.8.2089: Abort forced by user
[   98.487395][ T5251] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2091'.
[   98.502370][ T5246] EXT4-fs (loop8): Remounting filesystem read-only
[   98.508881][ T5246] EXT4-fs (loop8): re-mounted. Quota mode: writeback.
[   98.529056][ T5246] ext4 filesystem being remounted at /85/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   98.570920][ T4415] EXT4-fs (loop8): unmounting filesystem.
[   98.635602][ T5266] loop8: detected capacity change from 0 to 512
[   98.641925][ T5266] EXT4-fs: Ignoring removed orlov option
[   98.650953][ T5266] EXT4-fs error (device loop8): dx_probe:823: inode #2: comm syz.8.2097: Attempting to read directory block (0) that is past i_size (256)
[   98.665230][ T5266] EXT4-fs (loop8): Remounting filesystem read-only
[   98.671568][ T5266] EXT4-fs (loop8): Cannot turn on journaled quota: type 1: error -117
[   98.679793][ T5266] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[   98.704370][ T4415] EXT4-fs (loop8): unmounting filesystem.
[   98.720609][ T5272] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2099'.
[   98.852373][   T24] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[   98.953188][ T5289] 9pnet_fd: p9_fd_create_tcp (5289): problem connecting socket to 127.0.0.1
[   98.997597][ T5280] loop5: detected capacity change from 0 to 40427
[   99.006555][ T5280] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[   99.014549][ T5280] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[   99.023520][ T5280] F2FS-fs (loop5): invalid crc value
[   99.024817][ T5294] netem: change failed
[   99.030451][ T5280] F2FS-fs (loop5): Found nat_bits in checkpoint
[   99.043523][   T24] usb 7-1: config 0 interface 0 altsetting 101 endpoint 0x81 has invalid wMaxPacketSize 0
[   99.063633][   T24] usb 7-1: config 0 interface 0 has no altsetting 0
[   99.074110][   T24] usb 7-1: New USB device found, idVendor=056a, idProduct=0059, bcdDevice= 0.00
[   99.086917][ T5280] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[   99.093920][ T5280] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   99.094225][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.125571][   T24] usb 7-1: config 0 descriptor??
[   99.139560][ T1697] F2FS-fs (loop5): invalid namelen(0), ino:0, run fsck to fix.
[   99.139580][ T1697] F2FS-fs (loop5): invalid namelen(0), ino:0, run fsck to fix.
[   99.147044][ T1697] F2FS-fs (loop5): invalid namelen(0), ino:0, run fsck to fix.
[   99.154432][ T1697] F2FS-fs (loop5): invalid namelen(0), ino:0, run fsck to fix.
[   99.176090][ T1697] F2FS-fs (loop5): invalid namelen(0), ino:0, run fsck to fix.
[   99.186874][ T1697] F2FS-fs (loop5): invalid namelen(0), ino:0, run fsck to fix.
[   99.195836][ T1697] F2FS-fs (loop5): invalid namelen(0), ino:0, run fsck to fix.
[   99.302909][ T5319] syz.8.2120[5319] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   99.320778][ T5319] syz.8.2120[5319] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   99.363904][ T5326] tun0: tun_chr_ioctl cmd 1074025675
[   99.380476][ T5326] tun0: persist disabled
[   99.464844][   T28] kauditd_printk_skb: 100 callbacks suppressed
[   99.464861][   T28] audit: type=1400 audit(2000000291.729:8875): avc:  denied  { relabelfrom } for  pid=5336 comm="syz.0.2126" name="" dev="pipefs" ino=36408 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[   99.545007][   T24] wacom 0003:056A:0059.001E: unknown main item tag 0x3
[   99.554461][   T24] wacom 0003:056A:0059.001E: unbalanced collection at end of report description
[   99.571986][   T24] wacom 0003:056A:0059.001E: parse failed
[   99.582401][   T24] wacom: probe of 0003:056A:0059.001E failed with error -22
[   99.650165][   T28] audit: type=1400 audit(2000000291.909:8876): avc:  denied  { remount } for  pid=5351 comm="syz.0.2133" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   99.699431][   T28] audit: type=1400 audit(2000000291.959:8877): avc:  denied  { bind } for  pid=5353 comm="syz.8.2134" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   99.739889][   T24] usb 7-1: USB disconnect, device number 8
[   99.921925][   T28] audit: type=1400 audit(2000000292.179:8878): avc:  denied  { append } for  pid=5376 comm="syz.8.2145" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  100.314931][   T28] audit: type=1400 audit(2000000292.579:8879): avc:  denied  { write } for  pid=5392 comm="syz.6.2154" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  100.403151][   T28] audit: type=1400 audit(2000000292.669:8880): avc:  denied  { mounton } for  pid=5400 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  100.478831][ T5410] device sit0 left promiscuous mode
[  100.486020][ T5400] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.498625][ T5400] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.514975][ T5400] device bridge_slave_0 entered promiscuous mode
[  100.530227][ T5400] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.540985][ T5400] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.555328][ T5400] device bridge_slave_1 entered promiscuous mode
[  100.586655][   T28] audit: type=1400 audit(2000000292.849:8881): avc:  denied  { mount } for  pid=5414 comm="syz.1.2160" name="/" dev="ramfs" ino=37341 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  100.693009][   T28] audit: type=1400 audit(2000000292.959:8882): avc:  denied  { mount } for  pid=5421 comm="syz.1.2163" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  100.752855][   T28] audit: type=1400 audit(2000000293.019:8883): avc:  denied  { unmount } for  pid=292 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  100.788516][ T5428] overlayfs: failed to set xattr on upper
[  100.807629][ T5428] overlayfs: ...falling back to index=off,metacopy=off.
