last executing test programs:

1m39.373232985s ago: executing program 1 (id=53):
unshare(0x64000600)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x1c9640)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, 0x0)

1m39.301552256s ago: executing program 1 (id=57):
memfd_create(&(0x7f0000000740)='\xfd\x0fm3#/\x00n\xaa\xaa\xe4\x01U\x8b\xc2\f\x03\x19\x9c\x8e\xcb\x90\x00\x00\xaegQ\x0e\x94\\y\x0fU2@\'\x8a\x80\x00$\x12\xfc\xe4.)\x9b\xf2@\xf0\xe0\xdb\x1f\xe6\xb4gc\x13\xda\xf9\xcd7el\xb7\xe6\b\x00\x00\x00\x00\xef\xff\x00vob/~\xc2\x00\b\x00\x00\x00\x00\x00\x00 \xff\xf1\xdem\x9c\xfa\xb4q\xbb\x7fN\xd1\r%;%\xb5\"\xe4\xf1x2\x8a\x19p\x04\\\xaa-\x93\xd1\xc4 )\xbfK\xf7E\xf3\x05\xa0\xd0\xe6%\x97\x15\xf0\xab\x86\x90k\x10\xcer\x14\xe0a\xaf\xab\xfe\xd9V\x19\xa5d\x16\x8e]:3\xff\t\xe6\xf7\xb3\xbf\xa3\b[?\xb5\x14t\xd3\x8e\xc0\xe8\xefd\x88\xddz\xa25)\x17\xef\xfb4\xff\xdb\t\x8e\xeb\x1d\\\xf9\x14\xc7\v\xa8\x89\xdb A\xbaBAj\xfe\x18\xc3-+\xd6\xb0K\xee\x1b+\xc7lA\x84\xa6\xfe\x8bU<&\x1a\xe7m\x86\xb7\xa1A\xf9\x02S;C\x99\a.$K\x833\x82\x7f\x1b\'nj\x06\b\xb7\xe8] \x87A[y\xdc\x14\f\xcet\x00\x1f\x0f\xef\xca\xcfz\x7f\an0\xebB\xb8}&\xdd\xc9\x12?\xc7zL\x01\r-\x81\xaaq{H\x88\xdf\xf8\x80\\\x1c8\xfe\xc4\xe3\xb0\x90\xcb\x8b1r\x94\x9f\x00\xce\xc8\xc3\x84\xa0\xc9\b\x00\x81Ks\xba\xbbC6\xd6\x13\xb5\xe086EzD\x18\xd5\x16\x88E\xc6\xf0A9\xf1u\xb3\x85\x02\x12\\Sp\xf4\x9a\xe8\x96^\xe6\xa8K\x12\b}\xff\xcb{\xc6\xf6\xb4\x8b\xb6\xa8Y\xf2\x91\xeeR\v#\xb5)\xb0\x99\x9b-p\xe3\x17\x04\xb0\xdc\x0fk\x11\xe1\x9a\a\x16\xb7\x9b\x88\xfa\x1e`\x84$\xfc\xd7\xf5^X\xd8[}\x032\xd0\x84\xdby\x94Vp\xa5\xcd(\xab\xb6\x95sR\xab\xfc\x8c\'\x9c\x16Q\xad\xbc\xb04%\xb7\xe5\x14\xb1`\x87#X\\W`;\'_4\xc5\xc9\x921<\xd9\xad\x9f\x12@!\xfaI\x88\xab\xef\x86\xe9\a>\xdd7\xb7\x8e\x9c0-o\xc9\xec_|\x02\xc8Ru\x95\xa8#U\xd6J\x87\xf6X\xb6{\x11$\x00\xc8\x14\xcb\xd1nK\xd8\xb9\x0e\x9bA\xed\xbcs\x1fS\r\x12O\x83\x15\xcb(\xdb\xb1S\x1f%\x04\x9a\xa0l\xa3}\xe7r\x02\x00\x00\x00\x8aeh;F[\xe2\x1c<L\xaa\x87A\xcdN#\xfb\xb0\xf2\x1e\x0e#J\xd0hB<\xc0\x82A0)p\xe7&J\x82\x83\x83\xd14\x01\xcf\x1b\xa9\x1d\x1ef\x0f\x86(1\xd6l\xd2\x8f\xb0\xad\t\x15\xdb|\x87\xf1\xc4\xb8\xb2\x9a\xd2A\x80\xbf\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd6\x80\x00\x00\x00\x00\x00\x00\x00\x88&}\xd1\x00\x00\x00\xe6\xaf\t\x9f\x96\rN\xc9\x90\xbe\xed\x1ad\x14\xe7\x84\t\'\x8b\x00\xdd\xc9\x0f\x14v\xb6\x04\xf2U\xb4\xf6\xbe\xddT\xcb\x00\x00\x00\x00\x00\x00\xe9\x00\x00\x00\x00\x00\x00o:}\xa7jmH\xedn\x11\xfe\xe2\x0fT\x00\x94\xbc\xc6\x7f\x93eE1xp\xa3\xdc\xd7K9J<\xeb\xd2!\xf4\x19\xbd#\xb8\x83\x858\n\xf8\x12Z\x1a\x12\xfa\xcc\x04\r\xf3\xf4;\v\x15b^\xea\xa2\x04 \xe8\x99\xb3\x97\x9e\r\xb0\x05\xbb(f\xd0\x85\xc5\x15\xae#\x12Q\xacF\xfb\xc8\xbd\xcc\xbe\xb6\xa7w\x9d\xf1\xe5V\x8f\x9b\x00\x03\xc8}\x11\xbc\x01\x8fi\xf5\x7f\xaf\x11\xfb\x16\x95\xdfc\xc9\x8a/&\x81w\xdf]ao\\\x88\xf7\xce\xbd\xb0\xa6J~\x8d\xf1\xe9\x1c\xcfo\xb3\xdc\x04Y\x8e\r\xf5\xa0\xeft\x06G0\xe3D\xd6\xa3L\xedN\x0e\xdc@7\xd8^\xae\xea\x92\xbe\x9c\xf9~c\xc1|\xca\x8d\x93R\xe5\xceU\xa5\x0f\xbf\xd8l\x96`\x0f\x00e\x8aR{\x17Y\x15m>\xe26 \x19k&.\x7f\x1d~\xdaI\xd4\x99\a+\xdf]\xbc\xa6\xc3\x0f\x99W\x9c-t\v\xc7J\xfd\x91\x853\xd1j;\x19W\x96V\x8az+\xf9\x82#\xfaC\xa3YN:\xe8\xda\xbc\xb2h\x8f\xe0\xc6d\x96\xccy\xb3\xc2\x98\x1c\xca\xde\"\xaeW\x89\x83\xc2sB\xe7\b\x9b9~}\xc2\xb3\x1d\xcc?\xd1\x89\xef\xca', 0x8)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="20000000520001000000000000000000020000000c00", @ANYRES16=r0], 0x20}}, 0x0)

1m39.288789096s ago: executing program 1 (id=58):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xfff2}, {0xffff, 0xffff}, {0x0, 0x1}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xf, "0000000000000000000100000e00"}}}, @TCA_STAB={0x4}]}, 0x4c}}, 0x0)

1m39.273787987s ago: executing program 1 (id=59):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000280)={[{@test_dummy_encryption_v1}, {@resgid}]}, 0x3, 0x44b, &(0x7f00000004c0)="$eJzs282PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rClJYO9PdLLpxz77lzztN7T3vOPW0AI2sq+yeJ2BoRf0bERD3bXGCq/t/Vy2cXrl0+u5BEtfruP0mt3JXLZxeKosV5W/LMdBqRfpHE7jb1rpw+c3y+Ulk6lednV098NLty+swLx07MH106unRy/6FDBw/MvfzS/hf7EmfWpiu7Pl3es/OtD755+/BXTfG3xNEnU90OPl2t9rm64drWkE7GhtgQ1qUUEdnlKtf6/0SUYu3iTcSbnw+1ccBAVavV6pbOh89VgXtYEs15XR5GRfFBn81/i611EPDq4IYfQ3fptfoEKIv7ar7Vj4xFmpcpt8xv+2kqIt4/9+932RaDeQ4BANDkp2z883y78V8aDzWUuy9fG5qMiPsjYntEPBAROyLiwYha2Ycj4pF11t+6SHLj+Ce92FNgtygb/72Sr201j/+K0V9MlvLctlr85eTIscrSvvw1mY7ypiw/16WOn9/44+tOxxrHf9mW1V+MBfN2XBzb1HzO4vzq/O3E3OjS+YhdY+3iT66vBCQRsTMidvVYx7Fnf9jT6djN4++iD+tM1e8jnqlf/3PREn8h6b4+Ofu/qCztmy3uihv99vuFdzrVf1vx90F2/f/f9v6/Hv9k0rheu7L+Oi789WXHOU2v9/948l4tPZ7v+2R+dfXUXMR4crje6Mb9+9fOLfJF+Sz+6b3t+//2WHsldkdEdhM/GhGPRcTjedufiIgnI2Jvl/h/ff2pD3uPf7Cy+BfXdf3XEuPRuqd9onT8lx+bKp28If5r3a//wVpqOt9zK+9/t9Ku3u5mAAAAuPukEbE1knTmejpNZ2bq35ffEZFWlldWnzuy/PHJxfpvBCYj0uJJ10TD89C5fFpfz5+PiPpXC4rjB/Lnxt+WNtfyMwvLlcVhBw8jbkuH/p/5uzTs1gED5/daMLr0fxhd+j+MLv0fRleb/r95GO0A7rx2n/+fDaEdwJ3X0v8t+8EIMf+H0aX/w+jS/2EkrWyOm/9Ivmui+Es9nn7PJqK8IZoxsESkG6IZGzZRvsv7xfDekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrpvwAAAP//9gndaw==")
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000080)={0xba, 0x8000000000000001, 0x6, 0x7, 0xb, 0xd})

1m39.160377378s ago: executing program 1 (id=62):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000300)=0x49b9, 0x4)
shutdown(r0, 0x1)
sendmmsg$inet6(r0, &(0x7f0000000600)=[{{&(0x7f0000000140)={0xa, 0x4e22, 0x0, @mcast1}, 0x1c, 0x0}}], 0x1, 0x1)

1m39.03115338s ago: executing program 1 (id=66):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$getregset(0x4205, r0, 0x202, &(0x7f0000000240)={0x0})

1m39.0220999s ago: executing program 32 (id=66):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$getregset(0x4205, r0, 0x202, &(0x7f0000000240)={0x0})

1m20.562558163s ago: executing program 5 (id=604):
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x3fc, @dev={0xfe, 0x80, '\x00', 0x3c}, 0x3}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000011c0)='veth1_to_bond\x00', 0x10)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4001c00)

1m20.474114054s ago: executing program 5 (id=608):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x4, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
umount2(0x0, 0x0)

1m20.10884775s ago: executing program 5 (id=620):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000080)='./file0\x00', 0x400, &(0x7f00000004c0)=ANY=[@ANYBLOB="6e6f626172726965722c6e6f657874656e745f63616368652c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474720000693a653d3078303030303030303030303030303766662c736d61636b6673726f6f080000006673f52b00e58abba2d0cc27be339f6f4fe5ad35a724e1531a622f050000008586eb5ba3614d2c24abf5a2614c0f111e057112dafd66336a5e3b6512b81cda80be6e9a34ccc2b88c0100008000000000e3f5def862b95c20ee847008000b0c22653d2ff39b36732e46b56357afe57094f42ba61c5e8b4e184d7dd50000000000000000c0469264c247cd3c7fcb39043dda97538456bc294ae31e525d3b664cf8e83b52b1885b866b58698b3f132aced62a4fc7c8c400b805173d7488a35708d2523190c0014689f57be6ee3f5d28935a0000000000000000000000000000000000000059c1403d010001008ab61fa90695a8b268c277645c1e357ec9316354f659d4244fe126a8364eaa0de6bf4ba21c767782a04bdbb8c86d0cc7e3f03f8ef15c0ee311768cccb8affb0ae5d7cd0000000097676c046a6c754c98dd5f400ad99a588d983ae6e07b4e0e0907266aca53b30a815a84295fb5eab2f263613d36994dc15562892c33ed149270907e9c2e4d0cac7dd9735621a0c6768d4f70c664699157854bb1b85ce3f6ea44456e4f1ae1575315d77f2b995ce4d6ce21b17ca891c155ddd9916e997c32e78231e8d54675e4edf480980023b9736180ff98cf93f888eb70abb728b7e91a5d75b7e43e54f92b6e679249576f12533bef1c93aa993977f15c0a7b595423444db6e87480c46c408f6d48afa1ba"], 0x1, 0x5514, &(0x7f0000005d80)="$eJzs3M1rI2UYAPAn7Xa/XYt48LYDi9DCJmy67aK3qrv4gV3KqgdPmiZpyG6SKU2a1p48eBQPnv0nRMGTR/8GD569iQfFm6BkZqpbP8ClSWPb3w8mz7xv3jzzvGFZeGZKAjiz5pNffirFtbgUEbMRcTUiOy8VR2Y1D89FxPWImHnsKBXzf0ycj4jLEXFtlDzPWSre+vTm8MbKj2/8/PW3F85d+fyr76a3a2Dano+I7lZ+vtvNY9rK48NivjZsZ7G7PCxi/kb3UTFO87jb3Mgy7NYO1tWyeLuVr0+3dvqjuNmp1Uex1d7M5rd6+QX7w9ZBnuwDD2vb2bjR3Mhiu59msbWf17W3n//ftt8f5HkaRb4PsvQxGBzEfL6518z3s/Uoi/XeoJjP86aN5t4oDotYXC7qaaeR1bFxlG/6/+3Ndm9nLxk2t/vttJesVKovVKp3ytXttNEcNJfLtW7jznKy0OqMlpUHzVp3tZWmrU6zUk+7i8lCq14vV6vJwt3mRrvWS6rVyu3KrfLKYnF2M3n1/jtJp5EsjOLL7d7OoN3pJ5vpdpJ/YjFZqtx+cTG5UU3eWltP1h/cu7e2/vZ7d9+9/9La668Ui/5WVrKwdGtpqVy9VV6qLp6h/X9UFD3G/cORlJ5s+YVJ1QFwguj/gWmYXP+//SBi8v1/6P/H4kT1vxPr/z87s/uHI3nC/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNPj+7kvXstO5vPxlWL+qWLqmWJcioiZiPjtH8zG+UM5Z4s8c/+yfu4vNXxTiizD6BoXiuNyRKwWx69PT/pbAAAAgNPryw+vf5J36/nL/LQL4jjlN21mrr4/pnyliJib/2FM2WZGL8+OKVn27/tc7I0pW3YD6+KYkuW33M6NK9t/MnsoXHwslPIwc6zlAAAAx+JwJ3C8XQgAAADH6eNpF8B0lOLgUebBs+DsL+//fCB46dAIAAAAOIFK0y4AAAAAmLis//f7fwAAAHC65b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7lpA1EcgJ8NLvSfiqru26N0B8foEbrssuIAvQRHoFfIBTgD2eUIEUR4HBSiJIrisa2Q75PMMBb8/IzwYmakAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALp0Wa0X//9+/9c2Z7dv54WX/dG2bgAAAHgLttV6Ub+Zpf7H5vzn5tTXpl9ERBkRD43dR/HuJHPU5FSPfL66V8NFRJ1wuMakOT5ExM/muP7S9a8AAAAA52uzXM3TaD29zIYuiD6lSZvy069MeUVEVLOrTGnlIe9bprD6/z2OP5nS6gmsaaawNOU2zpX2LPXjfpy1m95pitSUT38/270DAAA9Gp00/Y5CAAAA6NPvoQtgGEXcLmUelwInqWmW996f9AAAAIBXqBi6AAAAAKBz9fjf/n8AAABw3tL+fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHRpW60Xm+Vq3jZnt28nz90AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADADfvzjgIhEAZhsHd9ZzL3P6w0aGpqUgXCx98YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7M9tCoAgEIbBrezrX3j/w8YLeoYIZkB42EVBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBH7hnLOLXO2BJPVbVME3vGvaqOrBJnVokrF/p4sPUPfwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMvO/bzGUcUBAH8zs7NJq+IaZQ8RseBBLzbd1tbexIMSPPgnCCHd1titP9ocbClCLt4k515EjyKCEm/9H3puoZd662EPFTxX5lcy+XFYhZ3ZZD8fePO+Mwzzvm8WQr77XgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADsM/5wL06yQ6+I4/Law2d317P+0YE+c3/78XLWsjhqMunj4Y36SdSvnSw2nwwAAADzIanq+xDCk3RnNevjXl7/p9U9Wc3/00tFXNXzB+v+qq9q/6z9+cfT13YH6hXjZA+9ujEanjucSmd6s5xhz1+e4KZO/ubz716S/AOJP9l6dZzm7zP64cGDj7p5uDD9dAGA/+ds1ZdB9ftQ1g/aTAyAudGpFd5V/Z/02s0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAnjrfBCFUchhOXOXpx59Ozu+lH9/e3Hy1W7dO/edv2Z2SPSEMLVjdHwXFhscDaz7dbtO9fXRqPhzeaDN0MIbY3+QTn9659NcHMIU0rjTEtvfs6CuPywZyWf4xG0+EMJAIATKS1bVtc/SXdWs2vRUgjPf95f/79di8OE9f/Tzy89rI9Vr/8Hjc1w9q1s3vh65dbtO+9u3Fi7Nrw2/PK984P3BxcuX7x4eSX/rqQ4tp0mAAAAx1i3bPX6P146vP5/uhaHCev/b34cfFcfK1H/H2lv0a/tTAAAAObbK2f++Ts64nrU7YZv1zY3bw6K4+75+eLYQqr/2ULZ6vV/stR2VgAAAEATxlvRvvX/K7U4TLj+/+Ivr/9Wf2YSQjhVrv+fXf9qdKW56cy0qfzx8EL5cDsLAAAAKOvxUwfW/9N8/3+8u+UhDiG881YRl/8GcKL6P/n4+1/rY9X3/19oboozKe4X7yPv+yF0+m1nBAAAwEm2mLdeXv//le6sfvH76U+79v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANO3fAAAA///FdTwZ")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000)={'#! ', './file2'}, 0xb)
ftruncate(r0, 0x5)

