last executing test programs:

1m10.711880798s ago: executing program 4 (id=612):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000240)="66b9a00d00000f32dbd567f0879f00a00000670f4fa1ea000000660f388080062e0f01c5baf80c66b8d789868866efbafc0cec0f0666b9800000c00f320f304466b8010000000f23d8730f21f8f835800000300f23f866370a00000044360f05e5", 0x61}], 0x1, 0x54, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1m10.566936798s ago: executing program 4 (id=620):
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x1, 0x922, 0x0, {0x0, 0x2710}, {0x0, 0x2710}, {}, 0x1, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "5c91440132bb112240fcbcc3fa9d0431575f8614d3538ce09c50eecd6ac579e8e83b944b666113f3afed71231e6653a13532f17b33515bdd7e1be14f53b9fc9b"}}, 0x80}}, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40482, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140))
pwritev(r0, &(0x7f0000000040)=[{&(0x7f0000000180)="80fd06000040", 0x27}], 0x2, 0x0, 0x4)

1m10.495938182s ago: executing program 4 (id=623):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd(0x8c66)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000140)={0xfffffffffffffffc, 0x0, 0x0, r2})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000240)={0x27800000000, 0x5000, 0x1, r2, 0x1})

1m10.38662171s ago: executing program 4 (id=626):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x1945402, 0x0)
mount$9p_unix(&(0x7f0000000440)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', 0x0, 0x121f408, 0x0)
mount$bind(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xa06006, 0x0)

1m10.351439992s ago: executing program 4 (id=627):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x6, @local, 0xb}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
syz_emit_ethernet(0xdd, &(0x7f0000000300)={@local, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "fa0500", 0x48, 0x11, 0x0, @local, @local, {[], {0x4e20, 0xe22, 0x48, 0x0, @wg=@cookie={0x3, 0x2, "88c73b21f267636d01dbe5712c1c941e1cdafbbb43f09c28", "e138060072381f41e5fff9620915b6f78670dfaf9a195fcb2a79cf6b7931c9b4"}}}}}}}, 0x0)

1m10.206313232s ago: executing program 4 (id=629):
r0 = socket$inet6(0xa, 0x80002, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @empty, 0xffffffff}, 0x1c)
r1 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x7, 0x5, @mcast2, 0x5}, 0x1c)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xffffffff}, 0x1c)

1m10.135439296s ago: executing program 32 (id=629):
r0 = socket$inet6(0xa, 0x80002, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @empty, 0xffffffff}, 0x1c)
r1 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x7, 0x5, @mcast2, 0x5}, 0x1c)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xffffffff}, 0x1c)

13.210826992s ago: executing program 2 (id=1862):
r0 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0xffeffffd, {0x0, 0x0, 0x0, r1, {0x1, 0xd}, {0xfff2}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)
recvmmsg(r2, &(0x7f0000001480)=[{{0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000040)=""/55, 0x37}, {&(0x7f0000000540)=""/189, 0xbd}, {&(0x7f0000001ac0)=""/4096, 0x1000}, {&(0x7f0000000940)=""/74, 0x4a}], 0x4}, 0x5d}], 0x1b00, 0x10022, 0x0)

13.090218259s ago: executing program 2 (id=1866):
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000180)='./file1\x00', 0x8000, &(0x7f0000000080)=ANY=[], 0x1, 0x251, &(0x7f0000000a00)="$eJzsmLGL1E4Ux7+TZLPJj+OHNlfYKHjgil72NodyzXKeIFjZnKJWsnjxODd3K9kI7oLgYWOjnYVgY+E/YHHF1Xb+A4IWKggWbmFhI8LIZCbJrJu4a7TzfYrhOzNv3rz3dvMCAUEQ/ywf3n999/DsysWTAOawgLpa/2QCjEltaPZvn9w+8bh97umLN89f7vx/d/9nf+II59+5vuCgVnq/BaCxZiLObuLp2W9CLKjJHOqZvgQDx5W+DAYv82RkFwVguKr0TU33hL3n3dgKA+96L9wQYkkMLTH4YhjLV3gd7TJsqDnnnDNtvz8YdjthGESasNRewVYlkV3WnZ+oXw02RmsG2ipaEZ+I/8qD+7tixVN2SzCy+rVgoKWSWAbDulpfQT2tjSyJlv8hK8/fzK93RFSdsDBbYSo2piXphGFg9gftL3+lWLo4uFjteEOkc2Zy6wCqhIH81CqCqIZ8S1Ry3PjIzJ5dADP8dRJhab8Oio1X1S9aIcELE1mUiEczxfxbwi5Kp1IWqZgf7b8Kg6g2vvWxwNjGYMhgyNw5K3OYVLUuVlj6T+DJ8V+F4cwSqgv56CU3VE7ZxbBr/EnFigXwek/2D/6M4ZjWPy2tfzXj7VvN/mC4uLXd2Qw2gx3fXz7NgHun/GbSiOQ40ffy/uwm/ek/zX/Z28Y2bNzpxHHUkqPNbLiI48hP5r722Kzv9T5fU8dinAdwVE5E27Qzj6bu3kkFU28ylqiGWRo8QRAEQRAEQRAEQRAEQRDENMY+eB4GS76CTsGX1j8CAAD//1FaWAY=")
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x0)
lseek(r0, 0x1, 0x0)
getdents(r0, 0x0, 0x58)

13.008058734s ago: executing program 2 (id=1869):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0xf)
capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40})
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000400)={0x14, 0x1, 0x8, 0x101}, 0x14}}, 0x0)

12.92452048s ago: executing program 2 (id=1871):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='ramfs\x00', 0xc00, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000000400)='./file0\x00')

12.903813342s ago: executing program 2 (id=1872):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000001c0)='./file0\x00', 0x800000, &(0x7f0000000b40)=ANY=[@ANYBLOB="616c6c6f775f7574696d653d30303030303030303030303030303030303136323134372c756e695f786c6174653d302c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e6e742c696f636861727365743d6d61637475726b6973682c6e6f6e756d7461696c3d302c696f636861727365743d6b6f69382d72752c756e695f786c6174653d302c696f636861727365743d757466382c6572726f72733d636f6e74696e75652c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c7379735f696d6d757461626c652c757466383d302c002e39a45aa9edcfe08671a816cb673d99851079b41e699eacf742"], 0x1, 0x373, &(0x7f00000006c0)="$eJzs3U9rXFUUAPDTsfmr6WQhgop4qRvdDEn8Ag3SghhQYkeqC+HVTHTINBPmDZEpot259XMUl+4E8QtkoXt37rJx2UXpk8yfJpOOKSVOHtXfD8I9yT0nc+883uNuHufw1g93drbz2nbWjcq1FJWIqDyIWO5HA5eGY6Ufz8ZJ9+Kd6q0/3vj4088+WN/YuL6Z0o31m++upZSuvPnL19/8ePXX7ouf/HTl57k4WP788K+1Pw9eOXj18NHNr5p5auZpt91NWbrdbnez261G2mrmO7WUPmo1sryRmrt5ozM2v91q7+31Ura7tbS412nkecp2e2mn0Uvddup2ein7MmvuplqtlpYWg6ep39/czNYH8fwZedcuakFMQaeznh3dw3NPzNTvl7IgAKBU5z3/z/6r5/+ZcP6/SCfP//xXHZ3/Z4f37zjnfwAAAAAAAAAAAAAAeB48KIpqURTV0ViMXhIe/l7y8piyJ67/qZ+y18d0nXhxbz6i9f1+fb8+GAfz69vRjFY0YiWq8fDosTAyiG+8v3F9JfUtx9Kd7/r1V3+LqL8wXr8a1VieXL86qE+P6+NonInFk/VrUY2XJ9evTayfjbffOlFfi2r8/kW0oxVb/cfbcf23qym99+HGqfq5fh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/w+1NPJ6DPre79cjFmJ/2L+/dpywPN4ff1D/uL/+SlTj4eT+/CsT+/Nfjtcul7t3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABjJe3d3slar0bmoYNTzv/+X2VHwz1WXBun3Tk0txHjy3NP+zzmDyjNVLQw3OWHqUVEU01rq/MVeyvMEMxFxRk4x/ALP/1kvRcQZOXMRMf0tV8r/wp85KONpBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOU6bvpd9koAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoU967u5O1Wo3OFIOy9wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA8+TsAAP//S+oM3w==")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x8200, 0x1aa)
r1 = inotify_init1(0x800)
inotify_add_watch(r1, &(0x7f0000000200)='./file1\x00', 0x40)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x40047211, &(0x7f00000000c0))

12.492403739s ago: executing program 2 (id=1875):
openat$selinux_create(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
open(0x0, 0xe0840, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x6000, 0x0)
r0 = open(&(0x7f00000003c0)='./file2\x00', 0x81, 0x0)
ioctl$BTRFS_IOC_DEFRAG(r0, 0x4c00, 0x3)

12.385974176s ago: executing program 33 (id=1875):
openat$selinux_create(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
open(0x0, 0xe0840, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x6000, 0x0)
r0 = open(&(0x7f00000003c0)='./file2\x00', 0x81, 0x0)
ioctl$BTRFS_IOC_DEFRAG(r0, 0x4c00, 0x3)

10.660330539s ago: executing program 3 (id=1902):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000e868495fb58d00b6ad1f50ad32d6ad25dfd73a015e0ca6a0f68a7d007dc6751dfb265a0e3ccae669e173a64bc1cfd514600650a58f145ff1205fc9ddaa275e687d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983cd44c05bd0a48dfe3e26e7a23129d6606ed28a69989d552af6d9a9df2c3af36e0360070011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a1a83109753f54b21cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b81a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a928903000000cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba739cd0c31b05c00fba8a4aee676d7caa2e53b91a68ff2e60da7b01a2e5785a238afa4aba70c08b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf78b04963d679d5a5d07e618a1ef9057fec00f9e93021f5a8d30e716de8cde9c6000000000c3b64d10f0939b42b33ab2a8717096c58bb3bb1d457d8bb96870f5a7e2ba31fd69bb80235d957eaa9a40b764e5381ffa604aaafb76a980e72b408f686b185736693089213b4e140f8f38e5589663115093889deb646122a5dc5a9e5ba4d37749a36b880110e2bf524b79bc91105f1d3f7d0de694a9417d68694f17ba5e27ea1cec518b93fadcfe0de010ae9be3273ff73c34b5695080a35bfa5c69e3b533e1b939c81b3beda037b7191cb0000000000000000000010e5d683b8938db5c305cf7e6e62a6890ba9e1f4ee64f8202b59de5036569febfaa95f4633db108b2f786333ec7bacc927f4a1785165b5d2444b4c022bb5cff472e6a0c8ee9d6d8df83b704669147b732ac508c9b9f0ca0a1ce45319d43d4643eb285835daf2065b57bebd61ad6671296c27253a5f9688d57c91ccd40ffe2dbc5dd1613a2e6f5b363cc8d205ce6ef3c3c6ded7dd3dfdb39008d8997213f68cdc971c1d6fdacb7729a5560880a77525e9cfb94ef1735dfe74e6b948697f7e3580436b532a82e315d56b17a5dba98436cc24babaae409f0aab0b40af116001bc85492455956e853ead08b5793d4ecf72378a3dfd9cc837b1c66212d9a2be8fd6341c2f837c7fe09924a51ec42912856cce3d3b2d092c80813aad03e1e63a655f4138730f302df339f30a4fbd453c9a0fba381d071ad7cb80a52bec572e29b0b9b55c235806b97e166609f8083ce776075c"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000008c80)=ANY=[@ANYBLOB="2c00000026000506"], 0x2c}}, 0x800)
recvmmsg(r1, &(0x7f0000007700), 0x318, 0xfc0, 0x0)

10.417843455s ago: executing program 3 (id=1905):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00000000c0)={0x1, 0x0, [{0x8, 0x1, 0x0, 0x0, @sint={0x1, 0x8}}]})

10.299329843s ago: executing program 3 (id=1909):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='rss_stat\x00', r1}, 0x10)
syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0)

10.233814747s ago: executing program 3 (id=1910):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[], 0x2, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c})
newfstatat(0xffffffffffffff9c, &(0x7f00000014c0)='./file0\x00', &(0x7f0000000280), 0x800)

9.701775622s ago: executing program 3 (id=1920):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x2002)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000340)={0x40000000})
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f00000000c0)=0x9)
write$evdev(r0, &(0x7f0000000040)=[{{}, 0x0, 0x2}], 0x37)

9.376038873s ago: executing program 3 (id=1932):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000500)={0xa, 0x4e20, 0xffffffff, @empty, 0x4}, 0x1c)
connect$inet6(r0, &(0x7f0000000380)={0xa, 0x4e24, 0x4, @mcast1, 0x2}, 0x1c)
connect$netlink(r0, &(0x7f00000000c0)=@unspec, 0xc)
syz_emit_ethernet(0x7e, &(0x7f00000001c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv6={0x86dd, @udp={0xa, 0x6, '\x00', 0x48, 0x11, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, @local, {[], {0x4e1d, 0x4e20, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "dc521c259b538a2bf2a113dc2eeec0a072edf20b6d59027f", "d646c098cfc27eb8549d66e7b219c2c3b85e4508546e551af9e59631718ba089"}}}}}}}, 0x0)

9.269259361s ago: executing program 34 (id=1932):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000500)={0xa, 0x4e20, 0xffffffff, @empty, 0x4}, 0x1c)
connect$inet6(r0, &(0x7f0000000380)={0xa, 0x4e24, 0x4, @mcast1, 0x2}, 0x1c)
connect$netlink(r0, &(0x7f00000000c0)=@unspec, 0xc)
syz_emit_ethernet(0x7e, &(0x7f00000001c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv6={0x86dd, @udp={0xa, 0x6, '\x00', 0x48, 0x11, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, @local, {[], {0x4e1d, 0x4e20, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "dc521c259b538a2bf2a113dc2eeec0a072edf20b6d59027f", "d646c098cfc27eb8549d66e7b219c2c3b85e4508546e551af9e59631718ba089"}}}}}}}, 0x0)

2.963127606s ago: executing program 0 (id=2062):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x5e, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
r1 = epoll_create1(0x80000)
epoll_wait(r1, &(0x7f00000001c0)=[{}], 0x1, 0x4a)

2.809770815s ago: executing program 0 (id=2068):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, &(0x7f0000000480)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000180)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000001200)={0x84, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x20, 0x0, 0x4, {0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

1.255543628s ago: executing program 1 (id=2111):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='signal_generate\x00', r1}, 0x18)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

1.208536551s ago: executing program 1 (id=2113):
mount(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080)='proc\x00', 0xa00189, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x115)

1.185502613s ago: executing program 1 (id=2115):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000d7c900000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r2}, 0x10)
getgroups(0x0, 0x0)

1.148485485s ago: executing program 1 (id=2118):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
r2 = fcntl$dupfd(r1, 0x0, r0)
sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x14, 0x7, 0x1, 0x401, 0x0, 0x0, {0x5, 0x0, 0x5}}, 0x14}}, 0x4480)

1.090527719s ago: executing program 1 (id=2119):
mount(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0)
syz_mount_image$exfat(&(0x7f0000000100), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[], 0x2, 0x1509, &(0x7f0000001c40)="$eJzs3Au0jtXWOPA511oPm8Sb5L7mmg9vclkkSS4JiSRJjiS5JSRJkoTEJrckJCH3JPeQ3EJyv99yT5IjSZKQkGT9h079nXM63+l83znn842z52+MZ+w19/vO+c5nz733+zxrjL2/7jCoSr2qleowM/xT8E8fUgEgBQD6AkAWAIgAoGTWklkBh0IGjan/3IuIf60Hpl7pDsSVJPNP22T+aZvMP22T+adtMv+0Teaftsn80zaZvxBp2dZpua6RI+0e/3v7/yD7///nyPv/f5DDRUd/vr7odR3/Gyky/7RN5p+2yfzTNpl/2ibzT9tk/v/hIoCKf+dhmX/aJvMXIi270vvPclzZ40p//wkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESBvOhcsMAPy6vtJ9CSGEEEIIIYQQ4l8npP/zKN2Va0QIIYQQQgghhBD/RggKNBiIIB2khxTIABnhKsgEV0NmyAIJuAaywrWQDa6D7JADckIuyA15IC9YIHDAEEM+yA9JuB4KwA1QEApBYSgCHopCMbgRisNNUAJuhpJwC5SCW6E0lIGyUA5ug/JwO1SAilAJ7oDKcCdUgapwF1SDu6E63AM14F6oCfdBLbgfasMfoA48AHXhQagHD0F9eBgaQENoBI2hyf8o/3noAi9AV+gGqdAdesCL0BN6QW/oA33hJegHL0N/eAUGwEAYBK/CYHgNhsDrMBSGwXB4A0bASBgFo2EMjIVx8CaMh7dgArwNE2ESTIYpMBWmwXR4B2bATJgF78JseA/mwFyYB/NhAbwPC2ERLIYPYAl8CEthGSyHFbASVsFqWANrYR2shw2wETbBZtgCW+Ej2AbbYQfshF2wG/bAx7AXPoF98Cnsh8/+Oj/L388/+1f5HREQUKFCgwbTYTpMwRTMiBkxE2bCzJgZE5jArJgVs2E2zI7ZMSfmxNyYG/NiXiQkZGTMh/kwiUksgAWwIBbEwlgYPXoshsWwON6EJbAElsSSWApLYWksg2WwHJbD8lgeK2AFrISVsDJWxipYBe/Cu/BurI7VsQbWwJpYE2thLayNtbEO1sG6WBfrYT2sj/WxATbARtgIm2ATbIpNsRk2wxbYAltiS2yFrbA1tsY22AbbYltsh+2wPbbHDtgBO2In7ITP4/P4Ar6A3bCy6o49sAf2xJ7YG/tgH3wJ++HL+DK+ggNwIA7CV/FVfA2H4BkcisNwOA7H8mokjsLRyGosjsNxOB7H4wScgBNxEk7CKTgVp+F0nI4zcCbOxHdxNr6H7+FcnIvzcQEuwIW4CBfjYlyCZ3EpLsPluAJX4ipciWtwLa7B9bgB1+Mm3IRbcAt+hB/hdtyOO3En7sbd+DF+jJ/gJzgA9+N+PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPIfn8Dyexwv4bO4v6+4utG4AqEuMMiqdSqdSVIrKqDKqTCqTyqwyq4RKqKwqq8qmsqnsKrvKqXKq3Cq3yqvyKlKkWMUqn8qnkiqpCqgCqqAqqAqrwsorr4qpYqq4Kq5KqBKqpLpFlVK3qtKqjGruy6lyqrxq4SuoiqqSqqQqqztVFVVVVVXVVDVVXVVXNVQNVVPVVLXU/aq26o698QF1aTL11ECsrwZhA9VQNVKN1Wv4iGqqhmAz1Vy1UI+pYTgUW6mmvrV6UrVRo7CtelqNxmdUezUWO6jnVEfVSXVWz6suqpnv+ut2p5qCPVUv1Vv1UTPwTnVpYlXUK2qAGqgGqVfVfHxNDVGvq6FqmBqu3lAj1Eg1So1WY9RYNU69qcart9QE9baaqCapyWqKmqqmqenqHTVDzVSz1LtqtnpPzVFz1Tw1Xy1Q76uFapFarD5QS9SHaqlapparFWqlWqVWqzVqrVqn1qsNaqPapDarLWqr+khtU9vVDrVT7VK71R71sdqrPlH71Kdqv/pMHVB/VAfV5+qQ+kIdVl+qI+ordVR9rY6pb9Rx9a06oU6qU+o7dVp9r86os+qc+kGdVz+qC+ondVEFBRq10lobHel0Or1O0Rl0Rn2VBn21zqyz6IS+RmfV1+ps+jqdXefQOXUunVvn0Xm11aSdZh3rfDq/TurrdQF9gy6oC+nCuoj2uqgupm/UxfVNuoS+WZfUt+hS+lZdWpfRZXU5fZsur2/XFXRFXUnfoSvrO3UVXVXfpavpu3V1fY+uoe/VNfV9upa+X9fWf9B19AO6rn5Q19MP6fr6Yd1AN9SNdGPdRD+im+pHdTPdXLfQj+mW+nHdSj+hW+sndRv9lG6rn9bt9DO6vX5Wd9DP6Y66k+6sf9IXddBddTedqrvrHvpF3VP30r11H91Xv6T76Zd1f/2KHqAH6kH6VT1Yv6aH6Nf1UD1MD9dv6BF6pB6lR+sxeqwep9/U4/VbeoJ+W0/Uk/RkPUVP1dN0718qzfoH8t/6G/n9f371LXqr/khv09v1Dr1T79K79R69R+/Ve/U+vU/v1/v1AX1AH9QH9SF9SB/Wh/URfUQf1Uf1MX1MH9fH9Ql9Uv+gv9On9ff6jD6rz+of9Hl9Xl/45WsABo0y2hgTmXQmvUkxGUxGc5XJZK42mU0WkzDXmKzmWpPNXGeymxwmp8llcps8Jq+xhowzbGKTz+Q3SXO9KWBuMAVNIVPYFDHeFDXFzI3/dP7v9dfENDFNTVPTzDQzLUwL09K0NK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1Xk2pSTQ/zoulpepnepo/pa14y/Uw/09/0NwPMADPIDDKDzWAzxAwxQ81QM9wMNyPMCDPKjDJjzBgzzowz4814M8FMMBPNRDPZTDZTzVQz3Uw3M8wMM8vMMrPNbDPHzDHzzDyzwCwwC81Cs9gsNkvMErPULDPLzAqzwqwyq8was8asM+vMBrPBbDKbzFKz1Ww128w2s8PsMLvMLrPH7DF7zV6zz+wz+81+c8AcMAfNQXPIHDKHzWFzxBwxR81Rc8wcM8fNcXPCnDCnzClz2pw2Z8wZc86cM+fNeXPBXDAXzcVLl32RilRkIhOli9JFKVFKlDHKGGWKMkWZo8xRIkpEWaOsUbbouih7lCPKGeWKckd5olSwEUUu4iiO8kX5o2R0fVQguiEqGBWKCkdFIh8VjYpFN0bFo5uiEtHNUcnolqhUdGtUOioTlY3KRbdF5aPbowpRxahSdEdUObozqhJVje6KqkV3R9Wje6Ia0b1Rzei+qFZ0f1Q7+kNUJ3ogqhs9GNWLHorqRw9HDaKGUaOocdTkX1o/hDM5HvVdbTebarvbHvZF29P2sr1tH9vXvmT72Zdtf/uKHWAH2kH2VTvYvmaH2NftUDvMDrdv2BF2pB1lR9sxdqwdZ9+04+1bdoJ92060k+xkO8VOtdPsdPuOnWFn2ln2XTvbvmfn2Ll2np1vF9j37UK7yC62H9gl9kO71C6zy+0Ku9KusqvtGrvWrrPr7Qa70W6ym+0Wu9V+ZLfZ7XaH3Wl32d12j/3Y7rWf2H32U7vffmYP2D/ag/Zze8h+YQ/bL+0R+5U9ar+2x+w39rj91p6wJ+0p+509bb+3Z+xZe87+YM/bH+0F+5O9aMOli/tLb+9kyFA6SkcplEIZKSNlokyUmTJTghKUlbJSNspG2Sk75aSclJtyU17KS5cwMeWjfJSkJBWgAlSQClJhKkyePBWjYlScilMJKkElqSSVolJUmkpTWSpLt9FtdDvdThWpIt1Bd9CddCdVpapUjapRdapONagG1aSaVItqUW2qTXWoDtWlulSP6lF9qk8NqAE1okbUhJpQU2pKzagZtaAW1JJaUitqRa2pNbWhNtSW2lI7akftqT11oA7UkTpSZ+pMXagLdaWulEqp1IN6UE/qSb2pN/WlvtSP+lF/6k8DaAANokE0mAbTEBpCQ2kYDac3aASNpFE0msbQWBpH42g8jacJNIEm0kSaTJNpKk2l6TSdZtAMmkWzaDbNpjk0h+bRPFpAC2ghLaTFtJiW0BJaSktpOS2nlbSSVtNqWktraT2tp420kTbTZtpKW2kbbaMdtIN20S7aQ3toL+2lfbSP9tN+OkAH6CAdpEN0iA7TYTpCR+goHaVjdIyO03E6QSfoFJ2i03SaztAZOkfn6Dz9SBfoJ7pIgVKcgozuKpfJXe0yuywuxWVwl+IIAC7FOV0ul9vlcXmdddldjr+IyTlX0BVyhV0R511RV8zd+Ju4tCvjyrpy7jZX3t3uKvwmrubudtXdPa6Gu9dVdXf9RVzT3edquYdcbfewq+MaurqusavnHnL13cOugWvoGrnGrqV73LVyT7jW7knXxj31m3ihW+TWunVuvdvg9rpP3Dn3gzvqvnbn3Y+uq+vm+rqXXD/3suvvXnED3MDfxMPdG26EG+lGudFujBv7m3iym+KmumluunvHzXAzfxMvcO+72W6xm+Pmunlu/s/xpZ4Wuw/cEvehW+qWueVuhVvpVrnVbs3/73WF2+Q2uy1uj/vYbXPb3Q630+1yu3+OL53HPvep2+8+c0fcV+6g+9wdcsfcYfflz/Gl8zvmvnHH3bfuhDvpTrnv3Gn3vTvjzv58/pfO/Tv3k7voggNGVqzZcMTpOD2ncAbOyFdxJr6aM3MWTvA1nJWv5Wx8HWfnHJyTc3FuzsN52TKxY+aY83F+TvL1XIBv4IJciAtzEfZclIvxjVycb+ISfDOX5Fu4FN/KpbkMl+VyfBuX59u5AlfkSnwHVw6Bq3BVvour8d1cne/hGnwv1+T7uBbfz7X5D1yHH+C6/CDX44e4Pj/MDbghN+LG3IQf4ab8KDfj5tyCH+OW/Di34ie4NT/JbfgpbstPczt+htvzs9yBn+OO3Ik78/PchV/grtyNU7k79+AXuSf34t7ch/vyS9yPX+b+/AoP4IE8iF/lwfwaD+HXeSgP4+H8Bo/gkTyKR/MYHsvj+E0ez2/xBH6bJ/IknsxTeCpP4+n8Ds/gmTyL3+XZ/B7P4bk8j+fzAn6fF/IiXswf8BL+kJfyMl7OK3glr+LVvIbX8jpezxt4I2/izbyFt/JHvI238w7eybt4N+/hj3kvf8L7+FPez5/xAf4jH+TP+RB/wYf5Sz7CX/FR/pqP8Td8nL/lE3yST/F3fJq/5zN8ls/xD3yef+QL/BNf5MAQY6xiHZs4itPF6eOUOEOcMb4qzhRfHWeOs8SJ+Jo4a3xtnC2+Ls4e54hzxrni3HGeOG9sY4pdzHEc54vzx8n4+rhAfENcMC4UF46LxD4uGheLb4yLxzfFJeKb45LxLXGp+NYYUsvED91bLr4tLh/fHleIK8aV4jviyvGdcZW4anxXXC2+O64e3xPXiO+NS8T3xbXi++Pa8R/iOvEDcd34wbhe/FBcP344bhA3jBvFjeMm8SNx0/jRuFncPG4RPxa3jB+PW8VPxK3jJ+M28VO/+3hq3D3uEb8YvxiHcI/65T4xuTC5KLk4+UFySfLD5NLksuTy5IrkyuSq5OrkmuTa5Lrk+uSG5MbkpuTm5JZkCFXTg0evvPbGRz6dT+9TfAaf0V/lM/mrfWafxSf8NT6rv9Zn89f57D6Hz+lz+dw+j8/rrSfvPPvY5/P5fdJf7wv4G3xBX8gX9kW890V9Md/YN/FNfFP/qG/mm/sW/jH/mH/cP+6f8E/4J30b/5Rv65/27fwzvr1/1j/rn/MdfSff2T/vu/gXfFffzaf6VN/D9/A9fU/f2/f2fX1f38/38/19fz/AD/CD/CA/2A/2Q/wQP9QP9cP9cD/Cj/Cj/Cg/xo/x4/w4P96P9xP8BD/RT/ST/WQ/1U/10/10P8PP8LP8LD+74Gw/x8/x8/w8v8Av8Av9Qr/YL/ZL/BK/1C/1y/1yv9Kv9Kv9ar/Wr/Xr/Xq/0W/0m/1mv9Vv9dv8Nr/D7/C7/C6/x+/xe/1ev8/v8/v9fn/AH/AH/UF/yH/hD/sv/RH/lT/qv/bH/Df+uP/Wn/An/Sn/nT/tv/dn/Fl/zv/gz/sf/QX/k7/ogx+XeDMxPvFWYkLi7cTExKTE5MSUxNTEtMT0xDuJGYmZiVmJdxOzE+8l5iTmJuYl5icWJN5PLEwsSixOfJBYkvgwsTSxLLE8sSKxMrEqEUKebXHIF/KHZLg+FAg3hIKhUCgcigQfioZi4cZQPNwUSoSbQ8lwSygVbg2lQ5lQNjwcGoSGoVFoHJqER0LT8GhoFpqHFuGx0DI8HlqFJ0Lr8GRoE54KbcPToV14JrQPz4YO4bnQMXQKncPzoUt4IXQN3UJq6B56hBdDz9Ar9A59Qt/wUugXXg79wythQBgYBoVXw+DwWhgSXg9Dw7AwPLwRRoSRYVQYHcaEsWFceDOMD2+FCeHtMDFMCpPDlDA1TAvTwzthRpgZZoV3w+zwXpgT5oZ5YX5YEN4PC8OisDh8EJaED8PSsCwsDyvCyrAqrA5rwtqwLqwPG8LGsClsDlvC1vBR2Ba2hx1hZ9gVdoc94eOwN3wS9oVPw/7wWTgQ/hgOhs/DofBFOBy+DEfCV+Fo+DocC9+E4+HbcCKcDKfCd+F0+D6cCWfDufBDOB9+DBfCT+Gi/M2aEEIIIcQ/RP/O493/xufSAcCvt0Q9AODq7bkO/3XNjdn/tO6lcrdMAMCT3To88OtRuXJqauovz12qIco/FwASf1n/13gZtIDHoTU0h+J/s79eqtN5/p36yVsAMv5ZTgpcji/Xv+m/qP/IY8MXlorPZf079ecCFMx/OScDXI4v1y/xX9TP0fR3+s/w+TiAZn+Wkwkux5frF4NH4Slo/RfPFEIIIYQQQggh/qSXKtvu9+6fL92f5zaXc9LD5fj37s+FEEIIIYQQQghx5T3TqfMTj7Ru3bzdP7bAX/YF/ntZspDFf84iwy8/Ov9X+vk3La7kbyUhhBBCCCHEv8Pli/4r3YkQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCJF2/W/8O7ErfY5CCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHElfb/AgAA//+wBDLo")
syz_emit_ethernet(0x1e, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaa"], 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
openat$binfmt_format(0xffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz3\x00', 0x2, 0x0)