[  100.807802][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  100.814702][ T5428] overlayfs: ...falling back to xino=off.
[  100.827367][ T5428] overlayfs: NFS export requires "index=on", falling back to nfs_export=off.
[  100.837338][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  100.861571][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  100.879675][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  100.888443][  T499] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.895328][  T499] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.908923][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  100.918086][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  100.926378][  T499] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.933254][  T499] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.957429][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  100.965209][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  100.973426][   T28] audit: type=1400 audit(2000000293.239:8884): avc:  denied  { load_policy } for  pid=5433 comm="syz.1.2169" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  100.975801][ T5434] SELinux: ebitmap start bit (1701013868) is not a multiple of the map unit size (64)
[  100.996260][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  101.019168][ T5434] SELinux: failed to load policy
[  101.024418][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  101.043353][ T1667] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  101.055253][ T1667] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  101.075583][ T1667] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  101.094397][ T5400] device veth0_vlan entered promiscuous mode
[  101.121571][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  101.141084][ T5400] device veth1_macvtap entered promiscuous mode
[  101.168761][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  101.184290][  T499] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  101.196825][ T5448] loop5: detected capacity change from 0 to 1024
[  101.204882][ T2592] device bridge_slave_1 left promiscuous mode
[  101.205796][ T5448] EXT4-fs: Ignoring removed bh option
[  101.215756][ T2592] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.224470][ T2592] device bridge_slave_0 left promiscuous mode
[  101.230495][ T2592] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.238824][ T2592] device veth1_macvtap left promiscuous mode
[  101.246274][ T5448] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  101.263800][ T5448] ext4 filesystem being mounted at /318/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  101.338247][ T1697] EXT4-fs (loop5): unmounting filesystem.
[  101.539656][ T5474] loop8: detected capacity change from 0 to 8192
[  101.550554][ T5482] loop5: detected capacity change from 0 to 1024
[  101.576316][ T5482] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=f01cc01c, mo2=0002]
[  101.577064][ T5484] erofs: (device loop13): erofs_read_superblock: cannot find valid erofs superblock
[  101.584509][ T5482] System zones: 0-1, 3-36
[  101.599162][ T5482] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  101.658711][ T1697] EXT4-fs (loop5): unmounting filesystem.
[  101.929825][ T5509] loop5: detected capacity change from 0 to 256
[  101.942415][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[  101.948751][ T1490] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  102.010635][ T5513] loop6: detected capacity change from 0 to 8192
[  102.227950][  T472] kernel write not supported for file /cpuinfo (pid: 472 comm: kworker/0:4)
[  102.432401][ T2555] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  102.474899][ T5540] loop8: detected capacity change from 0 to 256
[  102.602063][ T5548] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2220'.
[  102.613456][ T2555] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  102.632838][ T2555] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  102.643616][ T2555] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  102.656499][ T2555] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  102.665471][ T2555] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  102.675544][ T1674] bio_check_eod: 3 callbacks suppressed
[  102.675557][ T1674] kworker/u4:20: attempt to access beyond end of device
[  102.675557][ T1674] loop5: rw=1, sector=256, nr_sectors = 288 limit=256
[  102.695516][ T2555] usb 7-1: config 0 descriptor??
[  102.701719][ T1674] kworker/u4:20: attempt to access beyond end of device
[  102.701719][ T1674] loop5: rw=1, sector=608, nr_sectors = 416 limit=256
[  102.718803][ T1674] kworker/u4:20: attempt to access beyond end of device
[  102.718803][ T1674] loop5: rw=1, sector=1056, nr_sectors = 4304 limit=256
[  102.739096][ T1674] kworker/u4:20: attempt to access beyond end of device
[  102.739096][ T1674] loop5: rw=1, sector=5360, nr_sectors = 2920 limit=256
[  102.755662][ T1674] kworker/u4:20: attempt to access beyond end of device
[  102.755662][ T1674] loop5: rw=1, sector=8280, nr_sectors = 2800 limit=256
[  102.775986][ T1674] kworker/u4:20: attempt to access beyond end of device
[  102.775986][ T1674] loop5: rw=1, sector=11080, nr_sectors = 7904 limit=256
[  102.794954][ T1674] kworker/u4:20: attempt to access beyond end of device
[  102.794954][ T1674] loop5: rw=1, sector=18984, nr_sectors = 2904 limit=256
[  102.811651][ T1674] kworker/u4:20: attempt to access beyond end of device
[  102.811651][ T1674] loop5: rw=1, sector=21888, nr_sectors = 2360 limit=256
[  102.828170][ T1674] kworker/u4:20: attempt to access beyond end of device
[  102.828170][ T1674] loop5: rw=1, sector=24248, nr_sectors = 2448 limit=256
[  102.853819][ T1674] kworker/u4:20: attempt to access beyond end of device
[  102.853819][ T1674] loop5: rw=1, sector=26696, nr_sectors = 2656 limit=256
[  103.113549][ T2555] plantronics 0003:047F:FFFF.001F: No inputs registered, leaving
[  103.131376][ T2555] plantronics 0003:047F:FFFF.001F: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[  103.204835][ T5576] binder: 5570:5576 ioctl c0306201 0 returned -14
[  103.394270][   T39] usb 7-1: USB disconnect, device number 9
[  103.442901][ T5594] SELinux: security policydb version 17 (MLS) not backwards compatible
[  103.453509][ T5594] SELinux: failed to load policy
[  103.526865][ T5605] netlink: 'syz.0.2246': attribute type 11 has an invalid length.