1m19.641985787s ago: executing program 5 (id=635):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000280)={[{@test_dummy_encryption_v1}, {@resgid}]}, 0x3, 0x44b, &(0x7f00000004c0)="$eJzs282PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rClJYO9PdLLpxz77lzztN7T3vOPW0AI2sq+yeJ2BoRf0bERD3bXGCq/t/Vy2cXrl0+u5BEtfruP0mt3JXLZxeKosV5W/LMdBqRfpHE7jb1rpw+c3y+Ulk6lednV098NLty+swLx07MH106unRy/6FDBw/MvfzS/hf7EmfWpiu7Pl3es/OtD755+/BXTfG3xNEnU90OPl2t9rm64drWkE7GhtgQ1qUUEdnlKtf6/0SUYu3iTcSbnw+1ccBAVavV6pbOh89VgXtYEs15XR5GRfFBn81/i611EPDq4IYfQ3fptfoEKIv7ar7Vj4xFmpcpt8xv+2kqIt4/9+932RaDeQ4BANDkp2z883y78V8aDzWUuy9fG5qMiPsjYntEPBAROyLiwYha2Ycj4pF11t+6SHLj+Ce92FNgtygb/72Sr201j/+K0V9MlvLctlr85eTIscrSvvw1mY7ypiw/16WOn9/44+tOxxrHf9mW1V+MBfN2XBzb1HzO4vzq/O3E3OjS+YhdY+3iT66vBCQRsTMidvVYx7Fnf9jT6djN4++iD+tM1e8jnqlf/3PREn8h6b4+Ofu/qCztmy3uihv99vuFdzrVf1vx90F2/f/f9v6/Hv9k0rheu7L+Oi789WXHOU2v9/948l4tPZ7v+2R+dfXUXMR4crje6Mb9+9fOLfJF+Sz+6b3t+//2WHsldkdEdhM/GhGPRcTjedufiIgnI2Jvl/h/ff2pD3uPf7Cy+BfXdf3XEuPRuqd9onT8lx+bKp28If5r3a//wVpqOt9zK+9/t9Ku3u5mAAAAuPukEbE1knTmejpNZ2bq35ffEZFWlldWnzuy/PHJxfpvBCYj0uJJ10TD89C5fFpfz5+PiPpXC4rjB/Lnxt+WNtfyMwvLlcVhBw8jbkuH/p/5uzTs1gED5/daMLr0fxhd+j+MLv0fRleb/r95GO0A7rx2n/+fDaEdwJ3X0v8t+8EIMf+H0aX/w+jS/2EkrWyOm/9Ivmui+Es9nn7PJqK8IZoxsESkG6IZGzZRvsv7xfDekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrpvwAAAP//9gndaw==")
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000080)={0xba, 0x8000000000000001, 0x6, 0x7, 0xb, 0xd})

1m19.43388756s ago: executing program 5 (id=629):
r0 = socket(0x10, 0x2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000080)={0x8, 0x2, 0x2}, 0x10)
write(r0, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r0, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})

1m19.342267892s ago: executing program 5 (id=631):
unshare(0x62040600)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000940)={{0x12, 0x1, 0x110, 0x7, 0xdb, 0xe2, 0x8, 0xb48, 0x2003, 0xd41b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x5, 0x9, 0x30, 0x2, [{{0x9, 0x4, 0x23, 0xa, 0x1, 0x2e, 0xb9, 0x69, 0x0, [], [{{0x9, 0x5, 0xe, 0x1, 0x3ff, 0x3, 0x2, 0x8}}]}}]}}]}}, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000340)={'nat\x00', 0x2, [{0x8800000000000000}, {}]}, 0x48)

1m19.251123593s ago: executing program 33 (id=631):
unshare(0x62040600)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000940)={{0x12, 0x1, 0x110, 0x7, 0xdb, 0xe2, 0x8, 0xb48, 0x2003, 0xd41b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x5, 0x9, 0x30, 0x2, [{{0x9, 0x4, 0x23, 0xa, 0x1, 0x2e, 0xb9, 0x69, 0x0, [], [{{0x9, 0x5, 0xe, 0x1, 0x3ff, 0x3, 0x2, 0x8}}]}}]}}]}}, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000340)={'nat\x00', 0x2, [{0x8800000000000000}, {}]}, 0x48)

1m18.392560236s ago: executing program 0 (id=642):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f00000000c0)={0xa458, 0x88, 0x6, 0x9e9e, 0xcb, "0982aa400000000000e6ffffab5b00", 0x5, 0x6})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0xa2)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0x40)

1m17.770977856s ago: executing program 0 (id=646):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$inet(r1, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)

1m17.697100177s ago: executing program 0 (id=648):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffb, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r0}, 0x10)
setfsuid(0xffffffffffffffff)

1m17.660751017s ago: executing program 0 (id=649):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000280)={[{@test_dummy_encryption_v1}, {@resgid}]}, 0x3, 0x44b, &(0x7f00000004c0)="$eJzs282PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rClJYO9PdLLpxz77lzztN7T3vOPW0AI2sq+yeJ2BoRf0bERD3bXGCq/t/Vy2cXrl0+u5BEtfruP0mt3JXLZxeKosV5W/LMdBqRfpHE7jb1rpw+c3y+Ulk6lednV098NLty+swLx07MH106unRy/6FDBw/MvfzS/hf7EmfWpiu7Pl3es/OtD755+/BXTfG3xNEnU90OPl2t9rm64drWkE7GhtgQ1qUUEdnlKtf6/0SUYu3iTcSbnw+1ccBAVavV6pbOh89VgXtYEs15XR5GRfFBn81/i611EPDq4IYfQ3fptfoEKIv7ar7Vj4xFmpcpt8xv+2kqIt4/9+932RaDeQ4BANDkp2z883y78V8aDzWUuy9fG5qMiPsjYntEPBAROyLiwYha2Ycj4pF11t+6SHLj+Ce92FNgtygb/72Sr201j/+K0V9MlvLctlr85eTIscrSvvw1mY7ypiw/16WOn9/44+tOxxrHf9mW1V+MBfN2XBzb1HzO4vzq/O3E3OjS+YhdY+3iT66vBCQRsTMidvVYx7Fnf9jT6djN4++iD+tM1e8jnqlf/3PREn8h6b4+Ofu/qCztmy3uihv99vuFdzrVf1vx90F2/f/f9v6/Hv9k0rheu7L+Oi789WXHOU2v9/948l4tPZ7v+2R+dfXUXMR4crje6Mb9+9fOLfJF+Sz+6b3t+//2WHsldkdEdhM/GhGPRcTjedufiIgnI2Jvl/h/ff2pD3uPf7Cy+BfXdf3XEuPRuqd9onT8lx+bKp28If5r3a//wVpqOt9zK+9/t9Ku3u5mAAAAuPukEbE1knTmejpNZ2bq35ffEZFWlldWnzuy/PHJxfpvBCYj0uJJ10TD89C5fFpfz5+PiPpXC4rjB/Lnxt+WNtfyMwvLlcVhBw8jbkuH/p/5uzTs1gED5/daMLr0fxhd+j+MLv0fRleb/r95GO0A7rx2n/+fDaEdwJ3X0v8t+8EIMf+H0aX/w+jS/2EkrWyOm/9Ivmui+Es9nn7PJqK8IZoxsESkG6IZGzZRvsv7xfDekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrpvwAAAP//9gndaw==")
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000080)={0xba, 0x8000000000000001, 0x6, 0x7, 0xb, 0xd})

1m17.289094993s ago: executing program 0 (id=654):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0)

1m17.027100837s ago: executing program 0 (id=656):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x110, 0x65, 0x2, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0x6}}, [@filter_kind_options=@f_bpf={{0x8}, {0xc4, 0x2, [@TCA_BPF_OPS={{0x6}, {0x4}}, @TCA_BPF_FLAGS={0x8, 0x8, 0x1}, @TCA_BPF_FLAGS={0x8, 0x8, 0x1}, @TCA_BPF_FD={0x8}, @TCA_BPF_ACT={0x9c, 0x1, [@m_xt={0x98, 0xa, 0x0, 0x0, {{0x7}, {0x4}, {0x6d, 0x6, "b02aff89fcb734ba3a7e4bbe7dbf80c9a578cea6f50e70b62c55c42e0420d8c5c688a7cd0b82ff660cc3f662c705e961800970f1285c53934973ac141cc9f45366c1b500c5ef5cf4034b294d4651a863b0842a90625ee18c1d91b04ca14f29de60a80dd02807b5f522"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}]}]}}, @TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_FROM={0x8, 0x3, 0xc7}]}}]}, 0x110}, 0x1, 0x0, 0x0, 0x81}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

1m16.934719339s ago: executing program 34 (id=656):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x110, 0x65, 0x2, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0x6}}, [@filter_kind_options=@f_bpf={{0x8}, {0xc4, 0x2, [@TCA_BPF_OPS={{0x6}, {0x4}}, @TCA_BPF_FLAGS={0x8, 0x8, 0x1}, @TCA_BPF_FLAGS={0x8, 0x8, 0x1}, @TCA_BPF_FD={0x8}, @TCA_BPF_ACT={0x9c, 0x1, [@m_xt={0x98, 0xa, 0x0, 0x0, {{0x7}, {0x4}, {0x6d, 0x6, "b02aff89fcb734ba3a7e4bbe7dbf80c9a578cea6f50e70b62c55c42e0420d8c5c688a7cd0b82ff660cc3f662c705e961800970f1285c53934973ac141cc9f45366c1b500c5ef5cf4034b294d4651a863b0842a90625ee18c1d91b04ca14f29de60a80dd02807b5f522"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}]}]}}, @TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_FROM={0x8, 0x3, 0xc7}]}}]}, 0x110}, 0x1, 0x0, 0x0, 0x81}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

35.729779823s ago: executing program 4 (id=2049):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000240), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000080)=0x4)
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f0000000100)=0x2000004)
pwritev(r0, &(0x7f0000000180)=[{&(0x7f0000000300)="00214717a70700000000030600710a5e31163ceb9d0471200000000500000000000000ffff0342844d50e7182ce0ab6d00000846df930d0ab9cc127d0dc450de49c204a803166580ac899c081cb49f1930e7d07fbdf3", 0x56}], 0x1, 0x8, 0x1)

35.678718413s ago: executing program 4 (id=2054):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
wait4(r2, 0x0, 0x40000000, 0x0)

35.467050097s ago: executing program 4 (id=2055):
ioctl$KVM_SET_FPU(0xffffffffffffffff, 0x41a0ae8d, &(0x7f00000000c0)={'\x00', 0x1ff, 0x0, 0x7f, 0x0, 0x401, 0x4, 0x2, '\x00', 0x59ac})
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000002c0)=0x1, 0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000000000)=0x1, 0x4)
sendmmsg$inet(r0, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000080)='\x00', 0x1}], 0x23}}, {{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f00000001c0)='}', 0x1}], 0x1}}], 0x2, 0x2400c042)

35.466711737s ago: executing program 4 (id=2056):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000003c0)='./file1\x00', 0x40, &(0x7f0000000340)={[{@errors_remount}, {@min_batch_time={'min_batch_time', 0x3d, 0x5}}, {@orlov}, {@bh}, {@grpid}]}, 0x1, 0x573, &(0x7f0000000ec0)="$eJzs3T1sG+UbAPDnzvG/X/mTIoEEqEMFSEWq6iT9gMLUrohKlTogsUDkuFEVJ47iBJooQ7pXiA4IUJeywcAIYmBALIysLCBmpIpGIDUdwMhfaZo4wSl1XHK/n3T2vfee/bzvnZ/XvtOdHEBmHa0/pBHPRsTFJGJoXd1AtCqPNtdbXVkq3ltZKiZRq136LYkkIu6uLBXb6yet50MRsRwRz0TEd/mI4+nmuNWFxcmxcrk02yoPz03NDFcXFk9cmRqbKE2Upk+98uqZs6fPjJ4cXf+ye7X1pfzO+nr95xvvX//h9Vs3Pv/iyHLxw7EkzsVgq259Px6l5jbJx7kNy0/3IlgfJf1uAA8l18rzeio9HUORa2V9J7WhXW0a0GO1fRE1IKMS+Q8Z1f4dUD/+bU+7+fvj9vnmAUg97mpratYMNM9NxP7GscnB35MHjkzqx5uHd7Oh7EnL1yJiZGBg8+c/aX3+Ht7Io2ggPfXt+eaO2rz/07XxJzqMP4Ptc6f/Unv8W900/t2Pn9ti/LvYZYw/3/rlky3jX4t4rmP8ZC1+0iF+GhHvdBn/5ptfn92qrvZpxLHoHL8t2f788PDlK+XSSPOxY4xvjh15bbv+H9wifvOc7f7G10yn7T/TZf+/+v7L55e3if/SC9vv/07b/0BEfNBl/CfvfvbGVnW3ryV36r8Cdrr/68tudRn/5XNHf+pyVQAAAAAAAAAAYAfSxrVsSVpYm0/TQqF5D+9TcTAtV6pzxy9X5qfHm9e8HY582r7SaqhZTurl0db1uO3yyQ3lU7lWwNyBRrlQrJTH+9x3AAAAAAAAAAAAAAAAAAAAeFwc2nD//x+5xv3/G/+uGtirtv7Lb2Cvk/+QXQ/mf9K3dgC7z/c/ZFZN/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv8AAAAAAAAAAAAAAAAAAAAAAAAAANATFy9cqE+1eytLxXp5fGBhfrLy7onxUnWyMDVfLBQrszOFiUplolwqFCtT//R+SaUyMxLT81eH50rVueHqwuLbU5X56fZ/ipbyPe8RAAAAAAAAAAAAAAAAAAAA/PcMNqYkLURE2phP00Ih4v8RcTjyyeUr5dJIRDwRET/m8vvq5dF+NxoAAAAAAAAAAAAAAAAAAAD2mOrC4uRYuVyazcjMwE5WjojlR9uM+jvu+FX51r56XLahmSzM9HlgAgAAAAAAAAAAAAAAAACADLp/02+3r/irtw0CAAAAAAAAAAAAAAAAAACATEp/TSKiPh0benFwY+3/ktVc4zki3rt56aOrY3Nzs6P15XfWls993Fp+sh/tB7rVztN2HgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3VRcWJ8fK5dJsD2f63UcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh/F3AAAA///pCdd8")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f0000000080)={@desc={0x1, 0x0, @desc2}})
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

