last executing test programs:

1m56.608258057s ago: executing program 3 (id=79):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='smaps\x00')
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x16)
read$FUSE(r0, &(0x7f0000010140)={0x2020}, 0x2036)

1m56.574536808s ago: executing program 3 (id=82):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0xfffffffc, 0xffffffff, 0x5, "ff00"})
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000000c0))

1m56.49977806s ago: executing program 3 (id=84):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x18)
ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, 0x0)
mount$incfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)=ANY=[])

1m56.330089213s ago: executing program 3 (id=87):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000980)={[{@nojournal_checksum}, {@nombcache}, {@barrier}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}, {@bh}, {@init_itable}]}, 0xff, 0x551, &(0x7f0000000cc0)="$eJzs3d9vU1UcAPDv7Tp+KyMhJPpgFnkQg3Rs8wcmPuCjUSKJvmOzXRaylpK1I2ySCA/y4oshJsZIYvwDfPeR+A/4V5AoCTFk0Qdfam53ywprt9EVNuznk9xyzj23nHt67vdwbs8lDWBojWcvhYhXIuLbJOJwR1kx8sLx1eNWHl6fybYkms3P/koiyfe1j0/yPw+2M8WI376OOFl4rMqx7KW+tDxfrlTShXznRKN6ZaK+tHzqUrU8l86ll6emp8+8Mz31/nvvDqytb57/54dP73505pvjK9//cv/I7STOxqG8rLMd23CjMzMe4/lnMhpnnzhwcgCV7SbJTp8AfRnJ43w0sjHgcIzkUQ/8/30VEU1gSCXiH4ZUex7Qvrcf0H3wC+PBh6s3QOvbX1z9biT2te6NDqwkj90ZJe0vMrYpq+PXP+/czrYY3PcQAJu6cTMiTheL68e/JB//+nd6C8c8WYfxD56fu9n8561u85/Co/lPdJn/HOwSu/3YPP4L9wdQTU/Z/O+DrvPffNFqLMZG8txLrexocvFSJc3Gtpcj4kSM7s3yG63nnFm51+xV1jn/y7as/vZcMD+P+8W9j79nttwob6/Vax7cjHi16/w3edT/SZf+zz6P81us41h657VeZZu3/9lq/hzxRtf+X1vRSjZen5xoXQ8T7ativb9vHfu9V/073f6s/w9s3P6xpHO9tv70dfy079+0V1m/1/+e5PNWek++71q50ViYjNiTfLJ+/9Tae9v59vFZ+08c33j863b974+IL7bY/ltHb/U8dFv9P4BF16z9s0/V/0+fuPfxlz/23/6s/99upU7ke7Yy/m31BLfz2QEAAAAAAMBuU4iIQ5EUSo/ShUKptPp8x9E4UKjU6o2TF2uvR6us9fxDob3SfbjjeYjJ/HnYdn7qifx0RByJiO9G9rfypZlaZXanGw8AAAAAAAAAAAAAAAAAAAC7xMEe//8/88fITp8d8Mz5yW8YXpvG/yB+6QnYlfz7D8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8wvMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAADNT5c+eyrbny8PpMlp+9urQ4X7t6ajatz5eqizOlmdrCldJcrTZXSUsztepmf1+lVrsyORWL1yYaab0xUV9avlCtLV5uXLhULc+lF9LR59IqAAAAAAAAAAAAAAAAAAAAeLHUl5bny5VKuiAh0VeiuDtOQ2LAiZ0emQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgzX8BAAD//7VBN58=")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file2\x00', 0x282, 0x140)

1m56.126010677s ago: executing program 3 (id=96):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000f8"], 0x0, 0x5, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x3, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000200)={&(0x7f0000000180), &(0x7f0000000440)=""/179, &(0x7f0000000500), &(0x7f00000006c0), 0x3, r0}, 0x38)

1m55.917203051s ago: executing program 3 (id=103):
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000180)='./bus\x00', 0x804, &(0x7f0000000a00)=ANY=[@ANYBLOB="726f6469722c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c757466383d302c73686f72746e616d653d6d697865642c757466383d302c747a3d5554432c636f6465706167653d3836362c73686f72746e616d653d6d697865642c636865636b3d72656c617865642c73686f72746e616d653d6c6f7765722c696f636861727365743d6b6f69382d72752c696f636861727365743d63703837342c73686f72746e616d653d77696e39352c005d6aeb995240ef6fbe509e93c7a286ae929df75dd2d0eb30055a0269523afe7baa2881019808ec"], 0xfd, 0x27b, &(0x7f0000000640)="$eJzs3cFqK1UYAOB/mqRJdJEsXInQAV24Kq1P0CIVxIKgZKEutNgUpAmFFgJVMXblE/gEPo8b8QV8AC93d7u43LmkM0nTyyQlvWlT7v2+TQ//+f85/5kZ2tWc/vBB//jw5Ozo4tf/otFIYm0nduIyiXasxdjvUerfJ+VxAOCRu8yyeJrl6nno/GZGbUZlde3emwMA7sX03/9V9wIAPIyvv/n2i939/b2v0rQR0f9j0Eki/5nP7x7FT9GLbmxFK55HZBP5+LPP9/eimo6046P+cNAZVfa//7u4/u7/EVf129GKdnn9dpqbqh8OOrV4p1h/pxfdL/+KVrxXXv9JSX101uPjD6f634xW/PNjnEQvDovexvW/bafpp9mfz375bhQd1SfDQac+ySuyKw/6YAAAAAAAAAAAAAAAAAAAAAAAeKNtphPtm+fvjA/+nzM/53yg4dT5PFtpmmZJnn9dX433q1Fd5d4BAAAAAAAAAAAAAAAAAADgsTg7//n4oNfrni51MP6sv2QqXtyM1CPi7mttLFoVlaK1XhKx2Fq1qF9V3p5cWXAXzVE/3dOkGst7BMkk0pye2oh8rVGkmQ+mIq+9eiOuBuO36/ggue3hNspekiUMspLXrzKzav3VSLPYQUlyc87q6+/eqeesNWMqiYja5GbOv05tuffw4X4HAQAAAAAAAAAAAAAAAAAAueuPfksmL1bQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACswPX//19gMCyKZ+VkldGgGkVkxVsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgLfAyAAD//0MUZ+o=")
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x0, 0x80)
getdents64(r0, &(0x7f0000000f80)=""/4086, 0xff6)

1m55.880120072s ago: executing program 32 (id=103):
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000180)='./bus\x00', 0x804, &(0x7f0000000a00)=ANY=[@ANYBLOB="726f6469722c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c757466383d302c73686f72746e616d653d6d697865642c757466383d302c747a3d5554432c636f6465706167653d3836362c73686f72746e616d653d6d697865642c636865636b3d72656c617865642c73686f72746e616d653d6c6f7765722c696f636861727365743d6b6f69382d72752c696f636861727365743d63703837342c73686f72746e616d653d77696e39352c005d6aeb995240ef6fbe509e93c7a286ae929df75dd2d0eb30055a0269523afe7baa2881019808ec"], 0xfd, 0x27b, &(0x7f0000000640)="$eJzs3cFqK1UYAOB/mqRJdJEsXInQAV24Kq1P0CIVxIKgZKEutNgUpAmFFgJVMXblE/gEPo8b8QV8AC93d7u43LmkM0nTyyQlvWlT7v2+TQ//+f85/5kZ2tWc/vBB//jw5Ozo4tf/otFIYm0nduIyiXasxdjvUerfJ+VxAOCRu8yyeJrl6nno/GZGbUZlde3emwMA7sX03/9V9wIAPIyvv/n2i939/b2v0rQR0f9j0Eki/5nP7x7FT9GLbmxFK55HZBP5+LPP9/eimo6046P+cNAZVfa//7u4/u7/EVf129GKdnn9dpqbqh8OOrV4p1h/pxfdL/+KVrxXXv9JSX101uPjD6f634xW/PNjnEQvDovexvW/bafpp9mfz375bhQd1SfDQac+ySuyKw/6YAAAAAAAAAAAAAAAAAAAAAAAeKNtphPtm+fvjA/+nzM/53yg4dT5PFtpmmZJnn9dX433q1Fd5d4BAAAAAAAAAAAAAAAAAADgsTg7//n4oNfrni51MP6sv2QqXtyM1CPi7mttLFoVlaK1XhKx2Fq1qF9V3p5cWXAXzVE/3dOkGst7BMkk0pye2oh8rVGkmQ+mIq+9eiOuBuO36/ggue3hNspekiUMspLXrzKzav3VSLPYQUlyc87q6+/eqeesNWMqiYja5GbOv05tuffw4X4HAQAAAAAAAAAAAAAAAAAAueuPfksmL1bQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACswPX//19gMCyKZ+VkldGgGkVkxVsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgLfAyAAD//0MUZ+o=")
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x0, 0x80)
getdents64(r0, &(0x7f0000000f80)=""/4086, 0xff6)

1m37.167847453s ago: executing program 0 (id=633):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000001c000000000000002300850000000700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xbd44}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='mm_page_alloc\x00', r0}, 0x18)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, 0x0, 0x20000)

1m37.150636703s ago: executing program 0 (id=635):
r0 = socket(0x40000000002, 0x3, 0x80000000002)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='wg1\x00', 0x43)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000080))

1m37.109514664s ago: executing program 0 (id=637):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000300)=@newlink={0x40, 0x10, 0xc3b, 0x0, 0x4000000, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_IGNORE_DF={0x5, 0x13, 0x1}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x40}}, 0x40)

1m37.074487575s ago: executing program 0 (id=640):
unshare(0x2c020400)
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGABS20(r0, 0x40044591, 0x0)
poll(&(0x7f0000000080)=[{r0, 0x8000}], 0x1, 0x7ff)

1m37.059870325s ago: executing program 0 (id=642):
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000200)=0x10)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)

1m37.025846976s ago: executing program 0 (id=643):
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000000)="240000001a005f0314f9f407000904000200000001000000000000000800040001000000", 0x24)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, &(0x7f0000000040)=0x1, 0x4)
recvmmsg(r0, &(0x7f0000001dc0)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x0, 0x0)

1m21.596823334s ago: executing program 33 (id=643):
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000000)="240000001a005f0314f9f407000904000200000001000000000000000800040001000000", 0x24)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, &(0x7f0000000040)=0x1, 0x4)
recvmmsg(r0, &(0x7f0000001dc0)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x0, 0x0)

28.684930556s ago: executing program 2 (id=2481):
r0 = syz_usb_connect$uac1(0x2, 0xa6, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000106b1d01010000000003010902940003010040000904000000010100000a2401000000020102132406000006000000281ab0ab2c90619b34000000000000000000000924030000000000000924050000f8211cfd0924030500000004000724050401"], 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
syz_usb_control_io$uac1(r0, &(0x7f00000000c0)={0x14, 0x0, &(0x7f0000000100)={0x0, 0x3, 0x2, @string={0x2}}}, 0x0)

27.214631524s ago: executing program 2 (id=2547):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a500850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r0}, 0x18)
get_robust_list(0x0, &(0x7f0000000100)=0x0, &(0x7f0000000140))

27.156766635s ago: executing program 2 (id=2549):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000040)='.\x00', 0x18920f4, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000))

27.156326965s ago: executing program 2 (id=2552):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file2\x00', 0x1010051, &(0x7f0000000800)={[{@errors_remount}, {@noload}, {@noblock_validity}, {@dioread_lock}, {@nouid32}, {@nomblk_io_submit}]}, 0x1, 0x546, &(0x7f0000000180)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000040)='./file0\x00')
readlink(&(0x7f0000000000)='./file2\x00', &(0x7f00000000c0)=""/53, 0x35)

26.861155751s ago: executing program 2 (id=2558):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000032500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000850000000f000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x0)

24.433015168s ago: executing program 2 (id=2572):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000d00)='kfree\x00', r0}, 0x10)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
write$selinux_attr(r1, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)

24.403515999s ago: executing program 34 (id=2572):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000d00)='kfree\x00', r0}, 0x10)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
write$selinux_attr(r1, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)

23.713815622s ago: executing program 6 (id=2606):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000002000000800008003e1ffff06000000050000003f00000000000000070000000000080000000000000000000000008000000000050000004a69ffff"])

23.491838446s ago: executing program 6 (id=2623):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "69dcaf20127e9a854528f45826cb35be51ca73845d177dd8dba7221daeccfda56b75cfe286fdd14cb5b11b1cab614fec2236da7d88ea0f0700"}, 0x48, 0xfffffffffffffffe)
keyctl$search(0xa, r1, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000100)={'syz', 0x0}, 0x0)

23.372212468s ago: executing program 6 (id=2616):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5000000010000100"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000300012800b00010065727370616e000020000280040012000500160002000000060018"], 0x50}}, 0x0)

23.313764039s ago: executing program 6 (id=2617):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000680)={[{@test_dummy_encryption}, {@init_itable}, {@noload}]}, 0x3, 0x470, &(0x7f0000001240)="$eJzs3MtvG1UXAPAzkzj98qUloZRXyyNQEBWPpGkLdMECEEgsioQEC1haSVqVpi1qjESrSKQsygohJPaIJf8CK9ggxAqJLexRpQp1Q8vKaOyZxHZsp2nsuMW/n+T23Hn43uOZa9+ZayeAoTWd/ZNE7I6I3yNisl5s3mC6/t+N6yvzN6+vzCdRrb77V1Lb7u/rK/PFpsV+E42FSOJAm3qXL146U15aWryQl2crZz+aXb546YXTZ8unFk8tnjty/Pixo3Mvv3TkxZ7kORFpHr31wVdvn/iiKf+WPHpkutvKp6vVHlc3WHsa4tEBtoOtGcmPV6nW/ydjpOHoTcabn60VPh1QA4G+qVar1YnOq1erwH9YEs1lXR6GRfFBX1z/trsOfrVvo4/Bu/Za/QIoy/tG/qivGV27Y1Bqub7tpemIeH/1n2+yR/TnPgQAQJMfsvHP89loZ2U+G3usjz/SeKBhu3vyuaGpiLg3IvZGxH1xLvZFxP0RtW0fjIiHtlh/6yTJxvFPevW2ErtF2fjvlXxuq3n8V4z+YmokL+2p5V9KTp5eWjycvyaHorQrK891qePHN377stO6xvFf9sjqL8aCeTuuju5q3mehXClvJ+dG1y5H7B9tl3+yNhOQRMTDEbG/3ROkm9dx+tnvHum0bvP8u+jBRFP124hn6sd/NVryLyTd5ydn/xdLi4dni7Nio19+vfJOp/q3lX8PZMf//23P/7X8p5LG+drlrddx5Y/PO17TTJfyYAvn/2q5Uh5L3qvFY/myT8qVyoW5iLHkRL3RjcuPrO9blIvts/wPHWzf//fG+itxICKyk/jRiHgsIh7Pj90TEfFkRBzskv/Prz/1Yeuy8SL/O+D4L2zp+K8HY9G6pH0wcuan75sqnVoP8/xvdn//O1aLDuVLbuX971badXtnMwAAANx90ojYHUk6sxan6cxM/Tv8+yLSpfPLledOnv/43EL9NwJTUUqLO12TDfdD5/LL+nr5ckTUv1pQrD8aae2+8dcj47XyzPz5pYVBJw9DbqJD/8/8OTLo1gF95wdbMLz0fxheXft/aefaAey8Df2/a5/f1de2ADurzef/+CDaAey8duN/f+8HhkNL/zftB0PE/X8YXvo/DC/9H4bS8nhs/iP5rkHxTLe5+2bBZMR2WziYIEp3RDP6FkTa9yrG+ntq9S1I7sI2bwgG954EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQS/8GAAD//3hZ0MA=")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x1d4)
getdents64(r0, 0xfffffffffffffffe, 0xffffffffffffff15)

23.049248184s ago: executing program 6 (id=2624):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo\x00')
fchdir(r0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)

22.932058947s ago: executing program 6 (id=2626):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x510})
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000080)={{&(0x7f00000d6000/0x4000)=nil, 0x4000}})

22.894116478s ago: executing program 35 (id=2626):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x510})
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000080)={{&(0x7f00000d6000/0x4000)=nil, 0x4000}})

3.189818839s ago: executing program 8 (id=3091):
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
wait4(r0, 0x0, 0x8, 0x0)
ptrace$getsig(0x4202, r0, 0xfffffffffffffffe, 0x0)

3.13950753s ago: executing program 8 (id=3093):
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/locks\x00', 0x0, 0x0)
pread64(r0, &(0x7f0000000180)=""/73, 0x49, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r1, 0x400, 0x1)

3.069134961s ago: executing program 8 (id=3095):
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x1}, 0x1c)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000005300)=[{0x28, 0x0, 0xfb, 0xfffff034}, {0x80000006, 0x66, 0x0, 0x30}]}, 0x10)
syz_emit_ethernet(0x32, &(0x7f0000000040)={@local, @dev, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x88, 0x0, @empty}, {0x0, 0x0, 0x8, 0x0, @gue={{0x2}}}}}}}, 0x0)

3.064591341s ago: executing program 8 (id=3098):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r1}, 0x10)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})