[  103.611053][  T316] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  103.629274][  T316] hid-generic 0000:0000:0000.0020: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  103.824450][ T5631] IPv6: sit1: Disabled Multicast RS
[  103.955845][ T5648] loop8: detected capacity change from 0 to 512
[  103.969934][ T5648] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  103.980919][ T5648] EXT4-fs (loop8): 1 truncate cleaned up
[  103.987134][ T5648] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  104.015173][ T5648] EXT4-fs error (device loop8): ext4_xattr_ibody_find:2186: inode #15: comm syz.8.2265: corrupted in-inode xattr
[  104.032858][ T5648] EXT4-fs warning (device loop8): ext4_xattr_set_entry:1723: inode #15: comm syz.8.2265: unable to update i_inline_off
[  104.139999][ T5400] EXT4-fs (loop8): unmounting filesystem.
[  104.236688][ T5694] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  104.323771][ T5704] xt_hashlimit: size too large, truncated to 1048576
[  104.391696][ T5715] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2291'.
[  104.411401][ T5715] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2291'.
[  104.421438][ T5717] input: syz0 as /devices/virtual/input/input28
[  104.626742][   T28] kauditd_printk_skb: 44 callbacks suppressed
[  104.626759][   T28] audit: type=1400 audit(2000000296.889:8929): avc:  denied  { listen } for  pid=5739 comm="syz.0.2305" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  104.658527][   T28] audit: type=1400 audit(2000000296.889:8930): avc:  denied  { shutdown } for  pid=5739 comm="syz.0.2305" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  104.738192][ T5748] loop8: detected capacity change from 0 to 1024
[  104.745206][ T5748] EXT4-fs: Ignoring removed i_version option
[  104.762252][ T5748] EXT4-fs (loop8): Test dummy encryption mode enabled
[  104.774072][ T5748] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  104.801890][ T5400] EXT4-fs (loop8): unmounting filesystem.
[  104.818170][ T5759] loop8: detected capacity change from 0 to 256
[  104.825264][ T5759] exFAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  104.835906][ T5759] exFAT-fs (loop8): Medium has reported failures. Some data may be lost.
[  104.846705][ T5759] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[  104.861982][ T5759] exFAT-fs (loop8): hint_cluster is invalid (17)
[  104.864184][   T28] audit: type=1400 audit(2000000297.129:8931): avc:  denied  { write } for  pid=5758 comm="syz.8.2314" name="file1" dev="loop8" ino=1048670 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  104.890608][   T28] audit: type=1400 audit(2000000297.129:8932): avc:  denied  { open } for  pid=5758 comm="syz.8.2314" name="file1" dev="loop8" ino=1048670 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  104.913063][   T28] audit: type=1400 audit(2000000297.139:8933): avc:  denied  { remove_name } for  pid=5758 comm="syz.8.2314" name="file0" dev="loop8" ino=1048671 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  104.936359][   T28] audit: type=1400 audit(2000000297.139:8934): avc:  denied  { rmdir } for  pid=5758 comm="syz.8.2314" name="file0" dev="loop8" ino=1048671 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  104.959202][   T28] audit: type=1400 audit(2000000297.139:8935): avc:  denied  { add_name } for  pid=5758 comm="syz.8.2314" name=".pending_reads" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  104.980828][   T28] audit: type=1400 audit(2000000297.139:8936): avc:  denied  { associate } for  pid=5758 comm="syz.8.2314" name=".pending_reads" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  105.090860][   T28] audit: type=1400 audit(2000000297.349:8937): avc:  denied  { write } for  pid=5774 comm="syz.8.2322" path="socket:[39165]" dev="sockfs" ino=39165 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  105.332026][   T28] audit: type=1400 audit(2000000297.589:8938): avc:  denied  { getopt } for  pid=5810 comm="syz.1.2338" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  105.412373][   T39] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  105.497971][ T5828] I/O error, dev loop13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  105.507171][ T5828] FAT-fs (loop13): unable to read boot sector
[  105.602395][   T39] usb 9-1: Using ep0 maxpacket: 8
[  105.608477][   T39] usb 9-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  105.617422][   T39] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.626273][   T39] usb 9-1: config 0 descriptor??
[  105.730423][ T5852] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  105.975049][ T5869] loop6: detected capacity change from 0 to 256
[  106.434084][   T39] asix 9-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  106.454386][   T39] asix 9-1:0.0 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x00b0: ffffffb9
[  106.492401][   T39] asix: probe of 9-1:0.0 failed with error -71
[  106.502883][   T39] usb 9-1: USB disconnect, device number 4
[  106.819593][ T5940] netlink: 'syz.6.2398': attribute type 1 has an invalid length.
[  106.827218][ T5940] netlink: 40 bytes leftover after parsing attributes in process `syz.6.2398'.