35.361409058s ago: executing program 4 (id=2057):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="05000000e4ef1f00810000007f00000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f0000000580)={r1, &(0x7f0000001600), 0x0}, 0x20)

35.231788381s ago: executing program 4 (id=2058):
connect$unix(0xffffffffffffffff, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000000380)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a0000000086d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f6853772b21a100efb76cba37ff3111d6847e8b9398a646717af75fc008daefba68e6222103472bc55704cdb72b4b996ed831f3b802549db3a8ffff7d34171113d806726615380fe65a6a0a72e1ac2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13f4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe363590d1f600"})
openat$kvm(0xffffffffffffff9c, 0x0, 0x490100, 0x0)
ioctl$USBDEVFS_CLEAR_HALT(r0, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})

35.145233192s ago: executing program 35 (id=2058):
connect$unix(0xffffffffffffffff, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000000380)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a0000000086d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f6853772b21a100efb76cba37ff3111d6847e8b9398a646717af75fc008daefba68e6222103472bc55704cdb72b4b996ed831f3b802549db3a8ffff7d34171113d806726615380fe65a6a0a72e1ac2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13f4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe363590d1f600"})
openat$kvm(0xffffffffffffff9c, 0x0, 0x490100, 0x0)
ioctl$USBDEVFS_CLEAR_HALT(r0, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})

3.042489548s ago: executing program 2 (id=2839):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fdf, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x3, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = dup2(r1, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5})

3.040025188s ago: executing program 2 (id=2840):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x40000000004)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r1, 0x400448e1, &(0x7f0000000580))

2.163081713s ago: executing program 6 (id=2867):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x1, 0x0, 0x2, 0xfffffffe}}}}}}, 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000002e40)={@local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "7428dd", 0x28, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_na={0x89, 0x0, 0x0, 0x0, '\x00', @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [{0x0, 0x2, "122b472e41e24b11f34b608816e5"}]}}}}}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000008000400699b000008001b"], 0x30}}, 0x0)

2.140903024s ago: executing program 6 (id=2868):
r0 = syz_open_procfs(0x0, &(0x7f0000002340)='mountstats\x00')
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
read$FUSE(r1, &(0x7f0000000200)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000040)='binder\x00', 0x2200892, 0x0)
pread64(r0, &(0x7f0000002240)=""/237, 0xed, 0x4eb)

2.124128494s ago: executing program 6 (id=2869):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./control\x00', 0x800080, &(0x7f0000000000)={[{@noquota}, {@usrquota}, {@lazytime}]}, 0x2, 0x45c, &(0x7f0000000940)="$eJzs281vFOUfAPDvTF+AH/DrivjCi1pFY+NLSwGVgwc1mnjAxEQPemzaQpCFGloTIETBGDwZY+LdePRf8KQXYzyZeNW7ISGGC+BpzezM0N1ld2nLLovu55NM+zwzz8zzfHfm2X1mnt0AhtZk9ieJ2BYRv0fERJ5tLjCZ/7t+9fz8javn55Oo1d75K6mXu3b1/HxZtNxva5GZSiPSz5LY06be5bPnTsxVq4uni/zMyskPZ5bPnnv++Mm5Y4vHFk8dOHz40MHZl1488EJP4szadG33x0t7d735/ldvHfkiWzdext8SR49Mdtv4VK3W4+oGa3tDOhkdYENYl5GIyE7XWL3/T8RIrJ68iXjj04E2DuirWq1W29p584Ua8B+WRHNel4dhUX7QZ/e/5dI6CHilf8OPgbvyan4DlMV9vVjyLaORFmXGWu5ve2kyIt678Pc32RL9eQ4BANDkh2z881y78V8aDzaU+38xN1SJiPsiYkdE3B8ROyPigYh62Yci4uF11t86SXLr+Ce9vKHA1igb/71czG01j//K0V9URorc9nr8Y8nR49XF/cVrMhVjm7L8bJc6fnz9ty87bWsc/2VLVn85FizacXl0U/M+C3Mrc3cSc6MrFyN2j7aLP7k5E5BExK6I2L3BOo4/893eTttuH38XPZhnqn0b8XR+/i9ES/ylpPv85MzmqC7unymvilv98uultzvVf0fx90B2/v/X9vq/GX8laZyvXV5/HZf++LzjPc0ar/9K4z7Z9T+evFtPjxfrzsytrJyejRhPjuSNblx/YHXfMl+Wz+Kf2te+/++I1VdiT0RkF/EjEfFoRDxWtP3xiHgiIvZ1if/n1578YOPx91cW/8K6zv9qYjxa17RPjJz46fumSiu3xH+j+/k/VE9NFWvW8v63lnZt7GoGAACAf580IrZFkk7fTKfp9HT+ffmdEWl1aXnl2aNLH51ayH8jUImxtHzSNdHwPHS2uK3P8xcjIv9qQbn9YPHc+OuRLfX89PxSdWHQwcOQ29qh/2f+HBl064C+83stGF76Pwwv/R+Gl/4Pw6tN/98yiHYAd1+7z/9PBtAO4O5r6f+m/WCIuP+H4aX/w/DS/2EoLW+J2/9IvmuiPNIGd++WGD2TH7r3R74LiRi7J5qRJzb3/siR3gNxSfQtMcA3JQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgB76JwAA//+ELt19")
chdir(&(0x7f0000000240)='./file0\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
lseek(r0, 0xfffffffffffffffc, 0x2)
getdents(r0, 0x0, 0x58)

1.695681831s ago: executing program 6 (id=2880):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000200), 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
r0 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
fallocate(r0, 0x3, 0x9, 0x10900)

1.615319063s ago: executing program 6 (id=2877):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c0000001000010700000000000000000a0000000600010022"], 0x1c}}, 0x0)
r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000540), r1)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)={0x38, r2, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PRIVATE_KEY={0x24}]}, 0x38}}, 0x8000)

1.542247244s ago: executing program 6 (id=2889):
r0 = syz_usb_connect$uac1(0x0, 0xac, &(0x7f00000003c0)=ANY=[@ANYBLOB="12010000000000106b1d010140000102030109029a0003010000000904000000010100000a24010000000201020c24020000000000000800000524050000082407000000009e0c240700000000a3e82f07070d240701060000fd80000000e80924030000000001"], 0x0)
syz_usb_control_io(r0, &(0x7f0000000140)={0x2c, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x407}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$uac1(r0, &(0x7f0000001840)={0x14, 0x0, &(0x7f0000000080)={0x0, 0x3, 0x2, @string={0x2}}}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000b40)={0x84, &(0x7f0000000500)={0x40, 0x1, 0x2, "3aec"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f00000009c0)={0x84, &(0x7f00000002c0)={0x40, 0xf, 0x2, '\x00\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

945.068064ms ago: executing program 2 (id=2887):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000001c0)='kfree\x00', r2}, 0x10)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@clear_death={0x400c630f, 0x1}, @clear_death], 0x0, 0x1000000, 0x0})

928.629635ms ago: executing program 3 (id=2890):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c0000001000010700000000000000000a0000000600010022"], 0x1c}}, 0x0)
r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000540), r1)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)={0x38, r2, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PRIVATE_KEY={0x24}]}, 0x38}}, 0x8000)

921.132395ms ago: executing program 7 (id=2891):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
lstat(0x0, 0x0)

910.249355ms ago: executing program 3 (id=2892):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r2}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c)

907.875615ms ago: executing program 2 (id=2893):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x1, 0x0, 0x2, 0xfffffffe}}}}}}, 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000002e40)={@local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "7428dd", 0x28, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_na={0x89, 0x0, 0x0, 0x0, '\x00', @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [{0x0, 0x2, "122b472e41e24b11f34b608816e5"}]}}}}}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000008000400699b000008001b"], 0x30}}, 0x0)

885.780805ms ago: executing program 7 (id=2894):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
setuid(0xee00)

871.973455ms ago: executing program 7 (id=2895):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
openat(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0, 0x0)
mount(&(0x7f0000000240), &(0x7f0000000040)='.\x00', &(0x7f0000000140)='f2fs\x00', 0x0, 0x0)
mount(&(0x7f0000000000)=@filename='./file0\x00', &(0x7f0000000040)='.\x00', &(0x7f0000000140)='f2fs\x00', 0x0, 0x0)
mount$bind(0x0, 0x0, &(0x7f0000000340), 0x4000, 0x0)

857.653905ms ago: executing program 3 (id=2896):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

854.122685ms ago: executing program 2 (id=2897):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000000100000000000000000000e80000000000000000ff"])
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000008504"])

787.330817ms ago: executing program 7 (id=2899):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r2, 0x8983, &(0x7f0000000440)={0x3, 'vlan0\x00', {}, 0x97eb})

774.222527ms ago: executing program 7 (id=2900):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000072000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000200000000000000001809"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
pselect6(0x40, &(0x7f0000000000)={0x6, 0x1, 0xd, 0x9, 0x0, 0x5, 0x2, 0x4}, &(0x7f0000000040)={0x8, 0x0, 0x3, 0x7fffffff, 0x7fffffff, 0x9, 0xfffffffffffffff7, 0x8001}, 0x0, 0x0, 0x0)

761.545267ms ago: executing program 7 (id=2901):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x40000000004)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r1, 0x400448e1, &(0x7f0000000580))

733.373738ms ago: executing program 2 (id=2902):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
close(r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000a80))
r1 = socket$xdp(0x2c, 0x3, 0x0)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

683.724558ms ago: executing program 3 (id=2903):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4006, &(0x7f0000003f80), 0x1, 0x44f, &(0x7f00000002c0)="$eJzs289vFFUcAPDvzG6L/LIrwR/8UIloJP4otCBy8KLRxIMmJnrAY20LQRZqaE2EEC3G4NGQeDceTfgLPOnFqCcTr+rZkBDTC+hpzezO0O2yu/bXdiv7+SQD78287XvfefO2b+Z1AhhYB7J/kogdEfFbRIw0sksLHGj8d3vh8uTfC5cnk6jV3v4rqZe7tXB5sihafG57kSlHpJ8lsa9NvbMXL52dqFanL+T5w3PnPjg8e/HS82fOTZyePj19fvzEiWNHx148Pv7CusSZxXVr78cz+/e8/u61NydPXnvvp+tJEX9LHGtXjqYf3dZTtdr6VbcJ7GxKJ+U+NoQVKeVX61B9/I9EKRY7byRe+7SvjQN6qlar1R7qfHi+BtzDkuh3C4D+KH7RZ/e/xbZBU49N4ebLjRugLO7b+dY4Uo40LzPUcn+7ng5ExMn5f77Ktmh9DrG1R5UCAAPtu2z+81y7+V8azc+F7s/XUCoR8UBE7IqI4xGxOyIejKiXfTgiHllh/a2LJHfPP9MbqwpsmbL530v52tbS+V8x+4tKKc/trMc/lJw6U50+kp+TQzG0JcuPdanj+1d//aLTseb5X7Zl9RdzwbwdN8pbln5mamJuYi0xN7t5JWJvuV38yZ2VgCQi9kTE3lXWceaZb/Z3OtYh/uFl/eB1WGeqfR3xdKP/56Ml/kLSfX3y8H1RnT6yJfKr4m4//3L1rU71/3f/91bW/9vaXv9F/H9Ukub12tmV13H198873lOu9vofTt5Zsu+jibm5C2MRw8kb9Xylef94S7nxxfJZ/IcOth//u2LxTOyLiOwifjQiHouIx5u+u56IiINd4v/xlSffX338vZXFP9W1/6Ol/xcTw9G6p32idPaHb5dUWllJ/Fn/H6unDuV7lvP91645RUTNh9Zy7gAAAOD/Io2IHZGko3fSaTo62vgb/t2xLa3OzM49e2rmw/NTjXcEKjGUFs8/R5qeh47lt/VFfrwlfzR/bvxlaWs9Pzo5U53qd/Aw4LZ3GP+ZP0v9bh3Qc97XgsFl/MPgMv5hcBn/MLjajH+vnsGAaPf7/5M+tAPYeC3jv+uyn4kB3Fvc/8PgMv5hcBn/MJCuRHR/eb+niet5Kzak0jQiVv3xiH6cn82ciHRTNEOiR4k+fzEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACsk38DAAD//3893aY=")
mkdir(&(0x7f0000000080)='./bus\x00', 0x3)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x40000, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000280)=@v1={0x0, @aes128, 0x0, @desc2})
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r0, 0x8010661b, &(0x7f00000001c0))

633.18497ms ago: executing program 3 (id=2904):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x13d, 0x0, 0xd6e}})
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x300, 0xfffe, 0x101}})

612.69705ms ago: executing program 3 (id=2905):
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000009c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x46d, 0xc227, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x90, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x4, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x8}}}}]}}]}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x1008094, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x469, &(0x7f0000000ac0)="$eJzs3E1sVEUcAPD/e/3i01bEDxC0ikbiR0vLhxy8aDTxoImJHjCealsIUqihNRFCFD3g0ZB4Nx5NvJt40otRD8bEq94NCTFcQE9rZve9sl12S8tuWXB/v+RtZ96bZua/86Y7O7PbAHrWaHrIIrZExB8RMVzLLi8wWvtx7cq56X+unJvOolJ58++sWu7qlXPTZdHy9zbXMpVKxFBKDjWp98I7EVNzc7Oni/z44sn3xxfOnH3u+MmpY7PHZk9NHj58YP/uwUOTB9uKLy9+priu7vxofteOV9+++Pr0kYvv/vxNOr+luF4fxy1J0TYYrT27jR5ND0+2Vdkd5df0sLXuRNbfuvDYbWgQq9cXEam7Bqrjfzj6YuPSteF45dOuNg5YV5VKpdLs9blwvgL8j2XR7RYA3VG+0Kf3v+Vxm6Yed4TLL9beAKW4rxVH7Ur/0trBQMP7204ajYgj5//9Mh3RiXUIAICb+D7Nf55tNv/L44G6cvcUeygjEXFvRGyLiPsiYntE3B9RLftgRDy0xvobd0hunP/kl24psFVK878Xir2t5fO/cvYXI31Fbms1/oHs6PG52X3Fc7I3BoZSfmKFOn54+ffPy/SGhmv18790pPrLuWDRjkv9DQt0M1OLU+3GXbr8ScTO/mbxZ1Fu42QRsSMidt5iHcef/npXq2s3j38FK+wzrVblq4inav1/PpbFf72rspb7kxPPH5o8OL4h5mb3jZd3xY1++e3CG63qbyv+Dkj9v6np/b+0CzySbYhYOHP2RHW/dmHtdVz487O6Mb1sdznFn38bseb7fzB7q5oeLM59OLW4eHoiYjB77cbzk9d/t8yX5VP8e/c0H//b6lr8cESkm3h3RDxSbOKmvnssIh6PiD0rxP/TS0+81+pa6/5fYVW+g1L8Mzfr/6jv/7Un+k78+N3a4y+l/j9QTe0tzqzm799qG9jOcwcAAAB3i7z6GfgsH1tK5/nYWO0z/NtjUz43v7D4zNH5D07N1D4rPxIDebnSNVy3HjpRrA2X+cmG/P5i3fiLvo3V/Nj0/NxMt4OHHre5xfhP/urrduuAddeBfTTgLmX8Q+8y/qF3Gf/Qu4x/6F3Nxv/HXWgHcPt5/YfeZfxD7zL+oXcZ/9CTWn43Pm/rK/9dTpT/O+FOaU+XEhvXs4rIux9gTyT61/s2Hmp6qct/mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrkvwAAAP//ZWPiyA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r0, &(0x7f00000006c0)=[{&(0x7f0000000080)='7', 0x1}], 0x1, 0x6e45, 0x80, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)

367.131274ms ago: executing program 8 (id=2911):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x4, <r2=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x1, 0x2, 0x0})

348.834774ms ago: executing program 8 (id=2912):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
readv(r2, &(0x7f0000008a80)=[{&(0x7f0000007900)=""/4096, 0x1000}], 0x1)

243.215356ms ago: executing program 8 (id=2913):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='tlb_flush\x00', r0}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './cgroup.cpu/cgroup.procs\x00'}, 0x6e)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)

81.701439ms ago: executing program 8 (id=2914):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000780)=""/21, 0x15}, 0xa}], 0x1, 0x2b, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x4a, &(0x7f0000000040)=0x7, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