3.044494111s ago: executing program 8 (id=3099):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c6e6f71756f74612c64697361626c655f726f6c6c5f666f72776172642c67635f6d657267652c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c636865636b706f696e743d64697361626c652c6e6f696e6c696e655f64656e7472792c00ec6da92d1c80a6c720380e3c2c55bf27596d2776ce408c4bb19b149757508e1c7e919c6c2047023baa412d14fa75c8cac6e5f103e13ea52708af0a7c5da8af4ecb6612"], 0x2, 0x5505, &(0x7f0000002480)="$eJzs3M1rI2UYAPAn/djtfrgW8eBtBxahhU1o+rHoreoufmCXsurBk6ZJGrKbZEqTprUnDx7Fg/+JKHjy6N/gwbM38aB4E5TMTHXrBwhNm+3294PJM++bN888b1gWnpmSAC6s+eTXn0txI65ExHREXI/IzkvFkVnPwwsRcTMiph47SsX8nxOXIuJqRNwYJc9zloq3Pr89vLX201u/fPPd5ZlrX3z9/eR2DUzaixHR3cnP97t5TFt5fFjM14btLHZXh0XM3+g+KsZpHvebW1mG/drRuloWV1r5+nRnrz+K251afRRb7e1sfqeXX7A/bB3lyT7wsLabjRvNrSy2+2kWW4d5XQeH+f9th/1BnqdR5PsoSx+DwVHM55sHzXw/O4+yWO8Nivk8b9poHozisIjF5aKedhpZHVsn+aafbG+3e3sHybC522+nvWStUn2pUr1Tru6mjeaguVqudRt3VpOFVme0rDxo1rrrrTRtdZqVetpdTBZa9Xq5Wk0W7ja32rVeUq1WVipL5bXF4ux28vr995JOI1kYxVfbvb1Bu9NPttPdJP/EYrJcWXl5MblVTd7Z2Ew2H9y7t7H57gd337//ysabrxWL/lFWsrC8tLxcri6Vl6uLF2j/nxRFj3H/cCKlSRcAcP7o/4FJOL3+f/dBxOn3/6H/H4tz1f9e9P7/FPYPJ6L/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4sH6Y/fKN7GQ+H18r5p8ppp4rxqWImIqI3//FdFw6lnO6yDP7H+tn/1bDt6XIMoyucbk4rkbEenH89uxpfwsAAADw9Prq45uf5d16/jI/6YI4S/lNm6nrH44p31xEzM7/OKZsU6OX58eULPv3PRMHY8qW3cCaG1Oy/JbbzLiy/S/Tx8LcY6GUh6kzLQcAADgTxzuBs+1CAAAAOEufTroAJqMUR48yj54FZ395/9cDwSvHRgAAAMA5VJp0AQAAAMCpy/p/v/8HAAAAT7f89/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgD3bu5zZxIIoD8LPBC/tPi1Z731b2BmVsCXvcY0QBaYICciAtpAFqILeUEEGExyEQcYjksa1E3yc5k7HMjzcIDjMjDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KX7ar24vfp93TZnt28nz2gAAACAS7bVelH/M0v9r839782tn02/iIgyIi7N3Ufx6Sxz1ORUL8/fnD5fvarhLqJOOLzHpLm+RMSf5nr80fWnAAAAAB/XZrmap9l6+jMbuiD6lBZtym9/M+UVEVHNHjKllYe8X5nC6u/3OP5nSqsXsKaZwtKS2zhX2pvUP/fjqt30pClSU1582bHIbGMHAAB6NDpr+p2FAAAA0Kd/QxfAMIp43so8bgVOUtNs730+6wEAAADvUDF0AQAAAEDn6vl/T+f/7Z3/BwAAAMNI5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQpW21XmyWq3nbnN2+nTyjAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCf25x0FQiAMwmDv+s5k7n9YadDU1KQKhI+/MRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjzu7/8n5gaZ5K518bS80iydmpsnRp758bRH8bXrwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNiflxQIgSCIgjnjfyd9/8NKgp5BhAhoeFRRiwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvuh3v/yfmBpnkrnTxtLxSLJ21di6auw9aBw9GG//BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNi5n9c4qjgA4G9mdra2Kq5R9hARBQ96sdttbe1NPCjBg3+CENJtjd36o83BliLm4k1y7kX0KCIo8db/IecEcom3HPYQwbMyszPZyQ9w/TWzST4fePO+Owzzvm8WQr7zXgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBp9PYkTrJDZxzHxbnNvYdLWb91qM88Xtuez1oWR3UmfTK8WP0QdZtLBAAAgLMjKev7EMJOur6Q9XEnr//T8pqs5v/26XFc1vOH6/6yL2v/rP3y8+7z+wN1xuNkN725PBxcOppK6/+b5Wx75i+vaOVPPn/3kuRfSPze6nOjNH+e0dcbG++08/BcHdkCAP/ExbIvgvL3oazvN5kYAGdGq1J4l/V/0mk2JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA6jFbDk2UchRDmW5M4s7X3cOm4/vHa9nzZrj16tBa+nNwzu0UaQri5PBxcqnU2s+3e/Qe3F4fDwd36g5dCCE2N/lYx/dsfTHFxCI08H8F/FMTFlz0r+ZyMoMEfSgAAnEpp0bK6fiddX8jORXMh/PHdwfr/1Uocpqz/dz+8tlkdq1r/92ub4ezrrdz5tHfv/oPXl+8s3hrcGnz8xuX+m/0r169evd7L35X0vDEBAADg32kXrVr/x3NH1/8vVOIwZf3/2Tf9L6pjJer/Y00W/ZrOBAAA4Gx79uXff4uOOR+12+HzxZWVu/3xcf/z5fGxgVT/tnNFq9b/yVzTWQEAAAB1GK1GB9b/b1TiMOX6/1Pfv/Bj9Z5JCOF8sf5/cemT4Y36pjPT6vhz4qbnCAAAQLPOF626/p/m+//j/S0PcQjhtVfGcfFvAKeq/5N3v/qhOlZ1//+V+qY4k+Lu+HnkfTeEVrfpjAAAADjNnihaVuz/mq4vfPTThffb9v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O3PAAAA//9WwT6Z")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000003})
openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', &(0x7f0000000140)={0x474082, 0x19e, 0x8}, 0x18)

2.932796563s ago: executing program 5 (id=3104):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fdf, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = dup2(r1, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
statfs(0x0, 0x0)

2.932629254s ago: executing program 5 (id=3105):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{r0}, &(0x7f0000000400), &(0x7f00000004c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
accept$packet(0xffffffffffffffff, 0x0, 0x0)

2.931326443s ago: executing program 5 (id=3106):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000440)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x8, 0x0, &(0x7f0000000000)=[@decrefs], 0x0, 0x0, 0x0})

2.921301884s ago: executing program 5 (id=3107):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
exit(0xffff)
waitid(0x0, 0x0, 0x0, 0x2, 0x0)
wait4(0x0, 0x0, 0x2, 0x0)

2.787903796s ago: executing program 8 (id=3110):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x54c, 0x24b, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x8, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0xc, 0x0, 0xfc}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000840)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000040)={0x40, 0xe, 0x7, {0x7, 0x21, "edb4b4f9a1"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

2.503373722s ago: executing program 7 (id=3112):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x19)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)

2.263088126s ago: executing program 7 (id=3118):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge0\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f0000000540)="12048a0b000003fc0100", 0xa, 0x4, &(0x7f0000000140)={0x11, 0xf5, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)

2.256600396s ago: executing program 7 (id=3119):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x13)
ioctl$TIOCSTI(r0, 0x5412, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000080)=0x11)

2.201100678s ago: executing program 7 (id=3120):
r0 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff})
epoll_wait(r0, &(0x7f0000000040)=[{}], 0x1, 0x400)
pselect6(0x40, &(0x7f0000000000)={0xa, 0x80000001, 0x2, 0x10000000000008, 0x12, 0x8001, 0x80000000, 0xff}, 0x0, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)={0x20002004})

1.833573415s ago: executing program 7 (id=3133):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000017c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40dddb51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42553ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca000000000000000000000509619f5f0cbc72eebc653946d3552236f0dfe485cfa71bd69f4ded6e131128c3875b785875addfcbd5931c12adbef75535e694f3a19f28f9f99fa32e8ff66e7b1ff674434fb63ba0e28aadccf77d387525c98e81476058c958eaccfa7d251d0671222dc9d06485f7f690d3d4227bd21bd7ff8338617705b7faec47c86789a488b43d0fedf1b0ee05d65c677ced1e8214b2f6cb74d73886eb"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000900)=@newqdisc={0x50, 0x24, 0x3fe3aa0262d8c583, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x10, 0xe}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x24, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x8, 0x6, 0xffffffff}, @TCA_FQ_QUANTUM={0x8, 0x3, 0x9}, @TCA_FQ_RATE_ENABLE={0x8, 0x5, 0x1}, @TCA_FQ_FLOW_PLIMIT={0x8, 0x2, 0xba06}]}}]}, 0x50}}, 0x4048000)

1.833412105s ago: executing program 5 (id=3124):
r0 = syz_io_uring_setup(0xeac, &(0x7f0000000480)={0x0, 0x0, 0x2, 0x0, 0x39d}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r0, 0x589f, 0xac0f, 0xa, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000006c0)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000140)=""/116, 0x74, 0x4)

1.792530775s ago: executing program 7 (id=3125):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect$cdc_ncm(0x3, 0x6e, &(0x7f0000000540)={{0x12, 0x1, 0x110, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x11, 0x40, 0x5, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0xdf}, {0xd, 0x24, 0xf, 0x1, 0x1, 0x0, 0x7, 0x5}, {0x6, 0x24, 0x1a, 0x401, 0x14}}, {{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x9, 0x4, 0x5}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x400, 0xf1, 0x2, 0x9}}, {{0x9, 0x5, 0x3, 0x2, 0x3ff, 0x26, 0x0, 0x7}}}}}}}]}}, 0x0)
ioctl$EVIOCRMFF(r0, 0x83c0550b, &(0x7f0000000500))

1.268316846s ago: executing program 1 (id=3128):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x19)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)

871.533483ms ago: executing program 1 (id=3132):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRES32], 0x5c}}, 0x0)

736.104866ms ago: executing program 1 (id=3134):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000002c0)='./file0\x00', 0x10, &(0x7f0000000600), 0x1, 0x59d, &(0x7f0000001100)="$eJzs3c9vFGUfAPDvs7stlAItb97kfZGDTUiERG1pwWiMiRDx5sEfJJ5IrG0hhAUaWhNBjJDgf6B/gIk3E2M8EmOIevHqzcSriSESA714WzO7s2WB3f7cMsh8PsnQ55mnk+8zu3z7zDw7MxtAaY1l/1Qi9kbEfIoY6WirRd441vq9u3euzCzduTKTotF4568UKV/X/v2U/xzON94eEb/8kOI/1YfjLly6fHa6Xp+7mNcnFs/NTyxcuvz8mXPTp+dOz52fmnxx8oUjh6eOHOrLfu6KiJ/Gj9eun3pt3zczX+755LuvbqQ4Gjvz9s796JexGFt+TTplr+tL/Q5WkGq+P51vcaoV2CHWpf3+DUTE/2IkqnHvzRuJT98qtHPAlmqkiAZQUkn+Q0m1jwOy89/2UuwRCfCo3D7WmgC4m1pze0vL+V9rzQ3G9ubcwI6lFJ3TOiki+jEzl8WYfyaNZEts0Twc0N3VaxHx/27jf2rm5mhzFj/L/8p9+V+JiDfzn9n6tzcYf+yBuvyHR2cz+f9eR/6/v8H48h8AAAAAAAD65+axiHiu2+d/leXrf6LL9T/DEXG0D/FX//yvcqsPYYAubh+LeCUi2tf+LXXkf260mtd2Na8HGEinztTnDkXE7og4GAPbsvrkCjHG9v080LOt4/q/bMnit68FzPtxq7bt/m1mpxenN7PPQMvtaxFP1brlf1oe/1OX8T8b++fXGKNx/NUfe7Wtnv/AVml8EXGg6/h/78kVaeXnc0w0jwcm2kcFD/vo5I1ve8WX/1CcbPzfsXL+j6bO5/UsrD/Gx3/+ton87378P5hONB85M5iv+3B6cfHiZMRgeuPh9VPr7zM8idr50M6XLP8P7u9+/r/S8f9QRFxdY8wT379+vVeb8R+KM3QtYnZd4//6C/vf/fzvXvHXNv4faY7pB/M15v9gZWtN0KL7CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/RpWI2BmpMr5crlTGxyOGI+K/saNSv7Cw+OypCx+cn83amt//X2l/0+9Iq57a3/8/2lGfeqB+OCL2RMRn1aFmfXzmQn226J0HAAAAAAAAAAAAAAAAAACAx8Rwj/v/M39Ui+4dsOVqRXcAKIz8h/KS/1Be8h/KS/5Decl/KC/5D+Ul/6G85D+UV7Xx9cmi+wAAAAAAAPTNnqdv/poi4urLQ80lM5i3DRTaM2CrHS26A0BhPOIHysulf1Beq53jmwOAJ19apX37hrcEAAAAAAAAAAAAAPrlwF73/0NZVYruAFCY3vf/ezIAPOnc/w/l5RwfcP8/AAAAAAAAAAAAADz+Fi5dPjtdr89d3Ghh2+Y2V1BYa+H33a3/s49Lf9ZfiNSHjHtEhaL/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG3/BAAA//9r5fVk")
chdir(&(0x7f0000000000)='./file0\x00')
r0 = open(&(0x7f00000000c0)='.\x00', 0x10000, 0x0)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)
getdents(r0, 0x0, 0x0)

533.24864ms ago: executing program 1 (id=3135):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x10a)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
setresgid(0x0, 0x0, 0xee01)
statx(0xffffffffffffff9c, &(0x7f00000008c0)='./file0\x00', 0x2000, 0x4, 0x0)

501.67344ms ago: executing program 1 (id=3136):
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000040), 0x0}, 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000000), 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x5, 0x0, 0x0, {}, {0x77359400}, {}, 0x2, @can={{}, 0x0, 0x0, 0x0, 0x0, "3fd31340e92c4bb8"}}, 0x48}, 0x300}, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)={0x5, 0x0, 0x0, {0x0, 0x2710}, {0x77359400}, {}, 0x2, @can={{}, 0x0, 0x2, 0x0, 0x0, "3fd31340e92c4bb8"}}, 0x38}, 0x300}, 0x8040)

428.651112ms ago: executing program 5 (id=3137):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
close(r0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x1802, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

136.978267ms ago: executing program 4 (id=3138):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1, &(0x7f00000000c0)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0)
sendmmsg$unix(r0, &(0x7f0000005400)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}}], 0x1, 0x0)

129.626077ms ago: executing program 4 (id=3139):
r0 = socket$nl_route(0x10, 0x3, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macsec0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="4400000010000100"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000240012800b0001006d616373656300001400028005000a000000000005000b"], 0x44}}, 0x0)

122.791467ms ago: executing program 4 (id=3140):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=ANY=[@ANYBLOB="a800000000010904000500000000000002000000240001801400018008000100e000000108000200ac1e01010c00028005000100000009002400028014000180080001000000010908000200ac1e00010c000280050001000000000044000f801800014000000006080003400000002b080003400000000808000240000000400800014000000000fb0001400000000708000140000044f10800034000000003080007"], 0xa8}}, 0x0)

97.616158ms ago: executing program 4 (id=3141):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000800000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc)

45.1154ms ago: executing program 4 (id=3142):
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0)
chdir(&(0x7f00000001c0)='./bus\x00')
mkdir(&(0x7f0000000140)='./control\x00', 0x5)
rmdir(&(0x7f0000000100)='./control\x00')

44.955089ms ago: executing program 4 (id=3143):
r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
write$selinux_attr(r0, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
r1 = memfd_create(&(0x7f0000000500)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\x03\x00l\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~7\x16\x02\x00(v\xe6`\"6\xfcgC\xb5\xf0\x13.zj\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x82\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\xea\xe8\x015\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz\xc213\x9b\x87\xd5\x99\r\xa2P\x03\x1cl\x0f\xcb)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af', 0x0)
syz_clone(0x102311, 0x0, 0x0, 0x0, 0x0, 0x0)
execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

0s ago: executing program 1 (id=3144):
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000000c0)={'veth0_to_bond\x00', &(0x7f0000000000)=@ethtool_cmd={0x47, 0x2, 0x20000004, 0x3ff, 0x3f, 0x7, 0x1, 0x3, 0x6, 0x3, 0x101, 0x142f, 0x8, 0x3, 0x0, 0xa, [0x4000000, 0xff]}})
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x0, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty=0x4300, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)

kernel console output (not intermixed with test programs):