[  107.416686][ T6017] loop5: detected capacity change from 0 to 512
[  107.427020][ T6017] EXT4-fs (loop5): orphan cleanup on readonly fs
[  107.433533][ T6017] EXT4-fs error (device loop5): ext4_find_extent:936: inode #4: comm syz.5.2434: pblk 2 bad header/extent: invalid magic - magic 3fff, entries 12, max 508(0), depth 0(0)
[  107.450650][ T6017] EXT4-fs warning (device loop5): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  107.465772][ T6017] EXT4-fs (loop5): Cannot turn on quotas: error -22
[  107.472553][ T6017] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  107.514147][ T1697] EXT4-fs (loop5): unmounting filesystem.
[  108.016438][ T6093] tipc: Started in network mode
[  108.021151][ T6093] tipc: Node identity 1, cluster identity 4711
[  108.027505][ T6093] tipc: Node number set to 1
[  108.108496][ T6101] loop8: detected capacity change from 0 to 1024
[  108.115059][ T6101] EXT4-fs: Ignoring removed orlov option
[  108.120581][ T6101] EXT4-fs: Ignoring removed nomblk_io_submit option
[  108.132474][   T39] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  108.135015][ T6101] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  108.161541][ T5400] EXT4-fs (loop8): unmounting filesystem.
[  108.313896][   T39] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  108.324746][   T39] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  108.334585][   T39] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  108.347552][   T39] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  108.357112][   T39] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  108.369346][   T39] usb 7-1: config 0 descriptor??
[  108.480381][ T6130] loop8: detected capacity change from 0 to 512
[  108.489593][ T6130] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  108.513310][ T6130] EXT4-fs (loop8): orphan cleanup on readonly fs
[  108.520426][ T6130] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm syz.8.2484: bg 0: block 248: padding at end of block bitmap is not set
[  108.536550][ T6130] EXT4-fs error (device loop8): ext4_acquire_dquot:6782: comm syz.8.2484: Failed to acquire dquot type 1
[  108.548398][ T6130] EXT4-fs (loop8): 1 truncate cleaned up
[  108.554300][ T6130] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  108.789353][   T39] plantronics 0003:047F:FFFF.0021: No inputs registered, leaving
[  108.801814][   T39] plantronics 0003:047F:FFFF.0021: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[  109.055668][ T4484] usb 7-1: USB disconnect, device number 10
[  109.595863][ T5400] EXT4-fs (loop8): unmounting filesystem.
[  109.684149][ T6204] netlink: 32 bytes leftover after parsing attributes in process `syz.8.2518'.
[  109.692996][ T6204] bridge0: port 1(bridge_slave_0) entered listening state
[  109.700733][ T6204] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.723571][ T6206] SELinux:  Context system_u:object_r:ipmi_device_t:s0 is not valid (left unmapped).
[  109.742387][   T28] kauditd_printk_skb: 21 callbacks suppressed
[  109.742404][   T28] audit: type=1400 audit(2000000301.989:8957): avc:  denied  { relabelfrom } for  pid=6205 comm="syz.6.2519" name="UNIX" dev="sockfs" ino=41145 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  109.773164][   T28] audit: type=1400 audit(2000000302.039:8958): avc:  denied  { relabelto } for  pid=6205 comm="syz.6.2519" name="UNIX" dev="sockfs" ino=41145 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=unix_dgram_socket permissive=1 trawcon="system_u:object_r:ipmi_device_t:s0"
[  109.937260][ T6216] loop8: detected capacity change from 0 to 40427
[  109.946362][ T6216] F2FS-fs (loop8): Found nat_bits in checkpoint
[  109.981410][ T6221] SELinux:  Context system_u:object_r:getty_exec_t:s0 is not valid (left unmapped).
[  109.993114][   T28] audit: type=1400 audit(2000000302.259:8959): avc:  denied  { relabelto } for  pid=6220 comm="syz.6.2525" name="file0" dev="tmpfs" ino=1449 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:getty_exec_t:s0"
[  110.011124][ T6216] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  110.035319][   T28] audit: type=1400 audit(2000000302.259:8960): avc:  denied  { associate } for  pid=6220 comm="syz.6.2525" name="file0" dev="tmpfs" ino=1449 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:getty_exec_t:s0"
[  110.065447][   T28] audit: type=1400 audit(2000000302.299:8961): avc:  denied  { unlink } for  pid=2738 comm="syz-executor" name="file0" dev="tmpfs" ino=1449 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:getty_exec_t:s0"
[  110.071377][ T6216] bio_check_eod: 10 callbacks suppressed
[  110.071399][ T6216] syz.8.2524: attempt to access beyond end of device
[  110.071399][ T6216] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  110.377949][   T28] audit: type=1400 audit(2000000302.639:8962): avc:  denied  { read } for  pid=6252 comm="syz.8.2540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  110.488517][   T28] audit: type=1326 audit(2000000302.749:8963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6264 comm="syz.0.2545" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f351b18d169 code=0x0
[  110.715838][ T6285] netlink: 60 bytes leftover after parsing attributes in process `syz.6.2553'.
[  110.724740][ T6285] netlink: 60 bytes leftover after parsing attributes in process `syz.6.2553'.