17.30508ms ago: executing program 8 (id=2915):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000004c0)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e)

0s ago: executing program 8 (id=2916):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000002ac0), 0x0, 0x0)
read$rfkill(r0, 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

kernel console output (not intermixed with test programs):

15] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[   88.339378][ T4850] EXT4-fs warning (device loop7): __ext4fs_dirhash:283: invalid/unsupported hash tree version 62
[   88.350727][ T4815] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[   88.386231][ T4870] loop7: detected capacity change from 0 to 16
[   88.392279][ T4815] syz.4.1882: attempt to access beyond end of device
[   88.392279][ T4815] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   88.407248][ T4870] erofs: (device loop7): mounted with root inode @ nid 36.
[   88.416724][   T39] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[   88.424923][   T39] hid-generic 0000:0000:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   88.464441][  T352] kworker/u4:4: attempt to access beyond end of device
[   88.464441][  T352] loop4: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[   88.593073][   T24] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[   88.784126][   T24] usb 4-1: config 0 interface 0 altsetting 7 endpoint 0x81 has invalid wMaxPacketSize 0
[   88.813034][   T24] usb 4-1: config 0 interface 0 has no altsetting 0
[   88.819827][   T24] usb 4-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00
[   88.848321][ T4894] loop2: detected capacity change from 0 to 40427
[   88.862998][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   88.883197][   T24] usb 4-1: config 0 descriptor??
[   88.888621][ T4894] F2FS-fs (loop2): heap/no_heap options were deprecated
[   88.889634][ T4896] loop6: detected capacity change from 0 to 40427
[   88.906049][ T4896] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[   88.914272][ T4896] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[   88.922734][ T4894] F2FS-fs (loop2): invalid crc value
[   88.923772][ T4896] F2FS-fs (loop6): invalid crc value
[   88.928180][ T4894] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root
[   88.952895][ T4894] F2FS-fs (loop2): Found nat_bits in checkpoint
[   88.960203][ T4896] F2FS-fs (loop6): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[   88.975512][ T4896] F2FS-fs (loop6): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   88.998031][ T4900] syz.7.1906 (4900) used greatest stack depth: 20960 bytes left
[   89.024140][ T4894] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   89.029585][ T4902] loop4: detected capacity change from 0 to 40427
[   89.049654][ T4896] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[   89.057765][ T4896] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   89.065715][ T4902] F2FS-fs (loop4): fault_injection options not supported
[   89.089403][ T4902] F2FS-fs (loop4): invalid crc value
[   89.113765][ T4902] F2FS-fs (loop4): Found nat_bits in checkpoint
[   89.199915][ T4902] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   89.252344][ T4929] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1912'.
[   89.254139][   T28] kauditd_printk_skb: 15 callbacks suppressed
[   89.254158][   T28] audit: type=1400 audit(2000000773.584:3845): avc:  denied  { nlmsg_read } for  pid=4928 comm="syz.6.1912" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   89.306204][  T286] syz-executor: attempt to access beyond end of device
[   89.306204][  T286] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   89.322058][   T24] magicmouse 0003:05AC:0269.000B: unknown main item tag 0x4
[   89.334838][   T24] magicmouse 0003:05AC:0269.000B: collection stack underflow
[   89.342376][   T24] magicmouse 0003:05AC:0269.000B: item 0 1 0 12 parsing failed
[   89.353573][   T24] magicmouse 0003:05AC:0269.000B: magicmouse hid parse failed
[   89.362521][   T24] magicmouse: probe of 0003:05AC:0269.000B failed with error -22
[   89.404565][ T4935] loop2: detected capacity change from 0 to 128
[   89.434788][ T4939] loop6: detected capacity change from 0 to 256
[   89.464355][ T4935] ext4 filesystem being mounted at /417/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   89.477540][ T4939] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d)
[   89.528753][   T19] usb 4-1: USB disconnect, device number 7
[   89.638627][   T28] audit: type=1400 audit(2000000773.964:3846): avc:  denied  { connect } for  pid=4964 comm="syz.6.1933" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   89.639048][ T4963] loop2: detected capacity change from 0 to 512
[   89.668243][ T4963] EXT4-fs: Ignoring removed nobh option
[   89.683521][ T4963] EXT4-fs (loop2): Test dummy encryption mode enabled
[   89.714507][ T4963] EXT4-fs error (device loop2): __ext4_iget:5078: inode #11: block 1: comm syz.2.1932: invalid block
[   89.758464][ T4963] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.1932: couldn't read orphan inode 11 (err -117)
[   89.771803][ T4973] mmap: syz.4.1936 (4973) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   89.801664][ T4975] Bluetooth: hci0: received HCILL_GO_TO_SLEEP_ACK in state 2
[   89.823828][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[   90.006968][ T4982] loop2: detected capacity change from 0 to 40427
[   90.014473][ T4982] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   90.022907][ T4982] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   90.032305][ T4982] F2FS-fs (loop2): invalid crc value
[   90.039527][ T4982] F2FS-fs (loop2): Found nat_bits in checkpoint
[   90.084705][ T4982] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   90.092058][ T4982] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   90.104129][ T4946] loop7: detected capacity change from 0 to 131072
[   90.113548][ T4946] F2FS-fs (loop7): Segment count (31) mismatch with total segments from devices (0)
[   90.124603][ T4946] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[   90.134449][ T4946] F2FS-fs (loop7): invalid crc value
[   90.145848][ T4946] F2FS-fs (loop7): Found nat_bits in checkpoint
[   90.206457][ T4946] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[   90.213670][ T4946] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e4
[   90.242400][ T5004] loop2: detected capacity change from 0 to 256
[   90.249723][ T4946] F2FS-fs (loop7): f2fs_fill_dentries: corrupted namelen=24152, run fsck to fix.
[   90.269163][ T5004] FAT-fs (loop2): Directory bread(block 64) failed
[   90.275937][   T28] audit: type=1400 audit(2000000774.604:3847): avc:  denied  { mount } for  pid=5007 comm="syz.3.1948" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[   90.282504][ T5004] FAT-fs (loop2): Directory bread(block 65) failed
[   90.298582][   T28] audit: type=1400 audit(2000000774.604:3848): avc:  denied  { unmount } for  pid=284 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[   90.310704][ T5004] FAT-fs (loop2): Directory bread(block 66) failed
[   90.332628][ T5004] FAT-fs (loop2): Directory bread(block 67) failed
[   90.340433][ T5004] FAT-fs (loop2): Directory bread(block 68) failed
[   90.347196][ T5004] FAT-fs (loop2): Directory bread(block 69) failed
[   90.358203][ T5004] FAT-fs (loop2): Directory bread(block 70) failed
[   90.366456][ T5004] FAT-fs (loop2): Directory bread(block 71) failed
[   90.373328][ T5004] FAT-fs (loop2): Directory bread(block 72) failed
[   90.379928][ T5004] FAT-fs (loop2): Directory bread(block 73) failed
[   90.436069][ T5018] loop2: detected capacity change from 0 to 1024
[   90.443724][ T5018] EXT4-fs: Ignoring removed bh option
[   90.453394][ T5018] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   90.490500][ T5018] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3841: comm syz.2.1952: Allocating blocks 497-513 which overlap fs metadata
[   90.504882][ T5018] EXT4-fs (loop2): pa ffff888141c9e3f0: logic 256, phys. 385, len 8
[   90.512914][ T5018] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[   90.707803][ T5050] loop4: detected capacity change from 0 to 512
[   90.724977][ T5050] ext4 filesystem being mounted at /358/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   90.738765][ T5055] loop7: detected capacity change from 0 to 1024
[   90.745710][ T5055] EXT4-fs: Ignoring removed bh option
[   90.751478][ T5055] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   90.789573][ T5055] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:3841: comm syz.7.1967: Allocating blocks 497-513 which overlap fs metadata
[   90.799697][   T28] audit: type=1400 audit(2000000775.114:3849): avc:  denied  { watch watch_reads } for  pid=5062 comm="syz.4.1970" path="/361" dev="tmpfs" ino=1901 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   90.804250][ T5055] EXT4-fs (loop7): pa ffff888137586000: logic 256, phys. 385, len 8
[   90.834604][ T5055] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[   91.054920][   T28] audit: type=1400 audit(2000000775.384:3850): avc:  denied  { read } for  pid=5094 comm="syz.7.1984" path="socket:[35718]" dev="sockfs" ino=35718 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   91.853353][ T4976] Bluetooth: hci0: command 0x1003 tx timeout
[   91.853353][  T906] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   91.884368][ T5105] loop7: detected capacity change from 0 to 512
[   91.899039][ T5110] loop6: detected capacity change from 0 to 1024
[   91.906699][ T5110] EXT4-fs: Ignoring removed bh option
[   91.913658][ T5110] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   91.925752][ T5109] loop2: detected capacity change from 0 to 2048
[   91.936131][ T5105] ext4 filesystem being mounted at /326/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   91.954462][ T5105] EXT4-fs error (device loop7): ext4_do_update_inode:5255: inode #2: comm syz.7.1997: corrupted inode contents
[   91.966941][ T5105] EXT4-fs error (device loop7): ext4_dirty_inode:6120: inode #2: comm syz.7.1997: mark_inode_dirty error
[   91.980385][ T5105] EXT4-fs error (device loop7): ext4_do_update_inode:5255: inode #2: comm syz.7.1997: corrupted inode contents
[   91.981203][ T5109] EXT4-fs error (device loop2): ext4_ext_precache:627: inode #2: comm syz.2.1987: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5)
[   91.997032][ T5105] EXT4-fs error (device loop7): ext4_do_update_inode:5255: inode #2: comm syz.7.1997: corrupted inode contents
[   92.022187][ T5105] EXT4-fs error (device loop7): ext4_setattr:5514: inode #2: comm syz.7.1997: mark_inode_dirty error
[   92.057084][ T5110] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:3841: comm syz.6.1986: Allocating blocks 497-513 which overlap fs metadata
[   92.071625][ T5110] EXT4-fs (loop6): pa ffff888141c9e348: logic 256, phys. 385, len 8
[   92.079760][ T5110] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[   92.323377][  T291] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[   92.514451][  T291] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   92.533348][  T291] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   92.553401][  T291] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[   92.562492][  T291] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   92.591527][  T291] usb 4-1: config 0 descriptor??
[   92.699670][ T5135] loop7: detected capacity change from 0 to 131072
[   92.707352][ T5135] F2FS-fs (loop7): Test dummy encryption mode enabled
[   92.715246][ T5135] F2FS-fs (loop7): invalid crc value
[   92.722209][ T5135] F2FS-fs (loop7): Found nat_bits in checkpoint
[   92.763463][ T5135] F2FS-fs (loop7): sanity_check_inode: corrupted inode ino=3, run fsck to fix.
[   92.773107][ T5135] F2FS-fs (loop7): Failed to read root inode
[   92.999827][  T291] cp2112 0003:10C4:EA90.000C: unknown main item tag 0x0
[   93.008013][  T291] cp2112 0003:10C4:EA90.000C: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.3-1/input0
[   93.041809][ T5142] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2002'.
[   93.088459][ T5137] loop2: detected capacity change from 0 to 262144
[   93.096273][ T5137] F2FS-fs (loop2): invalid crc value
[   93.116852][ T5137] F2FS-fs (loop2): Found nat_bits in checkpoint
[   93.155040][ T5137] F2FS-fs (loop2): Start checkpoint disabled!
[   93.162137][ T5137] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   93.209628][   T28] audit: type=1400 audit(2000000777.533:3851): avc:  denied  { unlink } for  pid=5155 comm="syz.7.2006" name="#3" dev="tmpfs" ino=1763 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   93.243543][ T5156] overlayfs: conflicting lowerdir path
[   93.274033][ T5159] overlayfs: overlay with incompat feature 'volatile' cannot be mounted
[   93.947584][ T5153] loop6: detected capacity change from 0 to 262144
[   93.955697][  T291] cp2112 0003:10C4:EA90.000C: Part Number: 0x82 Device Version: 0xFE
[   93.965470][ T5153] F2FS-fs (loop6): invalid crc value
[   93.973354][  T291] cp2112 0003:10C4:EA90.000C: error requesting SMBus config
[   93.981379][  T291] cp2112: probe of 0003:10C4:EA90.000C failed with error -71
[   93.990420][  T291] usb 4-1: USB disconnect, device number 8
[   93.999527][ T5153] F2FS-fs (loop6): Found nat_bits in checkpoint
[   94.032116][ T5188] SELinux: ebitmap start bit (524310) is not a multiple of the map unit size (64)
[   94.043108][ T5188] SELinux: failed to load policy
[   94.058534][ T5153] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   94.062854][ T5193] loop2: detected capacity change from 0 to 512
[   94.073205][ T5193] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   94.096589][ T5193] EXT4-fs (loop2): 1 truncate cleaned up
[   94.200664][ T5211] loop3: detected capacity change from 0 to 256
[   94.234705][ T5211] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   94.270348][ T5211] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[   94.283322][   T28] audit: type=1400 audit(2000000778.603:3852): avc:  denied  { getattr } for  pid=5218 comm="syz.2.2033" path="mnt:[4026532455]" dev="nsfs" ino=4026532455 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   94.325876][ T5211] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[   94.360788][   T28] audit: type=1400 audit(2000000778.683:3853): avc:  denied  { ioctl } for  pid=5224 comm="syz.4.2035" path="socket:[36930]" dev="sockfs" ino=36930 ioctlcmd=0x89f1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   94.430623][   T28] audit: type=1400 audit(2000000778.753:3854): avc:  denied  { bind } for  pid=5234 comm="syz.7.2041" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   94.779211][ T5270] loop4: detected capacity change from 0 to 1024
[   94.785937][ T5270] EXT4-fs: Ignoring removed orlov option
[   94.791588][ T5270] EXT4-fs: Ignoring removed bh option
[   94.805346][ T5270] ext4 filesystem being mounted at /390/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.817777][ T5270] EXT4-fs (loop4): shut down requested (1)
[   94.824168][ T5270] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[   94.833347][ T5270] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[   94.833740][  T523] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[   94.842444][ T5270] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[   94.849788][ T3852] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   94.858626][  T291] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[   94.873970][   T28] audit: type=1400 audit(2000000779.193:3855): avc:  denied  { mounton } for  pid=5269 comm="syz.4.2056" path="/390/file1/file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   94.878151][  T286] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=11
[   94.907766][  T286] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=11
[   94.916761][  T286] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=11
[   94.925788][  T286] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=11
[   94.934630][  T286] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=11
[   94.943433][  T286] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=11
[   94.952731][  T286] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=11
[   94.961684][  T286] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=11
[   94.970618][   T28] audit: type=1400 audit(2000000779.293:3856): avc:  denied  { rmdir } for  pid=286 comm="syz-executor" name="lost+found" dev="loop4" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   95.054803][  T291] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   95.065903][  T291] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   95.078916][  T291] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   95.088108][  T291] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.101768][  T291] usb 8-1: config 0 descriptor??
[   95.107963][ T3852] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[   95.118928][  T523] usb 4-1: config 1 has an invalid descriptor of length 118, skipping remainder of the config
[   95.133123][  T523] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[   95.142166][ T3852] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   95.153248][ T3852] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   95.163303][ T3852] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[   95.176642][  T523] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   95.185874][  T523] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   95.194302][  T523] usb 4-1: SerialNumber: syz
[   95.202688][ T3852] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[   95.213068][ T3852] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[   95.221862][ T3852] usb 3-1: Manufacturer: syz
[   95.229259][ T3852] usb 3-1: config 0 descriptor??
[   95.245400][   T28] audit: type=1400 audit(2000000779.573:3857): avc:  denied  { mounton } for  pid=5275 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   95.302418][ T5275] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.309926][ T5275] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.317641][ T5275] device bridge_slave_0 entered promiscuous mode
[   95.326794][ T5275] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.334083][ T5275] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.341649][ T5275] device bridge_slave_1 entered promiscuous mode
[   95.425796][ T5275] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.432917][ T5275] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.440358][ T5275] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.447554][ T5275] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.456293][  T523] usb 4-1: 0:2 : does not exist
[   95.461239][  T523] usb 4-1: unit 6 not found!