[ T4290] device bridge0 entered promiscuous mode
[   90.333583][ T4296] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   90.349729][ T4296] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[   90.363549][ T4229] loop4: detected capacity change from 0 to 256
[   90.371609][ T4229] FAT-fs (loop4): bogus sectors per cluster 223
[   90.379351][ T4229] FAT-fs (loop4): Can't find a valid FAT filesystem
[   90.386149][ T4296] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[   90.432900][    T6] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[   90.622806][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   90.633706][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   90.643475][    T6] usb 3-1: New USB device found, idVendor=04d8, idProduct=f372, bcdDevice= 0.00
[   90.652526][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   90.660896][    T6] usb 3-1: config 0 descriptor??
[   91.068711][    T6] hid-led 0003:04D8:F372.0007: hidraw0: USB HID v0.00 Device [HID 04d8:f372] on usb-dummy_hcd.2-1/input0
[   91.082350][    T6] hid-led 0003:04D8:F372.0007: Greynut Luxafor initialized
[   91.277257][    T6] usb 3-1: USB disconnect, device number 9
[   91.283647][  T291] leds luxafor0:blue:led5: Setting an LED's brightness failed (-38)
[   91.291834][  T291] leds luxafor0:green:led5: Setting an LED's brightness failed (-38)
[   91.300027][  T291] leds luxafor0:red:led5: Setting an LED's brightness failed (-38)
[   91.308121][  T291] leds luxafor0:blue:led4: Setting an LED's brightness failed (-38)
[   91.316286][  T291] leds luxafor0:green:led4: Setting an LED's brightness failed (-38)
[   91.324672][  T291] leds luxafor0:red:led4: Setting an LED's brightness failed (-38)
[   91.332730][  T291] leds luxafor0:blue:led3: Setting an LED's brightness failed (-38)
[   91.340824][  T291] leds luxafor0:green:led3: Setting an LED's brightness failed (-38)
[   91.349028][  T291] leds luxafor0:red:led3: Setting an LED's brightness failed (-38)
[   91.357052][  T291] leds luxafor0:blue:led2: Setting an LED's brightness failed (-38)
[   91.365181][  T291] leds luxafor0:green:led2: Setting an LED's brightness failed (-38)
[   91.373398][  T291] leds luxafor0:red:led2: Setting an LED's brightness failed (-38)
[   91.381428][  T291] leds luxafor0:blue:led1: Setting an LED's brightness failed (-38)
[   91.389588][  T291] leds luxafor0:green:led1: Setting an LED's brightness failed (-38)
[   91.397829][  T291] leds luxafor0:red:led1: Setting an LED's brightness failed (-38)
[   91.405848][  T291] leds luxafor0:blue:led0: Setting an LED's brightness failed (-38)
[   91.414024][  T291] leds luxafor0:green:led0: Setting an LED's brightness failed (-38)
[   91.422264][  T291] leds luxafor0:red:led0: Setting an LED's brightness failed (-38)
[   91.791923][   T28] kauditd_printk_skb: 8 callbacks suppressed
[   91.791936][   T28] audit: type=1400 audit(2000000013.850:520): avc:  denied  { setopt } for  pid=4314 comm="syz.1.1693" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   91.854667][ T4327] device bridge0 entered promiscuous mode
[   91.872034][ T4329] netlink: 2 bytes leftover after parsing attributes in process `syz.5.1697'.
[   91.896041][    T6] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=6 comm=kworker/0:0
[   91.924245][ T4339] loop5: detected capacity change from 0 to 512
[   91.932858][ T4339] ext4 filesystem being mounted at /416/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   91.956043][ T4345] loop6: detected capacity change from 0 to 256
[   91.960458][ T4339] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.1712: bg 0: block 145: padding at end of block bitmap is not set
[   91.969655][ T4347] loop2: detected capacity change from 0 to 512
[   91.976980][ T4339] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6170: Corrupt filesystem
[   91.983036][ T4345] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   91.995844][   T28] audit: type=1400 audit(2000000014.050:521): avc:  denied  { rename } for  pid=4346 comm="syz.2.1703" name="file1" dev="loop2" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[   92.002744][ T4345] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[   92.042046][ T4345] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[   92.184900][ T4374] loop5: detected capacity change from 0 to 512
[   92.282916][ T4385] loop2: detected capacity change from 0 to 512
[   92.293693][ T4385] ext4 filesystem being mounted at /318/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   92.308844][ T4385] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1722: bg 0: block 145: padding at end of block bitmap is not set
[   92.323466][ T4385] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem
[   92.371466][ T4395] loop6: detected capacity change from 0 to 256
[   92.393752][ T4395] loop6: detected capacity change from 0 to 256
[   92.537967][  T770] usb 5-1: USB disconnect, device number 8
[   92.641096][ T4416] loop4: detected capacity change from 0 to 512
[   92.666814][ T4426] loop6: detected capacity change from 0 to 512
[   92.686166][ T4430] loop4: detected capacity change from 0 to 2048
[   92.694765][ T4426] ext4 filesystem being mounted at /163/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   92.710031][ T4426] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.1737: bg 0: block 145: padding at end of block bitmap is not set
[   92.724661][ T4426] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6170: Corrupt filesystem
[   92.745530][ T4441] netlink: 'syz.5.1746': attribute type 3 has an invalid length.
[   92.813117][ T4459] loop4: detected capacity change from 0 to 256
[   92.843675][    T6] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=6 comm=kworker/0:0
[   92.846917][   T28] audit: type=1400 audit(2000000014.900:522): avc:  denied  { ioctl } for  pid=4471 comm="syz.5.1760" path="socket:[35758]" dev="sockfs" ino=35758 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   92.856360][ T4469] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1759'.
[   92.891318][   T28] audit: type=1400 audit(2000000014.940:523): avc:  denied  { connect } for  pid=4471 comm="syz.5.1760" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   92.910908][   T28] audit: type=1400 audit(2000000014.940:524): avc:  denied  { write } for  pid=4471 comm="syz.5.1760" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   92.934497][ T4459] loop4: detected capacity change from 0 to 256
[   92.954054][   T28] audit: type=1400 audit(2000000015.010:525): avc:  denied  { create } for  pid=4475 comm="syz.1.1772" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   92.987438][   T28] audit: type=1400 audit(2000000015.030:526): avc:  denied  { write } for  pid=4475 comm="syz.1.1772" name="file0" dev="tmpfs" ino=1952 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   93.041044][   T28] audit: type=1400 audit(2000000015.030:527): avc:  denied  { open } for  pid=4475 comm="syz.1.1772" path="/373/file0" dev="tmpfs" ino=1952 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   93.043833][ T4489] loop2: detected capacity change from 0 to 2048
[   93.077086][   T28] audit: type=1400 audit(2000000015.040:528): avc:  denied  { unlink } for  pid=283 comm="syz-executor" name="file0" dev="tmpfs" ino=1952 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   93.136503][ T4506] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1773'.
[   93.139672][ T4508] loop4: detected capacity change from 0 to 256
[   93.152982][ T4508] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   93.158744][ T4510] loop2: detected capacity change from 0 to 256
[   93.163732][ T4508] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[   93.182288][ T4508] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[   93.249762][ T4523] loop1: detected capacity change from 0 to 2048
[   93.322049][ T4517] loop2: detected capacity change from 0 to 40427
[   93.329026][ T4517] F2FS-fs (loop2): heap/no_heap options were deprecated
[   93.336123][ T4517] F2FS-fs (loop2): fault_injection options not supported
[   93.343293][ T4517] F2FS-fs (loop2): fault_type options not supported
[   93.350587][ T4517] F2FS-fs (loop2): invalid crc value
[   93.357407][ T4517] F2FS-fs (loop2): Found nat_bits in checkpoint
[   93.378133][ T4517] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   93.413395][ T4535] loop1: detected capacity change from 0 to 512
[   93.421871][ T4539] netlink: 'syz.4.1789': attribute type 3 has an invalid length.
[   93.439642][ T4537] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1788'.
[   93.448760][   T28] audit: type=1400 audit(2000000015.490:529): avc:  denied  { bind } for  pid=4541 comm="syz.4.1790" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   93.558373][  T286] syz-executor: attempt to access beyond end of device
[   93.558373][  T286] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   93.584899][ T4569] loop1: detected capacity change from 0 to 256
[   93.638364][ T4573] loop1: detected capacity change from 0 to 256
[   93.653616][ T4575] loop5: detected capacity change from 0 to 2048
[   93.660526][ T4573] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   93.677900][ T4573] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[   93.688237][ T4573] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[   93.786406][ T4595] loop5: detected capacity change from 0 to 256
[   93.930785][ T4619] loop5: detected capacity change from 0 to 256
[   93.940404][ T4590] loop6: detected capacity change from 0 to 40427
[   93.944138][ T4619] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   93.947962][ T4590] F2FS-fs (loop6): heap/no_heap options were deprecated
[   93.957594][ T4619] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[   93.964723][ T4590] F2FS-fs (loop6): fault_injection options not supported
[   93.980641][ T4590] F2FS-fs (loop6): fault_type options not supported
[   93.994014][ T4590] F2FS-fs (loop6): invalid crc value
[   94.006947][ T4619] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[   94.019406][ T4590] F2FS-fs (loop6): Found nat_bits in checkpoint
[   94.038370][ T4631] loop4: detected capacity change from 0 to 256
[   94.042186][ T4629] loop2: detected capacity change from 0 to 2048
[   94.071177][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[   94.079790][ T4635] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[   94.093453][ T4590] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   94.122608][ T4645] loop4: detected capacity change from 0 to 512
[   94.204430][ T2268] syz-executor: attempt to access beyond end of device
[   94.204430][ T2268] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   94.326334][ T4659] loop2: detected capacity change from 0 to 40427
[   94.333455][ T4659] F2FS-fs (loop2): heap/no_heap options were deprecated
[   94.340446][ T4659] F2FS-fs (loop2): fault_injection options not supported
[   94.353339][ T4659] F2FS-fs (loop2): fault_type options not supported
[   94.371402][ T4663] loop6: detected capacity change from 0 to 256
[   94.373525][ T4659] F2FS-fs (loop2): invalid crc value
[   94.412380][ T4659] F2FS-fs (loop2): Found nat_bits in checkpoint
[   94.425854][ T4680] loop6: detected capacity change from 0 to 512
[   94.454592][ T4684] loop6: detected capacity change from 0 to 1024
[   94.459619][ T4659] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   94.569280][  T286] syz-executor: attempt to access beyond end of device
[   94.569280][  T286] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   94.631011][ T4706] tap0: tun_chr_ioctl cmd 1074025678
[   94.636401][ T4706] tap0: group set to 0
[   94.767185][ T4723] loop6: detected capacity change from 0 to 2048
[   94.782988][ T4723] ext4 filesystem being mounted at /178/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.804948][ T4729] loop6: detected capacity change from 0 to 512
[   94.811389][ T4729] EXT4-fs: Ignoring removed mblk_io_submit option
[   94.818130][ T4729] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   94.828763][ T4729] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec118, mo2=0002]
[   94.836878][ T4729] System zones: 
[   94.836876][  T770] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[   94.836887][ T4729] 1-12
[   94.851589][ T4729] EXT4-fs (loop6): 1 truncate cleaned up
[   94.868017][ T4732] loop2: detected capacity change from 0 to 16
[   94.874478][ T4732] erofs: dax options not supported
[   95.042860][  T770] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   95.061746][  T770] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[   95.072181][  T770] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   95.081294][  T770] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   95.082879][ T4750] netlink: 27 bytes leftover after parsing attributes in process `syz.6.1881'.
[   95.090725][  T770] usb 6-1: Product: syz
[   95.102557][  T770] usb 6-1: Manufacturer: syz
[   95.107150][  T770] usb 6-1: SerialNumber: syz
[   95.135218][ T4752] loop2: detected capacity change from 0 to 1024
[   95.151741][  T291] usb 5-1: new full-speed USB device number 9 using dummy_hcd
[   95.255270][ T4768] tap0: tun_chr_ioctl cmd 1074025678
[   95.260680][ T4768] tap0: group set to 0
[   95.320819][ T4766] loop2: detected capacity change from 0 to 40427
[   95.328061][ T4766] F2FS-fs (loop2): heap/no_heap options were deprecated
[   95.328440][  T770] usb 6-1: 0:2 : does not exist
[   95.335270][ T4766] F2FS-fs (loop2): fault_injection options not supported
[   95.342378][  T770] usb 6-1: 5:0: failed to get current value for ch 0 (-22)
[   95.347513][ T4766] F2FS-fs (loop2): fault_type options not supported
[   95.359535][  T770] usb 6-1: USB disconnect, device number 7
[   95.361245][  T291] usb 5-1: unable to get BOS descriptor or descriptor too short
[   95.369698][ T4766] F2FS-fs (loop2): invalid crc value
[   95.375561][  T291] usb 5-1: no configurations
[   95.381341][ T4766] F2FS-fs (loop2): Found nat_bits in checkpoint
[   95.384819][  T291] usb 5-1: can't read configurations, error -22
[   95.407811][ T4766] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   95.465993][  T286] syz-executor: attempt to access beyond end of device
[   95.465993][  T286] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   95.889508][ T4788] netlink: 27 bytes leftover after parsing attributes in process `syz.5.1894'.
[   95.932252][ T4797] loop2: detected capacity change from 0 to 512
[   95.941621][ T4797] EXT4-fs: Ignoring removed mblk_io_submit option
[   95.949444][ T4797] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   95.960739][ T4797] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec118, mo2=0002]
[   95.968857][ T4797] System zones: 1-12
[   95.989151][ T4797] EXT4-fs (loop2): 1 truncate cleaned up
[   96.080720][ T4816] loop2: detected capacity change from 0 to 128
[   96.087180][  T464] Bluetooth: hci0: command 0x1003 tx timeout
[   96.093242][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   96.179071][ T4836] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.228385][ T4844] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4844 comm=syz.1.1921
[   96.287983][ T4851] loop1: detected capacity change from 0 to 128
[   96.295900][  T577] Bluetooth: hci0: Frame reassembly failed (-84)
[   96.303462][ T4850] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[   96.452084][ T4879] loop4: detected capacity change from 0 to 128
[   96.529390][ T4882] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4882 comm=syz.5.1939
[   96.800832][ T4913] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1960'.
[   96.922812][ T4927] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.926916][ T4929] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4929 comm=syz.4.1953
[   96.968779][  T577] Bluetooth: hci1: Frame reassembly failed (-84)
[   97.692098][ T4951] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[   97.703636][ T4951] bridge0: port 3(syz_tun) entered disabled state
[   97.710293][ T4951] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.717484][ T4951] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.743867][ T4960] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.991489][ T4980] loop1: detected capacity change from 0 to 256
[   98.000254][ T4980] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[   98.016117][ T4980] exFAT-fs (loop1): hint_cluster is invalid (17)
[   98.321744][ T4819] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   98.350370][ T4988] loop2: detected capacity change from 0 to 1024
[   98.362955][ T4988] EXT4-fs mount: 36 callbacks suppressed
[   98.362967][ T4988] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   98.381266][  T286] EXT4-fs (loop2): unmounting filesystem.
[   98.477752][   T28] kauditd_printk_skb: 4 callbacks suppressed
[   98.477766][   T28] audit: type=1400 audit(2000000020.530:534): avc:  denied  { block_suspend } for  pid=4994 comm="syz.6.1989" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   98.630598][ T5032] loop6: detected capacity change from 0 to 512
[   98.655752][   T28] audit: type=1400 audit(2000000020.710:535): avc:  denied  { read } for  pid=5034 comm="syz.2.2008" name="usbmon1" dev="devtmpfs" ino=160 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   98.681466][ T5032] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   98.690621][ T5032] ext4 filesystem being mounted at /209/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.702795][ T5032] EXT4-fs (loop6): shut down requested (2)
[   98.708996][ T5032] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=15
[   98.718005][ T5032] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=15
[   98.731246][   T28] audit: type=1400 audit(2000000020.780:536): avc:  denied  { ioctl } for  pid=5034 comm="syz.2.2008" path="/dev/usbmon1" dev="devtmpfs" ino=160 ioctlcmd=0x9203 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   98.734045][ T5023] loop4: detected capacity change from 0 to 40427
[   98.764397][ T5023] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   98.772318][ T5023] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   98.772613][ T2268] EXT4-fs (loop6): unmounting filesystem.
[   98.790261][ T5023] F2FS-fs (loop4): invalid crc value
[   98.807046][ T5023] F2FS-fs (loop4): Found nat_bits in checkpoint
[   98.880491][ T5023] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   98.889818][ T5023] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   98.918367][   T28] audit: type=1400 audit(2000000020.970:537): avc:  denied  { mounton } for  pid=5021 comm="syz.4.2003" path="/399/file0/file0" dev="loop4" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   98.998748][ T5051] loop6: detected capacity change from 0 to 40427
[   99.006439][ T5051] F2FS-fs (loop6): invalid crc value
[   99.032780][ T5051] F2FS-fs (loop6): Found nat_bits in checkpoint
[   99.041747][ T4819] Bluetooth: hci1: command 0x1003 tx timeout
[   99.041860][  T642] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   99.082750][ T5081] loop5: detected capacity change from 0 to 16
[   99.101296][ T5081] erofs: (device loop5): mounted with root inode @ nid 36.
[   99.119205][   T28] audit: type=1400 audit(2000000021.170:538): avc:  denied  { execute } for  pid=5080 comm="syz.5.2025" name="file2" dev="loop5" ino=89 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   99.127108][ T5051] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4
[   99.146191][ T5081] syz.5.2025: attempt to access beyond end of device
[   99.146191][ T5081] loop5: rw=524288, sector=8, nr_sectors = 32 limit=16
[   99.181484][   T28] audit: type=1400 audit(2000000021.200:539): avc:  denied  { execute_no_trans } for  pid=5080 comm="syz.5.2025" path="/477/file1/file2" dev="loop5" ino=89 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   99.212227][ T5081] syz.5.2025: attempt to access beyond end of device
[   99.212227][ T5081] loop5: rw=0, sector=8, nr_sectors = 32 limit=16
[   99.235508][ T5051] syz.6.2013: attempt to access beyond end of device
[   99.235508][ T5051] loop6: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[   99.251140][   T28] audit: type=1326 audit(2000000021.220:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5089 comm="syz.1.2030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f418ebe9 code=0x7ffc0000
[   99.307184][   T28] audit: type=1326 audit(2000000021.220:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5089 comm="syz.1.2030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f418ebe9 code=0x7ffc0000
[   99.344166][   T28] audit: type=1326 audit(2000000021.220:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5089 comm="syz.1.2030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7fa2f418ebe9 code=0x7ffc0000
[   99.369531][   T28] audit: type=1326 audit(2000000021.280:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5089 comm="syz.1.2030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f418ebe9 code=0x7ffc0000
[   99.522431][ T5142] input: syz1 as /devices/virtual/input/input14
[   99.546041][ T5146] loop6: detected capacity change from 0 to 2048
[   99.559720][ T5148] mmap: syz.5.2057 (5148) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   99.585757][ T5127] loop2: detected capacity change from 0 to 40427
[   99.593276][ T5146] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[   99.595467][ T5127] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   99.606296][ T5146] ext4 filesystem being mounted at /216/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   99.610774][ T5127] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   99.631761][   T39] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[   99.632290][ T5155] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2059'.