[  110.953464][ T6295] loop5: detected capacity change from 0 to 8192
[  111.273041][ T6302] kvm: apic: phys broadcast and lowest prio
[  111.348064][   T28] audit: type=1400 audit(2000000303.617:8964): avc:  denied  { read append } for  pid=6306 comm="syz.0.2563" name="rtc0" dev="devtmpfs" ino=259 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  111.372621][   T28] audit: type=1400 audit(2000000303.617:8965): avc:  denied  { open } for  pid=6306 comm="syz.0.2563" path="/dev/rtc0" dev="devtmpfs" ino=259 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  111.382873][ T6309] loop8: detected capacity change from 0 to 512
[  111.403216][ T6309] EXT4-fs (loop8): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  111.412989][ T6309] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  111.422709][ T6309] EXT4-fs (loop8): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  111.432965][ T6309] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  111.440765][ T6309] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=e040e01c, mo2=0000]
[  111.448742][ T6309] EXT4-fs (loop8): failed to initialize system zone (-117)
[  111.455957][ T6309] EXT4-fs (loop8): mount failed
[  111.684938][ T6322] loop8: detected capacity change from 0 to 512
[  111.706380][   T28] audit: type=1400 audit(2000000303.977:8966): avc:  denied  { read } for  pid=6325 comm="syz.6.2571" name=".pending_reads" dev="incremental-fs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  111.713919][ T6322] EXT4-fs: Ignoring removed mblk_io_submit option
[  111.746716][ T6322] EXT4-fs error (device loop8): ext4_get_branch:178: inode #13: block 2: comm syz.8.2569: invalid block
[  111.774200][ T6322] EXT4-fs error (device loop8): ext4_free_branches:1030: inode #13: comm syz.8.2569: invalid indirect mapped block 10 (level 1)
[  111.816499][ T6322] EXT4-fs error (device loop8): ext4_free_branches:1030: inode #13: comm syz.8.2569: invalid indirect mapped block 8 (level 1)
[  111.830357][ T6322] EXT4-fs (loop8): 1 truncate cleaned up
[  111.836016][ T6322] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  111.884881][ T6342] ./file0: Can't open blockdev
[  111.927314][ T6346] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2581'.
[  111.927542][ T5400] EXT4-fs (loop8): unmounting filesystem.
[  111.966119][ T6350] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2582'.
[  111.978779][ T6352] x_tables: duplicate underflow at hook 4
[  112.002879][ T6358] SELinux:  Context system_u:object_r:textrel_shlib_t:s0 is not valid (left unmapped).
[  112.080320][ T6371] loop8: detected capacity change from 0 to 4096
[  112.087397][ T6371] EXT4-fs (loop8): Test dummy encryption mode enabled
[  112.087860][ T6374] loop5: detected capacity change from 0 to 512
[  112.096570][ T6371] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  112.100612][ T6374] EXT4-fs: Ignoring removed mblk_io_submit option
[  112.118336][ T6374] EXT4-fs error (device loop5): ext4_get_branch:178: inode #13: block 2: comm syz.5.2593: invalid block
[  112.129820][ T6374] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.2593: invalid indirect mapped block 10 (level 1)
[  112.130222][ T5400] EXT4-fs (loop8): unmounting filesystem.
[  112.143134][ T6374] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.2593: invalid indirect mapped block 8 (level 1)
[  112.161708][ T6374] EXT4-fs (loop5): 1 truncate cleaned up
[  112.167478][ T6374] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  112.231283][ T1697] EXT4-fs (loop5): unmounting filesystem.
[  112.345971][ T6406] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  112.360033][ T6406] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  112.413398][ T6414] loop8: detected capacity change from 0 to 256
[  112.436165][ T6417] device veth0 entered promiscuous mode
[  112.441575][ T6417] device macsec2 entered promiscuous mode
[  112.447924][ T6417] device veth0 left promiscuous mode
[  112.893785][ T6451] I/O error, dev loop13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  112.904406][ T6451] F2FS-fs (loop13): Unable to read 1th superblock
[  112.910728][ T6451] I/O error, dev loop13, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  112.919781][ T6451] F2FS-fs (loop13): Unable to read 2th superblock
[  112.955922][ T6457] loop6: detected capacity change from 0 to 1024
[  112.962309][ T6457] EXT4-fs: Ignoring removed orlov option
[  112.967826][ T6457] EXT4-fs: Ignoring removed nomblk_io_submit option
[  112.994014][ T6457] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  113.012093][ T2738] EXT4-fs (loop6): unmounting filesystem.
[  113.064499][ T6476] loop6: detected capacity change from 0 to 128
[  113.071088][ T6476] EXT4-fs (loop6): VFS: Found ext4 filesystem with unknown checksum algorithm.
[  113.392366][   T19] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  113.418607][ T6510] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2653'.
[  113.582389][   T19] usb 1-1: Using ep0 maxpacket: 16
[  113.589982][   T19] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  113.590312][ T6532] loop6: detected capacity change from 0 to 512
[  113.602372][   T19] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  113.613091][ T6532] EXT4-fs: Ignoring removed nomblk_io_submit option
[  113.620129][ T6532] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  113.631337][   T19] usb 1-1: Product: syz
[  113.640005][ T6532] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  113.645531][   T19] usb 1-1: Manufacturer: syz
[  113.650474][ T6532] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=1842c01c, mo2=0002]
[  113.663350][ T6532] EXT4-fs (loop6): couldn't mount RDWR because of unsupported optional features (80)
[  113.672881][   T19] usb 1-1: SerialNumber: syz
[  113.673180][ T6532] EXT4-fs (loop6): Skipping orphan cleanup due to unknown ROCOMPAT features
[  113.683140][   T19] usb 1-1: config 0 descriptor??