974.038967ms ago: executing program 1 (id=2125):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300020000000904010000020d00000904010102020d0000090582"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

973.622946ms ago: executing program 5 (id=2126):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000000880)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
setresgid(0xee00, 0x0, 0xee01)
utimes(&(0x7f0000000040)='./file0\x00', 0x0)

916.45549ms ago: executing program 5 (id=2128):
syz_mount_image$exfat(&(0x7f0000000100), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[], 0x2, 0x1509, &(0x7f0000001c40)="$eJzs3Au0jtXWOPA511oPm8Sb5L7mmg9vclkkSS4JiSRJjiS5JSRJkoTEJrckJCH3JPeQ3EJyv99yT5IjSZKQkGT9h079nXM63+l83znn842z52+MZ+w19/vO+c5nz733+zxrjL2/7jCoSr2qleowM/xT8E8fUgEgBQD6AkAWAIgAoGTWklkBh0IGjan/3IuIf60Hpl7pDsSVJPNP22T+aZvMP22T+adtMv+0Teaftsn80zaZvxBp2dZpua6RI+0e/3v7/yD7///nyPv/f5DDRUd/vr7odR3/Gyky/7RN5p+2yfzTNpl/2ibzT9tk/v/hIoCKf+dhmX/aJvMXIi270vvPclzZ40p//wkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESBvOhcsMAPy6vtJ9CSGEEEIIIYQQ4l8npP/zKN2Va0QIIYQQQgghhBD/RggKNBiIIB2khxTIABnhKsgEV0NmyAIJuAaywrWQDa6D7JADckIuyA15IC9YIHDAEEM+yA9JuB4KwA1QEApBYSgCHopCMbgRisNNUAJuhpJwC5SCW6E0lIGyUA5ug/JwO1SAilAJ7oDKcCdUgapwF1SDu6E63AM14F6oCfdBLbgfasMfoA48AHXhQagHD0F9eBgaQENoBI2hyf8o/3noAi9AV+gGqdAdesCL0BN6QW/oA33hJegHL0N/eAUGwEAYBK/CYHgNhsDrMBSGwXB4A0bASBgFo2EMjIVx8CaMh7dgArwNE2ESTIYpMBWmwXR4B2bATJgF78JseA/mwFyYB/NhAbwPC2ERLIYPYAl8CEthGSyHFbASVsFqWANrYR2shw2wETbBZtgCW+Ej2AbbYQfshF2wG/bAx7AXPoF98Cnsh8/+Oj/L388/+1f5HREQUKFCgwbTYTpMwRTMiBkxE2bCzJgZE5jArJgVs2E2zI7ZMSfmxNyYG/NiXiQkZGTMh/kwiUksgAWwIBbEwlgYPXoshsWwON6EJbAElsSSWApLYWksg2WwHJbD8lgeK2AFrISVsDJWxipYBe/Cu/BurI7VsQbWwJpYE2thLayNtbEO1sG6WBfrYT2sj/WxATbARtgIm2ATbIpNsRk2wxbYAltiS2yFrbA1tsY22AbbYltsh+2wPbbHDtgBO2In7ITP4/P4Ar6A3bCy6o49sAf2xJ7YG/tgH3wJ++HL+DK+ggNwIA7CV/FVfA2H4BkcisNwOA7H8mokjsLRyGosjsNxOB7H4wScgBNxEk7CKTgVp+F0nI4zcCbOxHdxNr6H7+FcnIvzcQEuwIW4CBfjYlyCZ3EpLsPluAJX4ipciWtwLa7B9bgB1+Mm3IRbcAt+hB/hdtyOO3En7sbd+DF+jJ/gJzgA9+N+PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPIfn8Dyexwv4bO4v6+4utG4AqEuMMiqdSqdSVIrKqDKqTCqTyqwyq4RKqKwqq8qmsqnsKrvKqXKq3Cq3yqvyKlKkWMUqn8qnkiqpCqgCqqAqqAqrwsorr4qpYqq4Kq5KqBKqpLpFlVK3qtKqjGruy6lyqrxq4SuoiqqSqqQqqztVFVVVVVXVVDVVXVVXNVQNVVPVVLXU/aq26o698QF1aTL11ECsrwZhA9VQNVKN1Wv4iGqqhmAz1Vy1UI+pYTgUW6mmvrV6UrVRo7CtelqNxmdUezUWO6jnVEfVSXVWz6suqpnv+ut2p5qCPVUv1Vv1UTPwTnVpYlXUK2qAGqgGqVfVfHxNDVGvq6FqmBqu3lAj1Eg1So1WY9RYNU69qcart9QE9baaqCapyWqKmqqmqenqHTVDzVSz1LtqtnpPzVFz1Tw1Xy1Q76uFapFarD5QS9SHaqlapparFWqlWqVWqzVqrVqn1qsNaqPapDarLWqr+khtU9vVDrVT7VK71R71sdqrPlH71Kdqv/pMHVB/VAfV5+qQ+kIdVl+qI+ordVR9rY6pb9Rx9a06oU6qU+o7dVp9r86os+qc+kGdVz+qC+ondVEFBRq10lobHel0Or1O0Rl0Rn2VBn21zqyz6IS+RmfV1+ps+jqdXefQOXUunVvn0Xm11aSdZh3rfDq/TurrdQF9gy6oC+nCuoj2uqgupm/UxfVNuoS+WZfUt+hS+lZdWpfRZXU5fZsur2/XFXRFXUnfoSvrO3UVXVXfpavpu3V1fY+uoe/VNfV9upa+X9fWf9B19AO6rn5Q19MP6fr6Yd1AN9SNdGPdRD+im+pHdTPdXLfQj+mW+nHdSj+hW+sndRv9lG6rn9bt9DO6vX5Wd9DP6Y66k+6sf9IXddBddTedqrvrHvpF3VP30r11H91Xv6T76Zd1f/2KHqAH6kH6VT1Yv6aH6Nf1UD1MD9dv6BF6pB6lR+sxeqwep9/U4/VbeoJ+W0/Uk/RkPUVP1dN0718qzfoH8t/6G/n9f371LXqr/khv09v1Dr1T79K79R69R+/Ve/U+vU/v1/v1AX1AH9QH9SF9SB/Wh/URfUQf1Uf1MX1MH9fH9Ql9Uv+gv9On9ff6jD6rz+of9Hl9Xl/45WsABo0y2hgTmXQmvUkxGUxGc5XJZK42mU0WkzDXmKzmWpPNXGeymxwmp8llcps8Jq+xhowzbGKTz+Q3SXO9KWBuMAVNIVPYFDHeFDXFzI3/dP7v9dfENDFNTVPTzDQzLUwL09K0NK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1Xk2pSTQ/zoulpepnepo/pa14y/Uw/09/0NwPMADPIDDKDzWAzxAwxQ81QM9wMNyPMCDPKjDJjzBgzzowz4814M8FMMBPNRDPZTDZTzVQz3Uw3M8wMM8vMMrPNbDPHzDHzzDyzwCwwC81Cs9gsNkvMErPULDPLzAqzwqwyq8was8asM+vMBrPBbDKbzFKz1Ww128w2s8PsMLvMLrPH7DF7zV6zz+wz+81+c8AcMAfNQXPIHDKHzWFzxBwxR81Rc8wcM8fNcXPCnDCnzClz2pw2Z8wZc86cM+fNeXPBXDAXzcVLl32RilRkIhOli9JFKVFKlDHKGGWKMkWZo8xRIkpEWaOsUbbouih7lCPKGeWKckd5olSwEUUu4iiO8kX5o2R0fVQguiEqGBWKCkdFIh8VjYpFN0bFo5uiEtHNUcnolqhUdGtUOioTlY3KRbdF5aPbowpRxahSdEdUObozqhJVje6KqkV3R9Wje6Ia0b1Rzei+qFZ0f1Q7+kNUJ3ogqhs9GNWLHorqRw9HDaKGUaOocdTkX1o/hDM5HvVdbTebarvbHvZF29P2sr1tH9vXvmT72Zdtf/uKHWAH2kH2VTvYvmaH2NftUDvMDrdv2BF2pB1lR9sxdqwdZ9+04+1bdoJ92060k+xkO8VOtdPsdPuOnWFn2ln2XTvbvmfn2Ll2np1vF9j37UK7yC62H9gl9kO71C6zy+0Ku9KusqvtGrvWrrPr7Qa70W6ym+0Wu9V+ZLfZ7XaH3Wl32d12j/3Y7rWf2H32U7vffmYP2D/ag/Zze8h+YQ/bL+0R+5U9ar+2x+w39rj91p6wJ+0p+509bb+3Z+xZe87+YM/bH+0F+5O9aMOli/tLb+9kyFA6SkcplEIZKSNlokyUmTJTghKUlbJSNspG2Sk75aSclJtyU17KS5cwMeWjfJSkJBWgAlSQClJhKkyePBWjYlScilMJKkElqSSVolJUmkpTWSpLt9FtdDvdThWpIt1Bd9CddCdVpapUjapRdapONagG1aSaVItqUW2qTXWoDtWlulSP6lF9qk8NqAE1okbUhJpQU2pKzagZtaAW1JJaUitqRa2pNbWhNtSW2lI7akftqT11oA7UkTpSZ+pMXagLdaWulEqp1IN6UE/qSb2pN/WlvtSP+lF/6k8DaAANokE0mAbTEBpCQ2kYDac3aASNpFE0msbQWBpH42g8jacJNIEm0kSaTJNpKk2l6TSdZtAMmkWzaDbNpjk0h+bRPFpAC2ghLaTFtJiW0BJaSktpOS2nlbSSVtNqWktraT2tp420kTbTZtpKW2kbbaMdtIN20S7aQ3toL+2lfbSP9tN+OkAH6CAdpEN0iA7TYTpCR+goHaVjdIyO03E6QSfoFJ2i03SaztAZOkfn6Dz9SBfoJ7pIgVKcgozuKpfJXe0yuywuxWVwl+IIAC7FOV0ul9vlcXmdddldjr+IyTlX0BVyhV0R511RV8zd+Ju4tCvjyrpy7jZX3t3uKvwmrubudtXdPa6Gu9dVdXf9RVzT3edquYdcbfewq+MaurqusavnHnL13cOugWvoGrnGrqV73LVyT7jW7knXxj31m3ihW+TWunVuvdvg9rpP3Dn3gzvqvnbn3Y+uq+vm+rqXXD/3suvvXnED3MDfxMPdG26EG+lGudFujBv7m3iym+KmumluunvHzXAzfxMvcO+72W6xm+Pmunlu/s/xpZ4Wuw/cEvehW+qWueVuhVvpVrnVbs3/73WF2+Q2uy1uj/vYbXPb3Q630+1yu3+OL53HPvep2+8+c0fcV+6g+9wdcsfcYfflz/Gl8zvmvnHH3bfuhDvpTrnv3Gn3vTvjzv58/pfO/Tv3k7voggNGVqzZcMTpOD2ncAbOyFdxJr6aM3MWTvA1nJWv5Wx8HWfnHJyTc3FuzsN52TKxY+aY83F+TvL1XIBv4IJciAtzEfZclIvxjVycb+ISfDOX5Fu4FN/KpbkMl+VyfBuX59u5AlfkSnwHVw6Bq3BVvour8d1cne/hGnwv1+T7uBbfz7X5D1yHH+C6/CDX44e4Pj/MDbghN+LG3IQf4ab8KDfj5tyCH+OW/Di34ie4NT/JbfgpbstPczt+htvzs9yBn+OO3Ik78/PchV/grtyNU7k79+AXuSf34t7ch/vyS9yPX+b+/AoP4IE8iF/lwfwaD+HXeSgP4+H8Bo/gkTyKR/MYHsvj+E0ez2/xBH6bJ/IknsxTeCpP4+n8Ds/gmTyL3+XZ/B7P4bk8j+fzAn6fF/IiXswf8BL+kJfyMl7OK3glr+LVvIbX8jpezxt4I2/izbyFt/JHvI238w7eybt4N+/hj3kvf8L7+FPez5/xAf4jH+TP+RB/wYf5Sz7CX/FR/pqP8Td8nL/lE3yST/F3fJq/5zN8ls/xD3yef+QL/BNf5MAQY6xiHZs4itPF6eOUOEOcMb4qzhRfHWeOs8SJ+Jo4a3xtnC2+Ls4e54hzxrni3HGeOG9sY4pdzHEc54vzx8n4+rhAfENcMC4UF46LxD4uGheLb4yLxzfFJeKb45LxLXGp+NYYUsvED91bLr4tLh/fHleIK8aV4jviyvGdcZW4anxXXC2+O64e3xPXiO+NS8T3xbXi++Pa8R/iOvEDcd34wbhe/FBcP344bhA3jBvFjeMm8SNx0/jRuFncPG4RPxa3jB+PW8VPxK3jJ+M28VO/+3hq3D3uEb8YvxiHcI/65T4xuTC5KLk4+UFySfLD5NLksuTy5IrkyuSq5OrkmuTa5Lrk+uSG5MbkpuTm5JZkCFXTg0evvPbGRz6dT+9TfAaf0V/lM/mrfWafxSf8NT6rv9Zn89f57D6Hz+lz+dw+j8/rrSfvPPvY5/P5fdJf7wv4G3xBX8gX9kW890V9Md/YN/FNfFP/qG/mm/sW/jH/mH/cP+6f8E/4J30b/5Rv65/27fwzvr1/1j/rn/MdfSff2T/vu/gXfFffzaf6VN/D9/A9fU/f2/f2fX1f38/38/19fz/AD/CD/CA/2A/2Q/wQP9QP9cP9cD/Cj/Cj/Cg/xo/x4/w4P96P9xP8BD/RT/ST/WQ/1U/10/10P8PP8LP8LD+74Gw/x8/x8/w8v8Av8Av9Qr/YL/ZL/BK/1C/1y/1yv9Kv9Kv9ar/Wr/Xr/Xq/0W/0m/1mv9Vv9dv8Nr/D7/C7/C6/x+/xe/1ev8/v8/v9fn/AH/AH/UF/yH/hD/sv/RH/lT/qv/bH/Df+uP/Wn/An/Sn/nT/tv/dn/Fl/zv/gz/sf/QX/k7/ogx+XeDMxPvFWYkLi7cTExKTE5MSUxNTEtMT0xDuJGYmZiVmJdxOzE+8l5iTmJuYl5icWJN5PLEwsSixOfJBYkvgwsTSxLLE8sSKxMrEqEUKebXHIF/KHZLg+FAg3hIKhUCgcigQfioZi4cZQPNwUSoSbQ8lwSygVbg2lQ5lQNjwcGoSGoVFoHJqER0LT8GhoFpqHFuGx0DI8HlqFJ0Lr8GRoE54KbcPToV14JrQPz4YO4bnQMXQKncPzoUt4IXQN3UJq6B56hBdDz9Ar9A59Qt/wUugXXg79wythQBgYBoVXw+DwWhgSXg9Dw7AwPLwRRoSRYVQYHcaEsWFceDOMD2+FCeHtMDFMCpPDlDA1TAvTwzthRpgZZoV3w+zwXpgT5oZ5YX5YEN4PC8OisDh8EJaED8PSsCwsDyvCyrAqrA5rwtqwLqwPG8LGsClsDlvC1vBR2Ba2hx1hZ9gVdoc94eOwN3wS9oVPw/7wWTgQ/hgOhs/DofBFOBy+DEfCV+Fo+DocC9+E4+HbcCKcDKfCd+F0+D6cCWfDufBDOB9+DBfCT+Gi/M2aEEIIIcQ/RP/O493/xufSAcCvt0Q9AODq7bkO/3XNjdn/tO6lcrdMAMCT3To88OtRuXJqauovz12qIco/FwASf1n/13gZtIDHoTU0h+J/s79eqtN5/p36yVsAMv5ZTgpcji/Xv+m/qP/IY8MXlorPZf079ecCFMx/OScDXI4v1y/xX9TP0fR3+s/w+TiAZn+Wkwkux5frF4NH4Slo/RfPFEIIIYQQQggh/qSXKtvu9+6fL92f5zaXc9LD5fj37s+FEEIIIYQQQghx5T3TqfMTj7Ru3bzdP7bAX/YF/ntZspDFf84iwy8/Ov9X+vk3La7kbyUhhBBCCCHEv8Pli/4r3YkQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCJF2/W/8O7ErfY5CCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHElfb/AgAA//+wBDLo")
setxattr$trusted_overlay_nlink(&(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x1)
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4808, 0x0, 0x0, 0x0, &(0x7f0000000000))
syz_mount_image$ext4(0x0, &(0x7f0000000180)='./control\x00', 0x8a4409, 0x0, 0x0, 0x0, &(0x7f0000000000))
rmdir(&(0x7f0000000080)='./file0\x00')

864.382064ms ago: executing program 7 (id=2129):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000380)='sys_enter\x00', r1}, 0x18)
utime(&(0x7f0000000200)='./file0\x00', 0x0)

822.736596ms ago: executing program 7 (id=2130):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x881, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = eventfd(0x3)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000080)={r2, 0x4, 0x2, r1})

764.55254ms ago: executing program 5 (id=2131):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000000c0)=0x49c2, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r1=>0x0})
sendmsg$can_raw(r0, &(0x7f0000000000)={&(0x7f0000000780)={0x1d, r1}, 0x10, &(0x7f0000000200)={&(0x7f0000001100)=@can={{0x0, 0x0, 0x0, 0x1}, 0x5, 0x1, 0x0, 0x0, "09151995c95f32cc"}, 0x10}}, 0x44001)
recvmmsg(r0, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}, 0xeb}], 0x1, 0x2001, 0x0)