[   99.640116][ T5146] fs-verity: sha256 using implementation "sha256-avx2"
[   99.671006][ T5127] F2FS-fs (loop2): Found nat_bits in checkpoint
[   99.740362][ T5127] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   99.749604][ T5127] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   99.833098][   T39] usb 2-1: unable to get BOS descriptor or descriptor too short
[   99.845506][   T39] usb 2-1: config 6 has an invalid interface number: 200 but max is 0
[   99.853770][   T39] usb 2-1: config 6 has no interface number 0
[   99.859909][   T39] usb 2-1: config 6 interface 200 has no altsetting 0
[   99.882824][   T39] usb 2-1: New USB device found, idVendor=05d8, idProduct=810c, bcdDevice=18.5f
[   99.891966][   T39] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.899984][   T39] usb 2-1: Product: syz
[   99.904273][   T39] usb 2-1: Manufacturer: syz
[   99.908893][   T39] usb 2-1: SerialNumber: syz
[   99.973336][ T5178] loop5: detected capacity change from 0 to 512
[   99.983865][ T5178] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   99.993569][ T5178] ext4 filesystem being mounted at /496/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  100.013190][  T626] EXT4-fs (loop5): unmounting filesystem.
[  100.042730][ T5184] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  100.046806][ T5146] fs-verity (loop6, inode 13): Error -28 writing Merkle tree block 82640
[  100.058823][ T5146] fs-verity (loop6, inode 13): Error -28 building Merkle tree
[  100.110558][ T2268] EXT4-fs (loop6): unmounting filesystem.
[  100.111842][    T6] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  100.302769][    T6] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  100.310835][    T6] usb 3-1: config 0 has no interface number 0
[  100.316965][    T6] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  100.327870][    T6] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  100.337618][    T6] usb 3-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.18
[  100.346646][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.351781][   T60] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  100.355421][    T6] usb 3-1: config 0 descriptor??
[  100.471315][   T39] usb 2-1: USB disconnect, device number 6
[  100.541846][   T60] usb 6-1: Using ep0 maxpacket: 32
[  100.548193][   T60] usb 6-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  100.559095][   T60] usb 6-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  100.570001][   T60] usb 6-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  100.579198][   T60] usb 6-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  100.587603][   T60] usb 6-1: Product: syz
[  100.591902][   T60] usb 6-1: Manufacturer: syz
[  100.600610][   T60] hub 6-1:4.0: USB hub found
[  100.786877][    T6] input: HID 04d9:a055 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.1/0003:04D9:A055.0008/input/input15
[  100.799453][   T60] hub 6-1:4.0: 7 ports detected
[  100.804675][   T60] hub 6-1:4.0: insufficient power available to use all downstream ports
[  100.838441][ T5233] input: syz1 as /devices/virtual/input/input16
[  100.863820][    T6] holtek_kbd 0003:04D9:A055.0008: input,hidraw0: USB HID v0.00 Keyboard [HID 04d9:a055] on usb-dummy_hcd.2-1/input1
[  100.981157][   T39] usb 3-1: USB disconnect, device number 10
acpid: input device has been disconnected, fd 10
[  100.999741][   T60] hub 6-1:4.0: hub_hub_status failed (err = -71)
[  101.006135][   T60] hub 6-1:4.0: config failed, can't get hub status (err -71)
[  101.042345][   T60] usb 6-1: USB disconnect, device number 8
[  101.528038][ T5255] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2114'.
[  102.044153][ T5305] loop5: detected capacity change from 0 to 131072
[  102.052045][ T5305] F2FS-fs (loop5): invalid crc value
[  102.065464][ T5305] F2FS-fs (loop5): Found nat_bits in checkpoint
[  102.097189][ T5305] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  102.125287][ T5328] pim6reg0: tun_chr_ioctl cmd 1074025681
[  102.377420][ T5352] loop4: detected capacity change from 0 to 2048
[  102.419249][ T5352] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  102.428222][ T5352] ext4 filesystem being mounted at /414/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  102.579692][ T5387] loop2: detected capacity change from 0 to 512
[  102.607265][ T5387] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  102.620835][ T5387] ext4 filesystem being mounted at /413/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  102.639998][ T5387] EXT4-fs (loop2): shut down requested (2)
[  102.653012][ T5387] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[  102.673781][ T5387] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[  102.706789][  T286] EXT4-fs (loop2): unmounting filesystem.
[  102.735901][ T5393] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2163'.
[  102.755728][ T5393] netlink: 7 bytes leftover after parsing attributes in process `syz.2.2163'.
[  102.804913][ T5389] loop1: detected capacity change from 0 to 40427
[  102.815070][ T5389] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  102.824037][ T5389] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  102.849562][ T5389] F2FS-fs (loop1): Found nat_bits in checkpoint
[  102.873142][ T5352] fs-verity (loop4, inode 13): Error -28 writing Merkle tree block 82640
[  102.881623][ T5352] fs-verity (loop4, inode 13): Error -28 building Merkle tree
[  102.901969][ T5389] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  102.920455][ T5389] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  102.971280][ T5410] loop2: detected capacity change from 0 to 512
[  103.012806][ T5410] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  103.045471][ T5410] ext4 filesystem being mounted at /420/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  103.077663][  T284] EXT4-fs (loop4): unmounting filesystem.
[  103.188521][ T5422] device erspan0 entered promiscuous mode
[  103.341951][  T286] EXT4-fs (loop2): unmounting filesystem.
[  103.349250][ T5414] loop4: detected capacity change from 0 to 40427
[  103.356447][ T5414] F2FS-fs (loop4): Invalid log blocks per segment (83886089)
[  103.367801][ T5414] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  103.373081][ T5439] loop2: detected capacity change from 0 to 2048
[  103.386995][ T5414] F2FS-fs (loop4): invalid crc value
[  103.411724][ T5414] F2FS-fs (loop4): Found nat_bits in checkpoint
[  103.437952][ T5439] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  103.451830][ T5439] ext4 filesystem being mounted at /421/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  103.515695][ T5414] F2FS-fs (loop4): Start checkpoint disabled!
[  103.555434][ T5414] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  103.563672][ T5414] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  103.576692][ T5431] loop1: detected capacity change from 0 to 40427
[  103.592148][ T5431] F2FS-fs (loop1): invalid crc value
[  103.632528][ T5431] F2FS-fs (loop1): Found nat_bits in checkpoint
[  103.654257][  T577] kworker/u4:6: attempt to access beyond end of device
[  103.654257][  T577] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  103.717771][ T5471] syz.6.2195[5471] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  103.717844][ T5471] syz.6.2195[5471] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  103.755589][ T5431] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  103.815647][ T5431] syz.1.2180: attempt to access beyond end of device
[  103.815647][ T5431] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  103.885136][ T5484] syz.5.2202[5484] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  103.885208][ T5484] syz.5.2202[5484] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  103.896617][   T28] kauditd_printk_skb: 18 callbacks suppressed
[  103.896630][   T28] audit: type=1400 audit(2000000025.950:562): avc:  denied  { create } for  pid=5485 comm="syz.4.2201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  103.972202][   T28] audit: type=1400 audit(2000000025.990:563): avc:  denied  { setopt } for  pid=5485 comm="syz.4.2201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  104.034045][ T5498] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  104.051502][ T5439] fs-verity (loop2, inode 13): Error -28 writing Merkle tree block 82640
[  104.060122][ T5439] fs-verity (loop2, inode 13): Error -28 building Merkle tree
[  104.085734][ T5501] loop1: detected capacity change from 0 to 1024
[  104.105571][ T5501] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  104.114249][ T5501] ext4 filesystem being mounted at /489/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  104.126572][ T5501] EXT4-fs error (device loop1): ext4_readdir:263: inode #2: block 16: comm syz.1.2208: path /489/file1: bad entry in directory: rec_len is smaller than minimal - offset=876, inode=0, rec_len=0, size=1024 fake=0
[  104.147508][ T5501] EXT4-fs (loop1): Remounting filesystem read-only
[  104.172724][  T283] EXT4-fs (loop1): unmounting filesystem.
[  104.174980][  T286] EXT4-fs (loop2): unmounting filesystem.
[  104.181592][ T5508] loop5: detected capacity change from 0 to 2048
[  104.203637][ T5508] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  104.219879][ T5507] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  104.234649][ T5507] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 16 with error 28
[  104.247049][ T5507] EXT4-fs (loop5): This should not happen!! Data will be lost
[  104.247049][ T5507] 
[  104.256840][ T5507] EXT4-fs (loop5): Total free blocks count 0
[  104.262984][ T5507] EXT4-fs (loop5): Free/Dirty block details
[  104.268926][ T5507] EXT4-fs (loop5): free_blocks=66060288
[  104.274613][ T5507] EXT4-fs (loop5): dirty_blocks=16
[  104.279809][ T5507] EXT4-fs (loop5): Block reservation details
[  104.285922][ T5507] EXT4-fs (loop5): i_reserved_data_blocks=1
[  104.295275][  T626] EXT4-fs (loop5): unmounting filesystem.
[  104.461783][    T6] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  104.531768][  T355] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  104.641764][    T6] usb 3-1: Using ep0 maxpacket: 16
[  104.647921][    T6] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  104.655977][    T6] usb 3-1: config 0 has no interface number 0
[  104.662136][    T6] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  104.673030][    T6] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  104.682780][    T6] usb 3-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  104.691804][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.700254][    T6] usb 3-1: config 0 descriptor??
[  104.721828][  T355] usb 2-1: Using ep0 maxpacket: 8
[  104.728037][  T355] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  104.737844][  T355] usb 2-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00
[  104.746942][  T355] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.755449][  T355] usb 2-1: config 0 descriptor??
[  104.872210][   T28] audit: type=1400 audit(2000000026.930:564): avc:  denied  { connect } for  pid=5536 comm="syz.4.2223" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  105.080798][   T28] audit: type=1400 audit(2000000027.130:565): avc:  denied  { bind } for  pid=5545 comm="syz.4.2227" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  105.143395][   T28] audit: type=1400 audit(2000000027.200:566): avc:  denied  { name_bind } for  pid=5547 comm="syz.4.2228" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=rawip_socket permissive=1
[  105.166606][  T355] hid-multitouch 0003:0EEF:72C4.000A: unknown main item tag 0x0
[  105.181749][  T355] hid-multitouch 0003:0EEF:72C4.000A: unknown main item tag 0x0
[  105.190685][  T355] hid-multitouch 0003:0EEF:72C4.000A: unknown main item tag 0x0
[  105.203980][  T355] hid-multitouch 0003:0EEF:72C4.000A: unknown main item tag 0x0
[  105.211906][  T355] hid-multitouch 0003:0EEF:72C4.000A: unknown main item tag 0x0
[  105.220419][  T355] hid-multitouch 0003:0EEF:72C4.000A: hidraw0: USB HID v0.03 Device [HID 0eef:72c4] on usb-dummy_hcd.1-1/input0
[  105.222113][ T5556] incfs: Options parsing error. -22
[  105.237951][ T5556] incfs: mount failed -22
[  105.243903][ T5558] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2233'.
[  105.253042][ T5558] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2233'.
[  105.262280][ T5558] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2233'.
[  105.290032][ T5562] loop5: detected capacity change from 0 to 2048
[  105.303520][ T5562] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  105.308526][    T6] uclogic 0003:28BD:0071.0009: failed retrieving string descriptor #100: -71
[  105.315850][   T28] audit: type=1400 audit(2000000027.370:567): avc:  denied  { read } for  pid=5561 comm="syz.5.2235" name="file0" dev="loop5" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  105.320794][    T6] uclogic 0003:28BD:0071.0009: failed retrieving pen parameters: -71
[  105.351512][    T6] uclogic 0003:28BD:0071.0009: pen probing failed: -71
[  105.352335][  T626] EXT4-fs (loop5): unmounting filesystem.
[  105.358660][    T6] uclogic 0003:28BD:0071.0009: failed probing parameters: -71
[  105.372248][    T6] uclogic: probe of 0003:28BD:0071.0009 failed with error -71
[  105.381985][    T6] usb 3-1: USB disconnect, device number 11
[  105.394476][   T28] audit: type=1326 audit(2000000027.450:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5571 comm="syz.5.2238" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f467d18ebe9 code=0x0
[  105.442507][  T291] usb 2-1: USB disconnect, device number 7
[  105.475074][ T5580] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2242'.
[  105.588807][ T5594] 9pnet_fd: p9_fd_create_unix (5594): problem connecting socket: ./file0: -111
[  105.606438][ T5596] loop4: detected capacity change from 0 to 256
[  105.632206][ T5600] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2251'.
[  105.641347][ T5600] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  105.664700][ T5602] dvmrp1: tun_chr_ioctl cmd 1074025692
[  105.715711][ T5606] netlink: 'syz.4.2254': attribute type 11 has an invalid length.
[  105.723629][ T5606] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2254'.
[  105.756561][ T5612] loop4: detected capacity change from 0 to 512
[  105.763104][ T5612] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  105.838301][ T5617] netlink: 'syz.4.2259': attribute type 58 has an invalid length.
[  105.846282][ T5617] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2259'.
[  106.052202][   T28] audit: type=1400 audit(2000000028.110:569): avc:  denied  { mount } for  pid=5659 comm="syz.2.2278" name="/" dev="ramfs" ino=41475 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  106.075692][   T28] audit: type=1400 audit(2000000028.130:570): avc:  denied  { unmount } for  pid=286 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  106.102846][   T28] audit: type=1326 audit(2000000028.150:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5665 comm="syz.1.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa2f4185ba7 code=0x7ffc0000
[  106.371755][  T291] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  106.551715][  T291] usb 3-1: Using ep0 maxpacket: 8
[  106.558080][  T291] usb 3-1: unable to get BOS descriptor or descriptor too short
[  106.566497][  T291] usb 3-1: config 0 has an invalid interface number: 88 but max is 0
[  106.574628][  T291] usb 3-1: config 0 has no interface number 0
[  106.580698][  T291] usb 3-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  106.591760][  T291] usb 3-1: config 0 interface 88 has no altsetting 0
[  106.600432][  T291] usb 3-1: string descriptor 0 read error: -22
[  106.606715][  T291] usb 3-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31
[  106.615951][  T291] usb 3-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3
[  106.624571][  T291] usb 3-1: config 0 descriptor??
[  106.630428][  T291] input: USB Acecad Flair Tablet 0460:0004 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.88/input/input17
[  106.781737][  T355] usb 6-1: new full-speed USB device number 9 using dummy_hcd
[  107.892211][ T5699] device sit0 entered promiscuous mode
[  107.897763][ T5699] netlink: 'syz.1.2296': attribute type 1 has an invalid length.
[  107.905552][ T5699] netlink: 9 bytes leftover after parsing attributes in process `syz.1.2296'.
[  108.907028][ T2878] usb 3-1: USB disconnect, device number 12
[  108.914407][  T355] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  108.930119][   T28] kauditd_printk_skb: 65 callbacks suppressed
[  108.930135][   T28] audit: type=1400 audit(2000000030.980:637): avc:  denied  { map } for  pid=5700 comm="syz.4.2297" path="/dev/ashmem" dev="devtmpfs" ino=269 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  108.959808][  T355] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 255, setting to 64
[  108.984900][  T355] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  109.006760][  T355] usb 6-1: New USB device found, idVendor=05ac, idProduct=14ed, bcdDevice=64.94
[  109.016982][   T28] audit: type=1400 audit(2000000031.070:638): avc:  denied  { map } for  pid=5710 comm="syz.6.2302" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  109.041300][  T355] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.058799][  T355] usb 6-1: config 0 descriptor??
[  109.064092][ T5691] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[  109.109883][   T28] audit: type=1400 audit(2000000031.160:639): avc:  denied  { mount } for  pid=5721 comm="syz.6.2307" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  109.260444][   T28] audit: type=1400 audit(109.232:640): avc:  denied  { bind } for  pid=5750 comm="syz.1.2320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  109.279326][   T28] audit: type=1400 audit(109.232:641): avc:  denied  { connect } for  pid=5750 comm="syz.1.2320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  109.303929][ T5753] netlink: 92 bytes leftover after parsing attributes in process `syz.1.2321'.
[  109.396340][ T5762] Zero length message leads to an empty skb
[  109.410540][ T5764] loop1: detected capacity change from 0 to 256
[  109.419190][ T5764] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  109.449335][   T28] audit: type=1400 audit(109.422:642): avc:  denied  { mount } for  pid=5767 comm="syz.1.2328" name="/" dev="cgroup" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  109.481783][   T28] audit: type=1400 audit(109.452:643): avc:  denied  { unmount } for  pid=283 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  109.486104][ T5770] syzkaller0: tun_chr_ioctl cmd 2147767521
[  109.508329][  T355] hid-generic 0003:05AC:14ED.000B: unexpected long global item
[  109.519622][  T355] hid-generic: probe of 0003:05AC:14ED.000B failed with error -22
[  109.546681][ T5773] loop2: detected capacity change from 0 to 256
[  109.585347][ T5782] netlink: 'syz.2.2335': attribute type 34 has an invalid length.
[  109.610917][ T5783] loop1: detected capacity change from 0 to 256
[  109.633407][ T5789] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2338'.
[  109.642570][ T5789] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2338'.
[  109.663690][ T5791] loop1: detected capacity change from 0 to 2048
[  109.683025][ T5791] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  109.701629][ T5790] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  109.716937][ T5790] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 16 with error 28
[  109.718433][  T355] usb 6-1: USB disconnect, device number 9
[  109.729362][ T5790] EXT4-fs (loop1): This should not happen!! Data will be lost
[  109.729362][ T5790] 
[  109.744792][ T5790] EXT4-fs (loop1): Total free blocks count 0
[  109.750810][ T5790] EXT4-fs (loop1): Free/Dirty block details
[  109.756714][ T5790] EXT4-fs (loop1): free_blocks=66060288
[  109.762384][ T5790] EXT4-fs (loop1): dirty_blocks=16
[  109.767606][ T5790] EXT4-fs (loop1): Block reservation details
[  109.773630][ T5790] EXT4-fs (loop1): i_reserved_data_blocks=1
[  109.783302][  T283] EXT4-fs (loop1): unmounting filesystem.
[  109.803082][   T28] audit: type=1400 audit(109.782:644): avc:  denied  { mounton } for  pid=5796 comm="syz.1.2341" path="/529/file0" dev="ramfs" ino=41667 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[  110.000270][ T5820] loop1: detected capacity change from 0 to 256
[  110.006947][ T5820] exfat: Deprecated parameter 'utf8'
[  110.012377][ T5820] exfat: Deprecated parameter 'utf8'
[  110.017835][ T5820] exfat: Deprecated parameter 'utf8'
[  110.043009][ T5824] loop4: detected capacity change from 0 to 1024
[  110.050997][ T5820] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d)
[  110.068314][ T5824] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  110.080255][   T28] audit: type=1400 audit(110.052:645): avc:  denied  { mounton } for  pid=5819 comm="syz.1.2351" path="/534/file0/file0" dev="loop1" ino=1048679 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  110.103941][   T28] audit: type=1400 audit(110.062:646): avc:  denied  { unmount } for  pid=283 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  110.124558][  T284] EXT4-fs (loop4): unmounting filesystem.
[  110.148608][ T5840] input: syz0 as /devices/virtual/input/input18