[  113.685928][ T6532] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  113.708486][   T19] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[  113.716490][ T6532] EXT4-fs warning (device loop6): dx_probe:893: inode #2: comm syz.6.2663: dx entry: limit 65535 != root limit 120
[  113.732669][   T19] usb 1-1: Detected FT232H
[  113.747907][ T6532] EXT4-fs warning (device loop6): dx_probe:966: inode #2: comm syz.6.2663: Corrupt directory, running e2fsck is recommended
[  113.778152][ T6532] EXT4-fs error (device loop6): ext4_readdir:260: inode #2: block 3: comm syz.6.2663: path /318/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[  113.823679][ T2738] EXT4-fs (loop6): unmounting filesystem.
[  113.842823][ T6547] netlink: 44 bytes leftover after parsing attributes in process `syz.5.2669'.
[  113.855397][ T6547] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  113.909472][   T19] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  114.066252][ T6593] loop8: detected capacity change from 0 to 512
[  114.073032][ T6593] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  114.084647][ T6593] EXT4-fs (loop8): 1 truncate cleaned up
[  114.090172][ T6593] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  114.123913][ T5400] EXT4-fs (loop8): unmounting filesystem.
[  114.179937][  T292] ------------[ cut here ]------------
[  114.185302][  T292] WARNING: CPU: 1 PID: 292 at fs/inode.c:332 drop_nlink+0xc1/0x110
[  114.193111][  T292] Modules linked in:
[  114.196826][  T292] CPU: 1 PID: 292 Comm: syz-executor Not tainted 6.1.129-syzkaller-00051-gc1fd50266bd6 #0
[  114.206590][  T292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  114.216589][  T292] RIP: 0010:drop_nlink+0xc1/0x110
[  114.221390][  T292] Code: 1e 48 8d bb b8 04 00 00 be 08 00 00 00 e8 57 d0 ef ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 ef 22 a8 ff <0f> 0b eb 88 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 62 ff ff ff 4c
[  114.240949][  T292] RSP: 0018:ffffc9000d37fbf0 EFLAGS: 00010293
[  114.246967][  T292] RAX: ffffffff81cd74a1 RBX: 0000000000000000 RCX: ffff88810f06a880
[  114.254815][  T292] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  114.262766][  T292] RBP: ffffc9000d37fc18 R08: ffffffff81cd7424 R09: 0000000000000003
[  114.270506][  T292] R10: ffffffffffffffff R11: dffffc0000000001 R12: dffffc0000000000
[  114.278459][  T292] R13: 1ffff11022db8092 R14: ffff888116dc0448 R15: ffff888116dc0490
[  114.286237][  T292] FS:  000055556972f500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  114.295186][  T292] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  114.301903][  T292] CR2: 00005555697524e8 CR3: 000000012e623000 CR4: 00000000003506a0
[  114.309734][  T292] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  114.317531][  T292] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  114.320386][   T19] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  114.325336][  T292] Call Trace:
[  114.325345][  T292]  <TASK>
[  114.325353][  T292]  ? show_regs+0x58/0x60
[  114.325378][  T292]  ? __warn+0x160/0x3d0
[  114.347106][  T292]  ? drop_nlink+0xc1/0x110
[  114.351355][  T292]  ? report_bug+0x4d5/0x7d0
[  114.355813][  T292]  ? drop_nlink+0xc1/0x110
[  114.360041][  T292]  ? handle_bug+0x41/0x70
[  114.364243][  T292]  ? exc_invalid_op+0x1b/0x50
[  114.368734][  T292]  ? asm_exc_invalid_op+0x1b/0x20
[  114.373746][  T292]  ? drop_nlink+0x44/0x110
[  114.378132][  T292]  ? drop_nlink+0xc1/0x110
[  114.382405][  T292]  ? drop_nlink+0xc1/0x110
[  114.386627][  T292]  shmem_rmdir+0x59/0x90
[  114.390706][  T292]  vfs_rmdir+0x398/0x500
[  114.394825][  T292]  incfs_kill_sb+0x113/0x230
[  114.399216][  T292]  deactivate_locked_super+0xad/0x110
[  114.404507][  T292]  deactivate_super+0xbe/0xf0
[  114.408934][  T292]  cleanup_mnt+0x485/0x510
[  114.413210][  T292]  ? user_path_at_empty+0x14e/0x1a0
[  114.418220][  T292]  __cleanup_mnt+0x19/0x20
[  114.422505][  T292]  task_work_run+0x24d/0x2e0
[  114.426898][  T292]  ? task_work_cancel+0x2e0/0x2e0
[  114.431783][  T292]  ? __x64_sys_umount+0x122/0x170
[  114.436655][  T292]  exit_to_user_mode_loop+0x94/0xa0
[  114.441651][  T292]  exit_to_user_mode_prepare+0x5a/0xa0
[  114.446977][  T292]  syscall_exit_to_user_mode+0x26/0x130
[  114.452375][  T292]  do_syscall_64+0x47/0xb0
[  114.456577][  T292]  ? clear_bhb_loop+0x55/0xb0
[  114.461090][  T292]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  114.466851][  T292] RIP: 0033:0x7f927378e497