763.97628ms ago: executing program 5 (id=2133):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000280)='./file0\x00', 0x414, &(0x7f0000000440)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRES32], 0xfd, 0x2bc, &(0x7f0000000c40)="$eJzs3MFqE18Ux/Hzb/pv0tQ2EURQUA+60c3QxgfQIC2IAaU2RV0IUzvRkDEpM6ESEZuNuPU5ikt3gvoC3Ygb9+6KILjpQhzpTKZNm7RNYpvE5vuBMjdz7q/3tp2WM4XM+r03Tws518iZZRmKqQyJVGVDJLk5qvmvdhzyxyNSrypXxn5+PXf3/oNb6UxmelZ1Jj13NaWqExc+PHvx9uKn8tj8u4n3UVlLPlz/kfq2dnrtzPrvuSd5V/OuFktlNXWhVCqbC7ali3m3YKjesS3TtTRfdC0nrEdrCy4tVdQsLo7HlxzLddUsVrRgVbRc0rJTUfOxmS+qYRg6HpfBNtzCnOzq7KyZ3rPsRQ76BNF2d4UjNdrspOOkq82L2dUu7AkAAPSZ/fv/oNffu//PzAfHQ+7/RRr7f7+es0ut9/+tNMADp7rj1QH9P44Fx0mb8drvr0j9PR39PwAAAAAAAAAAAAAAAAAAAAAA/4INz0t4npcIj+FHVERiIhK+7vU+cTQ6/Plf69F2ccjq3rgXE7FfL2eXs8ExqKdzkhdbLJmUhPzyr4eaYDxzMzM9qb6kfLRXavmV5WzEfziEnw8lm+XPn5wK8roz/7/E69dPSUJONV8/1TQ/Ipcv1eUNScjnR1ISWxb963o7/3JK9cbtzK78qD8PAAAAAIDjwNAtDffvft2fEJPGepBv4/8Du+6vh+UsT+gBAAAAAKAr3MrzgmnbltPBICoifxG3F04Ee+gw3q+DiPTFNnYNrotIH2yjW4OYiARntJP49614SymvhTnDm1d6r78tbQx6/ZcJAAAAwGHbbvrbCH15dYQ7AgAAAAAAAAAAAAAAAAAAAAAAAAAAAABg8LT6PLBwfkMpLOwTr1su0vUvEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOgjfwIAAP//xwcaJQ==")
creat(&(0x7f0000000100)='./bus\x00', 0x8c)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x4e840, 0x1f5)
preadv2(r0, &(0x7f0000000080)=[{&(0x7f0000000f00)=""/4107, 0x100b}], 0x1, 0x2200, 0x7fffffff, 0x8)

716.022373ms ago: executing program 7 (id=2134):
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x58, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_LOCAL={0x14, 0x6, @local}]}}}, @IFLA_MASTER={0x8, 0x3, r2}]}, 0x58}}, 0x4000000)

667.474726ms ago: executing program 5 (id=2136):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x25dfdbff, {}, [@NHA_OIF={0x8, 0x5, r2}]}, 0x20}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=@ipv6_newrule={0x2c, 0x18, 0x409, 0x0, 0x0, {}, [@FIB_RULE_POLICY=@FRA_GOTO={0x8, 0x1e, 0x1}, @FIB_RULE_POLICY=@FRA_SPORT_RANGE={0x8, 0x17, {0x4e23, 0x4e23}}]}, 0x2c}}, 0x0)

619.76322ms ago: executing program 6 (id=2137):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000100)="d8df0f23b3b9ce000000b807000000ba000000000f301b8154fea900600000c4e28ddc8dcd000000c182fd3f0000c8b950020000b801000000ba00000000b9c50d0000b800c80000ba00000000b9800000c00f3235000100000f300fc79d53bf0000c4e16dd3010f2202", 0x6a}], 0x1, 0x4d, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

606.654481ms ago: executing program 7 (id=2138):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000020b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
pidfd_send_signal(0xffffffffffffffff, 0x1f, 0x0, 0x0)

582.460832ms ago: executing program 0 (id=2139):
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x7, 0xc, &(0x7f0000000440)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x87}}, @call={0x85, 0x0, 0x0, 0x9e}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
close(r1)

555.703024ms ago: executing program 5 (id=2140):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})

552.598794ms ago: executing program 0 (id=2141):
syz_mount_image$exfat(&(0x7f0000000080), &(0x7f0000000240)='./bus\x00', 0x3010050, &(0x7f0000000600)=ANY=[], 0x1, 0x1500, &(0x7f0000003080)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c8/rGu+dvjDX2mvv/zPmstecez/8yxt7fdhxctX61ynWZGf4p+OcvqQCQAgD9AOAaAIgAoFS2UtkAh0Emjan/3JuIf62Hpl3pFYgrSfqfvkn/0zfpf/om/U/fpP/pm/Q/fZP+p2/SfyHSs63Tc18rI/2O/7nn/yDP//+/I+f//0UOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J//+XiwAq/TeHpf/pm/RfiPTsSj9/lnFlx5X+/RNCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIkT6cC5cZAPjL/EqvSwghhBBCCCGEEP86IeOVXoEQQgghhBBCCCH+/RAUaDAQQQbICCmQCTLDVZAFroascA0k4FrIBtdBdrgeckBOyAW5IQ/khXxggcABQwz5oQAk4QYoCDdCISgMRaAoeCgGxeEmKAE3Q0m4BUrBrVAaboMyUBbKQXm4HSrAHVARKkFluBOqwF1QFarB3VAd7oEacC/UhPugFtwPteEBqAMPQl14COrBw1AfHoEG8Cg0hEbQGJpA0/+n/BehK7wE3aA7pEIP6AkvQy/oDX2gL/SDV6A/vAoD4DUYCINgMLwOQ+ANGApvwjAYDiPgLRgJo2A0jIGxMA7Gw9swAd6BifAuTILJMAWmwjSYDjPgPZgJs2A2vA9z4AOYC/NgPiyAhfAhLILFkAYfwRL4GJbCMlgOK2AlrILVsAbWwjpYDxtgI2yCzbAFtsInsA22ww7YCbtgN+yBT2EvfAb74HPYD1/8g/ln/1N+JwQEVKjQoMEMmAFTMAUzY2bMglkwK2bFBCYwG2bD7Jgdc2AOzIW5MA/mwXyYDwkJGRnzY35MYhILYkEshIWwCBZBjx6LY3EsgTdjSSyJpbAUlsbSWAbLYlksj+WxAlbAilgRK2NlrIJVsCpWxbvxbrwHa2ANrIk1sRbWwtpYG+tgHayLdbEe1sP6WB8bYANsiA2xMTbGptgUm2EzbI7NsSW2xFbYCltja2yDbbAttsV22A7bY3vsgB2wI3bETtgZO+OL+CK+hC9hd6yiemBP7Im9sBf2wb7YF1/B/vgqvoqv4UAchIPxdXwd38CheAaH4XAcgSOwghqFo3EMshqH43E8TsAJOBEn4iScjJNxKk7D6TgDZ+BMnIWz8H2cgx/gBzgP5+ECXIgLcREuxjRMwyV4FpfiMlyOK3AlrsKVuAbX4hpcjxtwPW7CTbgFt+An+Alux+24E3fibtyNn+Kn+Bl+hgNxP+7HA3gAD+JBPISH8DAexiN4BI/iUTyGx/A4HscTeBJP4Uk8jafxDJ7Fc3gOz+N5vIDP5/m63u7C6waCusQoozKoDCpFpajMKrPKorKorCqrSqiEyqayqewqu8qhcqhcKpfKo/KofCqfIkWKVazyq/wqqZKqoCqoCqlCqogqorzyqrgqrkqoEqqkKqlKqVtVaXWbKqPKqha+vCqvKqiWvqKqpCqryqqKuktVVdVUNVVdVVc1VA1VU9VUtVQtVVs9oOqoHtgHH1KXOlNfDcIGajA2VI1UY9VEvYGPqWZqKDZXLVRL9YQajsOwtWrm26inVVs1GtupZ9UYfE51UOOwo3pBdVKdVRf1ouqqmvtuGX77CFRTsZfqrfqovmom3qUudayqek0NVIPUYPW6WoBvqKHqTTVMDVcj1FtqpBqlRqsxaqwap8art9UE9Y6aqN5Vk9RkNUVNVdPUdDVDvadmqllqtnpfzVEfqLlqnpqvFqiF6kO1SC1WaeojtUR9rJaqZWq5WqFWqlVqtVqj1qp1ar3aoDaqTWqz2qK2qk/UNrVd7VA71S61W+1Rn6q96jO1T32u9qsv1AH1J3VQfakOqa/UYfW1OqK+UUfVt+qY+k4dV9+rE+qkOqV+UKfVj+qMOqvOqZ/UefWzuqB+URdVUKBRK6210ZHOoDPqFJ1JZ9ZX6Sz6ap1VX6MT+lqdTV+ns+vrdQ6dU+fSuXUenVfn01aTdpp1rPPrAjqpb9AF9Y26kC6si+ii2utiuri+SZfQN+uS+hZdSt+qS+vbdBldVpfT5fXtuoK+Q1fUlXRlfaeuou/SVXU1fbeuru/RNfS9uqa+T9fS9+va+gFdRz+o6+qHdD39sK6vH9EN9KO6oW6kG+smuql+TDfTj+vmuoVuqZ/QrfSTurV+SrfRT+u2+hndTj+r2+vndAf9vO6oX9CddGfdRf+iL+qgu+nuOlX30D31y7qX7q376L66n35F99ev6gH6NT1QD9KD9et6iH5DD9Vv6mF6uB6h39Ij9Sg9Wo/RY/U4PV6/rSfod/RE/a6epCfrKXqqnqan6z6/VZr9d+S/8zfyB/z67lv0Vv2J3qa36x16p96ld+s9eo/eq/fqfXqf3q/36wP6gD6oD+pD+pA+rA/rI/qIPqqP6mP6mD6uj+sT+qT+Sf+gT+sf9Rl9Vp/VP+nz+ry+8NvPAAwaZbQxJjIZTEaTYjKZzOYqk8VcbbKaa0zCXGuymetMdnO9yWFymlwmt8lj8pp8xhoyzrCJTX5TwCTNDaagudEUMoVNEVPUeFPMFDc3/dP5f7S+pqapaWaameamuWlpWppWppVpbVqbNqaNaWvamnamnWlv2psOpoPpaDqaTqaT6WK6mK6mq+lmuplUDQDmZdPL9DZ9TF/Tz7xi+pv+ZoAZYAaagWawGWyGmCFmqBlqhplhZoQZYUaakWa0GW3GmrFmvBlvJpgJZqKZaCaZSWaKmWKmmWlmhplhZpqZZraZbeaYOWaumWvmm/lmoVloFplFJs2kmSVmiVlqlpllZoVZYVaZVWaNWWPWmXVmg9lgNplNZqnZaraabWab2WF2mF1ml9lj9pi9Zq/ZZ/aZ/Wa/OWAOmIPmoDlkDpnD5rA5Yo6Yo+aoOWaOmePmuDlhTphT5pQ5bU6bM+aMOWfOmfPmvLlgLpiL5uKly75IRSoykYkyRBmilCglyhxljrJEWaKsUdYoESWibFG2KHt0fZQjyhnlinJHeaK8USrYiCIXcRRH+aMCUTK6ISoY3RgVigpHRaKikY+KRcWjm6IS0c1RyeiWqFR0a1Q6ui0qE5WNykXlo9ujCtEdUcWoUlQ5ujOqEt0VVY2qRXdH1aN7ohrRvVHN6L6oVnR/VDt6IKoTPRjVjR6K6kUPR/WjR6IG0aNRw6hR1DhqEjX9l9YP4UzOx303292m2h62p33Z9rK9bR/b1/azr9j+9lU7wL5mB9pBdrB93Q6xb9ih9k07zA63I+xbdqQdZUfbMXasHWfH27ftBPuOnWjftZPsZDvFTrXT7HQ7w75nZ9pZdrZ9386xH9i5dp6dbxfYhfZDu8gutmn2I7vEfmyX2mV2uV1hV9pVdrVdY9fadXa93WA32k12s91it9pP7Da73e6wO+0uu9vusZ/avfYzu89+bvfbL+wB+yd70H5pD9mv7GH7tT1iv7FH7bf2mP3OHrff2xP2pD1lf7Cn7Y/2jD1rz9mf7Hn7s71gf7EXbbh0cX/p9E6GDGWgDJRCKZSZMlMWykJZKSslKEHZKBtlp+yUg3JQLspFeSgP5aN8dAkTU37KT0lKUkEqSIWoEBWhIuTJU3EqTiWoBJWkklSKSlFpKk1lqAyVo3J0O91Od9AdVIkq0Z10J91Fd1E1qkbVqTrVoBpUk2pSLapFtak21aE6VJfqUj2qR/WpPjWgBtSQGlJjakxNqSk1o2bUnJpTS2pJragVtabW1IbaUFtqS+2oHbWn9tSBOlBH6kidqBN1oS7UlbpSN+pGqZRKPakn9aJe1If6UD/qR/2pPw2gATSQBtJgGkxDaAgNpaE0jIbTCHqLRtIoGk1jaCyNo/E0nibQBJpIE2kSTaIpNIWm0TSaQTNoJs2k2TSb5tAcmktzaT7Np4W0kBbRIkqjNFpCS2gpLaXltJxW0kpaTatpLa2l9bSeNtJG2kybaSttpW20jXbQDtpFu2gP7aG9tJf20T7aT/vpAB2gg3SQDtEhOkyH6QgdoaN0lI7RMTpOx+kEnaBTdIpO02k6Q2foHJ2j8/QzXaBf6CIFSnEKMrurXBZ3tcvqrnEpLpO7FEcAcCnO5XK7PC6vy+esy+Fy/lVMzrlCrrAr4oo674q54u6m38VlXFlXzpV3t7sK7g5X8XdxdXePq+HudTXdfa6au/uv4lruflfbPeLquEddXdfI1XNNXH33iGvgHnUNXSPX2DVxrdyTrrV7yrVxT7u27pnfxYvcYrfWrXPr3Qa3133mzrmf3FH3rTvvfnbdXHfXz73i+rtX3QD3mhvoBv0uHuHeciPdKDfajXFj3bjfxVPcVDfNTXcz3Htuppv1u3ih+9DNcWlurpvn5rsFv8aX1pTmPnJL3MduqVvmlrsVbqVb5Va7Nf93rSvcJrfZbXF73Kdum9vudridbpfb/Wt8aR/73Oduv/vCHXHfuIPuS3fIHXOH3de/xpf2d8x95467790Jd9Kdcj+40+5Hd8ad/XX/l/b+g/vFXXTBASMr1mw44gyckVM4E2fmqzgLX81Z+RpO8LWcja/j7Hw95+CcnItzcx7Oy/nYMrFj5pjzcwFO8g1ckG/kQlyYi3BR9lyMi/NNXIJv5pJ8C5fiW7k038ZluCyX4/J8O1fgO7giV+LKfCdXCYGrcjW+m6vzPVyD7+WafB/X4vu5Nj/AdfhBrssPcT1+mOvzI9yAH+WG3IgbcxNuyo9xM36cm3MLbslPcCt+klvzU9yGn+a2/Ay342e5PT/HHfh57sgvcCfuzF34Re7KL3E37s6p3IN78svci3tzH+7L/fgV7s+v8gB+jQfyIB7Mr/MQfoOH8ps8jIfzCH6LR/IoHs1jeCyP4/H8Nk/gd3giv8uTeDJP4ak8jafzDH6PZ/Isns3v8xz+gOfyPJ7PC3ghf8iLeDGn8Ue8hD/mpbyMl/MKXsmreDWv4bW8jtfzBt7Im3gzb+Gt/Alv4+28g3fyLt7Ne/hT3suf8T7+nPfzF3yA/8QH+Us+xF/xYf6aj/A3fJS/5WP8HR/n7/kEn+RT/AOf5h/5DJ/lc/wTn+ef+QL/whc5MMQYq1jHJo7iDHHGOCXOFGeOr4qzxFfHWeNr4kR8bZwtvi7OHl8f54hzxrni3HGeOG+cL7YxxS7mOI7zxwXiZHzD2oLxjXGhuHBcJC4a+7hYXDy+KS4R3xyXjG+JS8W3xqXj2+Iycdn4kfvKx7fHFeI74opxpbhyfGdcJb4rrhpXi++Oq8f3xDXie+Oa8X1xyfj+uHb8QFwnfjCuGz8U14sfjuvHj8QN4kfjhnGjuHHcJG4aPxY3ix+Pm8ct4pbxE3Gr+Mm4dfxU3CZ+Om4bP/OHx1PjHnHP+OX45TiEe/X85ILkwuSHyUXJxcm05EfJJcmPk0uTy5LLkyuSK5OrkquTa5Jrk+uS65MbkhuTm5Kbk1uSIVTLCB698tobH/kMPqNP8Zl8Zn+Vz+Kv9ln9NT7hr/XZ/HU+u7/e5/A5fS6f2+fxeX0+bz1559nHPr8v4JP+Bl/Q3+gL+cK+iC/qvS/mi/smvqlv6pv5x31z38K39E/4J/yT/kn/lH/KP+3b+md8O/+sb++f8x388/55/4Lv5Dv7Lv5F39W/5Lv57j7Vp/qevqfv5Xv5Pr6P7+f7+f6+vx/gB/iBfqAf7Af7IX6IH+qH+mF+mB/hR/iRfqQf7Uf7sX6sH+/H+wl+gp/oJ/pJfpKf4qf4aX6an+Fn+Jl+pp/tZ/s5heb4uX6un+/n+4V+oV/kF/k0n+aX+CV+qV/ql/vlfqVf6Vf71X6tX+vX+/V+o9/oN/vNfqvf6rf5bX6H3+F3+V1+j9/j9/q9fp/f5/f7/f6AP+AP+oP+kP/KH/Zf+yP+G3/Uf+uP+e/8cf+9P+FP+lP+B3/a/+jP+LP+nP/Jn/c/+wv+F3/RBz8+8XZiQuKdxMTEu4lJicmJKYmpiWmJ6YkZifcSMxOzErMT7yfmJD5IzE3MS8xPLEgsTHyYWJRYnEhLfJRYkvg4sTSxLLE8sSKxMrEqEULebXHIHwqEZLghFAw3hkKhcCgSigYfioXi4aZQItwcSoZbQqlwaygdbgtlQtlQLjwaGoZGoXFoEpqGx0Kz8HhoHlqEluGJ0Co8GVqHp0Kb8HRoG54J7cKzoX14LnQIz4eO4YXQKXQOXcKLoWt4KXQL3UNq6BF6hpdDr9A79Al9Q7/wSugfXg0DwmthYBgUBofXw5DwRhga3gzDwvAwIrwVRoZRYXQYE8aGcWF8eDtMCO+EieHdMClMDlPC1DAtTA8zwnthZpgVZof3w5zwQZgb5oX5YUFYGD4Mi8LikBY+CkvCx2FpWBaWhxVhZVgVVoc1YW1YF9aHDWFj2BQ2hy1ha/gkbAvbw46wM+wKu8Oe8GnYGz4L+8LnYX/4IhwIfwoHw5fhUPgqHA5fhyPhm3A0fBuOhe/C8fB9OBFOhlPhh3A6/BjOhLPhXPgpnA8/hwvhl3BR/mZNCCGEEOLvov/geI+/8b0MAKB+m/cEgKu35z78n2tuzPHneW+Vp1UCAJ7u3vGhv4wqVVJTU3977VINUYF5AJD46/p/iZdBS3gS2kALKPE319dbdT7Pf1A/eStA5v+QkwKX48v1b/4v6j/2xIhFpeNz2f6b+vMAChW4nJMJLseX65f8L+rnbPYH68/05XiA5v8hJwtcji/XLw6PwzPQ5q9eKYQQQgghhBBC/FlvVa79H90/X7o/z2Mu52SEy/Ef3Z8LIYQQQgghhBDiynuuc5enHmvTpkX7v2+Cvz0X+MeyZCITmfwbJ+rfUPlKfzIJIYQQQggh/tUuX/Rf6ZUIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBDp1//E/ye70nsUQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghrrT/EwAA//+9yTig")
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
chdir(&(0x7f0000000000)='./file0\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
getdents(r0, 0x0, 0x54)

414.009523ms ago: executing program 35 (id=2140):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})

407.306684ms ago: executing program 0 (id=2143):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
ioctl$UFFDIO_MOVE(r0, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000fee000/0xf000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0xf000, 0x2})

406.995304ms ago: executing program 7 (id=2144):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180200002343ffff0000000000000000850000004100000095"], &(0x7f00000000c0)='GPL\x00'}, 0x4e)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000001580)={r1, r2, 0x25, 0x0, @val=@netkit}, 0x1c)
syz_emit_ethernet(0xfdef, &(0x7f0000000100)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@response={0x2, 0x0, 0x0, "82d18160f7d8dda36479a6b179161b4bbff2d0508977b3928ebd2dee05607d17", "0194bd7b1b0303c5ba7f602606a285b3", {"30da2d58da817f8a5f77a23de36a2164", "3b33cfa231a427159c7b9f0eceb155f0"}}}}}}}, 0x0)

372.217656ms ago: executing program 7 (id=2145):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x77, 0x29, 0x4, 0x20, 0x424, 0x9901, 0xc257, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x43, 0x0, 0x2, 0x31, 0x7d, 0x55, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000ec0)={0x44, &(0x7f0000001180)={0x0, 0x11, 0x4, "28172044"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, &(0x7f00000001c0)={0x14, 0x0, 0x0}, &(0x7f0000000540)={0x44, &(0x7f0000000200)={0x40, 0x14, 0x9, "96808686645bfe5b69"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

300.459171ms ago: executing program 0 (id=2146):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x7, 0x4, 0x200, 0x21db}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
clock_nanosleep(0x8, 0x0, &(0x7f00000004c0)={0x0, 0x3938700}, 0x0)

283.300062ms ago: executing program 36 (id=2146):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x7, 0x4, 0x200, 0x21db}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
clock_nanosleep(0x8, 0x0, &(0x7f00000004c0)={0x0, 0x3938700}, 0x0)

279.134622ms ago: executing program 6 (id=2148):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
prctl$PR_SET_MM(0x23, 0x9, &(0x7f0000004000/0x3000)=nil)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000006100)='cmdline\x00')
read$FUSE(r0, &(0x7f0000016440)={0x2020}, 0x2020)

125.760292ms ago: executing program 6 (id=2149):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
r2 = open(&(0x7f0000000000)='./file1\x00', 0x14927e, 0x22)
copy_file_range(r2, 0x0, r2, 0x0, 0x6, 0x0)

63.166316ms ago: executing program 6 (id=2150):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f0000000400)=@framed, &(0x7f0000000340)='syzkaller\x00', 0x1, 0xc5, &(0x7f0000000180)=""/197, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x6f}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={0x0, r2}, 0x10)

24.432779ms ago: executing program 6 (id=2151):
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0xfffffffc}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000500), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)={0x30, r2, 0x1, 0x70bd2d, 0x25dfdbfc, {{}, {}, {0x14, 0x19, {0xffffffff, 0x5, 0x6f0, 0x4}}}}, 0x30}, 0x1, 0x0, 0x0, 0x8000}, 0x8044)