[  110.149420][ T5837] loop1: detected capacity change from 0 to 2048
[  110.335925][ T5869] input: syz1 as /devices/virtual/input/input19
[  110.437110][ T5865] loop6: detected capacity change from 0 to 40427
[  110.444090][ T5865] F2FS-fs (loop6): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  110.451873][ T5865] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  110.477917][ T5865] F2FS-fs (loop6): invalid crc value
[  110.490620][ T5865] F2FS-fs (loop6): Found nat_bits in checkpoint
[  110.549302][ T5865] F2FS-fs (loop6): Try to recover 1th superblock, ret: -30
[  110.563896][ T5865] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  110.634060][ T5865] F2FS-fs (loop6): Corrupted max_depth of 3: 1537
[  110.724491][ T5906] loop1: detected capacity change from 0 to 512
[  110.741814][ T5906] EXT4-fs: Ignoring removed mblk_io_submit option
[  110.742065][ T5911] loop6: detected capacity change from 0 to 16
[  110.755594][ T5911] erofs: (device loop6): mounted with root inode @ nid 36.
[  110.760491][ T5906] EXT4-fs: Ignoring removed bh option
[  110.764535][ T5911] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop6 ino=86
[  110.777402][ T5906] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  110.777418][ T5911] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop6 ino=86
[  110.798456][ T5906] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  110.824094][ T5906] EXT4-fs (loop1): 1 truncate cleaned up
[  110.831229][ T5906] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  110.870416][  T283] EXT4-fs (loop1): unmounting filesystem.
[  110.945551][ T5921] loop2: detected capacity change from 0 to 2048
[  110.981228][ T5921] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  111.265037][ T5935] loop5: detected capacity change from 0 to 40427
[  111.272359][ T5935] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  111.280141][ T5935] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  111.289252][ T5935] F2FS-fs (loop5): invalid crc value
[  111.310215][ T5935] F2FS-fs (loop5): Found nat_bits in checkpoint
[  111.337369][ T5942] loop4: detected capacity change from 0 to 16
[  111.347462][ T5942] erofs: (device loop4): mounted with root inode @ nid 36.
[  111.356097][ T5935] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  111.357463][ T5942] erofs: (device loop4): erofs_readdir: invalid de[0].nameoff 0 @ nid 36
[  111.363204][ T5935] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  111.526139][ T5921] fs-verity (loop2, inode 13): Error -28 writing Merkle tree block 82640
[  111.539179][ T5921] fs-verity (loop2, inode 13): Error -28 building Merkle tree
[  111.650688][  T286] EXT4-fs (loop2): unmounting filesystem.
[  111.657879][ T5982] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2422'.
[  111.685451][ T5987] loop4: detected capacity change from 0 to 512
[  111.695274][ T5987] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  111.713046][ T5987] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  111.728816][  T284] EXT4-fs (loop4): unmounting filesystem.
[  111.839963][ T6021] incfs: Options parsing error. -22
[  111.845516][ T6021] incfs: mount failed -22
[  111.875964][ T6031] syz.2.2441[6031] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  111.876034][ T6031] syz.2.2441[6031] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  111.906193][ T6035] loop5: detected capacity change from 0 to 512
[  111.924457][ T6035] EXT4-fs: Ignoring removed nobh option
[  111.930500][ T6035] EXT4-fs (loop5): Test dummy encryption mode enabled
[  111.938851][ T6035] EXT4-fs error (device loop5): __ext4_iget:5079: inode #11: block 1: comm syz.5.2443: invalid block
[  111.950373][ T6035] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.2443: couldn't read orphan inode 11 (err -117)
[  111.962555][ T6035] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  111.983494][  T626] EXT4-fs (loop5): unmounting filesystem.
[  112.059682][ T6050] loop2: detected capacity change from 0 to 512
[  112.073197][ T6050] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  112.083708][ T6050] EXT4-fs (loop2): shut down requested (2)
[  112.093100][  T286] EXT4-fs (loop2): unmounting filesystem.
[  112.144734][ T6062] overlayfs: invalid origin (00000079000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)
[  112.145185][ T6061] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2453'.
[  112.183657][ T6064] loop2: detected capacity change from 0 to 7
[  112.225679][ T6078] loop2: detected capacity change from 0 to 512
[  112.232459][ T6078] EXT4-fs: Ignoring removed nobh option
[  112.239669][ T6078] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.2462: iget: bad i_size value: 38620345925642
[  112.252883][ T6078] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.2462: couldn't read orphan inode 15 (err -117)
[  112.265121][ T6078] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  112.332376][ T6086] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz.2.2462: bg 0: block 5: invalid block bitmap
[  112.345079][ T6086] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  112.357734][ T6086] EXT4-fs (loop2): This should not happen!! Data will be lost
[  112.357734][ T6086] 
[  112.367772][ T6086] EXT4-fs (loop2): Total free blocks count 0
[  112.373923][ T6086] EXT4-fs (loop2): Free/Dirty block details
[  112.379973][ T6086] EXT4-fs (loop2): free_blocks=0
[  112.385176][ T6086] EXT4-fs (loop2): dirty_blocks=3648
[  112.392097][ T6086] EXT4-fs (loop2): Block reservation details
[  112.398159][ T6086] EXT4-fs (loop2): i_reserved_data_blocks=3648
[  112.422389][   T10] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 1596 with error 28
[  112.465906][ T6092] user requested TSC rate below hardware speed
[  112.601602][ T6100] loop2: detected capacity change from 0 to 16
[  112.608438][ T6100] erofs: (device loop2): mounted with root inode @ nid 36.
[  112.712830][ T6115] loop4: detected capacity change from 0 to 256
[  112.719470][ T6115] exfat: Deprecated parameter 'utf8'
[  112.724854][ T6115] exfat: Deprecated parameter 'namecase'
[  112.730580][ T6115] exfat: Deprecated parameter 'namecase'
[  112.736334][ T6115] exfat: Deprecated parameter 'utf8'
[  112.743873][ T6115] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffad0, utbl_chksum : 0xe619d30d)
[  113.076118][ T6137] loop4: detected capacity change from 0 to 128
[  113.083696][ T6137] EXT4-fs (loop4): Test dummy encryption mode enabled
[  113.091758][ T6137] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  113.101735][   T39] usb 3-1: new full-speed USB device number 13 using dummy_hcd
[  113.116071][  T284] EXT4-fs (loop4): unmounting filesystem.
[  113.153297][ T6149] tun0: tun_chr_ioctl cmd 1074025676
[  113.158607][ T6149] tun0: owner set to 0
[  113.323797][   T39] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  113.341713][   T39] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  113.351922][   T39] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[  113.381522][   T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  113.392381][   T39] usb 3-1: SerialNumber: syz
[  113.402450][   T39] usb 3-1: 0:2 : does not exist
[  113.467991][ T6184] loop4: detected capacity change from 0 to 8192
[  113.642743][    T6] hid-generic 0000:0004:0000.000C: unknown main item tag 0x0
[  113.659238][    T6] hid-generic 0000:0004:0000.000C: unknown main item tag 0x0
[  113.675488][    T6] hid-generic 0000:0004:0000.000C: unknown main item tag 0x0
[  113.686744][    T6] hid-generic 0000:0004:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  113.809737][   T39] usb 3-1: USB disconnect, device number 13
[  113.896937][ T6241] input: syz0 as /devices/virtual/input/input21
[  113.936607][ T6245] loop5: detected capacity change from 0 to 2048
[  114.000193][ T6245] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  114.026227][ T6245] fs-verity (loop5, inode 13): Unknown hash algorithm number: 0
[  114.048871][ T6243] loop4: detected capacity change from 0 to 40427
[  114.056044][ T6243] F2FS-fs (loop4): fault_injection options not supported
[  114.056099][  T626] EXT4-fs (loop5): unmounting filesystem.
[  114.064113][ T6243] F2FS-fs (loop4): fault_type options not supported
[  114.076236][ T6243] F2FS-fs (loop4): invalid crc value
[  114.083776][ T6243] F2FS-fs (loop4): Found nat_bits in checkpoint
[  114.119135][ T6243] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  114.178046][ T6255] loop5: detected capacity change from 0 to 512
[  114.184618][ T6255] EXT4-fs: Ignoring removed mblk_io_submit option
[  114.191208][ T6255] EXT4-fs: Ignoring removed bh option
[  114.197455][ T6255] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  114.208859][ T6255] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  114.220609][ T6255] EXT4-fs (loop5): 1 truncate cleaned up
[  114.226355][ T6255] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  114.275607][  T626] EXT4-fs (loop5): unmounting filesystem.
[  114.306312][ T6270] loop5: detected capacity change from 0 to 2048
[  114.347599][   T28] kauditd_printk_skb: 14 callbacks suppressed
[  114.347614][   T28] audit: type=1400 audit(114.322:661): avc:  denied  { remount } for  pid=6276 comm="syz.2.2549" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  114.366838][ T6270] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  114.405540][   T28] audit: type=1400 audit(114.382:662): avc:  denied  { setopt } for  pid=6288 comm="syz.1.2553" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  114.406358][ T6287] loop2: detected capacity change from 0 to 512
[  114.434286][ T6287] EXT4-fs: Ignoring removed nomblk_io_submit option
[  114.455914][ T6287] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  114.467588][ T6287] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c000e128, mo2=0002]
[  114.476278][ T6287] EXT4-fs (loop2): orphan cleanup on readonly fs
[  114.482761][ T6287] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0
[  114.492210][ T6287] EXT4-fs warning (device loop2): ext4_enable_quotas:7053: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  114.511900][ T6287] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  114.523351][ T6287] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.2552: bg 0: block 40: padding at end of block bitmap is not set
[  114.524632][ T6295] loop4: detected capacity change from 0 to 512
[  114.538009][ T6287] EXT4-fs (loop2): Remounting filesystem read-only
[  114.550458][ T6287] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  114.559320][ T6287] EXT4-fs (loop2): Remounting filesystem read-only
[  114.566278][ T6287] EXT4-fs (loop2): 1 truncate cleaned up
[  114.572202][ T6287] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  114.581986][ T6295] EXT4-fs: Ignoring removed mblk_io_submit option
[  114.588482][   T28] audit: type=1400 audit(114.562:663): avc:  denied  { read } for  pid=6286 comm="syz.2.2552" name="file2" dev="overlay" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  114.601216][ T6295] EXT4-fs: Ignoring removed bh option
[  114.616013][ T6287] EXT4-fs error (device loop2): ext4_encrypted_get_link:46: inode #16: comm syz.2.2552: bad symlink.
[  114.633761][ T6295] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  114.657960][   T28] audit: type=1326 audit(114.572:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6298 comm="syz.1.2557" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa2f418ebe9 code=0x0
[  114.693097][ T6295] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  114.717282][ T6295] EXT4-fs (loop4): 1 truncate cleaned up
[  114.730611][ T6295] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  114.849041][  T284] EXT4-fs (loop4): unmounting filesystem.
[  114.876003][ T6308] loop4: detected capacity change from 0 to 512
[  114.889788][ T6270] fs-verity (loop5, inode 13): Error -28 writing Merkle tree block 82640
[  114.899042][ T6308] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  114.908048][ T6270] fs-verity (loop5, inode 13): Error -28 building Merkle tree
[  114.936178][ T6308] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a84fc018, mo2=0002]
[  114.951769][ T6308] System zones: 0-2, 18-18, 34-34
[  114.957724][ T6308] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  114.980035][ T6308] SELinux:  Context system_u:object_r:auth_cache_t:s0 is not valid (left unmapped).
[  115.002038][   T28] audit: type=1400 audit(114.982:665): avc:  denied  { relabelto } for  pid=6307 comm="syz.4.2561" name="file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 trawcon="system_u:object_r:auth_cache_t:s0"
[  115.029053][ T6308] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  115.037162][  T626] EXT4-fs (loop5): unmounting filesystem.
[  115.051822][  T284] EXT4-fs (loop4): unmounting filesystem.
[  115.077927][   T28] audit: type=1326 audit(115.052:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6313 comm="syz.4.2563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34dc78ebe9 code=0x7ffc0000
[  115.122889][   T28] audit: type=1326 audit(115.052:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6313 comm="syz.4.2563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34dc78ebe9 code=0x7ffc0000
[  115.181723][   T28] audit: type=1326 audit(115.082:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6313 comm="syz.4.2563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f34dc78ebe9 code=0x7ffc0000
[  116.871751][   T28] audit: type=1326 audit(115.082:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6313 comm="syz.4.2563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34dc78ebe9 code=0x7ffc0000
[  116.908804][  T286] bridge0: port 3(syz_tun) entered disabled state
[  116.916404][  T286] device syz_tun left promiscuous mode
[  116.921944][  T286] bridge0: port 3(syz_tun) entered disabled state
[  116.925385][ T6323] loop4: detected capacity change from 0 to 2048
[  116.996224][ T6328] loop1: detected capacity change from 0 to 128
[  117.020894][ T6328] EXT4-fs (loop1): Test dummy encryption mode enabled
[  117.036043][ T6328] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0082]
[  117.050598][ T6328] System zones: 1-3, 19-19, 35-36
[  117.068356][ T6328] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  117.084214][  T286] EXT4-fs (loop2): unmounting filesystem.
[  117.093417][ T6328] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  117.113267][  T283] EXT4-fs (loop1): unmounting filesystem.
[  117.142838][ T6342] loop1: detected capacity change from 0 to 128
[  117.149369][ T6342] EXT4-fs: Ignoring removed nobh option
[  117.156467][ T6342] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  117.182534][  T283] EXT4-fs (loop1): unmounting filesystem.
[  117.216443][ T6351] loop4: detected capacity change from 0 to 1024
[  117.233427][ T6351] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  117.245361][ T6351] EXT4-fs (loop4): Online resizing not supported with bigalloc
[  117.260149][  T284] EXT4-fs (loop4): unmounting filesystem.
[  117.264459][ T6357] loop5: detected capacity change from 0 to 256
[  117.272603][ T6357] exfat: Deprecated parameter 'utf8'
[  117.285879][ T6361] loop1: detected capacity change from 0 to 512
[  117.294429][ T6361] EXT4-fs: Ignoring removed nobh option
[  117.300116][ T6361] EXT4-fs: Ignoring removed i_version option
[  117.309422][ T6361] EXT4-fs (loop1): Test dummy encryption mode enabled
[  117.310863][ T6357] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x2f6dd1fa, utbl_chksum : 0xe619d30d)
[  117.317858][ T6361] EXT4-fs error (device loop1): ext4_orphan_get:1400: comm syz.1.2582: inode #13: comm syz.1.2582: iget: illegal inode #
[  117.341307][ T6361] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.2582: couldn't read orphan inode 13 (err -117)
[  117.341646][ T6352] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.369734][ T6352] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.377402][ T6352] device bridge_slave_0 entered promiscuous mode
[  117.384256][ T6361] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  117.384930][ T6352] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.400480][ T6352] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.408433][ T6352] device bridge_slave_1 entered promiscuous mode
[  117.440075][ T6374] loop5: detected capacity change from 0 to 128
[  117.447156][ T6361] EXT4-fs error (device loop1): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.1.2582: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  117.478818][  T283] EXT4-fs (loop1): unmounting filesystem.
[  117.518995][ T6384] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2589'.
[  117.612653][ T6352] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.619733][ T6352] bridge0: port 2(bridge_slave_1) entered forwarding state
[  117.627027][ T6352] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.634068][ T6352] bridge0: port 1(bridge_slave_0) entered forwarding state
[  117.658597][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  117.669338][ T6410] loop4: detected capacity change from 0 to 128
[  117.680015][  T579] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.693951][  T579] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.736212][   T10] device bridge_slave_1 left promiscuous mode
[  117.746160][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.771875][   T10] device bridge_slave_0 left promiscuous mode
[  117.782436][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.801790][   T10] device bridge0 left promiscuous mode
[  117.807314][   T10] device veth1_macvtap left promiscuous mode
[  117.830821][   T10] device veth0_vlan left promiscuous mode
[  117.972501][ T6441] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  117.980474][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  117.988675][  T579] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.995720][  T579] bridge0: port 1(bridge_slave_0) entered forwarding state
[  118.003188][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  118.011355][  T579] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.018402][  T579] bridge0: port 2(bridge_slave_1) entered forwarding state
[  118.026612][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  118.034733][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  118.051999][ T2878] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  118.053066][ T6352] device veth0_vlan entered promiscuous mode
[  118.070130][ T6447] loop5: detected capacity change from 0 to 512
[  118.074112][ T6445] loop1: detected capacity change from 0 to 2048
[  118.083035][ T6447] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  118.093525][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  118.093636][ T6447] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  118.111763][ T6447] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  118.120732][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  118.122659][ T6447] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  118.137699][ T6447] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=e040e01c, mo2=0000]
[  118.137741][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  118.145627][ T6447] EXT4-fs (loop5): failed to initialize system zone (-117)
[  118.157792][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  118.168547][ T6447] EXT4-fs (loop5): mount failed
[  118.168605][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  118.181586][ T6445] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  118.183443][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  118.199122][ T6453] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2616'.
[  118.218435][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  118.228518][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  118.236261][ T6455] loop6: detected capacity change from 0 to 512
[  118.237941][ T6352] device veth1_macvtap entered promiscuous mode
[  118.242859][ T2878] usb 5-1: Using ep0 maxpacket: 8
[  118.253820][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  118.262157][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  118.270491][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  118.279716][ T2878] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  118.290930][ T6455] EXT4-fs (loop6): Test dummy encryption mode enabled
[  118.298456][ T6455] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  118.298834][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  118.308432][ T2878] usb 5-1: config 0 has no interfaces?
[  118.325435][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  118.334418][ T2878] usb 5-1: New USB device found, idVendor=0471, idProduct=0313, bcdDevice=81.d5
[  118.345574][ T6455] EXT4-fs error (device loop6): ext4_orphan_get:1426: comm syz.6.2617: bad orphan inode 131083
[  118.360374][ T2878] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.371420][ T6455] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  118.400320][ T2878] usb 5-1: Product: syz
[  118.407676][ T6464] loop7: detected capacity change from 0 to 128
[  118.424248][ T2878] usb 5-1: Manufacturer: syz
[  118.433261][ T2878] usb 5-1: SerialNumber: syz
[  118.443126][ T6464] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  118.454466][ T2878] usb 5-1: config 0 descriptor??
[  118.472641][ T6464] fscrypt (loop7, inode 12): Mutually exclusive encryption flags (0x1b)
[  118.503191][ T6352] EXT4-fs (loop7): unmounting filesystem.
[  118.743874][   T39] usb 5-1: USB disconnect, device number 11
crond[187]: time disparity of -33333331 minutes detected