[   95.466880][   T28] audit: type=1400 audit(2000000779.793:3858): avc:  denied  { ioctl } for  pid=5281 comm="syz.6.2061" path="socket:[36067]" dev="sockfs" ino=36067 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   95.470024][  T523] usb 4-1: USB disconnect, device number 9
[   95.509076][   T28] audit: type=1400 audit(2000000779.833:3859): avc:  denied  { create } for  pid=5283 comm="syz.6.2062" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   95.532378][  T291] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[   95.542124][ T5284] I/O error, dev loop13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   95.551495][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   95.554303][   T28] audit: type=1400 audit(2000000779.863:3860): avc:  denied  { mounton } for  pid=5283 comm="syz.6.2062" path="/276/file0" dev="tmpfs" ino=1457 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   95.562168][  T291] plantronics 0003:047F:FFFF.000D: No inputs registered, leaving
[   95.584239][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   95.589805][ T5284] FAT-fs (loop13): unable to read boot sector
[   95.599216][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   95.612971][  T291] plantronics 0003:047F:FFFF.000D: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0
[   95.633417][   T28] audit: type=1400 audit(2000000779.953:3861): avc:  denied  { unlink } for  pid=1829 comm="syz-executor" name="file0" dev="tmpfs" ino=1457 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   95.656806][ T5288] binder: 5287:5288 ioctl c0306201 0 returned -14
[   95.657162][ T3852] appleir 0003:05AC:8243.000E: unknown main item tag 0x0
[   95.673483][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   95.681502][ T3852] appleir 0003:05AC:8243.000E: No inputs registered, leaving
[   95.681684][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   95.690514][ T3852] appleir 0003:05AC:8243.000E: hiddev97,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[   95.709115][  T477] device bridge_slave_1 left promiscuous mode
[   95.715388][  T477] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.722944][  T477] device bridge_slave_0 left promiscuous mode
[   95.729264][  T477] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.737626][  T477] device veth1_macvtap left promiscuous mode
[   95.743778][  T477] device veth0_vlan left promiscuous mode
[   95.804650][  T523] usb 8-1: USB disconnect, device number 5
[   95.827035][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   95.839415][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   95.847514][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   95.854982][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   95.867055][  T306] usb 3-1: USB disconnect, device number 5
[   95.874216][ T5275] device veth0_vlan entered promiscuous mode
[   95.885401][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   95.894743][ T5275] device veth1_macvtap entered promiscuous mode
[   95.904473][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   95.915266][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   95.945161][  T987] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[   96.061283][ T5307] loop8: detected capacity change from 0 to 1024
[   96.068189][ T5307] EXT4-fs: Ignoring removed bh option
[   96.074347][ T5307] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   96.097534][ T5307] EXT4-fs mount: 94 callbacks suppressed
[   96.097556][ T5307] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[   96.123803][  T987] usb 7-1: Using ep0 maxpacket: 16
[   96.130087][  T987] usb 7-1: config 0 interface 0 has no altsetting 0
[   96.141386][ T5307] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:3841: comm syz.8.2071: Allocating blocks 497-513 which overlap fs metadata
[   96.155366][  T987] usb 7-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[   96.164603][  T987] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   96.174407][ T5307] EXT4-fs (loop8): pa ffff888141c9e000: logic 256, phys. 385, len 8
[   96.182527][ T5307] EXT4-fs error (device loop8): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[   96.193661][  T987] usb 7-1: config 0 descriptor??
[   96.219556][ T5323] SELinux: ebitmap: map size 4278591488 does not match my size 64 (high bit was 0)
[   96.230719][ T5323] SELinux: failed to load policy
[   96.256485][ T5275] EXT4-fs (loop8): unmounting filesystem.
[   96.284628][ T5330] SELinux:  Context Ü is not valid (left unmapped).
[   96.417625][ T5350] loop8: detected capacity change from 0 to 512
[   96.425646][ T5350] EXT4-fs: Ignoring removed nomblk_io_submit option
[   96.429976][ T5352] loop2: detected capacity change from 0 to 1024
[   96.439034][ T5350] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   96.439367][ T5352] EXT4-fs: Ignoring removed bh option
[   96.456710][ T5352] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   96.470202][ T5350] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[   96.479629][ T5350] ext4 filesystem being mounted at /11/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   96.481311][ T5352] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   96.509323][ T5275] EXT4-fs (loop8): unmounting filesystem.
[   96.521685][ T5352] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3841: comm syz.2.2091: Allocating blocks 497-513 which overlap fs metadata
[   96.537370][ T5352] EXT4-fs (loop2): pa ffff8881137070a8: logic 256, phys. 385, len 8
[   96.545468][ T5352] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[   96.607937][  T987] hid (null): invalid report_size 53633
[   96.613542][  T987] hid (null): bogus close delimiter
[   96.628430][  T285] EXT4-fs (loop2): unmounting filesystem.
[   96.634353][  T987] hid (null): unknown global tag 0xe
[   96.639735][  T987] hid (null): unknown global tag 0xc
[   96.645977][  T987] hid (null): global environment stack underflow
[   96.652627][  T987] hid (null): unknown global tag 0xe
[   96.663514][  T987] hid (null): report_id 4160080533 is invalid
[   96.670168][  T987] hid (null): report_id 29837 is invalid
[   96.676789][  T987] hid (null): invalid report_size 57783
[   96.684790][  T987] hid (null): usage index exceeded
[   96.707910][ T5358] loop8: detected capacity change from 0 to 40427
[   96.714956][ T5358] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12
[   96.722756][ T5358] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[   96.733515][ T5358] F2FS-fs (loop8): Found nat_bits in checkpoint
[   96.767701][ T5358] F2FS-fs (loop8): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   96.780852][ T5358] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[   96.788481][ T5358] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[   96.817778][  T987] usb 7-1: USB disconnect, device number 6
[   96.948533][ T5379] loop8: detected capacity change from 0 to 512
[   96.965699][ T5379] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[   96.975234][ T5379] ext4 filesystem being mounted at /14/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   97.014572][ T5275] EXT4-fs (loop8): unmounting filesystem.
[   97.048418][ T5390] loop2: detected capacity change from 0 to 1024
[   97.048709][ T5392] loop3: detected capacity change from 0 to 512
[   97.089043][ T5390] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   97.091288][ T5392] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   97.107554][ T5392] ext4 filesystem being mounted at /389/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   97.125881][  T285] EXT4-fs (loop2): unmounting filesystem.
[   97.129667][ T5400] loop8: detected capacity change from 0 to 512
[   97.143306][ T5400] EXT4-fs (loop8): Test dummy encryption mode enabled
[   97.151040][ T5400] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[   97.165473][  T284] EXT4-fs (loop3): unmounting filesystem.
[   97.167767][ T5400] EXT4-fs error (device loop8): ext4_orphan_get:1426: comm syz.8.2106: bad orphan inode 131083
[   97.205698][ T5400] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[   97.249629][ T5275] EXT4-fs (loop8): unmounting filesystem.
[   97.410491][ T5407] loop3: detected capacity change from 0 to 40427
[   97.417701][ T5407] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[   97.431853][ T5407] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   97.451378][ T5407] F2FS-fs (loop3): Found nat_bits in checkpoint
[   97.489171][ T5407] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   97.506376][ T5407] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[   97.513624][ T5407] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   97.600174][ T5453] loop8: detected capacity change from 0 to 512
[   97.616053][ T5453] EXT4-fs: Ignoring removed nobh option
[   97.623601][ T5453] EXT4-fs error (device loop8): ext4_free_branches:1030: inode #11: comm syz.8.2126: invalid indirect mapped block 256 (level 2)
[   97.644175][ T5453] EXT4-fs (loop8): 2 truncates cleaned up
[   97.644228][  T523] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[   97.660834][ T5453] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[   97.694464][ T5275] EXT4-fs (loop8): unmounting filesystem.
[   97.703166][ T5464] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   97.712788][ T5464] FAT-fs (loop5): unable to read boot sector
[   97.756466][ T5473] loop3: detected capacity change from 0 to 128
[   97.765533][ T5473] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   97.775797][ T5473] ext4 filesystem being mounted at /391/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   97.793824][  T284] EXT4-fs (loop3): unmounting filesystem.
[   97.824209][  T523] usb 7-1: Using ep0 maxpacket: 32
[   97.830418][  T523] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[   97.839244][  T523] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   97.847897][  T523] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[   97.856893][  T523] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   97.866743][  T523] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   97.876421][  T523] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[   97.886172][  T523] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[   97.895907][  T523] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   97.908874][  T523] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   97.918055][  T523] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.927098][  T523] usb 7-1: config 0 descriptor??
[   98.133734][  T523] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 7 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   98.205871][ T5489] loop2: detected capacity change from 0 to 256
[   98.223780][ T5489] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[   98.450308][ T5490] loop7: detected capacity change from 0 to 40427
[   98.470572][ T5490] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[   98.484082][ T5490] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[   98.519442][ T5494] loop8: detected capacity change from 0 to 40427
[   98.526627][ T5490] F2FS-fs (loop7): Found nat_bits in checkpoint
[   98.536108][ T5494] F2FS-fs (loop8): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[   98.554360][ T5494] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[   98.571093][ T5494] F2FS-fs (loop8): fault_injection options not supported
[   98.584925][ T5494] F2FS-fs (loop8): invalid crc value
[   98.593330][ T5490] F2FS-fs (loop7): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   98.611716][ T5494] F2FS-fs (loop8): Found nat_bits in checkpoint
[   98.633991][ T5535] loop3: detected capacity change from 0 to 1024
[   98.633997][ T5490] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[   98.634090][ T5490] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[   98.694416][ T5494] F2FS-fs (loop8): Start checkpoint disabled!
[   98.702396][ T5494] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[   98.710207][ T5535] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   98.725300][ T5494] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[   98.738247][ T5535] ext4 filesystem being mounted at /401/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.763802][ T5494] syz.8.2144: attempt to access beyond end of device
[   98.763802][ T5494] loop8: rw=2049, sector=77824, nr_sectors = 136 limit=40427
[   98.795527][ T5535] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2164'.
[   98.805377][ T5494] syz.8.2144: attempt to access beyond end of device
[   98.805377][ T5494] loop8: rw=2049, sector=77960, nr_sectors = 128 limit=40427
[   98.824286][ T5494] syz.8.2144: attempt to access beyond end of device
[   98.824286][ T5494] loop8: rw=2049, sector=77952, nr_sectors = 8 limit=40427
[   98.848468][  T284] EXT4-fs (loop3): unmounting filesystem.
[   98.883792][  T523] usb 7-1: USB disconnect, device number 7
[   98.895197][  T523] usblp0: removed
[   98.916301][  T352] kworker/u4:4: attempt to access beyond end of device
[   98.916301][  T352] loop8: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[   99.037073][ T5566] loop2: detected capacity change from 0 to 16
[   99.056157][ T5566] erofs: (device loop2): z_erofs_load_lz4_config: too large lz4 pclusterblks 16832
[   99.161031][ T5582] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   99.170546][ T5582] FAT-fs (loop7): unable to read boot sector
[   99.220220][ T5592] loop3: detected capacity change from 0 to 1024
[   99.245919][ T5592] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   99.261180][ T5565] loop6: detected capacity change from 0 to 40427
[   99.268325][ T5565] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[   99.269298][ T5592] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.2189: bg 0: block 376: padding at end of block bitmap is not set
[   99.276547][ T5565] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[   99.306486][  T284] EXT4-fs (loop3): unmounting filesystem.
[   99.309480][ T5565] F2FS-fs (loop6): Found nat_bits in checkpoint
[   99.336253][   T28] kauditd_printk_skb: 94 callbacks suppressed
[   99.336268][   T28] audit: type=1400 audit(2000000783.663:3956): avc:  denied  { execute } for  pid=5604 comm="syz.3.2192" path="/408/memory.current" dev="tmpfs" ino=2135 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   99.371382][ T5609] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.2195'.
[   99.389505][   T28] audit: type=1400 audit(2000000783.663:3957): avc:  denied  { create } for  pid=5604 comm="syz.3.2192" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   99.409366][ T5565] F2FS-fs (loop6): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   99.423456][   T28] audit: type=1400 audit(2000000783.663:3958): avc:  denied  { getopt } for  pid=5604 comm="syz.3.2192" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   99.443539][ T5565] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[   99.450667][ T5565] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   99.611834][   T28] audit: type=1400 audit(2000000783.932:3959): avc:  denied  { create } for  pid=5629 comm="syz.6.2201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   99.631903][   T28] audit: type=1400 audit(2000000783.932:3960): avc:  denied  { ioctl } for  pid=5629 comm="syz.6.2201" path="socket:[37839]" dev="sockfs" ino=37839 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   99.651261][ T5632] loop6: detected capacity change from 0 to 1024
[   99.656824][   T28] audit: type=1400 audit(2000000783.932:3961): avc:  denied  { connect } for  pid=5629 comm="syz.6.2201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   99.691168][ T5639] loop3: detected capacity change from 0 to 16
[   99.692124][   T28] audit: type=1400 audit(2000000783.932:3962): avc:  denied  { write } for  pid=5629 comm="syz.6.2201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   99.703790][ T5639] erofs: (device loop3): mounted with root inode @ nid 36.
[   99.716912][   T28] audit: type=1400 audit(2000000784.002:3963): avc:  denied  { write } for  pid=5633 comm="syz.3.2206" name="icmp6" dev="proc" ino=4026532521 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   99.725925][ T5632] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[   99.760169][ T5639] erofs: (device loop3): z_erofs_readahead: readahead error at page 2 @ nid 89
[   99.766349][   T28] audit: type=1400 audit(2000000784.082:3964): avc:  denied  { read } for  pid=5638 comm="syz.3.2207" name="file2" dev="loop3" ino=89 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   99.791380][   T28] audit: type=1400 audit(2000000784.082:3965): avc:  denied  { open } for  pid=5638 comm="syz.3.2207" path="/414/file2/file2" dev="loop3" ino=89 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   99.798846][ T5639] syz.3.2207: attempt to access beyond end of device
[   99.798846][ T5639] loop3: rw=524288, sector=524296, nr_sectors = 8 limit=16
[   99.828939][ T5639] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   99.831425][ T5632] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.2204: bg 0: block 376: padding at end of block bitmap is not set
[   99.839928][ T5639] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   99.865145][ T5639] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   99.876150][ T5639] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   99.876545][ T1829] EXT4-fs (loop6): unmounting filesystem.
[  100.059682][ T5673] kvm [5672]: vcpu0, guest rIP: 0xfff0 Hyper-V unhandled rdmsr: 0x4000001b
[  100.125073][ T5666] loop6: detected capacity change from 0 to 40427
[  100.132518][ T5666] F2FS-fs (loop6): Image doesn't support compression
[  100.139312][ T5666] F2FS-fs (loop6): Image doesn't support compression
[  100.147107][ T5666] F2FS-fs (loop6): invalid crc value
[  100.154916][ T5666] F2FS-fs (loop6): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  100.180132][ T5680] loop7: detected capacity change from 0 to 512
[  100.187367][ T5680] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  100.196162][ T5666] F2FS-fs (loop6): checkpoint=disable on readonly fs
[  100.216103][ T5680] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  100.236270][ T5680] ext4 filesystem being mounted at /362/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.246635][ T5654] loop3: detected capacity change from 0 to 40427
[  100.248339][ T5685] loop2: detected capacity change from 0 to 128
[  100.254312][ T5654] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  100.295642][ T1894] EXT4-fs (loop7): unmounting filesystem.
[  100.312007][ T5654] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  100.341676][ T5654] F2FS-fs (loop3): Found nat_bits in checkpoint