0s ago: executing program 6 (id=2152):
mincore(&(0x7f00007ff000/0x800000)=nil, 0x800000, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000700)="0022040000ffffebfffffffeffffff0700000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab190c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e3845", 0x118)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e23, 0x7, @private0={0xfc, 0x0, '\x00', 0x1}, 0xffffffff}, 0x1c)
syz_extract_tcp_res(0x0, 0xb, 0x6)

kernel console output (not intermixed with test programs):

 to access it
[   80.391788][   T19] hid (null): unknown global tag 0x86
[   80.402940][ T3253] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.1183: Corrupt directory, running e2fsck is recommended
[   80.408052][   T19] hid (null): unknown global tag 0x90
[   80.422148][ T3253] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   80.426720][   T19] hid (null): report_id 4131346620 is invalid
[   80.444705][   T19] hid (null): unknown global tag 0xe
[   80.450324][   T19] hid (null): unknown global tag 0xd
[   80.456732][   T19] hid (null): global environment stack overflow
[   80.456834][  T283] EXT4-fs (loop2): unmounting filesystem.
[   80.463074][   T19] hid (null): unknown global tag 0xe
[   80.463608][   T19] hid (null): unknown global tag 0xd
[   80.587770][   T19] usb 2-1: USB disconnect, device number 11
[   80.734119][ T3289] loop3: detected capacity change from 0 to 512
[   80.743843][ T3291] loop0: detected capacity change from 0 to 2048
[   80.773589][ T3291] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   80.784844][ T3291] EXT4-fs (loop0): unmounting filesystem.
[   81.095760][ T3304] loop3: detected capacity change from 0 to 256
[   81.115533][ T3304] FAT-fs (loop3): Directory bread(block 64) failed
[   81.121452][ T3303] SELinux: failed to load policy
[   81.122125][ T3304] FAT-fs (loop3): Directory bread(block 65) failed
[   81.133850][ T3304] FAT-fs (loop3): Directory bread(block 66) failed
[   81.146758][ T3304] FAT-fs (loop3): Directory bread(block 67) failed
[   81.154135][ T3304] FAT-fs (loop3): Directory bread(block 68) failed
[   81.161328][ T3304] FAT-fs (loop3): Directory bread(block 69) failed
[   81.168113][ T3304] FAT-fs (loop3): Directory bread(block 70) failed
[   81.179351][ T3304] FAT-fs (loop3): Directory bread(block 71) failed
[   81.190137][ T3304] FAT-fs (loop3): Directory bread(block 72) failed
[   81.199332][ T3304] FAT-fs (loop3): Directory bread(block 73) failed
[   81.213505][ T3310] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   81.239889][ T3312] loop0: detected capacity change from 0 to 128
[   81.260411][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[   81.269465][ T3312] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   81.275114][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   81.283510][ T3312] ext4 filesystem being mounted at /219/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.289080][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[   81.309967][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   81.318966][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   81.331388][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   81.341028][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   81.350630][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   81.350791][  T282] EXT4-fs (loop0): unmounting filesystem.
[   81.364909][   T19] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[   81.543959][ T3335] loop1: detected capacity change from 0 to 2048
[   81.565679][   T19] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[   81.592071][ T3335] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   81.606241][   T19] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   81.614725][ T3335] ext4 filesystem being mounted at /210/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.626996][   T19] usb 6-1: config 0 descriptor??
[   81.671414][  T286] EXT4-fs (loop1): unmounting filesystem.
[   81.707450][ T3329] loop0: detected capacity change from 0 to 40427
[   81.714565][ T3329] F2FS-fs (loop0): Small segment_count (9 < 1 * 24)
[   81.721364][ T3329] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   81.752051][ T3329] F2FS-fs (loop0): Found nat_bits in checkpoint
[   81.828573][ T3359] loop2: detected capacity change from 0 to 128
[   81.835513][ T3329] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   81.843271][ T3329] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   81.861666][ T3359] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[   81.898260][ T3359] FAT-fs (loop2): Filesystem has been set read-only
[   81.905190][ T3359] syz.2.1230: attempt to access beyond end of device
[   81.905190][ T3359] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   81.919933][  T282] syz-executor: attempt to access beyond end of device
[   81.919933][  T282] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   81.920034][ T3359] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[   81.944908][ T3359] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[   81.964325][ T3359] syz.2.1230: attempt to access beyond end of device
[   81.964325][ T3359] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[   81.980983][    T6] usb 4-1: new full-speed USB device number 7 using dummy_hcd
[   81.989306][ T3359] syz.2.1230: attempt to access beyond end of device
[   81.989306][ T3359] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[   81.991457][ T3368] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1235'.
[   82.003706][ T3359] syz.2.1230: attempt to access beyond end of device
[   82.003706][ T3359] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[   82.026774][ T3359] syz.2.1230: attempt to access beyond end of device
[   82.026774][ T3359] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[   82.040868][ T3359] syz.2.1230: attempt to access beyond end of device
[   82.040868][ T3359] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[   82.105720][   T19] appleir 0003:05AC:8241.0020: item fetching failed at offset 2/5
[   82.130621][   T19] appleir 0003:05AC:8241.0020: parse failed
[   82.136898][   T19] appleir: probe of 0003:05AC:8241.0020 failed with error -22
[   82.196801][    T6] usb 4-1: config 16 has an invalid interface number: 50 but max is 0
[   82.216115][    T6] usb 4-1: config 16 has no interface number 0
[   82.224389][    T6] usb 4-1: New USB device found, idVendor=046d, idProduct=08c2, bcdDevice=d4.71
[   82.244624][    T6] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   82.252973][    T6] usb 4-1: Product: syz
[   82.257247][    T6] usb 4-1: Manufacturer: syz
[   82.264393][    T6] usb 4-1: SerialNumber: syz
[   82.325943][ T1018] usb 6-1: USB disconnect, device number 5
[   82.477473][ T3376] loop1: detected capacity change from 0 to 40427
[   82.494760][    T6] usb 4-1: Found UVC 0.00 device syz (046d:08c2)
[   82.501709][ T3376] F2FS-fs (loop1): heap/no_heap options were deprecated
[   82.509123][    T6] usb 4-1: No valid video chain found.
[   82.529783][ T3376] F2FS-fs (loop1): fault_injection options not supported
[   82.539327][ T3376] F2FS-fs (loop1): fault_type options not supported
[   82.546918][ T3376] F2FS-fs (loop1): invalid crc value
[   82.553990][ T3376] F2FS-fs (loop1): Found nat_bits in checkpoint
[   82.596334][ T3376] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   82.714030][ T1018] usb 4-1: USB disconnect, device number 7
[   82.950586][ T3405] loop1: detected capacity change from 0 to 256
[   82.982756][ T3405] FAT-fs (loop1): Directory bread(block 64) failed
[   82.989899][ T3405] FAT-fs (loop1): Directory bread(block 65) failed
[   82.997665][ T3405] FAT-fs (loop1): Directory bread(block 66) failed
[   83.004342][ T3405] FAT-fs (loop1): Directory bread(block 67) failed
[   83.011642][ T3405] FAT-fs (loop1): Directory bread(block 68) failed
[   83.018469][ T3405] FAT-fs (loop1): Directory bread(block 69) failed
[   83.025273][ T3405] FAT-fs (loop1): Directory bread(block 70) failed
[   83.031953][ T3405] FAT-fs (loop1): Directory bread(block 71) failed
[   83.038688][ T3405] FAT-fs (loop1): Directory bread(block 72) failed
[   83.046470][ T3405] FAT-fs (loop1): Directory bread(block 73) failed
[   83.178276][    T6] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[   83.293939][ T3432] loop3: detected capacity change from 0 to 128
[   83.324726][ T3432] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   83.334127][ T3432] ext4 filesystem being mounted at /250/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   83.364729][  T285] EXT4-fs (loop3): unmounting filesystem.
[   83.378839][ T3440] loop1: detected capacity change from 0 to 128
[   83.386873][ T3440] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   83.399533][    T6] usb 3-1: Using ep0 maxpacket: 8
[   83.406702][    T6] usb 3-1: config 0 has an invalid interface number: 31 but max is 0
[   83.417073][    T6] usb 3-1: config 0 has no interface number 0
[   83.427587][    T6] usb 3-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[   83.430682][ T3440] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   83.445651][    T6] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   83.463779][    T6] usb 3-1: Product: syz
[   83.474023][    T6] usb 3-1: Manufacturer: syz
[   83.482444][    T6] usb 3-1: SerialNumber: syz
[   83.490143][    T8] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   83.496562][    T6] usb 3-1: config 0 descriptor??
[   83.524608][ T3449] loop3: detected capacity change from 0 to 512
[   83.535255][ T3449] EXT4-fs: Ignoring removed oldalloc option
[   83.550272][ T3449] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   83.562288][ T3449] EXT4-fs (loop3): 1 truncate cleaned up
[   83.568337][ T3449] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   83.589813][  T285] EXT4-fs (loop3): unmounting filesystem.
[   83.648652][  T998] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[   83.720831][    T6] usb 3-1: Found UVC 0.04 device syz (046d:08c3)
[   83.728200][    T6] usb 3-1: No valid video chain found.
[   83.737284][    T6] usb 3-1: USB disconnect, device number 7
[   83.770371][ T3469] kvm: MWAIT instruction emulated as NOP!
[   83.842343][  T998] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   83.853474][  T998] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   83.863590][  T998] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   83.876636][  T998] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   83.885751][  T998] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   83.897887][  T998] usb 1-1: config 0 descriptor??
[   84.001673][   T39] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[   84.059789][   T28] kauditd_printk_skb: 10 callbacks suppressed
[   84.059805][   T28] audit: type=1400 audit(2000000004.942:874): avc:  denied  { append } for  pid=3476 comm="syz.1.1280" name="001" dev="devtmpfs" ino=182 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   84.167578][   T28] audit: type=1400 audit(2000000005.045:875): avc:  denied  { write } for  pid=6 comm="kworker/0:0" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=31022 scontext=system_u:system_r:kernel_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   84.195519][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   84.212003][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   84.222099][   T39] usb 4-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[   84.233312][   T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   84.245780][   T39] usb 4-1: config 0 descriptor??
[   84.276310][ T3491] netlink: 27 bytes leftover after parsing attributes in process `syz.5.1287'.
[   84.340468][  T998] plantronics 0003:047F:FFFF.0021: ignoring exceeding usage max
[   84.350571][  T998] plantronics 0003:047F:FFFF.0021: No inputs registered, leaving
[   84.365653][ T3497] I/O error, dev loop11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   84.369180][  T998] plantronics 0003:047F:FFFF.0021: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[   84.375480][ T3497] FAT-fs (loop11): unable to read boot sector
[   84.438018][ T3502] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   84.454840][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[   84.473030][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   84.493728][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[   84.505611][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   84.514418][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   84.523832][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   84.532677][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   84.542002][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   84.569179][    T6] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[   84.606696][ T3504] loop1: detected capacity change from 0 to 40427
[   84.615106][ T3504] F2FS-fs (loop1): Small segment_count (9 < 1 * 24)
[   84.622101][ T3504] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   84.633368][  T998] usb 1-1: USB disconnect, device number 12
[   84.646528][ T3504] F2FS-fs (loop1): Found nat_bits in checkpoint
[   84.684761][   T39] hid-steam 0003:28DE:1142.0022: unknown main item tag 0x0
[   84.692851][   T39] hid-steam 0003:28DE:1142.0022: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.3-1/input0
[   84.695079][ T3504] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   84.705752][   T39] hid-steam 0003:28DE:1142.0023: unknown main item tag 0x0
[   84.711811][ T3504] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   84.720468][   T39] hid-steam 0003:28DE:1142.0023: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.3-1/input0
[   84.747923][   T28] audit: type=1400 audit(2000000005.578:876): avc:  denied  { remount } for  pid=3503 comm="syz.1.1302" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   84.747945][ T3504] F2FS-fs (loop1): switch extent_cache option is not allowed
[   84.777015][    T6] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   84.788550][    T6] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[   84.800742][    T6] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   84.803405][   T39] hid-steam 0003:28DE:1142.0022: Steam wireless receiver connected
[   84.813190][    T6] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   84.818842][   T39] hid-steam 0003:28DE:1142.0022: No HID_FEATURE_REPORT submitted -  nothing to read
[   84.830707][    T6] usb 3-1: Product: syz
[   84.843939][    T6] usb 3-1: Manufacturer: syz
[   84.848918][    T6] usb 3-1: SerialNumber: syz
[   84.866328][    T6] cdc_mbim 3-1:1.0: skipping garbage
[   84.935789][   T39] usb 4-1: USB disconnect, device number 8
[   84.947516][   T39] hid-steam 0003:28DE:1142.0022: Steam wireless receiver disconnected
[   85.081761][ T3493] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   85.185110][   T28] audit: type=1400 audit(2000000005.990:877): avc:  denied  { ioctl } for  pid=3517 comm="syz.5.1298" path="socket:[30209]" dev="sockfs" ino=30209 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   85.384097][ T3520] loop0: detected capacity change from 0 to 40427
[   85.401566][ T3520] F2FS-fs (loop0): heap/no_heap options were deprecated
[   85.409264][ T3520] F2FS-fs (loop0): fault_injection options not supported
[   85.418594][ T3520] F2FS-fs (loop0): fault_type options not supported
[   85.426321][ T3520] F2FS-fs (loop0): invalid crc value
[   85.441537][ T3520] F2FS-fs (loop0): Found nat_bits in checkpoint
[   85.485778][ T3520] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   85.554738][  T282] bio_check_eod: 24568 callbacks suppressed
[   85.554759][  T282] syz-executor: attempt to access beyond end of device
[   85.554759][  T282] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   85.665314][   T28] audit: type=1400 audit(2000000006.439:878): avc:  denied  { create } for  pid=3547 comm="syz.3.1310" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[   85.732380][ T3493] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   85.744265][    T6] cdc_mbim 3-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[   85.754540][    T6] cdc_mbim 3-1:1.0: setting rx_max = 2048
[   85.825812][ T3543] loop5: detected capacity change from 0 to 40427
[   85.835991][ T3543] F2FS-fs (loop5): fault_injection options not supported
[   85.837214][ T3557] binder: 3556:3557 ioctl 4018620d 0 returned -22
[   85.843486][   T28] audit: type=1400 audit(2000000006.598:879): avc:  denied  { ioctl } for  pid=3556 comm="syz.1.1313" path="/dev/binderfs/binder0" dev="binder" ino=4 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   85.905555][ T3543] F2FS-fs (loop5): invalid crc value
[   85.925207][ T3543] F2FS-fs (loop5): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[   85.927709][ T3562] loop0: detected capacity change from 0 to 512
[   85.950186][ T3562] EXT4-fs: Ignoring removed oldalloc option
[   85.962133][    T6] cdc_mbim 3-1:1.0: setting tx_max = 184
[   85.965341][ T3562] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   85.983803][    T6] cdc_mbim 3-1:1.0: cdc-wdm0: USB WDM device
[   85.989805][ T3543] F2FS-fs (loop5): Start checkpoint disabled!
[   85.997995][ T3562] EXT4-fs (loop0): 1 truncate cleaned up
[   85.998287][ T3569] netem: change failed
[   86.005148][ T3562] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   86.011727][    T6] cdc_mbim 3-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.2-1, CDC MBIM, 3e:c2:0a:2e:7b:f7
[   86.017178][ T3543] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[   86.065134][    T6] usb 3-1: USB disconnect, device number 8
[   86.085601][    T6] cdc_mbim 3-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.2-1, CDC MBIM
[   86.098594][ T3543] F2FS-fs (loop5): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[   86.117081][  T282] EXT4-fs (loop0): unmounting filesystem.
[   86.142413][ T3576] loop0: detected capacity change from 0 to 1024
[   86.149446][ T3576] EXT4-fs: Ignoring removed orlov option
[   86.168289][   T43] kworker/u4:2: attempt to access beyond end of device
[   86.168289][   T43] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   86.189574][ T3576] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   86.227074][   T28] audit: type=1400 audit(2000000006.972:880): avc:  denied  { mount } for  pid=3579 comm="syz.3.1321" name="/" dev="cgroup" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   86.247253][  T282] EXT4-fs (loop0): unmounting filesystem.
[   86.255458][   T28] audit: type=1400 audit(2000000006.991:881): avc:  denied  { unmount } for  pid=285 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   86.317333][   T28] audit: type=1400 audit(2000000007.056:882): avc:  denied  { create } for  pid=3585 comm="syz.3.1324" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   86.340481][   T28] audit: type=1400 audit(2000000007.075:883): avc:  denied  { ioctl } for  pid=3585 comm="syz.3.1324" path="socket:[31263]" dev="sockfs" ino=31263 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   86.512452][ T3598] sch_fq: defrate 0 ignored.
[   86.659976][ T3619] input: syz0 as /devices/virtual/input/input12
[   86.797085][ T3634] sch_fq: defrate 0 ignored.
[   87.026941][    T6] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[   87.150598][ T3658] loop2: detected capacity change from 0 to 40427
[   87.158705][ T3658] F2FS-fs (loop2): heap/no_heap options were deprecated
[   87.172558][ T3658] F2FS-fs (loop2): fault_injection options not supported
[   87.179777][ T3658] F2FS-fs (loop2): fault_type options not supported
[   87.191300][  T351] udevd[351]: symlink '../../loop2' '/dev/disk/by-diskseq/341.tmp-b7:2' failed: Read-only file system
[   87.196218][ T3658] F2FS-fs (loop2): invalid crc value
[   87.203831][  T351] udevd[351]: symlink '../../loop2' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:2' failed: Read-only file system
[   87.210515][ T3658] F2FS-fs (loop2): Found nat_bits in checkpoint
[   87.231136][    T6] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   87.246965][  T351] udevd[351]: symlink '../../loop2' '/dev/disk/by-diskseq/341.tmp-b7:2' failed: Read-only file system
[   87.258345][    T6] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[   87.271005][ T3658] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   87.272080][  T351] udevd[351]: symlink '../../loop2' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:2' failed: Read-only file system
[   87.280294][    T6] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   87.302864][    T6] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   87.311271][    T6] usb 2-1: Product: syz
[   87.316145][    T6] usb 2-1: Manufacturer: syz
[   87.320945][    T6] usb 2-1: SerialNumber: syz
[   87.332004][    T6] cdc_mbim 2-1:1.0: skipping garbage
[   87.337902][  T283] syz-executor: attempt to access beyond end of device
[   87.337902][  T283] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   87.413281][  T334] udevd[334]: symlink '../../loop2' '/dev/disk/by-diskseq/341.tmp-b7:2' failed: Read-only file system
[   87.429596][  T334] udevd[334]: symlink '../../loop2' '/dev/disk/by-diskseq/341.tmp-b7:2' failed: Read-only file system
[   87.473989][  T334] udevd[334]: symlink '../../loop2' '/dev/disk/by-diskseq/342.tmp-b7:2' failed: Read-only file system
[   87.509874][  T334] udevd[334]: symlink '../../loop2' '/dev/disk/by-diskseq/342.tmp-b7:2' failed: Read-only file system
[   87.535914][  T334] udevd[334]: symlink '../../loop2' '/dev/disk/by-diskseq/342.tmp-b7:2' failed: Read-only file system
[   87.550057][ T3630] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   87.659999][  T334] udevd[334]: symlink '../../loop2' '/dev/disk/by-diskseq/342.tmp-b7:2' failed: Read-only file system
[   87.812225][ T3680] loop5: detected capacity change from 0 to 512
[   87.830822][ T3680] EXT4-fs: Ignoring removed oldalloc option
[   87.838413][ T3680] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   87.858418][ T3680] EXT4-fs (loop5): 1 truncate cleaned up
[   87.866188][ T3680] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   87.869300][ T3676] loop2: detected capacity change from 0 to 40427
[   87.897819][ T3676] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   87.907429][ T3676] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   87.933191][ T3676] F2FS-fs (loop2): invalid crc value
[   87.939953][ T1876] EXT4-fs (loop5): unmounting filesystem.
[   87.979640][ T3676] F2FS-fs (loop2): Found nat_bits in checkpoint
[   88.027033][ T3703] futex_wake_op: syz.3.1368 tries to shift op by -1; fix this program
[   88.062123][ T3676] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   88.074590][ T3676] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   88.162145][  T283] syz-executor: attempt to access beyond end of device
[   88.162145][  T283] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[   88.162335][   T43] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   88.177442][   T43] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[   88.206086][ T3630] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   88.206425][    T6] cdc_mbim 2-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[   88.206447][    T6] cdc_mbim 2-1:1.0: setting rx_max = 2048
[   88.267513][ T3722] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=3722 comm=syz.3.1378
[   88.280500][ T3722] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=3722 comm=syz.3.1378
[   88.423360][    T6] cdc_mbim 2-1:1.0: setting tx_max = 184
[   88.432791][    T6] cdc_mbim 2-1:1.0: cdc-wdm0: USB WDM device
[   88.439952][ T3736] loop2: detected capacity change from 0 to 512
[   88.442170][    T6] cdc_mbim 2-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.1-1, CDC MBIM, 2a:33:cf:ab:83:0e
[   88.447242][ T3736] EXT4-fs: Ignoring removed oldalloc option
[   88.460579][    T6] usb 2-1: USB disconnect, device number 12
[   88.470912][    T6] cdc_mbim 2-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.1-1, CDC MBIM
[   88.485840][ T3736] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   88.502538][ T3736] EXT4-fs (loop2): 1 truncate cleaned up
[   88.508445][ T3736] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   88.557755][ T3745] input: syz0 as /devices/virtual/input/input13
[   88.573066][  T283] EXT4-fs (loop2): unmounting filesystem.
[   88.716041][  T908] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[   88.919201][  T908] usb 4-1: Using ep0 maxpacket: 8
[   88.925587][  T908] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[   88.934362][  T908] usb 4-1: config 179 has no interface number 0
[   88.941052][  T908] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[   88.952782][  T908] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[   88.964279][  T908] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9
[   88.975818][  T908] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024
[   88.987360][  T908] usb 4-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[   89.001299][  T908] usb 4-1: config 179 interface 65 has no altsetting 0
[   89.008436][  T908] usb 4-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[   89.023081][  T908] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   89.041877][ T3772] loop1: detected capacity change from 0 to 512
[   89.049559][  T908] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input14
[   89.066767][ T3772] EXT4-fs: Ignoring removed oldalloc option
[   89.081607][ T3772] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   89.095302][ T3772] EXT4-fs (loop1): 1 truncate cleaned up
[   89.100022][ T3774] input: syz0 as /devices/virtual/input/input15
[   89.101313][ T3772] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   89.131554][  T286] EXT4-fs (loop1): unmounting filesystem.
[   89.324422][ T3781] loop1: detected capacity change from 0 to 40427
[   89.332039][ T3781] F2FS-fs (loop1): fault_injection options not supported
[   89.340894][ T3781] F2FS-fs (loop1): invalid crc value
[   89.348188][ T3781] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[   89.381605][ T3781] F2FS-fs (loop1): Start checkpoint disabled!
[   89.391167][ T3781] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[   89.428613][ T3781] F2FS-fs (loop1): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[   89.470609][   T43] kworker/u4:2: attempt to access beyond end of device
[   89.470609][   T43] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   89.475193][  T908] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[   89.498650][   T39] usb 4-1: USB disconnect, device number 9
[   89.498696][    C1] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[   89.514055][   T39] xpad 4-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[   89.656944][ T3793] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1407'.
[   89.690914][   T28] kauditd_printk_skb: 25 callbacks suppressed