[  118.839835][ T6445] fs-verity (loop1, inode 13): Error -28 writing Merkle tree block 82640
[  118.849782][ T6445] fs-verity (loop1, inode 13): Error -28 building Merkle tree
[  118.863969][ T6474] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.876784][ T6474] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.884633][ T6474] device bridge_slave_0 entered promiscuous mode
[  118.898298][ T6474] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.906716][ T6474] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.914704][ T6474] device bridge_slave_1 entered promiscuous mode
[  119.004479][  T579] device bridge_slave_1 left promiscuous mode
[  119.011024][  T579] bridge0: port 2(bridge_slave_1) entered disabled state
[  119.019306][  T579] device bridge_slave_0 left promiscuous mode
[  119.025538][  T579] bridge0: port 1(bridge_slave_0) entered disabled state
[  119.034805][  T579] device veth1_macvtap left promiscuous mode
[  119.041599][  T579] device veth0_vlan left promiscuous mode
[  119.174812][ T6496] loop1: detected capacity change from 0 to 1024
[  119.195706][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  119.203957][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  119.211706][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  119.220272][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  119.233508][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.240612][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[  119.248834][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  119.267789][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  119.272383][ T6509] loop1: detected capacity change from 0 to 256
[  119.276337][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  119.290944][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.298004][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[  119.306906][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  119.311391][ T6511] loop4: detected capacity change from 0 to 1024
[  119.323633][ T6509] exFAT-fs (loop1): failed to load upcase table (idx : 0x000106cd, chksum : 0x3aeaf2c0, utbl_chksum : 0xe619d30d)
[  119.332365][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  119.336890][ T6511] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  119.344006][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  119.355874][ T6509] exFAT-fs (loop1): error, found bogus dentry(11) beyond unused empty group(10) (start_clu : 5, cur_clu : 5)
[  119.370553][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  119.379424][ T6509] exFAT-fs (loop1): Filesystem has been set read-only
[  119.380112][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  119.398047][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  119.399173][ T6511] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c800e02c, mo2=0000]
[  119.405721][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  119.425232][ T6474] device veth0_vlan entered promiscuous mode
[  119.437878][ T6511] EXT4-fs error (device loop4): ext4_free_blocks:6210: comm syz.4.2638: Freeing blocks not in datazone - block = 0, count = 4096
[  119.441524][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  119.461744][ T6511] EXT4-fs (loop4): Remounting filesystem read-only
[  119.468395][ T6511] EXT4-fs (loop4): 1 orphan inode deleted
[  119.484756][ T6474] device veth1_macvtap entered promiscuous mode
[  119.520289][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  119.532007][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  119.566863][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  119.585371][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  119.619458][ T6525] loop1: detected capacity change from 0 to 40427
[  119.636152][ T6525] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  119.643231][ T6534] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  119.644263][ T6525] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  119.671874][ T6525] F2FS-fs (loop1): invalid crc_offset: 33558524
[  119.679334][ T6525] F2FS-fs (loop1): Found nat_bits in checkpoint
[  119.699008][ T6525] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  119.706155][ T6525] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  119.735019][ T6545] loop4: detected capacity change from 0 to 4096
[  119.743697][ T6548] loop8: detected capacity change from 0 to 128
[  119.752799][ T6545] EXT4-fs warning (device loop4): ext4_enable_quotas:7053: Failed to enable quota tracking (type=1, err=-13, ino=4). Please run e2fsck to fix.
[  119.769226][ T6545] EXT4-fs (loop4): mount failed
[  120.420035][ T6589] loop5: detected capacity change from 0 to 2048
[  120.658954][ T6596] loop4: detected capacity change from 0 to 1024
[  120.737119][ T6601] EXT4-fs error (device loop4): ext4_map_blocks:745: inode #15: comm syz.4.2671: lblock 0 mapped to illegal pblock 0 (length 4)
[  120.793424][ T6601] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 4 with error 117
[  120.806945][ T6603] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2674'.
[  120.818590][   T28] kauditd_printk_skb: 88 callbacks suppressed
[  120.818603][   T28] audit: type=1326 audit(120.792:758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6604 comm="syz.8.2673" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa02778ebe9 code=0x0
[  120.825337][ T6589] fs-verity (loop5, inode 13): Error -28 writing Merkle tree block 82640
[  120.861736][ T6601] EXT4-fs (loop4): This should not happen!! Data will be lost
[  120.861736][ T6601] 
[  120.875877][ T6589] fs-verity (loop5, inode 13): Error -28 building Merkle tree
[  121.010967][   T43] EXT4-fs error (device loop4): ext4_map_blocks:745: inode #15: block 4: comm kworker/u4:2: lblock 4 mapped to illegal pblock 4 (length 2)
[  121.025539][   T43] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 2 with error 117
[  121.034207][ T6614] loop5: detected capacity change from 0 to 512
[  121.038030][   T43] EXT4-fs (loop4): This should not happen!! Data will be lost
[  121.038030][   T43] 
[  121.044738][ T6614] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  121.055703][   T10] EXT4-fs error (device loop4): ext4_map_blocks:745: inode #15: block 8: comm kworker/u4:1: lblock 8 mapped to illegal pblock 8 (length 8)
[  121.080238][   T10] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  121.092606][   T10] EXT4-fs (loop4): This should not happen!! Data will be lost
[  121.092606][   T10] 
[  121.222973][ T6634] loop1: detected capacity change from 0 to 256
[  121.231449][ T6634] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  121.249604][ T6634] exFAT-fs (loop1): hint_cluster is invalid (17)
[  121.268716][ T6637] loop4: detected capacity change from 0 to 512
[  121.289931][ T6637] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  121.331270][ T6637] EXT4-fs (loop4): re-mounted. Quota mode: writeback.
[  121.483599][ T6639] loop1: detected capacity change from 0 to 40427
[  121.490571][ T6639] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  121.498589][ T6639] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  121.507624][ T6639] F2FS-fs (loop1): invalid crc value
[  121.514665][ T6639] F2FS-fs (loop1): Found nat_bits in checkpoint
[  121.566718][ T6639] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  121.581753][ T6639] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  121.879129][ T6658] loop4: detected capacity change from 0 to 40427
[  121.902795][ T6658] F2FS-fs (loop4): Invalid segment/section count (24 != 24 * 3)
[  121.920615][ T6658] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  121.940950][ T6658] F2FS-fs (loop4): heap/no_heap options were deprecated
[  121.954180][ T6658] F2FS-fs (loop4): invalid crc value
[  121.974568][ T6658] F2FS-fs (loop4): Found nat_bits in checkpoint
[  121.982964][ T6681] input: syz1 as /devices/virtual/input/input22
[  122.053434][ T6658] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  122.060495][ T6658] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  122.263615][ T6710] loop5: detected capacity change from 0 to 512
[  122.275699][ T6710] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  122.285658][  T284] syz-executor: attempt to access beyond end of device
[  122.285658][  T284] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  122.302009][ T6710] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e02c, mo2=0002]
[  122.310382][ T6710] EXT4-fs (loop5): orphan cleanup on readonly fs
[  122.330593][ T6710] EXT4-fs error (device loop5): ext4_orphan_get:1426: comm syz.5.2715: bad orphan inode 267
[  122.341700][ T6710] EXT4-fs (loop5): Remounting filesystem read-only
[  122.347544][ T6718] loop7: detected capacity change from 0 to 1024
[  122.359394][ T6710] EXT4-fs warning (device loop5): dx_probe:893: inode #2: comm syz.5.2715: dx entry: limit 0 != root limit 125
[  122.371796][ T6710] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.2715: Corrupt directory, running e2fsck is recommended
[  122.408248][  T579] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm kworker/u4:7: bg 0: block 464: padding at end of block bitmap is not set
[  122.434191][  T579] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 117
[  122.446731][  T579] EXT4-fs (loop7): This should not happen!! Data will be lost
[  122.446731][  T579] 
[  122.468665][ T6726] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2721'.
[  122.505581][ T6730] loop7: detected capacity change from 0 to 2048
[  122.505979][ T6732] loop4: detected capacity change from 0 to 128
[  122.743601][ T6730] fs-verity (loop7, inode 13): Error -28 writing Merkle tree block 82640
[  122.752144][ T6730] fs-verity (loop7, inode 13): Error -28 building Merkle tree
[  122.796415][ T6737] syz.5.2725 uses obsolete (PF_INET,SOCK_PACKET)
[  122.798328][ T6738] loop4: detected capacity change from 0 to 1024
[  122.858214][ T6745] SELinux:  Context system_u:object_r:dhcpd_exec_t:s0 is not valid (left unmapped).
[  122.868002][   T28] audit: type=1400 audit(122.852:759): avc:  denied  { relabelto } for  pid=6744 comm="syz.4.2727" name="" dev="pipefs" ino=48303 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1 trawcon="system_u:object_r:dhcpd_exec_t:s0"
[  122.987385][ T6757] loop4: detected capacity change from 0 to 512
[  123.096203][ T6761] loop1: detected capacity change from 0 to 512
[  123.119517][ T6761] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.2734: inode #1: comm syz.1.2734: iget: illegal inode #
[  123.146654][ T6761] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.2734: error while reading EA inode 1 err=-117
[  123.195291][ T6755] loop5: detected capacity change from 0 to 40427
[  123.203204][ T6755] F2FS-fs (loop5): invalid crc value
[  123.205448][ T6761] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.2734: inode #1: comm syz.1.2734: iget: illegal inode #
[  123.226380][ T6755] F2FS-fs (loop5): Found nat_bits in checkpoint
[  123.242347][ T6761] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.2734: error while reading EA inode 1 err=-117
[  123.272779][ T6755] F2FS-fs (loop5): Start checkpoint disabled!
[  123.279353][ T6761] EXT4-fs (loop1): 1 orphan inode deleted
[  123.289662][ T6755] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  123.407074][   T43] kworker/u4:2: attempt to access beyond end of device
[  123.407074][   T43] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  123.491143][ T6780] dvmrp1: tun_chr_ioctl cmd 1074025677
[  123.503177][ T6780] dvmrp1: linktype set to 0
[  123.514187][ T6782] loop5: detected capacity change from 0 to 128
[  123.812330][ T6799] loop1: detected capacity change from 0 to 40427
[  123.820385][ T6799] F2FS-fs (loop1): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  123.828189][ T6799] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  123.837116][ T6799] F2FS-fs (loop1): invalid crc value
[  123.862678][ T6799] F2FS-fs (loop1): Found nat_bits in checkpoint
[  123.881759][ T6814] loop7: detected capacity change from 0 to 256
[  123.893698][ T6814] exfat: Deprecated parameter 'namecase'
[  123.904836][ T6814] exfat: Deprecated parameter 'utf8'
[  123.912001][ T6799] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  123.918621][ T6814] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  123.919176][ T6799] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  124.034973][ T6831] tipc: Started in network mode
[  124.042831][ T6831] tipc: Node identity ac14140f, cluster identity 4711
[  124.062533][ T6831] tipc: New replicast peer: 255.255.255.255
[  124.069195][ T6831] tipc: Enabled bearer <udp:syz2>, priority 10
[  124.120860][ T6801] syz.5.2752 (6801) used greatest stack depth: 20448 bytes left
[  124.130142][ T6841] binder: 6840:6841 ioctl 400c620e 2000000001c0 returned -22
[  124.138189][   T28] audit: type=1400 audit(124.112:760): avc:  denied  { unmount } for  pid=284 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  124.191099][  T356] hid-generic 0003:0004:0000.000D: unknown main item tag 0x0
[  124.200542][  T356] hid-generic 0003:0004:0000.000D: unknown main item tag 0x0
[  124.210793][  T356] hid-generic 0003:0004:0000.000D: unknown main item tag 0x0
[  124.222550][  T356] hid-generic 0003:0004:0000.000D: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  124.304750][ T6860] loop4: detected capacity change from 0 to 1024
[  124.375660][ T6853] loop7: detected capacity change from 0 to 40427
[  124.383899][ T6853] F2FS-fs (loop7): Invalid segment/section count (24 != 24 * 3)
[  124.392382][ T6853] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  124.401000][ T6853] F2FS-fs (loop7): heap/no_heap options were deprecated
[  124.409334][ T6853] F2FS-fs (loop7): invalid crc value
[  124.412143][ T6799] F2FS-fs (loop1): Start checkpoint disabled!
[  124.420985][ T6799] syz.1.2751: attempt to access beyond end of device
[  124.420985][ T6799] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  124.425691][ T6853] F2FS-fs (loop7): Found nat_bits in checkpoint
[  124.472358][ T6853] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  124.479552][ T6853] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  124.491722][   T19] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  124.644779][ T6352] syz-executor: attempt to access beyond end of device
[  124.644779][ T6352] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  124.671724][   T19] usb 6-1: Using ep0 maxpacket: 16
[  124.679765][   T19] usb 6-1: unable to get BOS descriptor or descriptor too short
[  124.693787][   T19] usb 6-1: no configurations
[  124.701116][   T19] usb 6-1: can't read configurations, error -22
[  124.893027][ T6912] loop7: detected capacity change from 0 to 40427
[  124.899850][ T6912] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[  124.907774][ T6912] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  124.916874][ T6912] F2FS-fs (loop7): invalid crc value
[  124.923409][ T6912] F2FS-fs (loop7): Found nat_bits in checkpoint
[  124.944338][ T6912] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  124.951441][ T6912] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  125.037627][ T6926] netlink: 36 bytes leftover after parsing attributes in process `syz.7.2803'.
[  125.091812][ T2878] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  125.181761][    T6] tipc: Node number set to 2886997007
[  125.196127][   T28] audit: type=1400 audit(125.172:761): avc:  denied  { bind } for  pid=6938 comm="syz.5.2809" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  125.271734][ T2878] usb 5-1: Using ep0 maxpacket: 32
[  125.278169][ T2878] usb 5-1: config 0 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  125.289246][ T2878] usb 5-1: config 0 interface 0 has no altsetting 0
[  125.295875][ T2878] usb 5-1: New USB device found, idVendor=056a, idProduct=00f4, bcdDevice= 0.00
[  125.305011][ T2878] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.313469][ T2878] usb 5-1: config 0 descriptor??
[  125.411138][ T6952] loop1: detected capacity change from 0 to 256
[  125.417695][ T6952] exfat: Deprecated parameter 'namecase'
[  125.425418][ T6952] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  125.513959][ T6967] loop7: detected capacity change from 0 to 7
[  125.520395][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  125.529581][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  125.537667][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  125.546879][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  125.554742][ T6967]  loop7: unable to read partition table
[  125.560606][ T6967] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  125.584324][ T6970] tmpfs: Unknown parameter 'gr'
[  125.599442][ T6972] loop5: detected capacity change from 0 to 1024
[  125.666082][ T6975] EXT4-fs error (device loop5): ext4_map_blocks:745: inode #15: comm syz.5.2824: lblock 0 mapped to illegal pblock 0 (length 4)
[  125.679668][ T6975] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 4 with error 117
[  125.692234][ T6975] EXT4-fs (loop5): This should not happen!! Data will be lost
[  125.692234][ T6975] 
[  125.722953][ T2878] wacom 0003:056A:00F4.000E: item fetching failed at offset 0/1
[  125.730787][ T2878] wacom 0003:056A:00F4.000E: parse failed
[  125.736571][ T2878] wacom: probe of 0003:056A:00F4.000E failed with error -22
[  125.796774][   T10] EXT4-fs error (device loop5): ext4_map_blocks:745: inode #15: block 4: comm kworker/u4:1: lblock 4 mapped to illegal pblock 4 (length 2)
[  125.811282][   T10] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 2 with error 117
[  125.823619][   T10] EXT4-fs (loop5): This should not happen!! Data will be lost
[  125.823619][   T10] 
[  125.834536][  T579] EXT4-fs error (device loop5): ext4_map_blocks:745: inode #15: block 8: comm kworker/u4:7: lblock 8 mapped to illegal pblock 8 (length 8)
[  125.848972][  T579] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  125.861347][  T579] EXT4-fs (loop5): This should not happen!! Data will be lost
[  125.861347][  T579] 
[  125.930747][  T770] usb 5-1: USB disconnect, device number 12
[  125.950678][ T6977] SELinux: ebitmap: truncated map
[  125.957733][ T6977] SELinux: failed to load policy
[  126.217130][ T6998] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.224218][ T6998] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.231552][ T6998] device bridge_slave_0 entered promiscuous mode
[  126.238411][ T6998] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.245525][ T6998] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.252909][ T6998] device bridge_slave_1 entered promiscuous mode
[  126.297673][ T6998] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.304783][ T6998] bridge0: port 2(bridge_slave_1) entered forwarding state
[  126.312180][ T6998] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.319211][ T6998] bridge0: port 1(bridge_slave_0) entered forwarding state
[  126.347919][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  126.356826][  T579] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.364476][  T579] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.376751][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  126.385111][  T579] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.392164][  T579] bridge0: port 1(bridge_slave_0) entered forwarding state
[  126.402753][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  126.411030][  T579] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.418062][  T579] bridge0: port 2(bridge_slave_1) entered forwarding state