[  114.471079][  T292] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  114.490543][  T292] RSP: 002b:00007ffc4b1270b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  114.498878][  T292] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f927378e497
[  114.506684][  T292] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc4b127170
[  114.514491][  T292] RBP: 00007ffc4b127170 R08: 0000000000000000 R09: 0000000000000000
[  114.522282][  T292] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc4b128200
[  114.530129][  T292] R13: 00007f927380e08c R14: 000000000001bddc R15: 00007ffc4b128240
[  114.530595][   T19] usb 1-1: USB disconnect, device number 10
[  114.537930][  T292]  </TASK>
[  114.537940][  T292] ---[ end trace 0000000000000000 ]---
[  114.538401][  T292] ==================================================================
[  114.559691][  T292] BUG: KASAN: null-ptr-deref in ihold+0x20/0x60
[  114.565762][  T292] Write of size 4 at addr 0000000000000170 by task syz-executor/292
[  114.573576][  T292] 
[  114.575757][  T292] CPU: 1 PID: 292 Comm: syz-executor Tainted: G        W          6.1.129-syzkaller-00051-gc1fd50266bd6 #0
[  114.586942][  T292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  114.596838][  T292] Call Trace:
[  114.599958][  T292]  <TASK>
[  114.602736][  T292]  dump_stack_lvl+0x151/0x1b7
[  114.607339][  T292]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  114.612632][  T292]  ? _printk+0xd1/0x111
[  114.616623][  T292]  print_report+0xe1/0x4e0
[  114.620876][  T292]  ? __virt_addr_valid+0x59/0x2f0
[  114.625822][  T292]  ? kasan_addr_to_slab+0xd/0x80
[  114.630596][  T292]  ? ihold+0x20/0x60
[  114.634332][  T292]  kasan_report+0x13c/0x170
[  114.638690][  T292]  ? ihold+0x20/0x60
[  114.642403][  T292]  kasan_check_range+0x294/0x2a0
[  114.647174][  T292]  __kasan_check_write+0x14/0x20
[  114.651949][  T292]  ihold+0x20/0x60
[  114.655504][  T292]  vfs_rmdir+0x268/0x500
[  114.659588][  T292]  incfs_kill_sb+0x113/0x230
[  114.664011][  T292]  deactivate_locked_super+0xad/0x110
[  114.669218][  T292]  deactivate_super+0xbe/0xf0
[  114.673739][  T292]  cleanup_mnt+0x485/0x510
[  114.677986][  T292]  ? user_path_at_empty+0x14e/0x1a0
[  114.683031][  T292]  __cleanup_mnt+0x19/0x20
[  114.687273][  T292]  task_work_run+0x24d/0x2e0
[  114.691703][  T292]  ? task_work_cancel+0x2e0/0x2e0
[  114.696560][  T292]  ? __x64_sys_umount+0x122/0x170
[  114.701418][  T292]  exit_to_user_mode_loop+0x94/0xa0
[  114.706465][  T292]  exit_to_user_mode_prepare+0x5a/0xa0
[  114.711747][  T292]  syscall_exit_to_user_mode+0x26/0x130
[  114.717131][  T292]  do_syscall_64+0x47/0xb0
[  114.721388][  T292]  ? clear_bhb_loop+0x55/0xb0
[  114.725893][  T292]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  114.731625][  T292] RIP: 0033:0x7f927378e497
[  114.735874][  T292] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  114.755315][  T292] RSP: 002b:00007ffc4b1270b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  114.763558][  T292] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f927378e497
[  114.771379][  T292] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc4b127170
[  114.779183][  T292] RBP: 00007ffc4b127170 R08: 0000000000000000 R09: 0000000000000000
[  114.787084][  T292] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc4b128200
[  114.794893][  T292] R13: 00007f927380e08c R14: 000000000001bddc R15: 00007ffc4b128240
[  114.802708][  T292]  </TASK>
[  114.805569][  T292] ==================================================================
[  114.815596][   T19] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  114.822838][  T292] Disabling lock debugging due to kernel taint
[  114.830950][   T19] ftdi_sio 1-1:0.0: device disconnected
[  114.844785][  T292] BUG: kernel NULL pointer dereference, address: 0000000000000170
[  114.852498][  T292] #PF: supervisor write access in kernel mode
[  114.858403][  T292] #PF: error_code(0x0002) - not-present page
[  114.864322][  T292] PGD 131970067 P4D 131970067 PUD 0 
[  114.869422][  T292] Oops: 0002 [#1] PREEMPT SMP KASAN
[  114.874455][  T292] CPU: 1 PID: 292 Comm: syz-executor Tainted: G    B   W          6.1.129-syzkaller-00051-gc1fd50266bd6 #0
[  114.885652][  T292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  114.895543][  T292] RIP: 0010:ihold+0x25/0x60
[  114.899887][  T292] Code: 00 00 00 00 00 55 48 89 e5 41 56 53 49 89 fe e8 c1 1a a8 ff 49 8d be 70 01 00 00 be 04 00 00 00 e8 00 c8 ef ff bb 01 00 00 00 <f0> 41 0f c1 9e 70 01 00 00 ff c3 bf 02 00 00 00 89 de e8 44 1e a8
[  114.919329][  T292] RSP: 0018:ffffc9000d37fc30 EFLAGS: 00010246