[  100.412687][ T5654] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  100.420904][ T5705] loop7: detected capacity change from 0 to 512
[  100.428540][ T5705] EXT4-fs: Ignoring removed nobh option
[  100.434925][ T5654] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  100.442001][ T5654] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  100.450503][ T5705] EXT4-fs (loop7): Cannot turn on journaled quota: type 0: error -2
[  100.459763][ T5705] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #13: comm syz.7.2234: invalid indirect mapped block 2683928664 (level 1)
[  100.474355][ T5705] EXT4-fs (loop7): 1 truncate cleaned up
[  100.480041][ T5705] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  100.491753][ T5705] EXT4-fs error (device loop7): ext4_read_block_bitmap_nowait:477: comm syz.7.2234: Invalid block bitmap block 3 in block_group 0
[  100.510397][ T5705] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #13: comm syz.7.2234: invalid indirect mapped block 480848489 (level 1)
[  100.556361][ T1894] EXT4-fs (loop7): unmounting filesystem.
[  100.579043][ T5717] loop6: detected capacity change from 0 to 512
[  100.598989][ T5720] loop7: detected capacity change from 0 to 512
[  100.608107][ T5717] EXT4-fs (loop6): 1 orphan inode deleted
[  100.615490][ T5720] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  100.624051][ T5717] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  100.633251][  T477] EXT4-fs error (device loop6): ext4_release_dquot:6837: comm kworker/u4:5: Failed to release dquot type 1
[  100.645368][ T5717] ext4 filesystem being mounted at /295/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.657765][ T5720] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  100.666939][ T5720] ext4 filesystem being mounted at /368/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.667942][ T1829] EXT4-fs (loop6): unmounting filesystem.
[  100.684362][  T523] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  100.692612][ T1894] EXT4-fs (loop7): unmounting filesystem.
[  100.720346][ T5733] loop6: detected capacity change from 0 to 2048
[  100.736602][ T5735] loop7: detected capacity change from 0 to 2048
[  100.745948][ T5735] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  100.754795][ T5735] ext4 filesystem being mounted at /370/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.767446][ T5735] fs-verity: sha512 using implementation "sha512-avx2"
[  100.781101][ T1894] EXT4-fs (loop7): unmounting filesystem.
[  100.856912][ T5755] SELinux:  Context system_u:object_r:semanage_exec_t:s0 is not valid (left unmapped).
[  100.874406][  T523] usb 3-1: Using ep0 maxpacket: 16
[  100.882161][  T523] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  100.894135][  T523] usb 3-1: config 0 interface 0 has no altsetting 0
[  100.901334][  T523] usb 3-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00
[  100.912888][  T523] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.922482][  T523] usb 3-1: config 0 descriptor??
[  100.928197][ T5766] input: syz0 as /devices/virtual/input/input15
[  100.935503][ T5766] input: failed to attach handler leds to device input15, error: -6
[  100.960872][ T5771] input: syz0 as /devices/virtual/input/input16
[  100.998907][ T5780] device macsec1 entered promiscuous mode
[  101.004985][ T5780] device vlan1 entered promiscuous mode
[  101.011682][ T5780] device vlan1 left promiscuous mode
[  101.057452][ T5782] loop7: detected capacity change from 0 to 512
[  101.065953][ T5782] EXT4-fs (loop7): orphan cleanup on readonly fs
[  101.073119][ T5782] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.2265: bg 0: block 248: padding at end of block bitmap is not set
[  101.087988][ T5782] EXT4-fs error (device loop7): ext4_acquire_dquot:6801: comm syz.7.2265: Failed to acquire dquot type 1
[  101.100255][ T5782] EXT4-fs (loop7): 1 truncate cleaned up
[  101.106456][ T5782] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  101.202752][ T1894] EXT4-fs (loop7): unmounting filesystem.
[  101.217616][ T5795] loop7: detected capacity change from 0 to 16
[  101.224662][ T5795] erofs: (device loop7): mounted with root inode @ nid 36.
[  101.234952][ T5795] erofs: (device loop7): z_erofs_readahead: readahead error at page 2 @ nid 89
[  101.244204][ T5795] syz.7.2269: attempt to access beyond end of device
[  101.244204][ T5795] loop7: rw=524288, sector=524296, nr_sectors = 8 limit=16
[  101.258773][ T5795] erofs: (device loop7): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[  101.269689][ T5795] erofs: (device loop7): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[  101.280613][ T5795] erofs: (device loop7): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[  101.291559][ T5795] erofs: (device loop7): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[  101.333913][  T523] hid (null): report_id 67708416 is invalid
[  101.352836][  T523] hid-generic 0003:060B:500A.0010: unexpected long global item
[  101.360986][  T523] hid-generic: probe of 0003:060B:500A.0010 failed with error -22
[  101.532996][ T5818] loop6: detected capacity change from 0 to 512
[  101.536048][  T523] usb 3-1: USB disconnect, device number 6
[  101.563782][ T5818] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  101.572946][ T5818] ext4 filesystem being mounted at /317/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  101.590370][ T5818] EXT4-fs error (device loop6): ext4_xattr_block_get:546: inode #12: comm syz.6.2279: corrupted xattr block 6
[  101.602426][ T5818] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop6 ino=12
[  101.611467][ T5818] EXT4-fs error (device loop6): ext4_xattr_block_get:546: inode #12: comm syz.6.2279: corrupted xattr block 6
[  101.624445][ T5818] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop6 ino=12
[  101.634874][ T5818] EXT4-fs error (device loop6): ext4_get_inode_usage:852: inode #12: comm syz.6.2279: corrupted xattr block 6
[  101.658921][ T1829] EXT4-fs (loop6): unmounting filesystem.
[  101.673721][ T5812] loop3: detected capacity change from 0 to 40427
[  101.681071][ T5812] F2FS-fs (loop3): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  101.688887][ T5812] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  101.695209][ T5825] loop6: detected capacity change from 0 to 1024
[  101.697409][ T5812] F2FS-fs (loop3): fault_injection options not supported
[  101.711560][ T5812] F2FS-fs (loop3): invalid crc value
[  101.718476][ T5825] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  101.720751][ T5812] F2FS-fs (loop3): Found nat_bits in checkpoint
[  101.727398][ T5825] ext4 filesystem being mounted at /318/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  101.751749][ T5825] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2282'.
[  101.768117][ T5812] F2FS-fs (loop3): Start checkpoint disabled!
[  101.775465][ T5812] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  101.775705][ T1829] EXT4-fs (loop6): unmounting filesystem.
[  101.782911][ T5812] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  101.803551][ T5831] loop6: detected capacity change from 0 to 16
[  101.810436][ T5831] erofs: (device loop6): mounted with root inode @ nid 36.
[  101.820227][ T5831] erofs: (device loop6): z_erofs_readahead: readahead error at page 2 @ nid 89
[  101.828134][ T5812] syz.3.2277: attempt to access beyond end of device
[  101.828134][ T5812] loop3: rw=2049, sector=77824, nr_sectors = 136 limit=40427
[  101.829563][ T5831] syz.6.2283: attempt to access beyond end of device
[  101.829563][ T5831] loop6: rw=524288, sector=524296, nr_sectors = 8 limit=16
[  101.847384][ T5812] syz.3.2277: attempt to access beyond end of device
[  101.847384][ T5812] loop3: rw=2049, sector=77960, nr_sectors = 128 limit=40427
[  101.857792][ T5831] erofs: (device loop6): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[  101.882009][ T5831] erofs: (device loop6): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[  101.882030][ T5812] syz.3.2277: attempt to access beyond end of device
[  101.882030][ T5812] loop3: rw=2049, sector=77952, nr_sectors = 8 limit=40427
[  101.892995][ T5831] erofs: (device loop6): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[  101.917423][ T5831] erofs: (device loop6): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[  102.029229][ T5838] syzkaller0: tun_chr_ioctl cmd 2148553947
[  102.153331][ T5862] loop6: detected capacity change from 0 to 128
[  102.174046][ T5862] FAT-fs (loop6): error, invalid FAT chain (i_pos 548, last_block 8)
[  102.182343][ T5862] FAT-fs (loop6): Filesystem has been set read-only
[  102.189437][ T5862] FAT-fs (loop6): error, corrupted file size (i_pos 548, 522)
[  102.220507][ T5871] loop3: detected capacity change from 0 to 512
[  102.227407][ T5871] EXT4-fs (loop3): Test dummy encryption mode enabled
[  102.234288][ T5871] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  102.257870][ T5871] EXT4-fs error (device loop3): ext4_orphan_get:1426: comm syz.3.2302: bad orphan inode 131083
[  102.262094][ T5874] loop2: detected capacity change from 0 to 1024
[  102.268813][ T5871] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  102.286019][ T5874] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  102.295070][ T5874] ext4 filesystem being mounted at /514/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  102.316087][  T284] EXT4-fs (loop3): unmounting filesystem.
[  102.320904][ T5874] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2303'.
[  102.338470][  T285] EXT4-fs (loop2): unmounting filesystem.
[  102.570985][ T5878] loop6: detected capacity change from 0 to 40427
[  102.585097][ T5878] F2FS-fs (loop6): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  102.600945][ T5878] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  102.620243][ T5878] F2FS-fs (loop6): fault_injection options not supported
[  102.639113][ T5912] loop3: detected capacity change from 0 to 1024
[  102.645781][ T5878] F2FS-fs (loop6): invalid crc value
[  102.655558][ T5878] F2FS-fs (loop6): Found nat_bits in checkpoint
[  102.679339][ T5912] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  102.702354][  T284] EXT4-fs (loop3): unmounting filesystem.
[  102.712612][ T5878] F2FS-fs (loop6): Start checkpoint disabled!
[  102.719630][ T5878] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  102.739891][ T5878] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  102.752606][ T5921] loop7: detected capacity change from 0 to 512
[  102.766966][ T5921] EXT4-fs (loop7): Test dummy encryption mode enabled
[  102.774458][ T5921] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  102.796213][ T5921] EXT4-fs error (device loop7): ext4_orphan_get:1426: comm syz.7.2321: bad orphan inode 131083
[  102.815923][ T5921] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  102.896713][ T1894] EXT4-fs (loop7): unmounting filesystem.
[  102.914612][ T3852] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  103.028524][ T5928] loop3: detected capacity change from 0 to 40427
[  103.035928][ T5928] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  103.045320][ T5928] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  103.061619][ T5928] F2FS-fs (loop3): invalid crc value
[  103.061683][ T5944] loop8: detected capacity change from 0 to 1024
[  103.068955][ T5928] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  103.085904][ T5928] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  103.086278][ T5944] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  103.111151][ T3852] usb 3-1: config 0 interface 0 altsetting 7 endpoint 0x81 has invalid wMaxPacketSize 0
[  103.122649][ T3852] usb 3-1: config 0 interface 0 has no altsetting 0
[  103.125362][ T5928] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  103.129395][ T3852] usb 3-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00
[  103.136670][ T5928] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  103.155075][ T5275] EXT4-fs (loop8): unmounting filesystem.
[  103.166910][ T3852] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.175991][ T3852] usb 3-1: config 0 descriptor??
[  103.586184][ T3852] magicmouse 0003:05AC:0269.0011: unknown main item tag 0x4
[  103.593516][ T3852] magicmouse 0003:05AC:0269.0011: collection stack underflow
[  103.600940][ T3852] magicmouse 0003:05AC:0269.0011: item 0 1 0 12 parsing failed
[  103.608655][ T3852] magicmouse 0003:05AC:0269.0011: magicmouse hid parse failed
[  103.616147][ T3852] magicmouse: probe of 0003:05AC:0269.0011 failed with error -22
[  103.792583][ T3852] usb 3-1: USB disconnect, device number 7
[  104.194011][ T5979] loop6: detected capacity change from 0 to 512
[  104.201582][ T5979] EXT4-fs (loop6): Test dummy encryption mode enabled
[  104.212399][ T5979] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  104.224136][ T5979] EXT4-fs error (device loop6): ext4_orphan_get:1426: comm syz.6.2340: bad orphan inode 131083
[  104.235025][ T5979] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  104.262093][ T1829] EXT4-fs (loop6): unmounting filesystem.
[  104.315765][ T5995] loop6: detected capacity change from 0 to 128
[  104.338839][ T5995] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  104.352962][ T5995] ext4 filesystem being mounted at /335/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  104.394226][ T1829] EXT4-fs (loop6): unmounting filesystem.
[  104.454770][ T3852] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  104.479217][ T5997] loop2: detected capacity change from 0 to 40427
[  104.486214][ T5997] F2FS-fs (loop2): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  104.493858][ T5997] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  104.502629][ T5997] F2FS-fs (loop2): fault_injection options not supported
[  104.510426][ T5997] F2FS-fs (loop2): invalid crc value
[  104.516914][ T5997] F2FS-fs (loop2): Found nat_bits in checkpoint
[  104.545818][ T5997] F2FS-fs (loop2): Start checkpoint disabled!
[  104.552819][ T5997] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  104.560033][ T5997] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  104.582057][   T28] kauditd_printk_skb: 130 callbacks suppressed
[  104.582075][   T28] audit: type=1400 audit(2000001556.898:4093): avc:  denied  { create } for  pid=5996 comm="syz.2.2347" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  104.584648][ T5997] bio_check_eod: 5 callbacks suppressed
[  104.584667][ T5997] syz.2.2347: attempt to access beyond end of device
[  104.584667][ T5997] loop2: rw=2049, sector=77824, nr_sectors = 136 limit=40427
[  104.589884][   T28] audit: type=1400 audit(2000001556.898:4094): avc:  denied  { read write open } for  pid=5996 comm="syz.2.2347" path="/522/file1/file1" dev="loop2" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  104.614610][ T5997] syz.2.2347: attempt to access beyond end of device
[  104.614610][ T5997] loop2: rw=2049, sector=77960, nr_sectors = 128 limit=40427
[  104.628347][   T28] audit: type=1400 audit(2000001556.938:4095): avc:  denied  { append } for  pid=5996 comm="syz.2.2347" name="file1" dev="loop2" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  104.652047][ T5997] syz.2.2347: attempt to access beyond end of device
[  104.652047][ T5997] loop2: rw=2049, sector=77952, nr_sectors = 8 limit=40427
[  104.706036][ T3852] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  104.717142][ T3852] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  104.732783][ T3852] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  104.742336][ T3852] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.754778][   T28] audit: type=1400 audit(2000001557.068:4096): avc:  denied  { write } for  pid=6004 comm="syz.7.2364" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  104.785805][ T3852] usb 4-1: config 0 descriptor??
[  104.786158][  T477] kworker/u4:5: attempt to access beyond end of device
[  104.786158][  T477] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  104.867542][ T6011] kvm [6010]: vcpu0, guest rIP: 0xfff0 Hyper-V unhandled rdmsr: 0x4000001b
[  104.997709][   T28] audit: type=1400 audit(2000001557.318:4097): avc:  denied  { create } for  pid=6020 comm="syz.6.2370" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  105.025855][ T6025] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2359'.
[  105.037701][   T28] audit: type=1400 audit(2000001557.318:4098): avc:  denied  { connect } for  pid=6020 comm="syz.6.2370" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  105.071190][   T28] audit: type=1400 audit(2000001557.318:4099): avc:  denied  { write } for  pid=6020 comm="syz.6.2370" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  105.091314][   T28] audit: type=1400 audit(2000001557.348:4100): avc:  denied  { nlmsg_read } for  pid=6023 comm="syz.2.2359" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  105.139805][ T6034] loop8: detected capacity change from 0 to 512
[  105.166169][ T6034] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  105.194485][ T3852] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  105.212484][ T3852] plantronics 0003:047F:FFFF.0012: No inputs registered, leaving
[  105.226140][ T6034] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  105.231793][ T3852] plantronics 0003:047F:FFFF.0012: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  105.244998][ T6034] ext4 filesystem being mounted at /49/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.270757][   T28] audit: type=1400 audit(2000001557.588:4101): avc:  denied  { setattr } for  pid=6033 comm="syz.8.2362" path="/49/file1" dev="loop8" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  105.301698][ T6030] loop2: detected capacity change from 0 to 40427
[  105.321234][ T5275] EXT4-fs (loop8): unmounting filesystem.
[  105.322427][ T6024] loop7: detected capacity change from 0 to 40427
[  105.330853][ T6030] F2FS-fs (loop2): invalid crc value
[  105.339453][ T6024] F2FS-fs (loop7): fault_injection options not supported
[  105.347186][ T6030] F2FS-fs (loop2): Found nat_bits in checkpoint
[  105.355180][ T6024] F2FS-fs (loop7): invalid crc value
[  105.374566][ T6024] F2FS-fs (loop7): Found nat_bits in checkpoint
[  105.374700][   T28] audit: type=1400 audit(2000001557.688:4102): avc:  denied  { connect } for  pid=6045 comm="syz.8.2365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  105.461549][ T6030] F2FS-fs (loop2): Start checkpoint disabled!
[  105.475812][ T3852] usb 4-1: USB disconnect, device number 11
[  105.484965][ T6030] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  105.496846][ T6024] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  105.536625][ T1894] syz-executor: attempt to access beyond end of device
[  105.536625][ T1894] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  105.542261][   T10] kworker/u4:1: attempt to access beyond end of device