[  126.440124][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  126.450803][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  126.470602][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  126.493434][ T6998] device veth0_vlan entered promiscuous mode
[  126.501528][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  126.518716][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  126.522172][ T7033] SELinux: ebitmap: truncated map
[  126.527513][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  126.535670][ T7033] SELinux: failed to load policy
[  126.539439][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  126.553241][ T6998] device veth1_macvtap entered promiscuous mode
[  126.564279][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  126.577882][  T579] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  126.678670][ T7036] loop4: detected capacity change from 0 to 40427
[  126.685687][ T7036] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  126.693495][ T7036] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  126.702273][ T7036] F2FS-fs (loop4): invalid crc value
[  126.708793][ T7036] F2FS-fs (loop4): Found nat_bits in checkpoint
[  126.727673][ T7045] netlink: 44 bytes leftover after parsing attributes in process `syz.5.2851'.
[  126.741057][ T7036] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  126.748778][ T7036] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  126.749481][ T7048] loop5: detected capacity change from 0 to 512
[  126.763089][   T43] device bridge_slave_1 left promiscuous mode
[  126.769231][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.777841][   T43] device bridge_slave_0 left promiscuous mode
[  126.784135][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.794443][   T43] device bridge0 left promiscuous mode
[  126.799995][   T43] device veth1_macvtap left promiscuous mode
[  126.806331][   T43] device veth0_vlan left promiscuous mode
[  126.866448][   T10] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  126.881188][   T10] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 1025 with error 28
[  126.893929][   T10] EXT4-fs (loop5): This should not happen!! Data will be lost
[  126.893929][   T10] 
[  126.903784][   T10] EXT4-fs (loop5): Total free blocks count 0
[  126.909834][   T10] EXT4-fs (loop5): Free/Dirty block details
[  126.915831][   T10] EXT4-fs (loop5): free_blocks=65280
[  126.921121][   T10] EXT4-fs (loop5): dirty_blocks=1025
[  126.926464][   T10] EXT4-fs (loop5): Block reservation details
[  126.932452][   T10] EXT4-fs (loop5): i_reserved_data_blocks=1025
[  127.432941][ T7056] loop1: detected capacity change from 0 to 1024
[  127.443716][ T7060] loop4: detected capacity change from 0 to 512
[  127.450433][ T7060] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  127.462131][ T7060] EXT4-fs (loop4): 1 truncate cleaned up
[  127.511829][ T7064] EXT4-fs error (device loop1): ext4_map_blocks:745: inode #15: comm syz.1.2854: lblock 0 mapped to illegal pblock 0 (length 4)
[  127.555656][ T7064] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 4 with error 117
[  127.588259][ T7064] EXT4-fs (loop1): This should not happen!! Data will be lost
[  127.588259][ T7064] 
[  127.698899][   T43] EXT4-fs error (device loop1): ext4_map_blocks:745: inode #15: block 4: comm kworker/u4:2: lblock 4 mapped to illegal pblock 4 (length 2)
[  127.713457][   T43] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 2 with error 117
[  127.726207][   T43] EXT4-fs (loop1): This should not happen!! Data will be lost
[  127.726207][   T43] 
[  127.737427][   T43] EXT4-fs error (device loop1): ext4_map_blocks:745: inode #15: block 8: comm kworker/u4:2: lblock 8 mapped to illegal pblock 8 (length 8)
[  127.752122][   T43] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  127.765041][   T43] EXT4-fs (loop1): This should not happen!! Data will be lost
[  127.765041][   T43] 
[  127.861559][ T7072] SELinux: ebitmap: truncated map
[  127.870534][ T7072] SELinux: failed to load policy
[  127.891863][   T28] audit: type=1400 audit(127.872:762): avc:  denied  { create } for  pid=7079 comm="syz.4.2865" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  127.912156][   T28] audit: type=1400 audit(127.872:763): avc:  denied  { mounton } for  pid=7079 comm="syz.4.2865" path="/604/file0" dev="tmpfs" ino=3177 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  127.934889][   T28] audit: type=1400 audit(127.872:764): avc:  denied  { mounton } for  pid=7079 comm="syz.4.2865" path="/604/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1
[  127.994777][ T7091] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7091 comm=syz.1.2870
[  128.008786][ T7091] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=7091 comm=syz.1.2870
[  128.087483][ T7104] SELinux: ebitmap: truncated map
[  128.089767][ T7112] loop4: detected capacity change from 0 to 2048
[  128.096635][ T7104] SELinux: failed to load policy
[  128.104444][ T7110] SELinux:  Context system_u:object_r:syslogd_var_run_t:s0 is not valid (left unmapped).
[  128.115360][   T28] audit: type=1400 audit(128.092:765): avc:  denied  { relabelto } for  pid=7109 comm="syz.1.2878" name="NETLINK" dev="sockfs" ino=49266 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=netlink_route_socket permissive=1 trawcon="system_u:object_r:syslogd_var_run_t:s0"
[  128.233163][   T28] audit: type=1400 audit(128.212:766): avc:  denied  { setopt } for  pid=7132 comm="syz.4.2887" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  128.281721][   T28] audit: type=1400 audit(128.252:767): avc:  denied  { create } for  pid=7138 comm="syz.7.2894" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  128.458084][ T7134] loop8: detected capacity change from 0 to 40427
[  128.472105][ T7134] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12
[  128.479981][ T7134] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  128.494603][ T7134] F2FS-fs (loop8): invalid crc value
[  128.518337][ T7165] loop5: detected capacity change from 0 to 1024
[  128.519679][ T7134] F2FS-fs (loop8): Found nat_bits in checkpoint
[  128.548914][ T7137] loop1: detected capacity change from 0 to 40427
[  128.555831][ T7165] EXT4-fs: Ignoring removed i_version option
[  128.564549][ T7165] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  128.576748][ T7137] F2FS-fs (loop1): Invalid SB checksum offset: 0
[  128.578557][ T7134] F2FS-fs (loop8): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  128.590379][ T7137] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  128.596290][ T7134] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  128.607275][   T28] audit: type=1400 audit(128.582:768): avc:  denied  { transition } for  pid=7175 comm="syz.4.2907" path="/618/file0" dev="tmpfs" ino=3251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process permissive=1
[  128.612624][ T7137] F2FS-fs (loop1): invalid crc value
[  128.631111][ T7134] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  128.643491][   T28] audit: type=1400 audit(128.582:769): avc:  denied  { entrypoint } for  pid=7175 comm="syz.4.2907" path="/618/file0" dev="tmpfs" ino=3251 scontext=system_u:object_r:hugetlbfs_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  128.667588][ T7165] EXT4-fs mount: 34 callbacks suppressed
[  128.667604][ T7165] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  128.693390][   T28] audit: type=1400 audit(128.582:770): avc:  denied  { noatsecure } for  pid=7175 comm="syz.4.2907" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process permissive=1
[  128.717890][ T7165] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:3841: comm syz.5.2903: Allocating blocks 497-513 which overlap fs metadata
[  128.732593][ T7137] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  128.733027][ T7165] EXT4-fs (loop5): pa ffff888136c75690: logic 256, phys. 385, len 8
[  128.751752][ T7165] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[  128.776573][ T7137] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  128.783859][ T7137] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  128.818227][  T283] syz-executor: attempt to access beyond end of device
[  128.818227][  T283] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  128.892705][ T6998] EXT4-fs (loop5): unmounting filesystem.
[  128.900883][ T7188] loop8: detected capacity change from 0 to 2048
[  128.927644][ T7188] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  128.935060][ T7199] netlink: 'syz.5.2915': attribute type 3 has an invalid length.
[  128.941833][ T7188] fs-verity: sha512 using implementation "sha512-avx2"
[  128.944035][ T7199] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2915'.
[  128.969905][ T6474] EXT4-fs (loop8): unmounting filesystem.
[  129.067069][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  129.074875][ T7225] Bluetooth: hci0: received HCILL_GO_TO_SLEEP_ACK in state 2
[  129.109048][ T7227] loop7: detected capacity change from 0 to 2048
[  129.130348][ T7231] loop8: detected capacity change from 0 to 512
[  129.145495][ T7231] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  129.165488][ T6474] EXT4-fs (loop8): unmounting filesystem.
[  129.231395][ T7242] loop7: detected capacity change from 0 to 1024
[  129.238764][ T7242] EXT4-fs: Ignoring removed i_version option
[  129.245309][ T7242] EXT4-fs: Ignoring removed nobh option
[  129.258112][ T7242] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  129.281793][ T7242] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  129.296600][   T28] audit: type=1400 audit(129.272:771): avc:  denied  { create } for  pid=7249 comm="syz.1.2938" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  129.326694][ T6352] EXT4-fs (loop7): unmounting filesystem.
[  129.463684][ T7265] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  129.491645][  T472] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  129.501588][  T472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  129.522039][  T472] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  129.537717][  T472] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  129.556260][  T472] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  129.566744][  T472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  129.580498][  T472] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  129.594419][  T472] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  129.699898][ T7274] loop4: detected capacity change from 0 to 128
[  129.717121][ T7276] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  129.717415][ T7274] EXT4-fs (loop4): Test dummy encryption mode enabled
[  129.761914][ T7274] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  129.859457][  T284] EXT4-fs (loop4): unmounting filesystem.
[  129.926051][ T7292] loop4: detected capacity change from 0 to 2048
[  129.944402][ T7292] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  129.964255][  T284] EXT4-fs (loop4): unmounting filesystem.
[  130.009012][ T7307] loop7: detected capacity change from 0 to 1024
[  130.015766][ T7307] EXT4-fs: Ignoring removed nobh option
[  130.021396][ T7307] EXT4-fs: Ignoring removed bh option
[  130.028161][ T7307] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  130.043355][ T7307] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  130.066574][ T6352] EXT4-fs (loop7): unmounting filesystem.
[  130.098420][ T7313] loop7: detected capacity change from 0 to 1024
[  130.114213][ T7313] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  130.133750][ T6352] EXT4-fs (loop7): unmounting filesystem.
[  130.151040][ T7317] loop7: detected capacity change from 0 to 1024
[  130.174328][ T7317] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  130.237102][ T7320] EXT4-fs error (device loop7): ext4_map_blocks:745: inode #15: comm syz.7.2963: lblock 0 mapped to illegal pblock 0 (length 4)
[  130.274729][ T7320] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 4 with error 117
[  130.314471][ T7320] EXT4-fs (loop7): This should not happen!! Data will be lost
[  130.314471][ T7320] 
[  130.433689][  T472] EXT4-fs error (device loop7): ext4_map_blocks:745: inode #15: block 4: comm kworker/u4:5: lblock 4 mapped to illegal pblock 4 (length 2)
[  130.449296][  T472] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 2 with error 117
[  130.461761][  T472] EXT4-fs (loop7): This should not happen!! Data will be lost
[  130.461761][  T472] 
[  130.473262][  T472] EXT4-fs error (device loop7): ext4_map_blocks:745: inode #15: block 8: comm kworker/u4:5: lblock 8 mapped to illegal pblock 8 (length 8)
[  130.488103][  T472] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  130.500516][  T472] EXT4-fs (loop7): This should not happen!! Data will be lost
[  130.500516][  T472] 
[  130.624383][ T6352] EXT4-fs (loop7): unmounting filesystem.
[  130.814739][ T7339] loop1: detected capacity change from 0 to 16
[  130.827489][ T7339] erofs: (device loop1): EXPERIMENTAL compressed fragments feature in use. Use at your own risk!
[  130.861711][ T7339] erofs: (device loop1): EXPERIMENTAL global deduplication feature in use. Use at your own risk!
[  130.881843][ T7339] erofs: (device loop1): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk!
[  130.897329][ T7339] erofs: (device loop1): mounted with root inode @ nid 36.
[  131.095566][ T7368] IPv6: addrconf: prefix option has invalid lifetime
[  131.103669][ T7368] IPv6: addrconf: prefix option has invalid lifetime
[  131.121733][ T4819] Bluetooth: hci0: command 0x1003 tx timeout
[  131.128102][  T642] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  131.205245][ T7385] loop8: detected capacity change from 0 to 512
[  131.212031][ T7385] EXT4-fs: Ignoring removed i_version option
[  131.218316][ T7385] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  131.229582][ T7385] EXT4-fs (loop8): 1 truncate cleaned up
[  131.235387][ T7385] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  131.249354][ T7385] EXT4-fs error (device loop8): ext4_xattr_ibody_find:2195: inode #15: comm syz.8.2993: corrupted in-inode xattr
[  131.261981][ T7385] EXT4-fs warning (device loop8): ext4_xattr_set_entry:1732: inode #15: comm syz.8.2993: unable to update i_inline_off
[  131.274603][ T7385] EXT4-fs error (device loop8): ext4_xattr_ibody_find:2195: inode #15: comm syz.8.2993: corrupted in-inode xattr
[  131.289781][ T7385] EXT4-fs error (device loop8): ext4_xattr_ibody_find:2195: inode #15: comm syz.8.2993: corrupted in-inode xattr
[  131.309059][ T6474] EXT4-fs (loop8): unmounting filesystem.
[  131.359338][ T7401] loop8: detected capacity change from 0 to 2048
[  131.373591][ T7401] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  131.412239][ T6474] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  131.442239][ T6474] EXT4-fs error (device loop8) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  131.471619][ T6474] EXT4-fs (loop8): unmounting filesystem.
[  131.503693][ T7412] loop8: detected capacity change from 0 to 1024
[  131.512037][ T7412] EXT4-fs: Ignoring removed bh option
[  131.520543][ T7412] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  131.571605][ T7412] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  131.583089][ T7410] loop5: detected capacity change from 0 to 40427
[  131.596579][ T7410] F2FS-fs (loop5): heap/no_heap options were deprecated
[  131.604515][ T7410] F2FS-fs (loop5): fault_injection options not supported
[  131.605287][ T6474] EXT4-fs (loop8): unmounting filesystem.
[  131.611620][ T7410] F2FS-fs (loop5): fault_type options not supported
[  131.625299][ T7410] F2FS-fs (loop5): invalid crc value
[  131.635418][ T7410] F2FS-fs (loop5): Found nat_bits in checkpoint
[  131.655938][ T7410] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  131.684983][ T7410] syz.5.3002: attempt to access beyond end of device
[  131.684983][ T7410] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  131.706015][ T6998] syz-executor: attempt to access beyond end of device
[  131.706015][ T6998] loop5: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  131.733627][ T7428] loop4: detected capacity change from 0 to 128
[  131.792688][ T7434] loop5: detected capacity change from 0 to 128
[  131.799163][ T7434] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  131.956637][ T7443] loop5: detected capacity change from 0 to 128
[  131.963177][ T7443] EXT4-fs: Ignoring removed nomblk_io_submit option
[  131.970060][ T7443] EXT4-fs (loop5): Test dummy encryption mode enabled
[  131.977866][ T7443] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  131.994225][ T6998] EXT4-fs (loop5): unmounting filesystem.
[  132.011740][   T39] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  132.191779][   T39] usb 5-1: Using ep0 maxpacket: 16
[  132.198711][   T39] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  132.209750][   T39] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  132.219933][   T39] usb 5-1: config 0 interface 0 has no altsetting 0
[  132.226663][   T39] usb 5-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  132.235808][   T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.244204][   T39] usb 5-1: config 0 descriptor??
[  132.655078][   T39] hid (null): report_id 0 is invalid
[  132.660528][   T39] hid (null): bogus close delimiter
[  132.665863][   T39] hid (null): invalid report_count 1939077990
[  132.671938][   T39] hid (null): invalid report_count 56161
[  132.677557][   T39] hid (null): bogus close delimiter
[  132.682791][   T39] hid (null): nested delimiters
[  132.687635][   T39] hid (null): unknown global tag 0xd
[  132.861003][   T39] usb 5-1: USB disconnect, device number 13
[  134.654821][ T7463] loop7: detected capacity change from 0 to 256
[  134.661741][ T7465] loop8: detected capacity change from 0 to 1024
[  134.672343][ T7463] exFAT-fs (loop7): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  134.696006][ T7465] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  134.731584][   T28] kauditd_printk_skb: 7 callbacks suppressed
[  134.731599][   T28] audit: type=1400 audit(134.702:779): avc:  denied  { ioctl } for  pid=7480 comm="syz.1.3033" path="socket:[50983]" dev="sockfs" ino=50983 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  134.779593][ T7484] EXT4-fs error (device loop8): ext4_map_blocks:745: inode #15: comm syz.8.3023: lblock 0 mapped to illegal pblock 0 (length 4)
[  134.892312][ T7484] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 4 with error 117
[  134.961516][ T7484] EXT4-fs (loop8): This should not happen!! Data will be lost
[  134.961516][ T7484] 
[  134.984007][ T7500] loop4: detected capacity change from 0 to 1024
[  134.990649][ T7500] EXT4-fs: Ignoring removed i_version option
[  135.023435][   T28] audit: type=1400 audit(135.002:780): avc:  denied  { read } for  pid=7505 comm="syz.7.3044" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  135.043517][ T7507] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1546 sclass=netlink_route_socket pid=7507 comm=syz.5.3043
[  135.061835][ T7500] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  135.081758][ T7507] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3043'.
[  135.101064][ T7511] loop1: detected capacity change from 0 to 128
[  135.117478][ T7511] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  135.129993][ T7500] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  135.142006][  T472] EXT4-fs error (device loop8): ext4_map_blocks:745: inode #15: block 4: comm kworker/u4:5: lblock 4 mapped to illegal pblock 4 (length 2)