[  114.925225][  T292] RAX: ffff88810f06a800 RBX: 0000000000000001 RCX: ffff88810f06a880
[  114.933036][  T292] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  114.940848][  T292] RBP: ffffc9000d37fc40 R08: ffffffff8144b443 R09: fffffbfff0f6e8fd
[  114.948664][  T292] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff1102653c97f
[  114.956469][  T292] R13: ffff88810ba2aee0 R14: 0000000000000000 R15: 1ffff110217455e2
[  114.964281][  T292] FS:  000055556972f500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  114.973055][  T292] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  114.979469][  T292] CR2: 0000000000000170 CR3: 000000012e623000 CR4: 00000000003506a0
[  114.987285][  T292] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  114.995139][  T292] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  115.002996][  T292] Call Trace:
[  115.006114][  T292]  <TASK>
[  115.008895][  T292]  ? __die_body+0x62/0xb0
[  115.013062][  T292]  ? __die+0x7e/0x90
[  115.016795][  T292]  ? page_fault_oops+0x7f9/0xa90
[  115.021571][  T292]  ? vprintk_default+0x26/0x30
[  115.026166][  T292]  ? kernelmode_fixup_or_oops+0xd0/0xd0
[  115.031547][  T292]  ? add_taint+0x44/0xe0
[  115.035650][  T292]  ? panic+0x667/0x667
[  115.039533][  T292]  ? preempt_schedule_thunk+0x16/0x18
[  115.044739][  T292]  ? exc_page_fault+0x529/0x6d0
[  115.049437][  T292]  ? asm_exc_page_fault+0x27/0x30
[  115.054297][  T292]  ? add_taint+0x93/0xe0
[  115.058367][  T292]  ? ihold+0x25/0x60
[  115.062097][  T292]  vfs_rmdir+0x268/0x500
[  115.066182][  T292]  incfs_kill_sb+0x113/0x230
[  115.070604][  T292]  deactivate_locked_super+0xad/0x110
[  115.075814][  T292]  deactivate_super+0xbe/0xf0
[  115.080327][  T292]  cleanup_mnt+0x485/0x510
[  115.084837][  T292]  ? user_path_at_empty+0x14e/0x1a0
[  115.089873][  T292]  __cleanup_mnt+0x19/0x20
[  115.094122][  T292]  task_work_run+0x24d/0x2e0
[  115.098552][  T292]  ? task_work_cancel+0x2e0/0x2e0
[  115.103413][  T292]  ? __x64_sys_umount+0x122/0x170
[  115.108281][  T292]  exit_to_user_mode_loop+0x94/0xa0
[  115.113305][  T292]  exit_to_user_mode_prepare+0x5a/0xa0
[  115.118607][  T292]  syscall_exit_to_user_mode+0x26/0x130
[  115.123979][  T292]  do_syscall_64+0x47/0xb0
[  115.128228][  T292]  ? clear_bhb_loop+0x55/0xb0
[  115.132748][  T292]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  115.138592][  T292] RIP: 0033:0x7f927378e497
[  115.142838][  T292] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  115.162279][  T292] RSP: 002b:00007ffc4b1270b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  115.170523][  T292] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f927378e497
[  115.178335][  T292] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc4b127170
[  115.186152][  T292] RBP: 00007ffc4b127170 R08: 0000000000000000 R09: 0000000000000000
[  115.193959][  T292] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc4b128200
[  115.201770][  T292] R13: 00007f927380e08c R14: 000000000001bddc R15: 00007ffc4b128240
[  115.209694][  T292]  </TASK>
[  115.212536][  T292] Modules linked in:
[  115.216277][  T292] CR2: 0000000000000170
[  115.220257][  T292] ---[ end trace 0000000000000000 ]---
[  115.225544][  T292] RIP: 0010:ihold+0x25/0x60
[  115.229895][  T292] Code: 00 00 00 00 00 55 48 89 e5 41 56 53 49 89 fe e8 c1 1a a8 ff 49 8d be 70 01 00 00 be 04 00 00 00 e8 00 c8 ef ff bb 01 00 00 00 <f0> 41 0f c1 9e 70 01 00 00 ff c3 bf 02 00 00 00 89 de e8 44 1e a8
[  115.249600][  T292] RSP: 0018:ffffc9000d37fc30 EFLAGS: 00010246
[  115.255503][  T292] RAX: ffff88810f06a800 RBX: 0000000000000001 RCX: ffff88810f06a880
[  115.263403][  T292] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  115.271210][  T292] RBP: ffffc9000d37fc40 R08: ffffffff8144b443 R09: fffffbfff0f6e8fd
[  115.279021][  T292] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff1102653c97f
[  115.286832][  T292] R13: ffff88810ba2aee0 R14: 0000000000000000 R15: 1ffff110217455e2
[  115.294645][  T292] FS:  000055556972f500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  115.303413][  T292] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  115.309834][  T292] CR2: 0000000000000170 CR3: 000000012e623000 CR4: 00000000003506a0
[  115.317664][  T292] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  115.325454][  T292] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  115.333268][  T292] Kernel panic - not syncing: Fatal exception
[  115.339282][  T292] Kernel Offset: disabled
[  115.343352][  T292] Rebooting in 86400 seconds..