[  105.542261][   T10] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  105.565669][ T6058] loop6: detected capacity change from 0 to 16
[  105.576017][ T6058] erofs: (device loop6): z_erofs_load_lz4_config: too large lz4 pclusterblks 16832
[  105.669041][ T6065] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2376'.
[  105.713817][ T6071] loop7: detected capacity change from 0 to 256
[  105.976504][ T6089] loop7: detected capacity change from 0 to 128
[  106.001476][ T6089] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  106.037771][ T6089] ext4 filesystem being mounted at /407/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  106.094343][ T6087] loop2: detected capacity change from 0 to 40427
[  106.102207][ T1894] EXT4-fs (loop7): unmounting filesystem.
[  106.109287][ T6087] F2FS-fs (loop2): fault_injection options not supported
[  106.119697][ T6087] F2FS-fs (loop2): invalid crc value
[  106.155916][ T6087] F2FS-fs (loop2): Found nat_bits in checkpoint
[  106.208638][ T6087] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  106.248033][  T285] syz-executor: attempt to access beyond end of device
[  106.248033][  T285] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  106.506508][ T6117] loop7: detected capacity change from 0 to 256
[  106.534702][ T6117] FAT-fs (loop7): Directory bread(block 64) failed
[  106.544718][ T6117] FAT-fs (loop7): Directory bread(block 65) failed
[  106.563757][ T6117] FAT-fs (loop7): Directory bread(block 66) failed
[  106.576455][ T6117] FAT-fs (loop7): Directory bread(block 67) failed
[  106.583326][ T6117] FAT-fs (loop7): Directory bread(block 68) failed
[  106.590283][ T6117] FAT-fs (loop7): Directory bread(block 69) failed
[  106.597045][ T6117] FAT-fs (loop7): Directory bread(block 70) failed
[  106.603916][ T6117] FAT-fs (loop7): Directory bread(block 71) failed
[  106.612222][ T6117] FAT-fs (loop7): Directory bread(block 72) failed
[  106.619235][ T6117] FAT-fs (loop7): Directory bread(block 73) failed
[  106.747794][ T6142] tipc: Started in network mode
[  106.752798][ T6142] tipc: Node identity ac14140f, cluster identity 4711
[  106.759866][ T6142] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  107.075570][    T8] tipc: Left network mode
[  107.444635][ T6170] loop8: detected capacity change from 0 to 256
[  107.490571][ T6170] FAT-fs (loop8): Directory bread(block 64) failed
[  107.508389][ T6170] FAT-fs (loop8): Directory bread(block 65) failed
[  107.526469][ T6170] FAT-fs (loop8): Directory bread(block 66) failed
[  107.545166][ T6170] FAT-fs (loop8): Directory bread(block 67) failed
[  107.561921][ T6170] FAT-fs (loop8): Directory bread(block 68) failed
[  107.584613][ T6170] FAT-fs (loop8): Directory bread(block 69) failed
[  107.601405][ T6170] FAT-fs (loop8): Directory bread(block 70) failed
[  107.608369][ T6170] FAT-fs (loop8): Directory bread(block 71) failed
[  107.625117][ T6170] FAT-fs (loop8): Directory bread(block 72) failed
[  107.635183][ T6170] FAT-fs (loop8): Directory bread(block 73) failed
[  107.675178][   T24] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  107.793791][ T6171] syz.6.2418 (6171) used greatest stack depth: 19808 bytes left
[  107.866281][   T24] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  107.885191][   T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  107.905303][   T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  107.915248][   T24] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  107.933164][ T6183] SELinux: ebitmap: truncated map
[  107.938765][   T24] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  107.952179][ T6183] SELinux: failed to load policy
[  107.957195][   T24] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  107.966051][   T24] usb 8-1: Manufacturer: syz
[  107.975409][   T24] usb 8-1: config 0 descriptor??
[  108.175449][ T3852] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  108.356350][ T3852] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  108.367316][ T3852] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  108.377134][ T3852] usb 7-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  108.386213][ T3852] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  108.394858][ T3852] usb 7-1: config 0 descriptor??
[  108.395098][   T24] appleir 0003:05AC:8243.0013: unknown main item tag 0x0
[  108.407292][   T24] appleir 0003:05AC:8243.0013: No inputs registered, leaving
[  108.415826][   T24] appleir 0003:05AC:8243.0013: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.7-1/input0
[  108.676057][    T6] usb 8-1: USB disconnect, device number 7
[  108.803250][ T3852] cp2112 0003:10C4:EA90.0014: item fetching failed at offset 5/7
[  108.811249][ T3852] cp2112 0003:10C4:EA90.0014: parse failed
[  108.817130][ T3852] cp2112: probe of 0003:10C4:EA90.0014 failed with error -22
[  109.210873][ T6221] input: syz0 as /devices/virtual/input/input18
[  109.218905][ T6221] input: failed to attach handler leds to device input18, error: -6
[  110.126291][ T6230] loop7: detected capacity change from 0 to 40427
[  110.134311][ T6230] F2FS-fs (loop7): invalid crc value
[  110.140664][ T6230] F2FS-fs (loop7): Found nat_bits in checkpoint
[  110.169846][ T6230] F2FS-fs (loop7): Start checkpoint disabled!
[  110.176919][ T6230] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  110.189867][   T28] kauditd_printk_skb: 41 callbacks suppressed
[  110.189883][   T28] audit: type=1400 audit(2000001562.508:4144): avc:  denied  { create } for  pid=6229 comm="syz.7.2447" name="file3" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1
[  110.216851][   T28] audit: type=1400 audit(2000001562.508:4145): avc:  denied  { rename } for  pid=6229 comm="syz.7.2447" name="file0" dev="loop7" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  110.238916][   T28] audit: type=1400 audit(2000001562.508:4146): avc:  denied  { unlink } for  pid=6229 comm="syz.7.2447" name="file3" dev="loop7" ino=17 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1
[  110.278598][  T477] kworker/u4:5: attempt to access beyond end of device
[  110.278598][  T477] loop7: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  110.292766][   T28] audit: type=1400 audit(2000001562.508:4147): avc:  denied  { rename } for  pid=6229 comm="syz.7.2447" name="file3" dev="loop7" ino=17 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1
[  110.305529][    T6] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  110.315692][   T28] audit: type=1400 audit(2000001562.508:4148): avc:  denied  { unlink } for  pid=6229 comm="syz.7.2447" name="file0" dev="loop7" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  110.364178][   T28] audit: type=1400 audit(2000001562.678:4149): avc:  denied  { read } for  pid=6240 comm="syz.3.2453" name="rtc0" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  110.387672][   T28] audit: type=1400 audit(2000001562.708:4150): avc:  denied  { open } for  pid=6240 comm="syz.3.2453" path="/dev/rtc0" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  110.444457][   T28] audit: type=1400 audit(2000001562.708:4151): avc:  denied  { ioctl } for  pid=6240 comm="syz.3.2453" path="/dev/rtc0" dev="devtmpfs" ino=263 ioctlcmd=0x7013 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  110.474391][   T28] audit: type=1400 audit(2000001562.788:4152): avc:  denied  { mount } for  pid=6244 comm="syz.7.2452" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  110.496938][   T28] audit: type=1400 audit(2000001562.788:4153): avc:  denied  { unmount } for  pid=1894 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  110.545497][    T6] usb 3-1: Using ep0 maxpacket: 32
[  110.552031][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  110.563067][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  110.572965][    T6] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  110.582529][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.591512][    T6] usb 3-1: config 0 descriptor??
[  110.598474][    T6] hub 3-1:0.0: USB hub found
[  110.800519][    T6] hub 3-1:0.0: config failed, can't read hub descriptor (err -90)
[  110.911608][ T3852] usb 7-1: USB disconnect, device number 8
[  110.944136][ T6261] loop8: detected capacity change from 0 to 512
[  110.952965][ T6261] EXT4-fs error (device loop8): ext4_orphan_get:1426: comm syz.8.2461: bad orphan inode 15
[  110.963370][ T6261] ext4_test_bit(bit=14, block=5) = 0
[  110.969716][ T6261] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  110.993194][ T5275] EXT4-fs (loop8): unmounting filesystem.
[  111.001677][    T6] usbhid 3-1:0.0: can't add hid device: -71
[  111.007717][    T6] usbhid: probe of 3-1:0.0 failed with error -71
[  111.010543][ T6267] loop8: detected capacity change from 0 to 128
[  111.056182][    T6] usb 3-1: USB disconnect, device number 9
[  111.253942][ T6279] I/O error, dev loop17, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  111.275628][ T6279] FAT-fs (loop17): unable to read boot sector
[  111.406189][ T6289] SELinux: ebitmap: truncated map
[  111.425311][ T6289] SELinux: failed to load policy
[  111.438415][ T6298] loop6: detected capacity change from 0 to 128
[  111.519571][ T6304] loop7: detected capacity change from 0 to 256
[  111.541944][ T6304] exFAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  111.560555][ T6304] exFAT-fs (loop7): Medium has reported failures. Some data may be lost.
[  111.577771][ T6304] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  112.324883][ T6312] loop7: detected capacity change from 0 to 512
[  112.332545][ T6312] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  112.440407][ T6312] EXT4-fs (loop7): 1 truncate cleaned up
[  112.449451][ T6312] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  112.523281][ T6312] syz.7.2491 (pid 6312) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  112.557064][ T1894] EXT4-fs (loop7): unmounting filesystem.
[  112.666161][ T6320] loop3: detected capacity change from 0 to 512
[  112.673198][ T6320] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  112.684834][ T6320] EXT4-fs (loop3): 1 truncate cleaned up
[  112.690600][ T6320] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  112.708011][  T284] EXT4-fs (loop3): unmounting filesystem.
[  113.087617][ T6311] loop6: detected capacity change from 0 to 262144
[  113.095156][ T6311] F2FS-fs (loop6): invalid crc value
[  113.116234][ T6311] F2FS-fs (loop6): Found nat_bits in checkpoint
[  113.140572][ T6330] SELinux: ebitmap start bit (524310) is not a multiple of the map unit size (64)
[  113.151790][ T6330] SELinux: failed to load policy
[  113.157978][ T6311] F2FS-fs (loop6): Start checkpoint disabled!
[  113.170264][ T6311] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  113.178940][ T6327] loop7: detected capacity change from 0 to 4096
[  113.203605][ T6327] input: syz0 as /devices/virtual/input/input19
[  113.257443][ T6340] loop7: detected capacity change from 0 to 128
[  113.376538][ T3852] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  113.565711][ T3852] usb 4-1: Using ep0 maxpacket: 16
[  113.572160][ T3852] usb 4-1: config 0 interface 0 has no altsetting 0
[  113.578812][ T3852] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  113.587904][ T3852] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.596379][ T3852] usb 4-1: config 0 descriptor??
[  113.685690][   T24] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  113.725605][    T6] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  113.865605][   T24] usb 8-1: Using ep0 maxpacket: 32
[  113.871897][   T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  113.882924][   T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  113.892771][   T24] usb 8-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  113.901846][   T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.910516][   T24] usb 8-1: config 0 descriptor??
[  113.916269][   T24] hub 8-1:0.0: USB hub found
[  113.916784][    T6] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  113.930642][    T6] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  113.940415][    T6] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  113.954955][    T6] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  113.964077][    T6] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  113.972318][    T6] usb 3-1: Product: syz
[  113.976512][    T6] usb 3-1: Manufacturer: syz
[  113.981131][    T6] usb 3-1: SerialNumber: syz
[  114.009337][ T3852] hid (null): invalid report_size 53633
[  114.014962][ T3852] hid (null): bogus close delimiter
[  114.020746][ T3852] hid (null): unknown global tag 0xe
[  114.026167][ T3852] hid (null): unknown global tag 0xc
[  114.031500][ T3852] hid (null): global environment stack underflow
[  114.037878][ T3852] hid (null): unknown global tag 0xe
[  114.043242][ T3852] hid (null): report_id 4160080533 is invalid
[  114.049518][ T3852] hid (null): report_id 29837 is invalid
[  114.055198][ T3852] hid (null): invalid report_size 57783
[  114.062545][ T3852] hid (null): usage index exceeded
[  114.118183][   T24] hub 8-1:0.0: config failed, can't read hub descriptor (err -90)
[  114.189070][    T6] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 10 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  114.213523][    T6] usb 4-1: USB disconnect, device number 12
[  114.319191][   T24] usbhid 8-1:0.0: can't add hid device: -71
[  114.325175][   T24] usbhid: probe of 8-1:0.0 failed with error -71
[  114.355938][   T24] usb 8-1: USB disconnect, device number 8
[  114.394032][ T3852] usb 3-1: USB disconnect, device number 10
[  114.400942][ T3852] usblp0: removed
[  114.742420][ T6369] SELinux: ebitmap start bit (524310) is not a multiple of the map unit size (64)
[  114.753876][ T6369] SELinux: failed to load policy
[  114.773839][ T6373] loop3: detected capacity change from 0 to 128
[  114.937348][ T6388] loop6: detected capacity change from 0 to 128
[  114.958504][ T6388] ext4 filesystem being mounted at /364/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  115.010285][ T6397] loop3: detected capacity change from 0 to 512
[  115.021765][ T6397] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  115.032829][ T6399] loop6: detected capacity change from 0 to 256
[  115.046419][ T6399] FAT-fs (loop6): Directory bread(block 64) failed
[  115.052976][ T6399] FAT-fs (loop6): Directory bread(block 65) failed
[  115.060389][ T6399] FAT-fs (loop6): Directory bread(block 66) failed
[  115.067490][ T6399] FAT-fs (loop6): Directory bread(block 67) failed
[  115.074202][ T6399] FAT-fs (loop6): Directory bread(block 68) failed
[  115.080793][ T6399] FAT-fs (loop6): Directory bread(block 69) failed
[  115.082269][ T6397] EXT4-fs (loop3): 1 truncate cleaned up
[  115.087426][ T6399] FAT-fs (loop6): Directory bread(block 70) failed
[  115.099954][ T6399] FAT-fs (loop6): Directory bread(block 71) failed
[  115.106548][ T6399] FAT-fs (loop6): Directory bread(block 72) failed
[  115.115627][ T6399] FAT-fs (loop6): Directory bread(block 73) failed
[  115.160918][ T6411] input: syz1 as /devices/virtual/input/input20
[  115.171856][ T6411] input: failed to attach handler leds to device input20, error: -6
[  115.171985][    C1] operation not supported error, dev loop6, sector 0 op 0x9:(WRITE_ZEROES) flags 0x8000800 phys_seg 0 prio class 2
[  115.192250][   T24] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  115.215260][ T6414] loop2: detected capacity change from 0 to 512
[  115.223427][   T28] kauditd_printk_skb: 20 callbacks suppressed
[  115.223442][   T28] audit: type=1400 audit(2000001569.536:4174): avc:  denied  { unmount } for  pid=1829 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  115.224685][ T6414] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  115.259228][ T6417] loop8: detected capacity change from 0 to 128
[  115.261572][ T6414] EXT4-fs (loop2): 1 truncate cleaned up
[  115.386882][   T24] usb 8-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 1023
[  115.405575][   T24] usb 8-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  115.407954][ T6441] loop8: detected capacity change from 0 to 256
[  115.429049][   T28] audit: type=1400 audit(2000001569.746:4175): avc:  denied  { ioctl } for  pid=6442 comm="syz.6.2541" path="socket:[42036]" dev="sockfs" ino=42036 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  115.436524][   T24] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  115.468363][ T6441] exFAT-fs (loop8): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  115.471214][   T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  115.491050][   T24] usb 8-1: SerialNumber: syz
[  115.495895][  T987] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  115.508145][ T6383] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  115.508232][ T6446] loop6: detected capacity change from 0 to 512
[  115.534606][ T6446] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  115.546712][   T28] audit: type=1400 audit(2000001569.866:4176): avc:  denied  { unlink } for  pid=6447 comm="syz.8.2543" name="#5" dev="tmpfs" ino=471 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  115.571057][ T6448] overlayfs: conflicting lowerdir path
[  115.578646][ T6448] overlayfs: overlay with incompat feature 'volatile' cannot be mounted
[  115.603123][ T6446] EXT4-fs (loop6): 1 truncate cleaned up
[  115.612550][ T6451] loop8: detected capacity change from 0 to 512
[  115.636336][ T6451] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  115.656694][ T6451] EXT4-fs (loop8): 1 truncate cleaned up
[  115.671248][ T6456] loop6: detected capacity change from 0 to 128
[  115.686946][  T987] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  115.704322][  T987] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  115.721021][  T987] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  115.735608][ T6383] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  115.757763][  T987] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  115.771811][  T987] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.779993][  T987] usb 4-1: Product: syz
[  115.784208][  T987] usb 4-1: Manufacturer: syz
[  115.789005][  T987] usb 4-1: SerialNumber: syz
[  115.938821][ T6473] Non-string source
[  115.974502][   T28] audit: type=1400 audit(2000001570.286:4177): avc:  denied  { map } for  pid=6474 comm="syz.6.2555" path="/dev/kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  116.001431][   T28] audit: type=1400 audit(2000001570.326:4178): avc:  denied  { execute } for  pid=6474 comm="syz.6.2555" path="/dev/kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  116.026973][  T987] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 13 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  116.147054][   T24] cdc_ether: probe of 8-1:1.0 failed with error -22