[  135.164281][  T472] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 2 with error 117
[  135.185348][ T7500] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3841: comm syz.4.3041: Allocating blocks 497-513 which overlap fs metadata
[  135.186496][  T472] EXT4-fs (loop8): This should not happen!! Data will be lost
[  135.186496][  T472] 
[  135.199583][ T7500] EXT4-fs (loop4): pa ffff888136ef2000: logic 256, phys. 385, len 8
[  135.211508][  T579] EXT4-fs error (device loop8): ext4_map_blocks:745: inode #15: block 8: comm kworker/u4:7: lblock 8 mapped to illegal pblock 8 (length 8)
[  135.217166][ T7500] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[  135.231788][  T579] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  135.253696][  T579] EXT4-fs (loop8): This should not happen!! Data will be lost
[  135.253696][  T579] 
[  135.272876][  T283] EXT4-fs (loop1): unmounting filesystem.
[  135.305655][   T28] audit: type=1400 audit(135.282:781): avc:  denied  { append } for  pid=7528 comm="syz.5.3053" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  135.305759][ T7527] loop1: detected capacity change from 0 to 1024
[  135.382406][  T284] EXT4-fs (loop4): unmounting filesystem.
[  135.400323][ T7527] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  135.409577][ T6474] EXT4-fs (loop8): unmounting filesystem.
[  135.412719][ T7527] EXT4-fs (loop1): shut down requested (2)
[  135.431696][  T283] EXT4-fs (loop1): unmounting filesystem.
[  135.451864][ T7546] loop4: detected capacity change from 0 to 1024
[  135.463953][ T7546] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  135.513167][ T7559] loop1: detected capacity change from 0 to 128
[  135.528927][ T7559] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  135.538754][ T7561] EXT4-fs error (device loop4): ext4_map_blocks:745: inode #15: comm syz.4.3060: lblock 0 mapped to illegal pblock 0 (length 4)
[  135.574607][  T283] EXT4-fs (loop1): unmounting filesystem.
[  135.605119][ T7561] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 4 with error 117
[  135.618509][ T7561] EXT4-fs (loop4): This should not happen!! Data will be lost
[  135.618509][ T7561] 
[  135.627879][ T7565] sch_fq: defrate 4294967295 ignored.
[  135.699068][ T7570] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  135.725947][  T579] EXT4-fs error (device loop4): ext4_map_blocks:745: inode #15: block 4: comm kworker/u4:7: lblock 4 mapped to illegal pblock 4 (length 2)
[  135.742498][  T579] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 2 with error 117
[  135.755155][  T579] EXT4-fs (loop4): This should not happen!! Data will be lost
[  135.755155][  T579] 
[  135.766602][  T579] EXT4-fs error (device loop4): ext4_map_blocks:745: inode #15: block 8: comm kworker/u4:7: lblock 8 mapped to illegal pblock 8 (length 8)
[  135.780988][  T579] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  135.793352][  T579] EXT4-fs (loop4): This should not happen!! Data will be lost
[  135.793352][  T579] 
[  135.892747][  T284] EXT4-fs (loop4): unmounting filesystem.
[  138.184242][ T7595] syz.8.3085[7595] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  138.184316][ T7595] syz.8.3085[7595] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  138.375296][ T7628] loop5: detected capacity change from 0 to 128
[  138.409124][ T7628] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a80ec018, mo2=0002]
[  138.417218][ T7628] System zones: 1-3, 19-19, 35-36
[  138.429112][ T7628] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  138.447854][ T7628] EXT4-fs warning (device loop5): ext4_group_add:1743: No reserved GDT blocks, can't resize
[  138.477510][ T6998] EXT4-fs (loop5): unmounting filesystem.
[  138.635670][ T7642] loop8: detected capacity change from 0 to 40427
[  138.644000][ T7642] F2FS-fs (loop8): invalid crc value
[  138.650194][ T7642] F2FS-fs (loop8): Found nat_bits in checkpoint
[  138.684778][ T7642] F2FS-fs (loop8): Start checkpoint disabled!
[  138.691551][ T7642] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[  138.711701][   T60] usb 5-1: new full-speed USB device number 14 using dummy_hcd
[  138.723847][ T7642] F2FS-fs (loop8): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  138.750916][   T43] kworker/u4:2: attempt to access beyond end of device
[  138.750916][   T43] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  138.816279][ T7669] loop7: detected capacity change from 0 to 40427
[  138.823335][ T7669] F2FS-fs (loop7): heap/no_heap options were deprecated
[  138.830392][ T7669] F2FS-fs (loop7): fault_injection options not supported
[  138.837522][ T7669] F2FS-fs (loop7): fault_type options not supported
[  138.844932][ T7669] F2FS-fs (loop7): invalid crc value
[  138.851317][ T7669] F2FS-fs (loop7): Found nat_bits in checkpoint
[  138.884904][ T7669] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  138.908515][ T7669] syz.7.3109: attempt to access beyond end of device
[  138.908515][ T7669] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  138.923620][   T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  138.934587][   T60] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  138.947462][   T60] usb 5-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00
[  138.947681][ T6352] syz-executor: attempt to access beyond end of device
[  138.947681][ T6352] loop7: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  138.956514][   T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.957121][   T60] usb 5-1: config 0 descriptor??
[  138.983706][ T7637] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  139.193453][   T60] usbhid 5-1:0.0: can't add hid device: -71
[  139.200086][   T60] usbhid: probe of 5-1:0.0 failed with error -71
[  139.209391][   T60] usb 5-1: USB disconnect, device number 14
[  139.219536][ T7688] KVM: debugfs: duplicate directory 7688-4
[  139.724152][ T7707] sch_fq: defrate 4294967295 ignored.
[  139.961190][ T7710] loop4: detected capacity change from 0 to 40427
[  139.968339][ T7710] F2FS-fs (loop4): heap/no_heap options were deprecated
[  139.987600][ T7710] F2FS-fs (loop4): fault_injection options not supported
[  139.994786][ T7710] F2FS-fs (loop4): fault_type options not supported
[  140.014427][ T7710] F2FS-fs (loop4): invalid crc value
[  140.045400][ T7710] F2FS-fs (loop4): Found nat_bits in checkpoint
[  140.090509][ T7710] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  140.166908][ T7710] syz.4.3123: attempt to access beyond end of device
[  140.166908][ T7710] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  140.209088][  T284] syz-executor: attempt to access beyond end of device
[  140.209088][  T284] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  140.812235][ T7733] loop1: detected capacity change from 0 to 1024
[  140.821550][ T7733] Quota error (device loop1): do_check_range: Getting block 64 out of range 1-5
[  140.830690][ T7733] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  140.840130][ T7733] EXT4-fs error (device loop1): ext4_acquire_dquot:6801: comm syz.1.3134: Failed to acquire dquot type 0
[  140.852029][ T7733] EXT4-fs error (device loop1): mb_free_blocks:1815: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  140.866797][ T7733] EXT4-fs error (device loop1): ext4_do_update_inode:5256: inode #13: comm syz.1.3134: corrupted inode contents
[  140.879007][ T7733] EXT4-fs error (device loop1): ext4_dirty_inode:6121: inode #13: comm syz.1.3134: mark_inode_dirty error
[  140.890695][ T7733] EXT4-fs error (device loop1): ext4_do_update_inode:5256: inode #13: comm syz.1.3134: corrupted inode contents
[  140.902874][ T7733] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #13: comm syz.1.3134: mark_inode_dirty error
[  140.914456][ T7733] EXT4-fs error (device loop1): ext4_do_update_inode:5256: inode #13: comm syz.1.3134: corrupted inode contents
[  140.926772][ T7733] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  140.935525][ T7733] EXT4-fs error (device loop1): ext4_do_update_inode:5256: inode #13: comm syz.1.3134: corrupted inode contents
[  140.948795][ T7733] EXT4-fs error (device loop1): ext4_truncate:4314: inode #13: comm syz.1.3134: mark_inode_dirty error
[  140.960944][ T7733] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  140.971241][ T7733] EXT4-fs (loop1): 1 truncate cleaned up
[  140.977097][ T7733] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  141.005845][  T283] EXT4-fs (loop1): unmounting filesystem.
[  141.419844][ T7747] netlink: 'syz.4.3140': attribute type 1 has an invalid length.
[  141.427649][ T7747] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3140'.
[  141.455123][  T284] ------------[ cut here ]------------
[  141.460652][  T284] WARNING: CPU: 1 PID: 284 at fs/inode.c:332 drop_nlink+0xc5/0x110
[  141.468583][  T284] Modules linked in:
[  141.472499][  T284] CPU: 1 PID: 284 Comm: syz-executor Not tainted syzkaller #0
[  141.479940][  T284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  141.490018][  T284] RIP: 0010:drop_nlink+0xc5/0x110
[  141.495064][  T284] Code: 1b 48 8d bb b8 04 00 00 be 08 00 00 00 e8 03 ea f0 ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 9b 82 ac ff <0f> 0b eb 86 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 5e ff ff ff 4c
[  141.514684][  T284] RSP: 0018:ffffc9000cadfc38 EFLAGS: 00010293
[  141.520737][  T284] RAX: ffffffff81c386c5 RBX: ffff88810855ea18 RCX: ffff88810e886540
[  141.528756][  T284] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  141.536766][  T284] RBP: ffffc9000cadfc60 R08: 0000000000000004 R09: 0000000000000003
[  141.544797][  T284] R10: fffff5200195bf78 R11: 1ffff9200195bf78 R12: dffffc0000000000
[  141.552819][  T284] R13: 1ffff110210abd4c R14: ffff88810855ea60 R15: 0000000000000000
[  141.560801][  T284] FS:  00005555670c1500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  141.569778][  T284] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  141.576412][  T284] CR2: 00005555670e44e8 CR3: 000000012dfbe000 CR4: 00000000003506a0
[  141.584421][  T284] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  141.592435][  T284] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  141.600421][  T284] Call Trace:
[  141.603734][  T284]  <TASK>
[  141.606681][  T284]  shmem_rmdir+0x5b/0x90
[  141.610956][  T284]  vfs_rmdir+0x393/0x500
[  141.615257][  T284]  incfs_kill_sb+0x105/0x220
[  141.619886][  T284]  deactivate_locked_super+0xb5/0x120
[  141.625300][  T284]  deactivate_super+0xaf/0xe0
[  141.630002][  T284]  cleanup_mnt+0x45f/0x4e0
[  141.634476][  T284]  __cleanup_mnt+0x19/0x20
[  141.638906][  T284]  task_work_run+0x1db/0x240
[  141.643536][  T284]  ? __cfi_task_work_run+0x10/0x10
[  141.648676][  T284]  ? __x64_sys_umount+0x125/0x160
[  141.653744][  T284]  ? __cfi___x64_sys_umount+0x10/0x10
[  141.659147][  T284]  exit_to_user_mode_loop+0x9b/0xb0
[  141.664381][  T284]  exit_to_user_mode_prepare+0x5a/0xa0
[  141.669853][  T284]  syscall_exit_to_user_mode+0x1a/0x30
[  141.675363][  T284]  do_syscall_64+0x58/0xa0
[  141.679807][  T284]  ? clear_bhb_loop+0x30/0x80
[  141.684536][  T284]  ? clear_bhb_loop+0x30/0x80
[  141.689234][  T284]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  141.695162][  T284] RIP: 0033:0x7f34dc78ff17
[  141.699582][  T284] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  141.719212][  T284] RSP: 002b:00007fff7d3e33e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  141.727641][  T284] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f34dc78ff17
[  141.735617][  T284] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff7d3e34a0
[  141.743597][  T284] RBP: 00007fff7d3e34a0 R08: 0000000000000000 R09: 0000000000000000
[  141.751565][  T284] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff7d3e4530
[  141.759559][  T284] R13: 00007f34dc811c05 R14: 0000000000022873 R15: 00007fff7d3e4570
[  141.767549][  T284]  </TASK>
[  141.770561][  T284] ---[ end trace 0000000000000000 ]---
[  141.776144][  T284] ==================================================================
[  141.784221][  T284] BUG: KASAN: null-ptr-deref in ihold+0x20/0x60
[  141.790484][  T284] Write of size 4 at addr 0000000000000170 by task syz-executor/284
[  141.798446][  T284] 
[  141.800754][  T284] CPU: 0 PID: 284 Comm: syz-executor Tainted: G        W          syzkaller #0
[  141.809667][  T284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  141.819707][  T284] Call Trace:
[  141.822969][  T284]  <TASK>
[  141.825884][  T284]  __dump_stack+0x21/0x24
[  141.830195][  T284]  dump_stack_lvl+0xee/0x150
[  141.834768][  T284]  ? __cfi_dump_stack_lvl+0x8/0x8
[  141.839779][  T284]  ? ihold+0x20/0x60
[  141.843656][  T284]  ? ihold+0x20/0x60
[  141.847531][  T284]  print_report+0x3d/0x60
[  141.851844][  T284]  kasan_report+0x122/0x150
[  141.856337][  T284]  ? ihold+0x20/0x60
[  141.860212][  T284]  kasan_check_range+0x280/0x290
[  141.865131][  T284]  __kasan_check_write+0x14/0x20
[  141.870058][  T284]  ihold+0x20/0x60
[  141.873759][  T284]  vfs_rmdir+0x25f/0x500
[  141.877986][  T284]  incfs_kill_sb+0x105/0x220
[  141.882567][  T284]  deactivate_locked_super+0xb5/0x120
[  141.887926][  T284]  deactivate_super+0xaf/0xe0
[  141.892585][  T284]  cleanup_mnt+0x45f/0x4e0
[  141.896991][  T284]  __cleanup_mnt+0x19/0x20
[  141.901395][  T284]  task_work_run+0x1db/0x240
[  141.905970][  T284]  ? __cfi_task_work_run+0x10/0x10
[  141.911063][  T284]  ? __x64_sys_umount+0x125/0x160
[  141.916070][  T284]  ? __cfi___x64_sys_umount+0x10/0x10
[  141.921427][  T284]  exit_to_user_mode_loop+0x9b/0xb0
[  141.927562][  T284]  exit_to_user_mode_prepare+0x5a/0xa0
[  141.933011][  T284]  syscall_exit_to_user_mode+0x1a/0x30
[  141.938463][  T284]  do_syscall_64+0x58/0xa0
[  141.942861][  T284]  ? clear_bhb_loop+0x30/0x80
[  141.947521][  T284]  ? clear_bhb_loop+0x30/0x80
[  141.952184][  T284]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  141.958060][  T284] RIP: 0033:0x7f34dc78ff17
[  141.962458][  T284] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  141.982044][  T284] RSP: 002b:00007fff7d3e33e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  141.990443][  T284] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f34dc78ff17
[  141.998395][  T284] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff7d3e34a0
[  142.006348][  T284] RBP: 00007fff7d3e34a0 R08: 0000000000000000 R09: 0000000000000000
[  142.014302][  T284] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff7d3e4530
[  142.022253][  T284] R13: 00007f34dc811c05 R14: 0000000000022873 R15: 00007fff7d3e4570
[  142.030295][  T284]  </TASK>
[  142.033293][  T284] ==================================================================
[  142.074799][  T284] Disabling lock debugging due to kernel taint
[  142.080987][  T284] BUG: kernel NULL pointer dereference, address: 0000000000000170
[  142.088801][  T284] #PF: supervisor write access in kernel mode
[  142.094864][  T284] #PF: error_code(0x0002) - not-present page
[  142.100849][  T284] PGD 131e54067 P4D 131e54067 PUD 0 
[  142.106150][  T284] Oops: 0002 [#1] PREEMPT SMP KASAN
[  142.111346][  T284] CPU: 1 PID: 284 Comm: syz-executor Tainted: G    B   W          syzkaller #0
[  142.120277][  T284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  142.130333][  T284] RIP: 0010:ihold+0x26/0x60
[  142.134952][  T284] Code: 33 36 7c df 55 48 89 e5 41 56 53 48 89 fb e8 01 7a ac ff 48 8d bb 70 01 00 00 be 04 00 00 00 e8 40 e1 f0 ff 41 be 01 00 00 00 <f0> 44 0f c1 b3 70 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 f1
[  142.154574][  T284] RSP: 0018:ffffc9000cadfc78 EFLAGS: 00010246
[  142.160732][  T284] RAX: ffff88810e886500 RBX: 0000000000000000 RCX: ffff88810e886540
[  142.168708][  T284] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  142.176686][  T284] RBP: ffffc9000cadfc88 R08: dffffc0000000000 R09: fffffbfff0f2d6fd
[  142.184683][  T284] R10: fffffbfff0f2d6fd R11: 1ffffffff0f2d6fc R12: ffff88810855ea24
[  142.192655][  T284] R13: dffffc0000000000 R14: 0000000000000001 R15: 0000000000000000
[  142.200625][  T284] FS:  00005555670c1500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  142.209553][  T284] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  142.216139][  T284] CR2: 0000000000000170 CR3: 000000012dfbe000 CR4: 00000000003506a0
[  142.224114][  T284] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  142.232084][  T284] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  142.240054][  T284] Call Trace:
[  142.243327][  T284]  <TASK>
[  142.246254][  T284]  vfs_rmdir+0x25f/0x500
[  142.250497][  T284]  incfs_kill_sb+0x105/0x220
[  142.255087][  T284]  deactivate_locked_super+0xb5/0x120
[  142.260459][  T284]  deactivate_super+0xaf/0xe0
[  142.265138][  T284]  cleanup_mnt+0x45f/0x4e0
[  142.269567][  T284]  __cleanup_mnt+0x19/0x20
[  142.273992][  T284]  task_work_run+0x1db/0x240
[  142.278595][  T284]  ? __cfi_task_work_run+0x10/0x10
[  142.283707][  T284]  ? __x64_sys_umount+0x125/0x160
[  142.288731][  T284]  ? __cfi___x64_sys_umount+0x10/0x10
[  142.294114][  T284]  exit_to_user_mode_loop+0x9b/0xb0
[  142.299316][  T284]  exit_to_user_mode_prepare+0x5a/0xa0
[  142.304785][  T284]  syscall_exit_to_user_mode+0x1a/0x30
[  142.310255][  T284]  do_syscall_64+0x58/0xa0
[  142.314680][  T284]  ? clear_bhb_loop+0x30/0x80
[  142.319363][  T284]  ? clear_bhb_loop+0x30/0x80
[  142.324027][  T284]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  142.329903][  T284] RIP: 0033:0x7f34dc78ff17
[  142.334300][  T284] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  142.353975][  T284] RSP: 002b:00007fff7d3e33e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  142.362371][  T284] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f34dc78ff17
[  142.370327][  T284] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff7d3e34a0
[  142.378278][  T284] RBP: 00007fff7d3e34a0 R08: 0000000000000000 R09: 0000000000000000
[  142.386229][  T284] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff7d3e4530
[  142.394204][  T284] R13: 00007f34dc811c05 R14: 0000000000022873 R15: 00007fff7d3e4570
[  142.402176][  T284]  </TASK>
[  142.405175][  T284] Modules linked in:
[  142.409066][  T284] CR2: 0000000000000170
[  142.413191][  T284] ---[ end trace 0000000000000000 ]---
[  142.418622][  T284] RIP: 0010:ihold+0x26/0x60
[  142.423104][  T284] Code: 33 36 7c df 55 48 89 e5 41 56 53 48 89 fb e8 01 7a ac ff 48 8d bb 70 01 00 00 be 04 00 00 00 e8 40 e1 f0 ff 41 be 01 00 00 00 <f0> 44 0f c1 b3 70 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 f1
[  142.442687][  T284] RSP: 0018:ffffc9000cadfc78 EFLAGS: 00010246
[  142.448734][  T284] RAX: ffff88810e886500 RBX: 0000000000000000 RCX: ffff88810e886540
[  142.456688][  T284] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  142.464648][  T284] RBP: ffffc9000cadfc88 R08: dffffc0000000000 R09: fffffbfff0f2d6fd
[  142.472708][  T284] R10: fffffbfff0f2d6fd R11: 1ffffffff0f2d6fc R12: ffff88810855ea24
[  142.480661][  T284] R13: dffffc0000000000 R14: 0000000000000001 R15: 0000000000000000
[  142.488625][  T284] FS:  00005555670c1500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  142.497531][  T284] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  142.504178][  T284] CR2: 0000000000000170 CR3: 000000012dfbe000 CR4: 00000000003506a0
[  142.512130][  T284] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  142.520080][  T284] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  142.528032][  T284] Kernel panic - not syncing: Fatal exception
[  142.534298][  T284] Kernel Offset: disabled
[  142.538604][  T284] Rebooting in 86400 seconds..