[   89.690931][   T28] audit: type=1400 audit(2000000010.208:909): avc:  denied  { ioctl } for  pid=3796 comm="syz.2.1409" path="socket:[31978]" dev="sockfs" ino=31978 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   89.700802][  T908] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   89.743312][  T908] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[   89.755254][  T908] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   89.803563][  T908] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   89.812391][  T908] usb 6-1: SerialNumber: syz
[   89.902699][    T6] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[   90.041283][  T908] usb 6-1: 0:2 : does not exist
[   90.050481][  T908] usb 6-1: USB disconnect, device number 6
[   90.095718][    T6] usb 2-1: Using ep0 maxpacket: 16
[   90.102435][    T6] usb 2-1: config 0 has an invalid interface number: 41 but max is 0
[   90.111212][    T6] usb 2-1: config 0 has no interface number 0
[   90.117722][    T6] usb 2-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[   90.128812][  T998] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[   90.136659][    T6] usb 2-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[   90.154810][    T6] usb 2-1: config 0 interface 41 has no altsetting 0
[   90.163258][    T6] usb 2-1: New USB device found, idVendor=0fe6, idProduct=9700, bcdDevice=d1.9a
[   90.178254][    T6] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   90.191296][ T1018] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[   90.200460][    T6] usb 2-1: Product: syz
[   90.204727][    T6] usb 2-1: Manufacturer: syz
[   90.209436][    T6] usb 2-1: SerialNumber: syz
[   90.223073][    T6] usb 2-1: config 0 descriptor??
[   90.228787][ T3789] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   90.236222][ T3789] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   90.248619][ T3824] loop3: detected capacity change from 0 to 128
[   90.258391][ T3824] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[   90.267239][ T3824] FAT-fs (loop3): Filesystem has been set read-only
[   90.274168][ T3824] syz.3.1422: attempt to access beyond end of device
[   90.274168][ T3824] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   90.289096][ T3824] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[   90.297932][ T3824] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[   90.307840][ T3824] syz.3.1422: attempt to access beyond end of device
[   90.307840][ T3824] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   90.323568][ T3824] syz.3.1422: attempt to access beyond end of device
[   90.323568][ T3824] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   90.338373][ T3824] syz.3.1422: attempt to access beyond end of device
[   90.338373][ T3824] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   90.342317][  T998] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   90.352843][ T3824] syz.3.1422: attempt to access beyond end of device
[   90.352843][ T3824] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   90.362899][  T998] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[   90.387980][  T998] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   90.397437][  T998] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   90.405753][  T998] usb 3-1: SerialNumber: syz
[   90.417205][ T1018] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   90.430113][ T1018] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   90.439375][ T1018] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   90.447802][ T1018] usb 1-1: Product: syz
[   90.452412][ T1018] usb 1-1: Manufacturer: syz
[   90.457255][ T1018] usb 1-1: SerialNumber: syz
[   90.464849][ T3789] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   90.472780][ T3789] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   90.640470][  T998] usb 3-1: 0:2 : does not exist
[   90.656418][  T998] usb 3-1: USB disconnect, device number 9
[   90.907626][ T3824] bio_check_eod: 26414 callbacks suppressed
[   90.907646][ T3824] syz.3.1422: attempt to access beyond end of device
[   90.907646][ T3824] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   90.918745][    T6] Error reading MAC address
[   90.929013][ T3824] syz.3.1422: attempt to access beyond end of device
[   90.929013][ T3824] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   90.934337][ T3789] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   90.947458][ T3824] syz.3.1422: attempt to access beyond end of device
[   90.947458][ T3824] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   90.954753][ T3789] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   90.968587][ T3824] syz.3.1422: attempt to access beyond end of device
[   90.968587][ T3824] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   90.989949][ T3824] syz.3.1422: attempt to access beyond end of device
[   90.989949][ T3824] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   90.993175][   T19] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[   91.003565][ T3824] syz.3.1422: attempt to access beyond end of device
[   91.003565][ T3824] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   91.026097][ T3824] syz.3.1422: attempt to access beyond end of device
[   91.026097][ T3824] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   91.040141][ T3824] syz.3.1422: attempt to access beyond end of device
[   91.040141][ T3824] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   91.054749][ T3824] syz.3.1422: attempt to access beyond end of device
[   91.054749][ T3824] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   91.068699][ T3824] syz.3.1422: attempt to access beyond end of device
[   91.068699][ T3824] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   91.197502][   T19] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   91.209384][   T19] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   91.219351][    T6] sr9700 2-1:0.41 (unnamed net_device) (uninitialized): Error reading MAC address
[   91.229528][   T19] usb 6-1: New USB device found, idVendor=0457, idProduct=ffff, bcdDevice= 0.00
[   91.239325][   T19] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   91.250461][    T6] usb 2-1: USB disconnect, device number 13
[   91.257144][ T3837] loop2: detected capacity change from 0 to 256
[   91.264951][ T3837] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   91.273699][   T19] usb 6-1: config 0 descriptor??
[   91.276325][ T3837] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[   91.292152][ T3837] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[   91.311920][   T28] audit: type=1400 audit(2000000011.724:910): avc:  denied  { write } for  pid=3836 comm="syz.2.1428" name="/" dev="loop2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   91.347843][   T28] audit: type=1400 audit(2000000011.724:911): avc:  denied  { add_name } for  pid=3836 comm="syz.2.1428" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   91.376702][   T28] audit: type=1400 audit(2000000011.724:912): avc:  denied  { associate } for  pid=3836 comm="syz.2.1428" name="bus" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   91.403812][   T28] audit: type=1400 audit(2000000011.743:913): avc:  denied  { remove_name } for  pid=3836 comm="syz.2.1428" name="control" dev="loop2" ino=1048734 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   91.428671][   T28] audit: type=1400 audit(2000000011.743:914): avc:  denied  { rmdir } for  pid=3836 comm="syz.2.1428" name="control" dev="loop2" ino=1048734 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   91.474198][   T24] usb 4-1: new full-speed USB device number 10 using dummy_hcd
[   91.578922][ T1018] cdc_ncm 1-1:1.0: failed to get mac address
[   91.592049][ T1018] cdc_ncm 1-1:1.0: bind() failure
[   91.609180][ T1018] cdc_ncm: probe of 1-1:1.1 failed with error -71
[   91.622888][ T1018] cdc_mbim: probe of 1-1:1.1 failed with error -71
[   91.631227][ T1018] usb 1-1: USB disconnect, device number 13
[   91.678598][   T24] usb 4-1: config 0 interface 0 altsetting 32 endpoint 0x81 has invalid wMaxPacketSize 0
[   91.688709][   T24] usb 4-1: config 0 interface 0 has no altsetting 0
[   91.695399][   T24] usb 4-1: New USB device found, idVendor=054c, idProduct=0ba0, bcdDevice= 0.00
[   91.705001][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   91.713641][   T19] hid-generic 0003:0457:FFFF.0024: unknown main item tag 0x0
[   91.721339][   T19] hid-generic 0003:0457:FFFF.0024: unknown main item tag 0x0
[   91.721393][   T24] usb 4-1: config 0 descriptor??
[   91.729734][   T19] hid-generic 0003:0457:FFFF.0024: hidraw0: USB HID v0.00 Device [HID 0457:ffff] on usb-dummy_hcd.5-1/input0
[   91.901811][  T908] usb 3-1: new full-speed USB device number 10 using dummy_hcd
[   91.914025][   T28] audit: type=1400 audit(2000000012.294:915): avc:  denied  { create } for  pid=3856 comm="syz.1.1437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[   91.940304][   T39] usb 6-1: USB disconnect, device number 7
[   91.977524][ T3861] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1439'.
[   92.016127][ T3865] loop1: detected capacity change from 0 to 256
[   92.023665][ T3865] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   92.037367][ T3865] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   92.089997][ T3869] device batadv_slave_1 entered promiscuous mode
[   92.098300][ T3868] device batadv_slave_1 left promiscuous mode
[   92.106187][  T908] usb 3-1: config 1 has an invalid interface number: 105 but max is 0
[   92.119717][   T28] audit: type=1400 audit(2000000012.482:916): avc:  denied  { execute } for  pid=3870 comm="syz.1.1444" path="/262/file1" dev="tmpfs" ino=1390 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   92.120294][ T3871] mmap: syz.1.1444 (3871) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   92.156013][  T908] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   92.156039][  T908] usb 3-1: config 1 has no interface number 0
[   92.188517][   T24] sony 0003:054C:0BA0.0025: hidraw0: USB HID v80.00 Device [HID 054c:0ba0] on usb-dummy_hcd.3-1/input0
[   92.200171][  T908] usb 3-1: config 1 interface 105 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   92.214899][   T24] sony 0003:054C:0BA0.0025: failed to claim input
[   92.221504][  T908] usb 3-1: config 1 interface 105 has no altsetting 0
[   92.238937][  T908] usb 3-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[   92.248271][  T908] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   92.265279][  T908] usb 3-1: Product: syz
[   92.269600][  T908] usb 3-1: Manufacturer: syz
[   92.284293][  T908] usb 3-1: SerialNumber: syz
[   92.334317][   T28] audit: type=1326 audit(2000000012.678:917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3883 comm="syz.1.1450" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc83298eec9 code=0x0
[   92.397765][   T24] usb 4-1: USB disconnect, device number 10
[   92.513605][  T908] aqc111: probe of 3-1:1.105 failed with error -22
[   92.734561][   T24] usb 3-1: USB disconnect, device number 10
[   92.950408][  T351] udevd[351]: symlink '../../loop3' '/dev/disk/by-diskseq/354.tmp-b7:3' failed: Read-only file system
[   93.234434][  T351] udevd[351]: symlink '../../loop1' '/dev/disk/by-diskseq/358.tmp-b7:1' failed: Read-only file system
[   93.261702][  T351] udevd[351]: symlink '../../loop1' '/dev/disk/by-diskseq/358.tmp-b7:1' failed: Read-only file system
[   93.288442][  T351] udevd[351]: symlink '../../loop1' '/dev/disk/by-diskseq/358.tmp-b7:1' failed: Read-only file system
[   93.305701][ T3827] udevd[3827]: symlink '../../loop2' '/dev/disk/by-diskseq/356.tmp-b7:2' failed: Read-only file system
[   93.410665][  T351] udevd[351]: symlink '../../loop2' '/dev/disk/by-diskseq/356.tmp-b7:2' failed: Read-only file system
[   93.431900][ T3827] udevd[3827]: symlink '../../loop5' '/dev/disk/by-diskseq/345.tmp-b7:5' failed: Read-only file system
[   93.453845][   T28] audit: type=1400 audit(2000000013.735:918): avc:  denied  { bind } for  pid=3921 comm="syz.0.1465" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   93.480039][  T351] udevd[351]: symlink '../../loop1' '/dev/disk/by-diskseq/358.tmp-b7:1' failed: Read-only file system
[   93.519853][  T334] udevd[334]: symlink '../../loop5' '/dev/disk/by-diskseq/345.tmp-b7:5' failed: Read-only file system
[   93.539319][ T3827] udevd[3827]: symlink '../../loop3' '/dev/disk/by-diskseq/354.tmp-b7:3' failed: Read-only file system
[   93.589840][ T3937] loop5: detected capacity change from 0 to 512
[   93.613243][ T3937] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   93.641181][ T3943] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1477'.
[   93.784435][ T3959] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1483'.
[   93.918156][ T3970] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   93.960155][ T3970] device veth1_macvtap entered promiscuous mode
[   93.977616][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[   93.988638][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   94.006100][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[   94.021292][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   94.034908][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   94.049003][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   94.062396][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   94.070936][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   94.082013][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   94.158952][ T3983] input: syz0 as /devices/virtual/input/input16
[   94.388115][ T4004] loop2: detected capacity change from 0 to 512
[   94.563407][    T8] Bluetooth: hci0: Frame reassembly failed (-84)
[   94.878703][ T4050] loop5: detected capacity change from 0 to 256
[   94.902643][ T4050] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[   95.023583][   T19] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[   95.041851][ T4062] loop3: detected capacity change from 0 to 256
[   95.226706][   T19] usb 2-1: Using ep0 maxpacket: 8
[   95.234424][   T19] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[   95.243236][   T19] usb 2-1: config 179 has no interface number 0
[   95.249933][   T19] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[   95.261459][   T19] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[   95.274038][   T19] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9
[   95.285926][   T19] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024
[   95.298057][   T19] usb 2-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[   95.312450][   T19] usb 2-1: config 179 interface 65 has no altsetting 0
[   95.319871][   T19] usb 2-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[   95.328980][   T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.339485][   T19] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input17
[   95.446381][ T4084] tipc: Started in network mode
[   95.453720][ T4084] tipc: Node identity fe800000000000000000000000000016, cluster identity 4711
[   95.463728][ T4084] tipc: Enabled bearer <udp:syz1>, priority 10
[   95.472589][  T908] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[   95.507629][ T4088] loop3: detected capacity change from 0 to 2048
[   95.538230][ T4088]  loop3: p1 < > p4
[   95.549993][ T4088] loop3: p4 size 722688 extends beyond EOD, truncated
[   95.566951][  T102]  loop3: p1 < > p4
[   95.571761][  T102] loop3: p4 size 722688 extends beyond EOD, truncated
[   95.676740][  T908] usb 6-1: config 0 has an invalid interface number: 183 but max is 0
[   95.685143][  T908] usb 6-1: config 0 has no interface number 0
[   95.691538][  T908] usb 6-1: config 0 interface 183 has no altsetting 0
[   95.718433][  T908] usb 6-1: New USB device found, idVendor=1a8d, idProduct=100c, bcdDevice=a0.20
[   95.727646][  T908] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   95.736050][  T908] usb 6-1: Product: syz
[   95.740432][  T908] usb 6-1: Manufacturer: syz
[   95.744481][ T4101] loop2: detected capacity change from 0 to 8192
[   95.745182][  T908] usb 6-1: SerialNumber: syz
[   95.771992][  T908] usb 6-1: config 0 descriptor??
[   95.787067][    C0] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[   95.795670][   T19] usb 2-1: USB disconnect, device number 14
[   95.805153][   T19] xpad 2-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[   95.864334][   T28] kauditd_printk_skb: 15 callbacks suppressed
[   95.864352][   T28] audit: type=1326 audit(2000000015.980:934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4102 comm="syz.2.1548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fe178eec9 code=0x7ffc0000
[   95.895210][   T28] audit: type=1326 audit(2000000015.980:935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4102 comm="syz.2.1548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fe178eec9 code=0x7ffc0000
[   95.919177][   T28] audit: type=1326 audit(2000000015.980:936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4102 comm="syz.2.1548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=143 compat=0 ip=0x7f6fe178eec9 code=0x7ffc0000
[   95.943868][   T28] audit: type=1326 audit(2000000015.980:937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4102 comm="syz.2.1548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fe178eec9 code=0x7ffc0000
[   95.967691][   T28] audit: type=1326 audit(2000000015.980:938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4102 comm="syz.2.1548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fe178eec9 code=0x7ffc0000
[   95.998281][  T908] usb 6-1: USB disconnect, device number 8
[   96.289193][   T19] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[   96.299467][   T19] hid-generic 0000:0000:0000.0026: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   96.608513][   T28] audit: type=1326 audit(2000000016.681:939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4144 comm="syz.5.1567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f162f18eec9 code=0x7ffc0000
[   96.645737][   T28] audit: type=1326 audit(2000000016.681:940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4144 comm="syz.5.1567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f162f18eec9 code=0x7ffc0000
[   96.669580][  T350] tipc: Node number set to 4269801494
[   96.670368][   T28] audit: type=1326 audit(2000000016.710:941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4144 comm="syz.5.1567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f162f18d8dc code=0x7ffc0000
[   96.699083][   T28] audit: type=1326 audit(2000000016.710:942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4144 comm="syz.5.1567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f162f18d97f code=0x7ffc0000
[   96.723566][ T2554] Bluetooth: hci0: command 0x1003 tx timeout
[   96.724447][   T28] audit: type=1326 audit(2000000016.710:943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4144 comm="syz.5.1567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f162f18eec9 code=0x7ffc0000
[   96.729644][ T1519] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   96.776756][  T907] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[   96.804765][ T4156] loop5: detected capacity change from 0 to 1024
[   96.818965][ T4156] EXT4-fs: Ignoring removed nomblk_io_submit option
[   96.855187][ T4156] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   96.882176][ T4163] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   96.908562][ T1876] EXT4-fs (loop5): unmounting filesystem.
[   96.926419][   T19] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[   96.957312][ T4177] af_packet: tpacket_rcv: packet too big, clamped from 50 to 4294967286. macoff=82
[   96.971610][  T907] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   96.982032][  T907] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[   96.998768][  T907] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   97.008363][  T907] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   97.019869][  T907] usb 4-1: SerialNumber: syz
[   97.116004][ T4187] loop2: detected capacity change from 0 to 256
[   97.150907][   T19] usb 2-1: Using ep0 maxpacket: 16
[   97.158202][   T19] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   97.191435][   T19] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[   97.217421][   T19] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   97.244364][   T19] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   97.253776][  T907] usb 4-1: 0:2 : does not exist
[   97.261767][   T19] usb 2-1: Product: syz
[   97.266137][   T19] usb 2-1: Manufacturer: syz
[   97.276922][   T19] usb 2-1: SerialNumber: syz
[   97.277952][  T907] usb 4-1: USB disconnect, device number 11
[   97.506896][   T19] usb 2-1: 0:2 : does not exist
[   97.515391][   T19] usb 2-1: 5:0: failed to get current value for ch 0 (-22)
[   97.542501][   T19] usb 2-1: USB disconnect, device number 15
[   97.813261][ T4212] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   97.880657][ T4216] loop3: detected capacity change from 0 to 128
[   98.065540][ T4219] capability: warning: `syz.3.1599' uses 32-bit capabilities (legacy support in use)
[   98.076954][ T4220] loop1: detected capacity change from 0 to 2048
[   98.102546][   T19] usb 3-1: new full-speed USB device number 11 using dummy_hcd
[   98.114184][ T4220]  loop1: p1 < > p4
[   98.119663][ T4220] loop1: p4 size 722688 extends beyond EOD, truncated
[   98.147666][  T102]  loop1: p1 < > p4
[   98.155529][ T4226] loop3: detected capacity change from 0 to 2048
[   98.156305][  T102] loop1: p4 size 722688 extends beyond EOD, truncated
[   98.179494][ T4226] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   98.192776][ T4231] tipc: Started in network mode
[   98.197968][ T4231] tipc: Node identity ac14140f, cluster identity 4711
[   98.216761][ T4231] tipc: New replicast peer: 255.255.255.255
[   98.223325][ T4231] tipc: Enabled bearer <udp:syz2>, priority 10
[   98.223699][  T285] EXT4-fs (loop3): unmounting filesystem.
[   98.237995][ T4231] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1603'.
[   98.248354][ T4231] tipc: Disabling bearer <udp:syz2>
[   98.295935][   T19] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   98.313344][   T19] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[   98.327461][  T351] udevd[351]: symlink '../../loop5' '/dev/disk/by-diskseq/372.tmp-b7:5' failed: Read-only file system
[   98.349240][   T19] usb 3-1: config 1 has no interface number 0
[   98.355510][   T19] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   98.370207][  T351] udevd[351]: symlink '../../loop5' '/dev/disk/by-diskseq/372.tmp-b7:5' failed: Read-only file system
[   98.390750][   T19] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[   98.402603][   T19] usb 3-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[   98.414206][  T351] udevd[351]: symlink '../../loop5' '/dev/disk/by-diskseq/372.tmp-b7:5' failed: Read-only file system
[   98.425602][   T19] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64
[   98.438014][   T19] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   98.458287][   T19] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   98.472104][   T19] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   98.485117][   T19] usb 3-1: Product: syz
[   98.490131][   T19] usb 3-1: Manufacturer: syz
[   98.495146][   T19] usb 3-1: SerialNumber: syz
[   98.504207][ T4213] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   98.520954][  T351] udevd[351]: symlink '../../loop5' '/dev/disk/by-diskseq/372.tmp-b7:5' failed: Read-only file system
[   98.734913][ T4213] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   98.762323][  T351] udevd[351]: symlink '../../loop5' '/dev/disk/by-diskseq/372.tmp-b7:5' failed: Read-only file system
[   98.798463][ T3827] udevd[3827]: symlink '../../loop1' '/dev/disk/by-diskseq/377.tmp-b7:1' failed: Read-only file system
[   98.836314][  T351] udevd[351]: symlink '../../loop1' '/dev/disk/by-diskseq/377.tmp-b7:1' failed: Read-only file system
[   98.864035][  T351] udevd[351]: symlink '../../loop1' '/dev/disk/by-diskseq/380.tmp-b7:1' failed: Read-only file system
[   98.891236][ T4256] loop5: detected capacity change from 0 to 8192
[   98.929200][  T351] udevd[351]: symlink '../../loop5' '/dev/disk/by-diskseq/381.tmp-b7:5' failed: Read-only file system
[   98.964844][ T3827] udevd[3827]: symlink '../../loop1' '/dev/disk/by-diskseq/380.tmp-b7:1' failed: Read-only file system
[   98.967010][ T4213] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   98.985747][ T4264] loop1: detected capacity change from 0 to 512
[   99.001074][ T4264] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   99.027455][ T4264] EXT4-fs (loop1): 1 truncate cleaned up
[   99.043196][ T4264] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   99.054850][ T4264] EXT4-fs (loop1): shut down requested (1)
[   99.086647][  T286] EXT4-fs (loop1): unmounting filesystem.
[   99.363261][ T4290] loop3: detected capacity change from 0 to 256
[   99.449692][ T4213] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   99.463595][   T19] cdc_ncm 3-1:1.1: bind() failure
[   99.569764][  T350] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[   99.571905][ T4311] support for the xor transformation has been removed.
[   99.612908][ T4316] loop5: detected capacity change from 0 to 256
[   99.689988][  T907] usb 3-1: USB disconnect, device number 11
[   99.737514][ T4328] loop5: detected capacity change from 0 to 512
[   99.762677][ T4328] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   99.772164][ T4328] ext4 filesystem being mounted at /221/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   99.785873][ T4328] EXT4-fs (loop5): shut down requested (1)
[   99.793955][  T350] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   99.806519][ T1876] EXT4-fs (loop5): unmounting filesystem.
[   99.812830][  T350] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   99.822623][  T350] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   99.836011][  T350] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   99.845561][  T350] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.854810][  T350] usb 1-1: config 0 descriptor??
[   99.863402][  T379] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   99.874991][  T379] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   99.886099][  T379] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  100.219175][  T907] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  100.276020][ T4366] loop1: detected capacity change from 0 to 128
[  100.287814][ T3827] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  100.299405][  T350] plantronics 0003:047F:FFFF.0027: No inputs registered, leaving
[  100.319443][  T350] plantronics 0003:047F:FFFF.0027: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  100.333134][ T4369] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=4369 comm=syz.2.1663
[  100.346409][ T4369] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1663'.
[  100.393528][ T4374] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  100.434057][  T907] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  100.447664][  T907] usb 6-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00
[  100.457488][  T907] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.469113][  T907] usb 6-1: config 0 descriptor??
[  100.486399][  T908] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  100.515030][   T24] usb 1-1: USB disconnect, device number 14
[  100.689500][  T908] usb 4-1: Using ep0 maxpacket: 16
[  100.696027][  T908] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  100.707191][  T908] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  100.718038][  T908] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  100.727606][  T908] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  100.735848][  T908] usb 4-1: Product: syz
[  100.740250][  T908] usb 4-1: Manufacturer: syz
[  100.745026][  T908] usb 4-1: SerialNumber: syz
[  100.911182][  T907] usbhid 6-1:0.0: can't add hid device: -71
[  100.917579][  T907] usbhid: probe of 6-1:0.0 failed with error -71
[  100.929297][  T907] usb 6-1: USB disconnect, device number 9
[  100.967776][  T908] usb 4-1: 0:2 : does not exist
[  100.975199][  T908] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[  100.988878][  T908] usb 4-1: USB disconnect, device number 12
[  101.380484][ T4427] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1693'.
[  101.380488][   T28] kauditd_printk_skb: 19 callbacks suppressed
[  101.380501][   T28] audit: type=1400 audit(2000000021.143:958): avc:  denied  { nlmsg_read } for  pid=4426 comm="syz.2.1693" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  101.526253][ T4437] loop2: detected capacity change from 0 to 512
[  101.528313][ T4439] syz.3.1699[4439] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  101.532878][ T4439] syz.3.1699[4439] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  101.546946][ T4437] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  101.568843][  T908] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  101.578465][ T4437] EXT4-fs (loop2): 1 truncate cleaned up
[  101.584154][ T4437] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  101.612180][ T4437] EXT4-fs (loop2): shut down requested (1)
[  101.629202][  T283] EXT4-fs (loop2): unmounting filesystem.
[  101.713149][   T28] audit: type=1400 audit(2000000021.452:959): avc:  denied  { bind } for  pid=4448 comm="syz.5.1703" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  101.773969][ T4455] loop5: detected capacity change from 0 to 512
[  101.784114][ T4455] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  101.795490][ T4455] EXT4-fs (loop5): orphan cleanup on readonly fs
[  101.803556][ T4455] EXT4-fs error (device loop5): ext4_quota_enable:7007: comm syz.5.1707: Bad quota inum: 64, type: 0
[  101.817750][  T908] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  101.824521][   T28] audit: type=1400 audit(2000000021.564:960): avc:  denied  { unlink } for  pid=4459 comm="syz.2.1708" name="file0" dev="incremental-fs" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  101.830379][  T908] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  101.853172][ T4455] EXT4-fs warning (device loop5): ext4_enable_quotas:7055: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  101.862382][  T908] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  101.893943][  T908] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  101.901556][ T4462] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1709'.
[  101.903951][  T908] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  101.924222][  T908] usb 2-1: config 0 descriptor??
[  101.929980][ T4455] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  101.937142][ T4455] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  101.962051][ T1876] EXT4-fs (loop5): unmounting filesystem.
[  102.064487][ T4475] loop5: detected capacity change from 0 to 512
[  102.104846][ T4475] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  102.116827][ T4475] EXT4-fs (loop5): orphan cleanup on readonly fs
[  102.128164][ T4475] Quota error (device loop5): v2_read_file_info: Number of blocks too big for quota file size (4398046510080 > 6144).
[  102.143577][ T4475] EXT4-fs warning (device loop5): ext4_enable_quotas:7055: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  102.165489][ T4475] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  102.181571][ T4475] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #16: comm syz.5.1716: corrupted inode contents
[  102.203082][ T4475] EXT4-fs error (device loop5): ext4_dirty_inode:6121: inode #16: comm syz.5.1716: mark_inode_dirty error
[  102.217221][ T4487] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1717'.
[  102.227338][ T4475] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #16: comm syz.5.1716: corrupted inode contents
[  102.247525][ T4475] EXT4-fs error (device loop5): __ext4_ext_dirty:202: inode #16: comm syz.5.1716: mark_inode_dirty error
[  102.280360][ T4475] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #16: comm syz.5.1716: corrupted inode contents
[  102.306083][ T4475] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  102.331431][ T4475] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #16: comm syz.5.1716: corrupted inode contents
[  102.364119][ T4475] EXT4-fs error (device loop5): ext4_truncate:4314: inode #16: comm syz.5.1716: mark_inode_dirty error
[  102.377962][  T908] plantronics 0003:047F:FFFF.0028: No inputs registered, leaving
[  102.389537][ T4475] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  102.398869][  T908] plantronics 0003:047F:FFFF.0028: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  102.430671][ T4475] EXT4-fs (loop5): 1 truncate cleaned up
[  102.437181][ T4475] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  102.461462][ T4501] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  102.472490][   T28] audit: type=1326 audit(2000000022.172:961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4474 comm="syz.5.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f162f18eec9 code=0x7ffc0000
[  102.496619][ T1876] EXT4-fs (loop5): unmounting filesystem.
[  102.539161][   T28] audit: type=1326 audit(2000000022.172:962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4474 comm="syz.5.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f162f18eec9 code=0x7ffc0000
[  102.586628][   T28] audit: type=1326 audit(2000000022.172:963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4474 comm="syz.5.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f162f18eec9 code=0x7ffc0000
[  102.617863][   T28] audit: type=1326 audit(2000000022.172:964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4474 comm="syz.5.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f162f18eec9 code=0x7ffc0000
[  102.654197][   T28] audit: type=1326 audit(2000000022.172:965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4474 comm="syz.5.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f162f18eec9 code=0x7ffc0000
[  102.680373][   T28] audit: type=1326 audit(2000000022.172:966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4474 comm="syz.5.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f162f18eec9 code=0x7ffc0000
[  102.710093][   T24] usb 1-1: new full-speed USB device number 15 using dummy_hcd
[  102.732436][  T907] usb 2-1: USB disconnect, device number 16
[  102.773975][ T4512] loop3: detected capacity change from 0 to 8192
[  102.914244][   T24] usb 1-1: config 0 interface 0 altsetting 32 endpoint 0x81 has invalid wMaxPacketSize 0
[  102.929232][   T24] usb 1-1: config 0 interface 0 has no altsetting 0
[  102.961874][   T24] usb 1-1: New USB device found, idVendor=054c, idProduct=0ba0, bcdDevice= 0.00
[  102.975197][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  102.989104][   T24] usb 1-1: config 0 descriptor??
[  103.021849][ T4516] loop3: detected capacity change from 0 to 512
[  103.055239][ T4516] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  103.068061][ T4516] ext4 filesystem being mounted at /374/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  103.105850][  T285] EXT4-fs (loop3): unmounting filesystem.
[  103.357032][ T4537] loop3: detected capacity change from 0 to 512
[  103.385824][ T4537] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  103.398069][ T4537] EXT4-fs (loop3): orphan cleanup on readonly fs
[  103.408463][ T4537] EXT4-fs error (device loop3): ext4_quota_enable:7007: comm syz.3.1742: Bad quota inum: 64, type: 0
[  103.424965][ T4537] EXT4-fs warning (device loop3): ext4_enable_quotas:7055: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  103.440277][ T4537] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  103.449572][ T4537] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  103.478586][  T285] EXT4-fs (loop3): unmounting filesystem.
[  103.488294][   T24] sony 0003:054C:0BA0.0029: hidraw0: USB HID v80.00 Device [HID 054c:0ba0] on usb-dummy_hcd.0-1/input0
[  103.500123][   T24] sony 0003:054C:0BA0.0029: failed to claim input
[  103.522516][  T908] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  103.570110][ T4558] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  103.649897][ T4568] loop5: detected capacity change from 0 to 512
[  103.657122][ T4568] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  103.677993][ T4566] loop1: detected capacity change from 0 to 8192
[  103.696390][ T3827] udevd[3827]: symlink '../../loop5' '/dev/disk/by-diskseq/407.tmp-b7:5' failed: Read-only file system
[  103.710967][  T907] usb 1-1: USB disconnect, device number 15
[  103.726680][ T3827] udevd[3827]: symlink '../../loop5' '/dev/disk/by-uuid/1DDD-580F.tmp-b7:5' failed: Read-only file system
[  103.727891][  T908] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  103.756564][  T334] udevd[334]: symlink '../../loop1' '/dev/disk/by-diskseq/408.tmp-b7:1' failed: Read-only file system
[  103.770869][  T908] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  103.784379][  T352] udevd[352]: symlink '../../loop3' '/dev/disk/by-diskseq/406.tmp-b7:3' failed: Read-only file system
[  103.791159][  T334] udevd[334]: symlink '../../loop1' '/dev/disk/by-uuid/1DC8-C73B.tmp-b7:1' failed: Read-only file system
[  103.813915][ T4570] udevd[4570]: symlink '../../loop5' '/dev/disk/by-diskseq/407.tmp-b7:5' failed: Read-only file system
[  103.817203][  T908] usb 3-1: New USB device found, idVendor=0457, idProduct=ffff, bcdDevice= 0.00
[  103.850891][ T4574] loop3: detected capacity change from 0 to 512
[  103.854679][  T908] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.867697][ T4570] udevd[4570]: symlink '../../loop5' '/dev/disk/by-diskseq/407.tmp-b7:5' failed: Read-only file system
[  103.879290][  T908] usb 3-1: config 0 descriptor??
[  103.887429][ T3827] udevd[3827]: symlink '../../loop3' '/dev/disk/by-diskseq/410.tmp-b7:3' failed: Read-only file system
[  103.917644][ T4570] udevd[4570]: symlink '../../loop3' '/dev/disk/by-diskseq/410.tmp-b7:3' failed: Read-only file system
[  103.933027][ T4570] udevd[4570]: symlink '../../loop3' '/dev/disk/by-diskseq/410.tmp-b7:3' failed: Read-only file system
[  104.004631][ T4584] loop1: detected capacity change from 0 to 512
[  104.026202][ T4584] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  104.030532][ T4588] loop3: detected capacity change from 0 to 512
[  104.037880][ T4584] EXT4-fs (loop1): orphan cleanup on readonly fs
[  104.043030][ T4588] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  104.048456][ T4584] EXT4-fs error (device loop1): ext4_quota_enable:7007: comm syz.1.1759: Bad quota inum: 64, type: 0
[  104.073037][ T4584] EXT4-fs warning (device loop1): ext4_enable_quotas:7055: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  104.088039][ T4584] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  104.094918][ T4584] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  104.141769][  T286] EXT4-fs (loop1): unmounting filesystem.
[  104.153378][   T24] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  104.216710][ T4597] loop1: detected capacity change from 0 to 1024
[  104.227969][ T4597] EXT4-fs: Ignoring removed bh option
[  104.242907][ T4597] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  104.270195][  T286] EXT4-fs (loop1): unmounting filesystem.
[  104.325093][  T908] hid-generic 0003:0457:FFFF.002A: unknown main item tag 0x0
[  104.332961][  T908] hid-generic 0003:0457:FFFF.002A: unknown main item tag 0x0
[  104.350560][  T908] hid-generic 0003:0457:FFFF.002A: hidraw0: USB HID v0.00 Device [HID 0457:ffff] on usb-dummy_hcd.2-1/input0
[  104.377875][   T24] usb 6-1: Using ep0 maxpacket: 16
[  104.385691][   T24] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  104.413040][   T24] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  104.422836][ T4613] loop0: detected capacity change from 0 to 8192
[  104.430700][   T24] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  104.455139][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  104.463845][   T24] usb 6-1: Product: syz
[  104.472064][   T24] usb 6-1: Manufacturer: syz
[  104.489698][   T24] usb 6-1: SerialNumber: syz
[  104.563527][  T337] usb 3-1: USB disconnect, device number 12
[  104.709200][  T908] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  104.719727][   T24] usb 6-1: 0:2 : does not exist
[  104.727212][   T24] usb 6-1: 5:0: failed to get current value for ch 0 (-22)
[  104.740366][   T24] usb 6-1: USB disconnect, device number 10
[  104.826760][  T350] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  104.861060][ T4629] loop0: detected capacity change from 0 to 512
[  104.870843][ T4629] EXT4-fs (loop0): Test dummy encryption mode enabled
[  104.877858][ T4629] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  104.889405][ T4629] EXT4-fs (loop0): 1 truncate cleaned up
[  104.895736][ T4629] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  104.912300][  T908] usb 2-1: Using ep0 maxpacket: 8
[  104.921006][  T908] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  104.932543][  T908] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  104.944956][  T908] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  104.955906][  T908] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  104.969892][  T908] usb 2-1: New USB device found, idVendor=0c45, idProduct=760b, bcdDevice= 0.00
[  104.981011][  T908] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.986775][ T4631] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  104.995424][  T908] usb 2-1: config 0 descriptor??
[  105.029911][  T350] usb 4-1: Using ep0 maxpacket: 32
[  105.031235][ T4629] EXT4-fs error (device loop0): ext4_generic_delete_entry:2729: inode #2: block 13: comm syz.0.1781: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  105.036529][  T350] usb 4-1: config 0 has an invalid interface number: 47 but max is 0
[  105.059641][ T4629] EXT4-fs error (device loop0) in ext4_delete_entry:2800: Corrupt filesystem
[  105.064901][  T350] usb 4-1: config 0 has no interface number 0
[  105.079876][  T350] usb 4-1: config 0 interface 47 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  105.091618][  T350] usb 4-1: config 0 interface 47 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[  105.116539][  T350] usb 4-1: New USB device found, idVendor=08dd, idProduct=90ff, bcdDevice=7b.76
[  105.126017][  T350] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.142432][  T350] usb 4-1: Product: syz
[  105.143647][  T282] EXT4-fs (loop0): unmounting filesystem.
[  105.146895][  T350] usb 4-1: Manufacturer: syz
[  105.158420][  T350] usb 4-1: SerialNumber: syz
[  105.164029][  T350] usb 4-1: config 0 descriptor??
[  105.177857][ T4621] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  105.225469][ T4621] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  105.412859][ T4648] loop0: detected capacity change from 0 to 2048
[  105.447695][ T4648]  loop0: p1 < > p4
[  105.453747][ T4648] loop0: p4 size 8388608 extends beyond EOD, truncated
[  105.486742][  T350] asix 4-1:0.47 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  105.497778][  T350] asix: probe of 4-1:0.47 failed with error -71
[  105.506517][  T908] hid-generic 0003:0C45:760B.002B: unknown main item tag 0x6
[  105.510377][  T350] usb 4-1: USB disconnect, device number 13
[  105.525953][ T4654] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  105.537375][  T908] hid-generic 0003:0C45:760B.002B: item fetching failed at offset 7/133
[  105.546080][ T4654] SELinux: failed to load policy
[  105.551552][  T908] hid-generic: probe of 0003:0C45:760B.002B failed with error -22
[  105.613146][ T4664] loop0: detected capacity change from 0 to 512
[  105.639312][   T24] usb 3-1: new full-speed USB device number 13 using dummy_hcd
[  105.728924][  T908] usb 2-1: USB disconnect, device number 17
[  105.845363][   T24] usb 3-1: config 0 interface 0 altsetting 32 endpoint 0x81 has invalid wMaxPacketSize 0
[  105.876268][   T24] usb 3-1: config 0 interface 0 has no altsetting 0
[  105.883168][   T24] usb 3-1: New USB device found, idVendor=054c, idProduct=0ba0, bcdDevice= 0.00
[  105.892225][ T4687] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  105.892822][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.912250][   T24] usb 3-1: config 0 descriptor??
[  106.007837][ T4694] loop5: detected capacity change from 0 to 512
[  106.175748][ T4701] loop0: detected capacity change from 0 to 8192
[  106.331853][ T4716] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1821'.
[  106.358775][   T24] sony 0003:054C:0BA0.002C: hidraw0: USB HID v80.00 Device [HID 054c:0ba0] on usb-dummy_hcd.2-1/input0
[  106.374251][   T24] sony 0003:054C:0BA0.002C: failed to claim input
[  106.453838][ T4731] loop0: detected capacity change from 0 to 512
[  106.473217][ T4731] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  106.493711][ T4731] fs-verity: sha256 using implementation "sha256-avx2"
[  106.501131][ T4731] EXT4-fs warning (device loop0): ext4_begin_enable_verity:137: inode #15: comm syz.0.1826: verity is only allowed on extent-based files
[  106.520558][ T4736] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1829'.
[  106.539643][  T282] EXT4-fs (loop0): unmounting filesystem.
[  106.582998][   T24] usb 3-1: USB disconnect, device number 13
[  106.584060][ T4744] netlink: 104 bytes leftover after parsing attributes in process `syz.5.1834'.
[  106.613800][ T4746] loop3: detected capacity change from 0 to 2048
[  106.647915][ T4746] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  106.676228][  T908] usb 2-1: new full-speed USB device number 18 using dummy_hcd
[  106.709362][  T285] EXT4-fs (loop3): unmounting filesystem.
[  106.881271][  T908] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  106.893997][  T908] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  106.905524][  T908] usb 2-1: config 1 has no interface number 0
[  106.912872][  T908] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  106.933019][  T908] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  106.954112][  T908] usb 2-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  106.969147][  T908] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  106.980672][  T908] usb 2-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  107.003902][  T908] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  107.022604][  T908] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  107.031521][  T908] usb 2-1: Product: syz
[  107.035919][  T908] usb 2-1: Manufacturer: syz
[  107.040849][  T908] usb 2-1: SerialNumber: syz
[  107.051228][ T4719] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  107.092372][   T28] kauditd_printk_skb: 40 callbacks suppressed
[  107.092388][   T28] audit: type=1400 audit(2000000026.484:1007): avc:  denied  { write } for  pid=4771 comm="syz.0.1845" name="file2" dev="tmpfs" ino=1767 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  107.137720][   T28] audit: type=1400 audit(2000000026.522:1008): avc:  denied  { ioctl } for  pid=4771 comm="syz.0.1845" path="/337/file2" dev="tmpfs" ino=1767 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  107.221477][   T24] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  107.287778][ T4719] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  107.298084][ T4781] SELinux: failed to load policy
[  107.435272][   T24] usb 6-1: Using ep0 maxpacket: 16
[  107.442104][   T24] usb 6-1: unable to get BOS descriptor or descriptor too short
[  107.451407][   T24] usb 6-1: config 7 has an invalid interface number: 88 but max is 0
[  107.460031][   T24] usb 6-1: config 7 has no interface number 0
[  107.466444][   T24] usb 6-1: config 7 interface 88 has no altsetting 0
[  107.475492][   T24] usb 6-1: New USB device found, idVendor=0482, idProduct=0100, bcdDevice= 1.00
[  107.484958][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  107.487248][ T4764] loop3: detected capacity change from 0 to 131072
[  107.493342][   T24] usb 6-1: Product: syz
[  107.504339][   T24] usb 6-1: Manufacturer: syz
[  107.504404][ T4764] F2FS-fs (loop3): Invalid log sectors per block(570425347) log sectorsize(9)
[  107.509158][   T24] usb 6-1: SerialNumber: syz
[  107.519380][ T4764] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  107.531088][ T4719] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  107.549934][ T4764] F2FS-fs (loop3): invalid crc value
[  107.557141][ T4764] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387)
[  107.585383][ T4764] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=3000000, run fsck to fix.
[  107.596369][ T4764] F2FS-fs (loop3): Bad quota inode 2:50331648
[  107.602586][ T4764] F2FS-fs (loop3): Failed to enable quota tracking (type=2, err=-22). Please run fsck to fix.
[  107.613133][ T4764] F2FS-fs (loop3): Cannot turn on quotas: error -22
[  107.620875][ T4764] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[  107.629194][ T4764] F2FS-fs (loop3): Mounted with checkpoint version = 753bd00b
[  107.745354][   T24] usb-storage 6-1:7.88: USB Mass Storage device detected
[  107.770208][   T24] usb-storage 6-1:7.88: Quirks match for vid 0482 pid 0100: 8
[  107.778502][   T24] usb-storage 6-1:7.88: This device (0482,0100,0100 S 05 P fe) has an unneeded SubClass entry in unusual_devs.h (kernel syzkaller)
[  107.778502][   T24]    Please send a copy of this message to <linux-usb@vger.kernel.org> and <usb-storage@lists.one-eyed-alien.net>
[  107.843702][   T24] usb 6-1: USB disconnect, device number 11
[  107.968739][ T4719] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  107.976741][  T908] cdc_ncm 2-1:1.1: bind() failure
[  108.196088][   T24] usb 2-1: USB disconnect, device number 18
[  108.239793][ T4799] loop3: detected capacity change from 0 to 16
[  108.251988][ T4799] erofs: (device loop3): mounted with root inode @ nid 36.
[  108.263935][ T4799] erofs: (device loop3): erofs_fill_dentries: bogus dirent @ nid 46
[  108.330964][   T28] audit: type=1400 audit(2000000027.644:1009): avc:  denied  { bind } for  pid=4810 comm="syz.5.1859" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  108.368388][ T4809] device veth0_to_bridge entered promiscuous mode
[  108.392532][ T4809] device veth0_to_bridge left promiscuous mode
[  108.472791][   T28] audit: type=1400 audit(2000000027.785:1010): avc:  denied  { read } for  pid=4821 comm="syz.5.1864" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  108.530792][ T4824] loop5: detected capacity change from 0 to 128
[  108.554996][ T4826] loop2: detected capacity change from 0 to 16
[  108.570082][ T4826] erofs: (device loop2): mounted with root inode @ nid 36.
[  108.690724][   T28] audit: type=1400 audit(2000000027.981:1011): avc:  denied  { mounton } for  pid=4836 comm="syz.2.1871" path="/" dev="ramfs" ino=37133 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[  108.899888][    T6] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  109.114807][    T6] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  109.140480][    T6] usb 4-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00
[  109.163067][    T6] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.211071][    T6] usb 4-1: config 0 descriptor??
[  109.231328][ T1018] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  109.351329][ T3827] udevd[3827]: symlink '../../loop0' '/dev/disk/by-diskseq/436.tmp-b7:0' failed: Read-only file system
[  109.388634][ T4846] netlink: 'syz.0.1878': attribute type 6 has an invalid length.
[  109.416762][   T28] audit: type=1400 audit(2000000028.664:1012): avc:  denied  { mounton } for  pid=4847 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  109.451982][ T3827] udevd[3827]: symlink '../../loop0' '/dev/disk/by-diskseq/436.tmp-b7:0' failed: Read-only file system
[  109.464854][ T1018] usb 2-1: config 0 interface 0 altsetting 252 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  109.488784][ T1018] usb 2-1: config 0 interface 0 altsetting 252 endpoint 0x81 has invalid wMaxPacketSize 0
[  109.510325][ T1018] usb 2-1: config 0 interface 0 altsetting 252 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  109.532936][ T3827] udevd[3827]: symlink '../../loop0' '/dev/disk/by-diskseq/436.tmp-b7:0' failed: Read-only file system
[  109.566149][ T1018] usb 2-1: config 0 interface 0 has no altsetting 0
[  109.587068][ T1018] usb 2-1: New USB device found, idVendor=0458, idProduct=501a, bcdDevice= 0.00
[  109.597993][ T4847] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.607040][ T4847] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.615089][ T4847] device bridge_slave_0 entered promiscuous mode
[  109.621929][ T1018] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.635150][    T8] bridge0: port 3(gretap0) entered disabled state
[  109.657204][    T6] usbhid 4-1:0.0: can't add hid device: -71
[  109.669998][    T6] usbhid: probe of 4-1:0.0 failed with error -71
[  109.678484][    T8] device gretap0 left promiscuous mode
[  109.696409][    T8] bridge0: port 3(gretap0) entered disabled state
[  109.703747][ T1018] usb 2-1: config 0 descriptor??
[  109.712194][  T334] udevd[334]: symlink '../../loop0' '/dev/disk/by-diskseq/436.tmp-b7:0' failed: Read-only file system
[  109.732150][    T6] usb 4-1: USB disconnect, device number 14
[  109.753455][ T4847] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.759088][ T4859] loop0: detected capacity change from 0 to 2048
[  109.767180][ T4847] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.768025][ T4847] device bridge_slave_1 entered promiscuous mode
[  109.801687][ T4570] udevd[4570]: symlink '../../loop0' '/dev/disk/by-diskseq/445.tmp-b7:0' failed: Read-only file system
[  109.825693][ T4570] udevd[4570]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:0' failed: Read-only file system
[  109.842554][ T4859] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  109.876896][  T282] EXT4-fs (loop0): unmounting filesystem.
[  109.903506][ T4570] udevd[4570]: symlink '../../loop0' '/dev/disk/by-diskseq/445.tmp-b7:0' failed: Read-only file system
[  109.927139][ T4863] loop0: detected capacity change from 0 to 256
[  109.934056][ T4863] exfat: Deprecated parameter 'namecase'
[  109.942003][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.950501][ T4863] exfat: Deprecated parameter 'namecase'
[  109.959675][    T8] device bridge_slave_0 left promiscuous mode
[  109.960168][ T4863] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  109.977601][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.990945][ T4570] udevd[4570]: symlink '../../loop0' '/dev/disk/by-diskseq/445.tmp-b7:0' failed: Read-only file system
[  110.018511][    T8] device veth1_macvtap left promiscuous mode
[  110.033444][    T8] device veth0_vlan left promiscuous mode
[  110.040434][ T4570] udevd[4570]: symlink '../../loop0' '/dev/disk/by-uuid/1234-1234.tmp-b7:0' failed: Read-only file system
[  110.092386][ T4570] udevd[4570]: symlink '../../loop0' '/dev/disk/by-diskseq/447.tmp-b7:0' failed: Read-only file system
[  110.156711][ T1018] kye 0003:0458:501A.002D: item fetching failed at offset 0/4
[  110.172762][ T1018] kye 0003:0458:501A.002D: parse failed
[  110.178877][ T1018] kye: probe of 0003:0458:501A.002D failed with error -22
[  110.370995][   T24] usb 2-1: USB disconnect, device number 19
[  110.393397][  T385] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  110.401719][  T385] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  110.424089][  T385] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  110.452267][  T385] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  110.471730][  T385] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.479083][  T385] bridge0: port 1(bridge_slave_0) entered forwarding state
[  110.500685][  T385] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  110.510181][  T385] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  110.520526][  T385] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.528165][  T385] bridge0: port 2(bridge_slave_1) entered forwarding state
[  110.560009][  T385] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  110.577463][  T385] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  110.604270][  T385] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  110.621462][  T385] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  110.640252][  T385] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  110.674936][  T385] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  110.694667][  T385] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  110.727385][  T385] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  110.737516][  T385] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  110.777842][  T385] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  110.794422][  T385] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  110.806238][ T4847] device veth0_vlan entered promiscuous mode
[  110.840707][  T385] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  110.861892][  T385] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  110.888817][ T4847] device veth1_macvtap entered promiscuous mode
[  110.914407][  T379] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  110.926727][  T379] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  110.960540][  T379] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  110.982657][  T379] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  110.998607][  T379] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  111.024901][ T4911] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1902'.
[  111.045330][   T28] audit: type=1400 audit(2000000030.179:1013): avc:  denied  { mounton } for  pid=4847 comm="syz-executor" path="/root/syzkaller.o6AETA/syz-tmp" dev="sda1" ino=2049 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  111.070197][ T4914] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1902'.
[  111.079610][ T4914] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1902'.
[  111.121346][ T4914] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1902'.
[  111.130677][   T28] audit: type=1400 audit(2000000030.179:1014): avc:  denied  { mount } for  pid=4847 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  111.182075][   T28] audit: type=1400 audit(2000000030.179:1015): avc:  denied  { mounton } for  pid=4847 comm="syz-executor" path="/root/syzkaller.o6AETA/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  111.231806][   T28] audit: type=1400 audit(2000000030.179:1016): avc:  denied  { mounton } for  pid=4847 comm="syz-executor" path="/root/syzkaller.o6AETA/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=36542 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  111.348773][    T6] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  111.561982][    T6] usb 1-1: Using ep0 maxpacket: 16
[  111.573501][    T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  111.609505][    T6] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  111.648673][    T6] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  111.668751][    T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  111.690806][    T6] usb 1-1: config 0 descriptor??
[  111.714316][ T4935] loop3: detected capacity change from 0 to 40427
[  111.732712][ T4935] F2FS-fs (loop3): invalid crc value
[  111.769437][ T4935] F2FS-fs (loop3): Found nat_bits in checkpoint
[  111.824878][ T4935] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  111.927629][  T285] bio_check_eod: 4289 callbacks suppressed
[  111.927671][  T285] syz-executor: attempt to access beyond end of device
[  111.927671][  T285] loop3: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  111.953380][  T285] syz-executor: attempt to access beyond end of device
[  111.953380][  T285] loop3: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  111.996959][   T43] kworker/u4:2: attempt to access beyond end of device
[  111.996959][   T43] loop3: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  112.077623][ T4970] syz.5.1926[4970] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  112.077706][ T4970] syz.5.1926[4970] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  112.124301][ T4973] input: syz1 as /devices/virtual/input/input20
[  112.150784][    T6] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.002E/input/input21
[  112.238831][    T6] microsoft 0003:045E:07DA.002E: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[  112.256858][   T39] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  112.267708][ T4982] kvm [4981]: vcpu0, guest rIP: 0x8000000 Unhandled WRMSR(0x4000003a) = 0x0
[  112.311866][  T379] tipc: Disabling bearer <udp:syz1>
[  112.317453][  T379] tipc: Left network mode
[  112.369569][ T4987] loop5: detected capacity change from 0 to 128
[  112.470911][ T4991] loop1: detected capacity change from 0 to 16
[  112.471165][    T8] kworker/u4:0: attempt to access beyond end of device
[  112.471165][    T8] loop5: rw=1, sector=145, nr_sectors = 896 limit=128
[  112.481437][   T39] usb 7-1: Using ep0 maxpacket: 8
[  112.500548][ T4991] erofs: (device loop1): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 125300)
[  112.536480][   T39] usb 7-1: unable to get BOS descriptor or descriptor too short
[  112.554416][   T39] usb 7-1: config 4 has an invalid interface number: 147 but max is 0
[  112.574975][   T39] usb 7-1: config 4 contains an unexpected descriptor of type 0x2, skipping
[  112.587233][ T4997] syz.1.1938[4997] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  112.587319][ T4997] syz.1.1938[4997] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  112.599431][   T39] usb 7-1: config 4 has no interface number 0
[  112.625191][   T39] usb 7-1: string descriptor 0 read error: -22
[  112.635754][   T39] usb 7-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e
[  112.645198][   T39] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  112.655380][   T39] usb 7-1: Found UVC 0.02 device <unnamed> (04f2:b746)
[  112.664646][   T39] usb 7-1: No valid video chain found.
[  112.686661][ T5005] loop5: detected capacity change from 0 to 256
[  112.724234][ T4992] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.743067][ T4992] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.750791][ T4992] device bridge_slave_0 entered promiscuous mode
[  112.769084][ T4992] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.776644][ T4992] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.784844][ T4992] device bridge_slave_1 entered promiscuous mode
[  112.796650][ T5011] netlink: 104 bytes leftover after parsing attributes in process `syz.5.1944'.
[  112.798764][  T350] usb 1-1: USB disconnect, device number 16
[  112.822427][ T5013] loop5: detected capacity change from 0 to 16
[  112.836995][ T5013] erofs: (device loop5): mounted with root inode @ nid 36.
[  112.888730][   T19] usb 7-1: USB disconnect, device number 2
[  112.890921][   T28] kauditd_printk_skb: 8 callbacks suppressed
[  112.890940][   T28] audit: type=1400 audit(2000000031.910:1025): avc:  denied  { module_request } for  pid=4992 comm="syz-executor" kmod="netdev-team0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  112.927396][   T28] audit: type=1400 audit(2000000031.928:1026): avc:  denied  { read write } for  pid=1876 comm="syz-executor" name="loop5" dev="devtmpfs" ino=123 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  112.952514][   T28] audit: type=1400 audit(2000000031.928:1027): avc:  denied  { open } for  pid=1876 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=123 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  112.978445][   T28] audit: type=1400 audit(2000000031.928:1028): avc:  denied  { ioctl } for  pid=1876 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=123 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  113.005212][   T28] audit: type=1400 audit(2000000031.957:1029): avc:  denied  { bpf } for  pid=5016 comm="syz.5.1947" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  113.026985][   T28] audit: type=1400 audit(2000000031.957:1030): avc:  denied  { prog_load } for  pid=5016 comm="syz.5.1947" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  113.046391][   T28] audit: type=1400 audit(2000000031.957:1031): avc:  denied  { perfmon } for  pid=5016 comm="syz.5.1947" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  113.068543][   T28] audit: type=1400 audit(2000000031.957:1032): avc:  denied  { prog_run } for  pid=5016 comm="syz.5.1947" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  113.103336][   T28] audit: type=1400 audit(2000000032.116:1033): avc:  denied  { read write } for  pid=5018 comm="syz.1.1948" name="raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  113.128621][   T28] audit: type=1400 audit(2000000032.116:1034): avc:  denied  { open } for  pid=5018 comm="syz.1.1948" path="/dev/raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  113.167214][  T379] device bridge_slave_1 left promiscuous mode
[  113.173401][  T379] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.181687][  T379] device bridge_slave_0 left promiscuous mode
[  113.188229][  T379] bridge0: port 1(bridge_slave_0) entered disabled state
[  113.196446][  T379] device veth1_macvtap left promiscuous mode
[  113.202909][  T379] device veth0_vlan left promiscuous mode
[  113.318873][  T822] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  113.327069][  T822] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  113.336346][  T822] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  113.345424][  T822] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  113.354745][  T822] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.362103][  T822] bridge0: port 1(bridge_slave_0) entered forwarding state
[  113.369983][  T822] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  113.383669][  T822] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  113.392742][   T39] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  113.393539][  T822] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  113.409811][  T822] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.416915][  T822] bridge0: port 2(bridge_slave_1) entered forwarding state
[  113.426941][  T822] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  113.435789][  T822] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  113.446421][  T822] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  113.455752][  T822] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  113.476131][  T822] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  113.484890][  T822] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  113.499797][ T4992] device veth0_vlan entered promiscuous mode
[  113.509327][  T822] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  113.517794][  T822] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  113.526466][  T822] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  113.534979][  T822] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  113.547673][  T822] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  113.556616][  T822] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  113.567264][ T4992] device veth1_macvtap entered promiscuous mode
[  113.578759][  T822] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  113.587499][  T822] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  113.597430][  T822] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  113.605923][  T822] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  113.614518][   T39] usb 2-1: Using ep0 maxpacket: 16
[  113.622212][   T39] usb 2-1: unable to get BOS descriptor or descriptor too short
[  113.631722][   T39] usb 2-1: config 7 has an invalid interface number: 88 but max is 0
[  113.639892][   T39] usb 2-1: config 7 has no interface number 0
[  113.646137][   T39] usb 2-1: config 7 interface 88 has no altsetting 0
[  113.656571][   T39] usb 2-1: New USB device found, idVendor=0482, idProduct=0100, bcdDevice= 1.00
[  113.666005][   T39] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  113.674438][   T39] usb 2-1: Product: syz
[  113.678583][  T350] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  113.678801][   T39] usb 2-1: Manufacturer: syz
[  113.691061][   T39] usb 2-1: SerialNumber: syz
[  113.741104][ T5041] loop7: detected capacity change from 0 to 1024
[  113.748492][ T5041] EXT4-fs: Ignoring removed nobh option
[  113.754351][ T5041] EXT4-fs: Ignoring removed bh option
[  113.760378][ T5041] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  113.777026][ T5041] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  113.803231][ T4992] EXT4-fs (loop7): unmounting filesystem.
[  113.809390][   T19] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  113.882941][  T350] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  113.896183][  T350] usb 1-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00
[  113.905589][  T350] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.914793][  T350] usb 1-1: config 0 descriptor??
[  113.916081][   T39] usb-storage 2-1:7.88: USB Mass Storage device detected
[  113.928318][   T39] usb-storage 2-1:7.88: Quirks match for vid 0482 pid 0100: 8
[  113.936299][   T39] usb-storage 2-1:7.88: This device (0482,0100,0100 S 05 P fe) has an unneeded SubClass entry in unusual_devs.h (kernel syzkaller)
[  113.936299][   T39]    Please send a copy of this message to <linux-usb@vger.kernel.org> and <usb-storage@lists.one-eyed-alien.net>
[  113.990561][   T39] usb 2-1: USB disconnect, device number 20
[  114.020739][   T19] usb 7-1: Using ep0 maxpacket: 16
[  114.027859][   T19] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  114.038850][   T19] usb 7-1: config 0 has no interfaces?
[  114.044675][   T19] usb 7-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  114.054222][   T19] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.063258][   T19] usb 7-1: config 0 descriptor??
[  114.127636][    T6] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  114.287124][  T908] usb 7-1: USB disconnect, device number 3
[  114.330859][    T6] usb 8-1: Using ep0 maxpacket: 32
[  114.337509][    T6] usb 8-1: config 0 has an invalid interface number: 47 but max is 0
[  114.346513][    T6] usb 8-1: config 0 has no interface number 0
[  114.353751][    T6] usb 8-1: config 0 interface 47 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  114.364705][    T6] usb 8-1: config 0 interface 47 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[  114.375677][  T350] usbhid 1-1:0.0: can't add hid device: -71
[  114.381901][  T350] usbhid: probe of 1-1:0.0 failed with error -71
[  114.391136][    T6] usb 8-1: New USB device found, idVendor=08dd, idProduct=90ff, bcdDevice=7b.76
[  114.400641][  T350] usb 1-1: USB disconnect, device number 17
[  114.406766][    T6] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  114.414961][    T6] usb 8-1: Product: syz
[  114.420534][    T6] usb 8-1: Manufacturer: syz
[  114.425276][    T6] usb 8-1: SerialNumber: syz
[  114.430588][    T6] usb 8-1: config 0 descriptor??
[  114.435971][ T5046] raw-gadget.3 gadget.7: fail, usb_ep_enable returned -22
[  114.443687][ T5046] raw-gadget.3 gadget.7: fail, usb_ep_enable returned -22
[  114.671248][    T6] asix 8-1:0.47 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  114.684375][    T6] asix: probe of 8-1:0.47 failed with error -71
[  114.692350][    T6] usb 8-1: USB disconnect, device number 2
[  114.720176][ T5057] loop1: detected capacity change from 0 to 40427
[  114.728114][ T5057] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  114.736075][ T5057] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  114.745802][ T5057] F2FS-fs (loop1): invalid crc value
[  114.748649][ T4570] udevd[4570]: symlink '../../loop1' '/dev/disk/by-diskseq/461.tmp-b7:1' failed: Read-only file system
[  114.755562][ T5057] F2FS-fs (loop1): Found nat_bits in checkpoint
[  114.776912][ T4570] udevd[4570]: symlink '../../loop1' '/dev/disk/by-diskseq/461.tmp-b7:1' failed: Read-only file system
[  114.804524][ T5057] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  114.812042][ T5057] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  114.833012][ T4570] udevd[4570]: symlink '../../loop1' '/dev/disk/by-diskseq/461.tmp-b7:1' failed: Read-only file system
[  114.845381][ T4570] udevd[4570]: symlink '../../loop1' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:1' failed: Read-only file system
[  114.902337][ T4570] udevd[4570]: symlink '../../loop1' '/dev/disk/by-diskseq/461.tmp-b7:1' failed: Read-only file system
[  114.917741][ T4570] udevd[4570]: symlink '../../loop1' '/dev/disk/by-diskseq/461.tmp-b7:1' failed: Read-only file system
[  114.944844][ T4570] udevd[4570]: symlink '../../loop1' '/dev/disk/by-diskseq/462.tmp-b7:1' failed: Read-only file system
[  114.961922][ T5066] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1962'.
[  114.983617][ T4570] udevd[4570]: symlink '../../loop1' '/dev/disk/by-diskseq/462.tmp-b7:1' failed: Read-only file system
[  115.006188][ T4570] udevd[4570]: symlink '../../loop1' '/dev/disk/by-diskseq/462.tmp-b7:1' failed: Read-only file system
[  115.038438][ T4570] udevd[4570]: symlink '../../loop1' '/dev/disk/by-diskseq/462.tmp-b7:1' failed: Read-only file system
[  115.172056][ T5091] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1973'.
[  115.200616][ T5095] input: syz1 as /devices/virtual/input/input22
[  115.249840][ T5101] loop1: detected capacity change from 0 to 512
[  115.260253][ T5101] EXT4-fs: Ignoring removed oldalloc option
[  115.268818][ T5101] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  115.278669][ T5103] loop0: detected capacity change from 0 to 1024
[  115.297563][ T5103] EXT4-fs: Ignoring removed bh option
[  115.328079][ T5101] EXT4-fs (loop1): 1 truncate cleaned up
[  115.334185][ T5101] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  115.369697][ T5103] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  115.427275][  T286] EXT4-fs (loop1): unmounting filesystem.
[  115.463430][  T282] EXT4-fs (loop0): unmounting filesystem.
[  115.653150][ T5139] loop5: detected capacity change from 0 to 512
[  115.661218][ T5139] EXT4-fs: Ignoring removed oldalloc option
[  115.668663][ T5139] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  115.677905][  T908] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  115.683296][ T5139] EXT4-fs (loop5): 1 truncate cleaned up
[  115.692863][ T5139] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  115.744278][ T1876] EXT4-fs (loop5): unmounting filesystem.
[  115.784654][  T907] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  115.882471][  T908] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  115.898535][  T908] usb 8-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00
[  115.908762][  T908] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.919049][  T908] usb 8-1: config 0 descriptor??
[  115.934337][    T6] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  115.979679][  T907] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  115.997231][  T907] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  116.018513][  T907] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  116.039505][  T907] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  116.052142][  T907] usb 2-1: SerialNumber: syz
[  116.137532][    T6] usb 1-1: Using ep0 maxpacket: 8
[  116.144671][    T6] usb 1-1: unable to get BOS descriptor or descriptor too short
[  116.153970][    T6] usb 1-1: config 4 has an invalid interface number: 147 but max is 0
[  116.162885][    T6] usb 1-1: config 4 contains an unexpected descriptor of type 0x2, skipping
[  116.172560][    T6] usb 1-1: config 4 has no interface number 0
[  116.183055][    T6] usb 1-1: string descriptor 0 read error: -22
[  116.190097][    T6] usb 1-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e
[  116.200192][    T6] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  116.214697][    T6] usb 1-1: Found UVC 0.02 device <unnamed> (04f2:b746)
[  116.222162][    T6] usb 1-1: No valid video chain found.
[  116.275003][  T907] usb 2-1: 0:2 : does not exist
[  116.296532][  T907] usb 2-1: USB disconnect, device number 21
[  116.356003][  T908] usbhid 8-1:0.0: can't add hid device: -71
[  116.362706][  T908] usbhid: probe of 8-1:0.0 failed with error -71
[  116.370199][  T908] usb 8-1: USB disconnect, device number 3
[  116.433289][    T6] usb 1-1: USB disconnect, device number 18
[  116.852514][ T5193] 9pnet: p9_errstr2errno: server reported unknown error 00000000000000000000004D†ü
[  116.898766][ T5197] loop1: detected capacity change from 0 to 1024
[  116.913609][ T5197] EXT4-fs: Ignoring removed bh option
[  116.930957][ T5197] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  116.969965][  T286] EXT4-fs (loop1): unmounting filesystem.
[  116.980144][ T5203] SELinux: security policydb version 16 (MLS) not backwards compatible
[  116.988775][ T5203] SELinux: failed to load policy
[  117.013426][ T5205] overlayfs: failed to set xattr on upper
[  117.047804][ T5211] xt_hashlimit: size too large, truncated to 1048576
[  117.335648][ T5219] loop7: detected capacity change from 0 to 40427
[  117.343537][ T5219] F2FS-fs (loop7): fault_injection options not supported
[  117.351752][ T5219] F2FS-fs (loop7): invalid crc value
[  117.366884][  T908] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  117.375659][ T5219] F2FS-fs (loop7): Found nat_bits in checkpoint
[  117.430665][ T5219] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  117.455092][ T4992] syz-executor: attempt to access beyond end of device
[  117.455092][ T4992] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  117.553576][ T5238] loop7: detected capacity change from 0 to 1024
[  117.561104][ T5238] EXT4-fs: Ignoring removed bh option
[  117.566957][  T908] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  117.577535][  T908] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  117.588167][  T908] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  117.597437][  T908] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  117.603119][ T5238] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  117.605582][  T908] usb 6-1: SerialNumber: syz
[  117.684233][ T4992] EXT4-fs (loop7): unmounting filesystem.
[  117.836571][  T908] usb 6-1: 0:2 : does not exist
[  117.844088][  T908] usb 6-1: USB disconnect, device number 12
[  117.933835][  T907] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  118.136556][  T907] usb 2-1: Using ep0 maxpacket: 8
[  118.143364][  T907] usb 2-1: unable to get BOS descriptor or descriptor too short
[  118.152346][  T907] usb 2-1: config 4 has an invalid interface number: 147 but max is 0
[  118.160789][  T907] usb 2-1: config 4 contains an unexpected descriptor of type 0x2, skipping
[  118.170797][  T907] usb 2-1: config 4 has no interface number 0
[  118.179765][  T907] usb 2-1: string descriptor 0 read error: -22
[  118.186226][  T907] usb 2-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e
[  118.195423][  T907] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.205899][  T907] usb 2-1: Found UVC 0.02 device <unnamed> (04f2:b746)
[  118.213527][  T907] usb 2-1: No valid video chain found.
[  118.401696][  T822] Bluetooth: hci0: Frame reassembly failed (-84)
[  118.406510][   T28] kauditd_printk_skb: 161 callbacks suppressed
[  118.406531][   T28] audit: type=1400 audit(2000000037.073:1196): avc:  denied  { create } for  pid=5269 comm="syz.5.2050" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  118.430798][  T907] usb 2-1: USB disconnect, device number 22
[  118.444145][   T28] audit: type=1400 audit(2000000037.073:1197): avc:  denied  { ioctl } for  pid=5269 comm="syz.5.2050" path="socket:[38593]" dev="sockfs" ino=38593 ioctlcmd=0x48e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  118.480363][   T28] audit: type=1400 audit(2000000037.139:1198): avc:  denied  { create } for  pid=5275 comm="syz.0.2053" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  118.501123][   T28] audit: type=1400 audit(2000000037.139:1199): avc:  denied  { connect } for  pid=5275 comm="syz.0.2053" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  118.595516][   T28] audit: type=1326 audit(2000000037.242:1200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5250 comm="syz.7.2040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd81b8eec9 code=0x7fc00000
[  118.712570][   T28] audit: type=1400 audit(2000000037.354:1201): avc:  denied  { wake_alarm } for  pid=5299 comm="syz.7.2065" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  118.736369][   T28] audit: type=1400 audit(2000000037.382:1202): avc:  denied  { read } for  pid=5301 comm="syz.7.2066" name="rtc0" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  118.760332][   T28] audit: type=1400 audit(2000000037.382:1203): avc:  denied  { open } for  pid=5301 comm="syz.7.2066" path="/dev/rtc0" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  118.793041][   T28] audit: type=1400 audit(2000000037.382:1204): avc:  denied  { ioctl } for  pid=5301 comm="syz.7.2066" path="/dev/rtc0" dev="devtmpfs" ino=263 ioctlcmd=0x7005 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  118.940160][   T28] audit: type=1326 audit(2000000037.569:1205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5314 comm="syz.7.2072" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcd81b8eec9 code=0x0
[  119.120211][    T6] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  119.323236][    T6] usb 1-1: Using ep0 maxpacket: 32
[  119.330594][    T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  119.346816][    T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  119.357188][    T6] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  119.357576][ T5330] 9p: Unknown access argument 18446744073709551615: -34
[  119.366623][    T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.382675][    T6] usb 1-1: config 0 descriptor??
[  119.389360][    T6] hub 1-1:0.0: USB hub found
[  119.604442][    T6] hub 1-1:0.0: 1 port detected
[  119.807033][ T5356] syz.6.2086 uses obsolete (PF_INET,SOCK_PACKET)
[  119.904787][ T5366] syz.7.2092[5366] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  119.904902][ T5366] syz.7.2092[5366] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  119.979130][ T5372] loop1: detected capacity change from 0 to 512
[  120.028082][ T5372] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  120.075864][  T286] EXT4-fs (loop1): unmounting filesystem.
[  120.104972][ T4570] udevd[4570]: symlink '../../loop1' '/dev/disk/by-diskseq/480.tmp-b7:1' failed: Read-only file system
[  120.121640][ T3827] udevd[3827]: symlink '../../loop7' '/dev/disk/by-diskseq/478.tmp-b7:7' failed: Read-only file system
[  120.129600][ T5381] loop7: detected capacity change from 0 to 256
[  120.161849][ T3827] udevd[3827]: symlink '../../loop1' '/dev/disk/by-diskseq/480.tmp-b7:1' failed: Read-only file system
[  120.175105][ T5381] exFAT-fs (loop7): failed to load upcase table (idx : 0x000106cd, chksum : 0x3aeaf2c0, utbl_chksum : 0xe619d30d)
[  120.176401][ T4570] udevd[4570]: symlink '../../loop7' '/dev/disk/by-diskseq/481.tmp-b7:7' failed: Read-only file system
[  120.204944][ T4570] udevd[4570]: symlink '../../loop7' '/dev/disk/by-uuid/1234-1234.tmp-b7:7' failed: Read-only file system
[  120.208036][ T5381] exFAT-fs (loop7): error, found bogus dentry(11) beyond unused empty group(10) (start_clu : 5, cur_clu : 5)
[  120.237260][ T5381] exFAT-fs (loop7): Filesystem has been set read-only
[  120.240732][ T4570] udevd[4570]: symlink '../../loop1' '/dev/disk/by-diskseq/480.tmp-b7:1' failed: Read-only file system
[  120.274168][    T6] hub 1-1:0.0: activate --> -90
[  120.301967][ T4570] udevd[4570]: symlink '../../loop1' '/dev/disk/by-diskseq/480.tmp-b7:1' failed: Read-only file system
[  120.323288][ T3827] udevd[3827]: symlink '../../loop7' '/dev/disk/by-diskseq/481.tmp-b7:7' failed: Read-only file system
[  120.347823][ T4570] udevd[4570]: symlink '../../loop7' '/dev/disk/by-diskseq/481.tmp-b7:7' failed: Read-only file system
[  120.378013][ T3827] udevd[3827]: symlink '../../loop1' '/dev/disk/by-diskseq/480.tmp-b7:1' failed: Read-only file system
[  120.487184][    T6] hub 1-1:0.0: hub_ext_port_status failed (err = -71)
[  120.487547][  T908] usb 1-1: USB disconnect, device number 19
[  120.547568][ T5420] loop1: detected capacity change from 0 to 256
[  120.565638][ T5420] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  120.584727][ T1519] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  120.584736][ T2554] Bluetooth: hci0: command 0x1003 tx timeout
[  120.598264][ T5420] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  120.600106][ T5270] Bluetooth: hci0: Opcode 0x080f failed: -4
[  120.615925][ T5430] loop7: detected capacity change from 0 to 2048
[  120.624337][ T5420] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  120.686857][ T5430] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  120.712597][ T5442] loop5: detected capacity change from 0 to 256
[  120.725227][ T5442] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  120.730070][ T5429] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  120.759911][ T5442] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  120.769682][ T4992] EXT4-fs (loop7): unmounting filesystem.
[  120.770413][ T5442] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  120.857714][ T5453] loop5: detected capacity change from 0 to 128
[  120.871228][ T5451] loop6: detected capacity change from 0 to 4096
[  120.886450][ T5451] EXT4-fs (loop6): Test dummy encryption mode enabled
[  120.887019][ T5453] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  120.907921][ T5451] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  120.922935][ T5453] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  120.953145][ T1876] FAT-fs (loop5): error, corrupted directory (invalid entries)
[  120.961775][ T4847] EXT4-fs (loop6): unmounting filesystem.
[  120.962279][ T1876] FAT-fs (loop5): Filesystem has been set read-only
[  120.969677][  T907] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  120.974958][ T1876] FAT-fs (loop5): error, corrupted directory (invalid entries)
[  121.061288][  T385] tipc: Left network mode
[  121.068219][ T5461] kvm [5460]: vcpu2, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x7
[  121.083270][ T5468] loop0: detected capacity change from 0 to 256
[  121.091290][ T5468] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  121.109841][ T5468] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  121.120695][ T5468] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x44ede5da, utbl_chksum : 0xe619d30d)
[  121.126580][ T5461] kvm [5460]: vcpu2, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x7
[  121.143195][ T5468] incfs: iterate_incfs_dir / -22
[  121.184494][  T907] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  121.202802][  T907] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  121.218799][  T907] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  121.233738][  T907] usb 2-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  121.250163][  T907] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  121.270629][  T907] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.290326][  T907] usb 2-1: Product: syz
[  121.306082][  T907] usb 2-1: Manufacturer: syz
[  121.310838][  T907] usb 2-1: SerialNumber: syz
[  121.526904][ T5477] bridge0: port 1(bridge_slave_0) entered blocking state
[  121.534216][ T5477] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.542390][ T5477] device bridge_slave_0 entered promiscuous mode
[  121.557795][    T6] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  121.569643][ T5477] bridge0: port 2(bridge_slave_1) entered blocking state
[  121.577025][ T5477] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.585564][ T5477] device bridge_slave_1 entered promiscuous mode
[  121.659976][ T5479] bridge0: port 1(bridge_slave_0) entered blocking state
[  121.667741][ T5479] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.676774][ T5479] device bridge_slave_0 entered promiscuous mode
[  121.693064][ T5479] bridge0: port 2(bridge_slave_1) entered blocking state
[  121.701408][ T5479] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.707205][    C1] ==================================================================
[  121.710403][ T5479] device bridge_slave_1 entered promiscuous mode
[  121.717697][    C1] BUG: KASAN: use-after-free in enqueue_timer+0xae/0x480
[  121.731272][    C1] Write of size 8 at addr ffff888112658a00 by task swapper/1/0
[  121.739010][    C1] 
[  121.741530][    C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G        W          syzkaller #0
[  121.750318][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  121.760759][    C1] Call Trace:
[  121.764193][    C1]  <IRQ>
[  121.767289][    C1]  __dump_stack+0x21/0x24
[  121.771673][    C1]  dump_stack_lvl+0xee/0x150
[  121.776299][    C1]  ? __cfi_dump_stack_lvl+0x8/0x8
[  121.781478][    C1]  ? __cfi__printk+0x8/0x8
[  121.782044][    T6] usb 8-1: Using ep0 maxpacket: 32
[  121.785940][    C1]  ? enqueue_timer+0xae/0x480
[  121.795843][    C1]  print_address_description+0x71/0x200
[  121.801643][    C1]  print_report+0x4a/0x60
[  121.806209][    C1]  kasan_report+0x122/0x150
[  121.809143][    T6] usb 8-1: config 0 has an invalid interface number: 67 but max is 0
[  121.811130][    C1]  ? enqueue_timer+0xae/0x480
[  121.820479][    T6] usb 8-1: config 0 has no interface number 0
[  121.824138][    C1]  __asan_report_store8_noabort+0x17/0x20
[  121.832279][    T6] usb 8-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  121.836261][    C1]  enqueue_timer+0xae/0x480
[  121.836299][    C1]  __mod_timer+0x79f/0xb30
[  121.836323][    C1]  mod_timer+0x1f/0x30
[  121.845898][    T6] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.850140][    C1]  neigh_timer_handler+0x937/0xf00
[  121.850178][    C1]  ? __cfi_neigh_timer_handler+0x10/0x10
[  121.855141][    T6] usb 8-1: Product: syz
[  121.858951][    C1]  call_timer_fn+0x46/0x2a0
[  121.858987][    C1]  ? __cfi_neigh_timer_handler+0x10/0x10
[  121.867317][    T6] usb 8-1: Manufacturer: syz
[  121.872169][    C1]  __run_timers+0x639/0x9a0
[  121.872209][    C1]  ? calc_index+0x200/0x200
[  121.878537][    T6] usb 8-1: SerialNumber: syz
[  121.882382][    C1]  ? kvm_sched_clock_read+0x18/0x40
[  121.887696][    T6] usb 8-1: config 0 descriptor??
[  121.892527][    C1]  run_timer_softirq+0x6a/0xf0
[  121.892560][    C1]  handle_softirqs+0x1d7/0x600
[  121.892582][    C1]  ? irqtime_account_irq+0xc4/0x240
[  121.892607][    C1]  __irq_exit_rcu+0x52/0xf0
[  121.892624][    C1]  irq_exit_rcu+0x9/0x10
[  121.892641][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  121.899064][    T6] smsc95xx v2.0.0
[  121.902105][    C1]  </IRQ>
[  121.902115][    C1]  <TASK>
[  121.902122][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  121.902154][    C1] RIP: 0010:default_idle+0xf/0x20
[  121.973030][    C1] Code: e9 47 ff ff ff 00 00 cc cc 00 00 90 90 90 90 90 90 90 90 90 90 90 b8 0c 67 40 a5 55 48 89 e5 66 90 0f 00 2d d3 3f 52 00 fb f4 <5d> c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 90 90 90 90 90
[  121.993705][    C1] RSP: 0018:ffffc90000147dd8 EFLAGS: 00000257
[  121.999984][    C1] RAX: ffff8881f7100000 RBX: ffff888100331440 RCX: ef870f27e6d2b000
[  122.007989][    C1] RDX: 0000000000000001 RSI: ffffffff85aa0e80 RDI: ffffffff85aa0e40
[  122.015988][    C1] RBP: ffffc90000147dd8 R08: dffffc0000000000 R09: ffffed103ee26917
[  122.024147][    C1] R10: 0000000000000000 R11: ffffffff84f3f260 R12: 0000000000000000
[  122.032221][    C1] R13: 0000000000000000 R14: ffff888100331440 R15: dffffc0000000000
[  122.040395][    C1]  ? __cfi_default_idle+0x10/0x10
[  122.045547][    C1]  arch_cpu_idle+0x1c/0x20
[  122.049984][    C1]  default_idle_call+0x71/0x1d0
[  122.055104][    C1]  do_idle+0x1a7/0x520
[  122.059211][    C1]  ? idle_inject_timer_fn+0x60/0x60
[  122.064765][    C1]  ? schedule_idle+0x5b/0x90
[  122.069368][    C1]  cpu_startup_entry+0x43/0x60
[  122.074434][    C1]  start_secondary+0x119/0x120
[  122.079438][    C1]  secondary_startup_64_no_verify+0xce/0xdb
[  122.085486][    C1]  </TASK>
[  122.088689][    C1] 
[  122.091125][    C1] Allocated by task 5270:
[  122.095463][    C1]  kasan_set_track+0x4b/0x70
[  122.100064][    C1]  kasan_save_alloc_info+0x25/0x30
[  122.105406][    C1]  __kasan_kmalloc+0x95/0xb0
[  122.110181][    C1]  __kmalloc+0xb1/0x1e0
[  122.114341][    C1]  hci_alloc_dev_priv+0x27/0x1bd0
[  122.119548][    C1]  hci_uart_tty_ioctl+0x3d6/0xa20
[  122.125099][    C1]  tty_ioctl+0x8ef/0xc60
[  122.129436][    C1]  __se_sys_ioctl+0x12f/0x1b0
[  122.134547][    C1]  __x64_sys_ioctl+0x7b/0x90
[  122.139341][    C1]  x64_sys_call+0x58b/0x9a0
[  122.143900][    C1]  do_syscall_64+0x4c/0xa0
[  122.148536][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  122.155425][    C1] 
[  122.157867][    C1] Freed by task 5270:
[  122.161939][    C1]  kasan_set_track+0x4b/0x70
[  122.166633][    C1]  kasan_save_free_info+0x31/0x50
[  122.171669][    C1]  ____kasan_slab_free+0x132/0x180
[  122.176877][    C1]  __kasan_slab_free+0x11/0x20
[  122.181743][    C1]  slab_free_freelist_hook+0xc2/0x190
[  122.187389][    C1]  __kmem_cache_free+0xb7/0x1b0
[  122.192255][    C1]  kfree+0x6f/0xf0
[  122.196082][    C1]  hci_release_dev+0x12a3/0x13b0
[  122.201232][    C1]  bt_host_release+0x82/0x90
[  122.206041][    C1]  device_release+0xa4/0x1d0
[  122.210643][    C1]  kobject_put+0x19d/0x280
[  122.215263][    C1]  put_device+0x1f/0x30
[  122.219515][    C1]  hci_dev_cmd+0x265/0x720
[  122.224045][    C1]  hci_sock_ioctl+0x41e/0x7f0
[  122.228820][    C1]  sock_do_ioctl+0x101/0x310
[  122.233593][    C1]  sock_ioctl+0x4d8/0x6e0
[  122.237931][    C1]  __se_sys_ioctl+0x12f/0x1b0
[  122.242729][    C1]  __x64_sys_ioctl+0x7b/0x90
[  122.247551][    C1]  x64_sys_call+0x58b/0x9a0
[  122.252205][    C1]  do_syscall_64+0x4c/0xa0
[  122.256747][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  122.262774][    C1] 
[  122.265112][    C1] Last potentially related work creation:
[  122.271004][    C1]  kasan_save_stack+0x3a/0x60
[  122.275780][    C1]  __kasan_record_aux_stack+0xb6/0xc0
[  122.281165][    C1]  kasan_record_aux_stack_noalloc+0xb/0x10
[  122.287622][    C1]  insert_work+0x51/0x300
[  122.292866][    C1]  __queue_work+0x9b1/0xd30
[  122.297758][    C1]  queue_work_on+0xd2/0x140
[  122.302822][    C1]  __hci_cmd_sync_sk+0xa3e/0xcf0
[  122.307795][    C1]  hci_cmd_sync_status+0x53/0x120
[  122.312938][    C1]  hci_dev_cmd+0x628/0x720
[  122.318089][    C1]  hci_sock_ioctl+0x41e/0x7f0
[  122.323203][    C1]  sock_do_ioctl+0x101/0x310
[  122.328026][    C1]  sock_ioctl+0x4d8/0x6e0
[  122.332393][    C1]  __se_sys_ioctl+0x12f/0x1b0
[  122.337276][    C1]  __x64_sys_ioctl+0x7b/0x90
[  122.342175][    C1]  x64_sys_call+0x58b/0x9a0
[  122.346876][    C1]  do_syscall_64+0x4c/0xa0
[  122.351490][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  122.357508][    C1] 
[  122.359840][    C1] Second to last potentially related work creation:
[  122.366598][    C1]  kasan_save_stack+0x3a/0x60
[  122.371308][    C1]  __kasan_record_aux_stack+0xb6/0xc0
[  122.376802][    C1]  kasan_record_aux_stack_noalloc+0xb/0x10
[  122.382723][    C1]  insert_work+0x51/0x300
[  122.387160][    C1]  __queue_work+0x9b1/0xd30
[  122.391796][    C1]  queue_work_on+0xd2/0x140
[  122.396345][    C1]  hci_cmd_timeout+0x191/0x200
[  122.401130][    C1]  process_one_work+0x71f/0xc40
[  122.406092][    C1]  worker_thread+0xa29/0x11f0
[  122.410877][    C1]  kthread+0x281/0x320
[  122.414985][    C1]  ret_from_fork+0x1f/0x30
[  122.419586][    C1] 
[  122.422173][    C1] The buggy address belongs to the object at ffff888112658000
[  122.422173][    C1]  which belongs to the cache kmalloc-8k of size 8192
[  122.436494][    C1] The buggy address is located 2560 bytes inside of
[  122.436494][    C1]  8192-byte region [ffff888112658000, ffff88811265a000)
[  122.450472][    C1] 
[  122.452828][    C1] The buggy address belongs to the physical page:
[  122.459237][    C1] page:ffffea0004499600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x112658
[  122.469797][    C1] head:ffffea0004499600 order:3 compound_mapcount:0 compound_pincount:0
[  122.478390][    C1] flags: 0x4000000000010200(slab|head|zone=1)
[  122.484757][    C1] raw: 4000000000010200 ffffea0004b66600 dead000000000003 ffff888100043500
[  122.493471][    C1] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000
[  122.502416][    C1] page dumped because: kasan: bad access detected
[  122.509071][    C1] page_owner tracks the page as allocated
[  122.515153][    C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d2a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 5159, tgid 5157 (syz.6.2002), ts 116084229785, free_ts 116046354158
[  122.537776][    C1]  post_alloc_hook+0x1f5/0x210
[  122.542568][    C1]  prep_new_page+0x1c/0x110
[  122.547256][    C1]  get_page_from_freelist+0x2c7b/0x2cf0
[  122.553096][    C1]  __alloc_pages+0x1c3/0x450
[  122.557702][    C1]  alloc_slab_page+0x6e/0xf0
[  122.562338][    C1]  new_slab+0x98/0x3d0
[  122.566596][    C1]  ___slab_alloc+0x6bd/0xb20
[  122.571327][    C1]  __slab_alloc+0x5e/0xa0
[  122.575834][    C1]  __kmem_cache_alloc_node+0x203/0x2c0
[  122.581389][    C1]  __kmalloc_node_track_caller+0xa0/0x1e0
[  122.587140][    C1]  pskb_expand_head+0x1b0/0x1210
[  122.592171][    C1]  __pskb_pull_tail+0xb1/0x1570
[  122.597035][    C1]  tipc_msg_reverse+0x78/0x940
[  122.601897][    C1]  tipc_sk_filter_rcv+0xbf3/0x2c80
[  122.607022][    C1]  tipc_sk_rcv+0x7d9/0x2cc0
[  122.611540][    C1]  tipc_sk_mcast_rcv+0xe08/0xed0
[  122.616764][    C1] page last free stack trace:
[  122.621547][    C1]  free_unref_page_prepare+0x742/0x750
[  122.627024][    C1]  free_unref_page+0x8f/0x530
[  122.631991][    C1]  __free_pages+0x67/0x100
[  122.636606][    C1]  __free_slab+0xca/0x1a0
[  122.641049][    C1]  __unfreeze_partials+0x160/0x190
[  122.646173][    C1]  put_cpu_partial+0xa9/0x100
[  122.651317][    C1]  __slab_free+0x1c4/0x280
[  122.655885][    C1]  ___cache_free+0xbf/0xd0
[  122.660521][    C1]  qlist_free_all+0xc6/0x140
[  122.665133][    C1]  kasan_quarantine_reduce+0x14a/0x170
[  122.670780][    C1]  __kasan_slab_alloc+0x24/0x80
[  122.675926][    C1]  slab_post_alloc_hook+0x4f/0x2d0
[  122.681163][    C1]  kmem_cache_alloc+0x16e/0x330
[  122.686044][    C1]  getname_flags+0xb9/0x500
[  122.690583][    C1]  user_path_at_empty+0x30/0x1c0
[  122.695552][    C1]  do_utimes+0x138/0x2a0
[  122.699931][    C1] 
[  122.702534][    C1] Memory state around the buggy address:
[  122.708203][    C1]  ffff888112658900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  122.716541][    C1]  ffff888112658980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  122.724797][    C1] >ffff888112658a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  122.733143][    C1]                    ^
[  122.737402][    C1]  ffff888112658a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  122.745853][    C1]  ffff888112658b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  122.754167][    C1] ==================================================================
[  122.762243][    C1] Disabling lock debugging due to kernel taint
[  122.808462][    C1] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  122.820339][    C1] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  122.829209][    C1] CPU: 1 PID: 5479 Comm: syz-executor Tainted: G    B   W          syzkaller #0
[  122.838791][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  122.849283][    C1] RIP: 0010:__queue_work+0x575/0xd30
[  122.855032][    C1] Code: 39 2b 0f 84 b9 00 00 00 e8 88 dc 28 00 4c 89 ff e8 70 db ac 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 4c 4a 6d 00 49 8b 7d 00 e8 53 d7
[  122.885548][    C1] RSP: 0018:ffffc900001b0c70 EFLAGS: 00010046
[  122.892168][    C1] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff888120023cc0
[  122.900866][    C1] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  122.909308][    C1] RBP: ffffc900001b0d08 R08: fffffffffffffffb R09: 0000000000000007
[  122.917410][    C1] R10: ffffed10224cb139 R11: 1ffff110224cb139 R12: dffffc0000000000
[  122.925494][    C1] R13: 0000000000000000 R14: ffff8881126589c8 R15: 0000000000000008
[  122.933588][    C1] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  122.942722][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.949594][    C1] CR2: 00007f6fad769f98 CR3: 0000000128437000 CR4: 00000000003506a0
[  122.957685][    C1] Call Trace:
[  122.961084][    C1]  <IRQ>
[  122.964273][    C1]  delayed_work_timer_fn+0x61/0x80
[  122.969505][    C1]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[  122.975608][    C1]  call_timer_fn+0x46/0x2a0
[  122.980586][    C1]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[  122.986752][    C1]  __run_timers+0x667/0x9a0
[  122.991573][    C1]  ? calc_index+0x200/0x200
[  122.996376][    C1]  ? kvm_sched_clock_read+0x18/0x40
[  123.001709][    C1]  run_timer_softirq+0x6a/0xf0
[  123.006993][    C1]  handle_softirqs+0x1d7/0x600
[  123.011961][    C1]  __irq_exit_rcu+0x52/0xf0
[  123.016921][    C1]  irq_exit_rcu+0x9/0x10
[  123.021784][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  123.028940][    C1]  </IRQ>
[  123.032153][    C1]  <TASK>
[  123.035206][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  123.041696][    C1] RIP: 0010:stack_trace_consume_entry+0x13f/0x290
[  123.048238][    C1] Code: 8b 75 c0 49 89 37 41 8b 18 41 0f b6 44 15 00 84 c0 0f 85 3d 01 00 00 41 3b 19 0f 92 c0 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f <5d> c3 44 89 c1 80 e1 07 80 c1 03 38 c1 0f 8c e0 fe ff ff 49 89 fe
[  123.068469][    C1] RSP: 0018:ffffc9000f12f2b8 EFLAGS: 00000286
[  123.074813][    C1] RAX: 0000000000000001 RBX: ffffc9000f12f380 RCX: 000000000f12f300
[  123.083152][    C1] RDX: dffffc0000000000 RSI: ffffffff814252e0 RDI: ffffc9000f12f380
[  123.091256][    C1] RBP: ffffc9000f12f2b8 R08: ffffc9000f12f390 R09: ffffc9000f12f388
[  123.099707][    C1] R10: 000000000000000a R11: 1ffff92001e25e59 R12: ffff888120023cc0
[  123.107918][    C1] R13: 1ffff92001e25e84 R14: ffffffff8160e2f0 R15: ffffc9000f12f2c8
[  123.116357][    C1]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  123.122804][    C1]  ? do_group_exit+0x210/0x2d0
[  123.127701][    C1]  arch_stack_walk+0x118/0x150
[  123.132677][    C1]  ? do_group_exit+0x210/0x2d0
[  123.137463][    C1]  stack_trace_save+0x98/0xe0
[  123.142239][    C1]  ? __cfi_stack_trace_save+0x10/0x10
[  123.148140][    C1]  ? __stack_depot_save+0x36/0x480
[  123.153457][    C1]  ? memset+0x35/0x40
[  123.157971][    C1]  save_stack+0xf3/0x1e0
[  123.162598][    C1]  ? __reset_page_owner+0x190/0x190
[  123.167994][    C1]  ? free_unref_page_prepare+0x742/0x750
[  123.173806][    C1]  ? free_unref_page+0x8f/0x530
[  123.178841][    C1]  ? __free_pages+0x67/0x100
[  123.183477][    C1]  ? __vunmap+0x9af/0xb70
[  123.187828][    C1]  ? vfree+0x61/0x90
[  123.191743][    C1]  ? kcov_close+0x2b/0x50
[  123.196089][    C1]  ? __fput+0x1fc/0x8f0
[  123.200345][    C1]  ? ____fput+0x15/0x20
[  123.205354][    C1]  ? task_work_run+0x1db/0x240
[  123.210332][    C1]  ? do_exit+0xa25/0x2650
[  123.214862][    C1]  ? do_group_exit+0x210/0x2d0
[  123.219689][    C1]  ? sysvec_apic_timer_interrupt+0x64/0xc0
[  123.225670][    C1]  __reset_page_owner+0x54/0x190
[  123.230816][    C1]  ? __kasan_check_write+0x14/0x20
[  123.236113][    C1]  ? _raw_spin_trylock+0xb1/0x140
[  123.241329][    C1]  free_unref_page_prepare+0x742/0x750
[  123.246899][    C1]  free_unref_page+0x8f/0x530
[  123.251970][    C1]  ? __cfi_free_unref_page+0x10/0x10
[  123.257943][    C1]  __free_pages+0x67/0x100
[  123.262745][    C1]  __vunmap+0x9af/0xb70
[  123.267278][    C1]  ? __kasan_check_write+0x14/0x20
[  123.272615][    C1]  ? __cfi__raw_spin_lock_irqsave+0x10/0x10
[  123.279450][    C1]  ? vunmap+0x60/0x60
[  123.283749][    C1]  ? __cfi_call_rcu+0x10/0x10
[  123.288632][    C1]  ? security_file_free+0xd8/0xf0
[  123.293777][    C1]  vfree+0x61/0x90
[  123.297620][    C1]  kcov_close+0x2b/0x50
[  123.301859][    C1]  ? __cfi_kcov_close+0x10/0x10
[  123.306947][    C1]  __fput+0x1fc/0x8f0
[  123.310948][    C1]  ____fput+0x15/0x20
[  123.314949][    C1]  task_work_run+0x1db/0x240
[  123.319727][    C1]  ? __cfi_task_work_run+0x10/0x10
[  123.324938][    C1]  ? free_nsproxy+0x21f/0x270
[  123.329722][    C1]  do_exit+0xa25/0x2650
[  123.334007][    C1]  ? __cfi_do_exit+0x10/0x10
[  123.338870][    C1]  ? kfree_skbmem+0x10c/0x180
[  123.343670][    C1]  ? __kasan_check_write+0x14/0x20
[  123.348873][    C1]  ? _raw_spin_lock_irq+0x8f/0xe0
[  123.354195][    C1]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  123.360004][    C1]  do_group_exit+0x210/0x2d0
[  123.364822][    C1]  ? __kasan_check_write+0x14/0x20
[  123.370272][    C1]  get_signal+0x13b5/0x1520
[  123.375088][    C1]  arch_do_signal_or_restart+0xb0/0x1030
[  123.380951][    C1]  ? __cfi___sys_sendto+0x10/0x10
[  123.385989][    C1]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  123.392683][    C1]  ? blkcg_maybe_throttle_current+0x1df/0x9f0
[  123.399051][    C1]  exit_to_user_mode_loop+0x7a/0xb0
[  123.404364][    C1]  exit_to_user_mode_prepare+0x5a/0xa0
[  123.410036][    C1]  syscall_exit_to_user_mode+0x1a/0x30
[  123.415731][    C1]  do_syscall_64+0x58/0xa0
[  123.420163][    C1]  ? clear_bhb_loop+0x30/0x80
[  123.425737][    C1]  ? clear_bhb_loop+0x30/0x80
[  123.430533][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  123.436574][    C1] RIP: 0033:0x7f1019390d03
[  123.441170][    C1] Code: Unable to access opcode bytes at 0x7f1019390cd9.
[  123.448374][    C1] RSP: 002b:00007fff76528bc8 EFLAGS: 00000202 ORIG_RAX: 000000000000002c
[  123.456890][    C1] RAX: 0000000000000068 RBX: 00007f101a114620 RCX: 00007f1019390d03
[  123.465056][    C1] RDX: 0000000000000068 RSI: 00007f101a114670 RDI: 0000000000000003
[  123.473656][    C1] RBP: 0000000000000001 R08: 00007fff76528be4 R09: 000000000000000c
[  123.482360][    C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000003
[  123.490628][    C1] R13: 0000000000000000 R14: 00007f101a114670 R15: 0000000000000000
[  123.498617][    C1]  </TASK>
[  123.501904][    C1] Modules linked in:
[  123.505892][    C1] ---[ end trace 0000000000000000 ]---
[  123.511618][    C1] RIP: 0010:__queue_work+0x575/0xd30
[  123.517029][    C1] Code: 39 2b 0f 84 b9 00 00 00 e8 88 dc 28 00 4c 89 ff e8 70 db ac 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 4c 4a 6d 00 49 8b 7d 00 e8 53 d7
[  123.537264][    C1] RSP: 0018:ffffc900001b0c70 EFLAGS: 00010046
[  123.543371][    C1] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff888120023cc0
[  123.551481][    C1] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  123.559473][    C1] RBP: ffffc900001b0d08 R08: fffffffffffffffb R09: 0000000000000007
[  123.567545][    C1] R10: ffffed10224cb139 R11: 1ffff110224cb139 R12: dffffc0000000000
[  123.575686][    C1] R13: 0000000000000000 R14: ffff8881126589c8 R15: 0000000000000008
[  123.583930][    C1] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  123.593039][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  123.599826][    C1] CR2: 00007f6fad769f98 CR3: 0000000128437000 CR4: 00000000003506a0
[  123.607918][    C1] Kernel panic - not syncing: Fatal exception in interrupt
[  123.615446][    C1] Kernel Offset: disabled
[  123.619887][    C1] Rebooting in 86400 seconds..