[  116.232321][   T24] usb 4-1: USB disconnect, device number 13
[  116.243005][   T24] usblp0: removed
[  116.317050][ T6479] loop6: detected capacity change from 0 to 40427
[  116.325574][ T6479] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  116.333455][ T6479] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  116.345253][ T6479] F2FS-fs (loop6): invalid crc value
[  116.371618][   T39] usb 8-1: USB disconnect, device number 9
[  116.396625][ T6479] F2FS-fs (loop6): Found nat_bits in checkpoint
[  116.446104][ T6479] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  116.453194][ T6479] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  116.728736][   T28] audit: type=1326 audit(2000001571.046:4179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6468 comm="syz.8.2553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff04672ab19 code=0x7ffc0000
[  116.764962][ T6489] loop2: detected capacity change from 0 to 128
[  116.778546][   T28] audit: type=1326 audit(2000001571.076:4180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6468 comm="syz.8.2553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff04672ab19 code=0x7ffc0000
[  116.802463][   T28] audit: type=1326 audit(2000001571.086:4181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6468 comm="syz.8.2553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff04672ab19 code=0x7ffc0000
[  116.826976][ T6489] ext4 filesystem being mounted at /569/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  116.837824][   T28] audit: type=1326 audit(2000001571.086:4182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6468 comm="syz.8.2553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff04672ab19 code=0x7ffc0000
[  116.862035][   T28] audit: type=1326 audit(2000001571.086:4183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6468 comm="syz.8.2553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff04678e929 code=0x7ffc0000
[  116.934729][ T6495] loop7: detected capacity change from 0 to 128
[  117.025653][   T39] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  117.089294][ T6506] SELinux: ebitmap: map size 4278591488 does not match my size 64 (high bit was 0)
[  117.114140][ T6506] SELinux: failed to load policy
[  117.177011][ T6513] loop2: detected capacity change from 0 to 256
[  117.215655][   T39] usb 4-1: Using ep0 maxpacket: 16
[  117.219564][ T6520] loop2: detected capacity change from 0 to 512
[  117.222414][   T39] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  117.242706][ T6520] EXT4-fs error (device loop2): ext4_get_branch:178: inode #13: block 2: comm syz.2.2572: invalid block
[  117.246550][   T39] usb 4-1: config 0 interface 0 has no altsetting 0
[  117.262746][   T39] usb 4-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00
[  117.273591][   T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.274641][ T6520] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.2572: invalid indirect mapped block 10 (level 1)
[  117.282580][   T39] usb 4-1: config 0 descriptor??
[  117.301214][ T6520] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.2572: invalid indirect mapped block 8 (level 1)
[  117.318235][ T6520] EXT4-fs (loop2): 1 truncate cleaned up
[  117.346149][ T6528] I/O error, dev loop17, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  117.355752][ T6528] FAT-fs (loop17): unable to read boot sector
[  117.376872][ T6531] input: syz1 as /devices/virtual/input/input21
[  117.383255][ T6531] input: failed to attach handler leds to device input21, error: -6
[  117.420037][ T6537] netlink: 104 bytes leftover after parsing attributes in process `syz.8.2580'.
[  117.445650][  T987] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  117.635261][  T987] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  117.645035][  T987] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  117.654804][  T987] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  117.669238][  T987] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  117.675665][    T6] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  117.678483][  T987] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.694127][  T987] usb 7-1: Product: syz
[  117.698328][  T987] usb 7-1: Manufacturer: syz
[  117.702955][  T987] usb 7-1: SerialNumber: syz
[  117.708218][   T39] hid (null): report_id 67708416 is invalid
[  117.721405][   T39] hid-generic 0003:060B:500A.0016: unexpected long global item
[  117.729752][   T39] hid-generic: probe of 0003:060B:500A.0016 failed with error -22
[  117.785616][   T24] usb 8-1: new full-speed USB device number 10 using dummy_hcd
[  117.866709][    T6] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 1023
[  117.876739][    T6] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  117.891365][    T6] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  117.900473][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  117.908517][    T6] usb 3-1: SerialNumber: syz
[  117.914108][ T6534] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  117.930246][ T3852] usb 4-1: USB disconnect, device number 14
[  117.939626][  T987] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 9 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  117.966787][   T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  117.977990][   T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  117.987788][   T24] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  118.001133][   T24] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  118.010309][   T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.018953][   T24] usb 8-1: config 0 descriptor??
[  118.123776][ T6534] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  118.149511][  T987] usb 7-1: USB disconnect, device number 9
[  118.156242][  T987] usblp0: removed
[  118.427507][   T24] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[  118.434965][   T24] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[  118.442568][   T24] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[  118.451607][   T24] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[  118.459132][   T24] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[  118.469659][   T24] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[  118.477704][   T24] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[  118.485175][   T24] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[  118.492848][   T24] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[  118.496497][ T6554] loop8: detected capacity change from 0 to 128
[  118.501050][   T24] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[  118.509868][ T6554] ext4 filesystem being mounted at /96/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  118.513961][   T24] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[  118.532014][   T24] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[  118.539704][   T24] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[  118.539848][    T6] cdc_ether: probe of 3-1:1.0 failed with error -22
[  118.547435][   T24] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[  118.561472][   T24] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[  118.569110][   T24] plantronics 0003:047F:FFFF.0017: No inputs registered, leaving
[  118.577604][   T24] plantronics 0003:047F:FFFF.0017: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0
[  118.605648][ T6560] loop3: detected capacity change from 0 to 512
[  118.612609][ T6560] EXT4-fs: Ignoring removed nomblk_io_submit option
[  118.620167][ T6560] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  118.637412][ T6564] input: syz1 as /devices/virtual/input/input22
[  118.643819][ T6564] input: failed to attach handler leds to device input22, error: -6
[  118.653949][ T6560] ext4 filesystem being mounted at /470/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  118.703054][ T6575] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2596'.
[  118.717725][    T6] usb 8-1: USB disconnect, device number 10
[  118.745952][ T6583] loop6: detected capacity change from 0 to 128
[  118.757635][ T6583] ext4 filesystem being mounted at /384/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  118.758109][ T3852] usb 3-1: USB disconnect, device number 11
[  119.322591][ T6604] loop6: detected capacity change from 0 to 256
[  119.445486][ T6631] loop6: detected capacity change from 0 to 16
[  119.452913][ T6631] erofs: (device loop6): mounted with root inode @ nid 36.
[  119.572683][ T6646] loop3: detected capacity change from 0 to 128
[  119.686376][ T6658] loop3: detected capacity change from 0 to 16
[  119.693254][ T6658] erofs: (device loop3): mounted with root inode @ nid 36.
[  119.836645][ T6667] loop2: detected capacity change from 0 to 512
[  119.843340][ T6667] EXT4-fs: Ignoring removed nomblk_io_submit option
[  119.850534][ T6667] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  119.867748][ T6667] ext4 filesystem being mounted at /583/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  119.902174][ T6673] loop3: detected capacity change from 0 to 512
[  119.932285][ T6673] EXT4-fs error (device loop3): ext4_get_branch:178: inode #13: block 2: comm syz.3.2642: invalid block
[  119.952528][ T6673] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.2642: invalid indirect mapped block 10 (level 1)
[  119.975835][ T6673] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.2642: invalid indirect mapped block 8 (level 1)
[  119.996213][ T6673] EXT4-fs (loop3): 1 truncate cleaned up
[  120.246855][   T28] kauditd_printk_skb: 1031 callbacks suppressed
[  120.246871][   T28] audit: type=1400 audit(2000001575.572:5215): avc:  denied  { read } for  pid=6710 comm="syz.2.2659" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  120.278444][ T6713] loop7: detected capacity change from 0 to 512
[  120.297546][ T6713] EXT4-fs error (device loop7): ext4_get_branch:178: inode #13: block 2: comm syz.7.2658: invalid block
[  120.308881][   T28] audit: type=1400 audit(2000001575.602:5216): avc:  denied  { mounton } for  pid=6712 comm="syz.7.2658" path="/457/bus" dev="tmpfs" ino=2414 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  120.331998][ T6713] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #13: comm syz.7.2658: invalid indirect mapped block 10 (level 1)
[  120.345292][   T28] audit: type=1400 audit(2000001575.602:5217): avc:  denied  { open } for  pid=6710 comm="syz.2.2659" path="/dev/kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  120.345570][ T6713] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #13: comm syz.7.2658: invalid indirect mapped block 8 (level 1)
[  120.381962][ T6713] EXT4-fs (loop7): 1 truncate cleaned up
[  120.409675][   T28] audit: type=1400 audit(2000001575.612:5218): avc:  denied  { ioctl } for  pid=6710 comm="syz.2.2659" path="/dev/kvm" dev="devtmpfs" ino=83 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  120.435656][   T28] audit: type=1400 audit(2000001575.622:5219): avc:  denied  { read write } for  pid=284 comm="syz-executor" name="loop3" dev="devtmpfs" ino=121 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  120.459835][   T28] audit: type=1400 audit(2000001575.622:5220): avc:  denied  { open } for  pid=284 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=121 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  120.484050][   T28] audit: type=1400 audit(2000001575.622:5221): avc:  denied  { ioctl } for  pid=284 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=121 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  120.510260][   T28] audit: type=1400 audit(2000001575.662:5222): avc:  denied  { bpf } for  pid=6716 comm="syz.3.2660" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  120.532066][   T28] audit: type=1400 audit(2000001575.662:5223): avc:  denied  { map_create } for  pid=6716 comm="syz.3.2660" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  120.565882][   T28] audit: type=1400 audit(2000001575.662:5224): avc:  denied  { perfmon } for  pid=6716 comm="syz.3.2660" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  120.622151][ T6728] netlink: 87 bytes leftover after parsing attributes in process `syz.7.2665'.
[  120.640369][ T6726] loop3: detected capacity change from 0 to 512
[  120.657172][ T6726] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  120.679229][ T6726] EXT4-fs (loop3): 1 truncate cleaned up
[  121.521659][ T6754] loop6: detected capacity change from 0 to 512
[  121.531075][ T6754] EXT4-fs error (device loop6): ext4_get_branch:178: inode #13: block 2: comm syz.6.2675: invalid block
[  121.565461][ T6754] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #13: comm syz.6.2675: invalid indirect mapped block 10 (level 1)
[  121.595475][ T6754] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #13: comm syz.6.2675: invalid indirect mapped block 8 (level 1)
[  121.610239][ T6754] EXT4-fs (loop6): 1 truncate cleaned up
[  121.706531][ T6780] loop7: detected capacity change from 0 to 256
[  121.729517][ T6780] exFAT-fs (loop7): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  121.853662][ T6769] loop3: detected capacity change from 0 to 40427
[  121.862048][ T6792] loop6: detected capacity change from 0 to 512
[  121.870051][ T6769] F2FS-fs (loop3): fault_injection options not supported
[  121.876243][ T6792] EXT4-fs: Ignoring removed mblk_io_submit option
[  121.889580][ T6769] F2FS-fs (loop3): Image doesn't support compression
[  121.894196][ T6792] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  121.907058][ T6769] F2FS-fs (loop3): invalid crc value
[  121.918937][ T6792] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  121.927699][ T6769] F2FS-fs (loop3): Found nat_bits in checkpoint
[  121.928645][ T6792] System zones: 1-12
[  121.946758][ T6792] EXT4-fs (loop6): 1 truncate cleaned up
[  121.984482][ T6769] F2FS-fs (loop3): Start checkpoint disabled!
[  122.003821][ T6769] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  122.125986][   T10] kworker/u4:1: attempt to access beyond end of device
[  122.125986][   T10] loop3: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  122.601673][ T6810] loop6: detected capacity change from 0 to 40427
[  122.611606][ T6810] F2FS-fs (loop6): invalid crc value
[  122.631421][ T6810] F2FS-fs (loop6): Found nat_bits in checkpoint
[  122.665739][   T24] usb 4-1: new full-speed USB device number 15 using dummy_hcd
[  122.691805][ T6810] F2FS-fs (loop6): Start checkpoint disabled!
[  122.715624][ T6810] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  122.771967][   T10] kworker/u4:1: attempt to access beyond end of device
[  122.771967][   T10] loop6: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  122.867016][   T24] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  122.887401][   T24] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  122.917075][   T24] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  122.936088][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.954429][   T24] usb 4-1: Product: syz
[  122.964477][   T24] usb 4-1: Manufacturer: syz
[  122.969395][   T24] usb 4-1: SerialNumber: syz
[  123.041797][ T6826] loop8: detected capacity change from 0 to 40427
[  123.059215][ T6826] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12
[  123.062642][ T6829] loop7: detected capacity change from 0 to 40427
[  123.075828][ T6829] F2FS-fs (loop7): invalid crc value
[  123.079909][ T6826] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  123.090779][ T6829] F2FS-fs (loop7): Found nat_bits in checkpoint
[  123.097904][ T6826] F2FS-fs (loop8): invalid crc value
[  123.122796][ T6847] netlink: 4344 bytes leftover after parsing attributes in process `syz.6.2716'.
[  123.136448][ T6829] F2FS-fs (loop7): Start checkpoint disabled!
[  123.143682][ T6826] F2FS-fs (loop8): Found nat_bits in checkpoint
[  123.152763][ T6829] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  123.188515][   T24] usb 4-1: 0:2 : does not exist
[  123.197046][   T24] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[  123.217692][   T24] usb 4-1: USB disconnect, device number 15
[  123.234246][ T6829] syz.7.2708: attempt to access beyond end of device
[  123.234246][ T6829] loop7: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  123.248826][ T6829] syz.7.2708: attempt to access beyond end of device
[  123.248826][ T6829] loop7: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  123.255107][ T6826] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  123.270701][ T6826] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  123.286412][ T6829] syz.7.2708: attempt to access beyond end of device
[  123.286412][ T6829] loop7: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  123.352551][    T8] kworker/u4:0: attempt to access beyond end of device
[  123.352551][    T8] loop7: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  123.365306][ T6869] loop2: detected capacity change from 0 to 16
[  123.374036][ T6869] erofs: (device loop2): mounted with root inode @ nid 36.
[  123.383249][ T6869] syz.2.2735: attempt to access beyond end of device
[  123.383249][ T6869] loop2: rw=0, sector=14546590680, nr_sectors = 16 limit=16
[  123.398651][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 40 @ nid 36
[  123.407825][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 39 @ nid 36
[  123.417376][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 38 @ nid 36
[  123.433569][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 34 @ nid 36
[  123.446395][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 32 @ nid 36
[  123.456044][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 30 @ nid 36
[  123.465590][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 27 @ nid 36
[  123.474830][ T6872] syz.2.2735: attempt to access beyond end of device
[  123.474830][ T6872] loop2: rw=0, sector=14546590688, nr_sectors = 8 limit=16
[  123.489497][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 26 @ nid 36
[  123.508035][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 25 @ nid 36
[  123.517485][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 24 @ nid 36
[  123.529795][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 23 @ nid 36
[  123.539419][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 22 @ nid 36
[  123.556021][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 21 @ nid 36
[  123.569048][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 20 @ nid 36
[  123.579916][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 18 @ nid 36
[  123.590243][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 12 @ nid 36
[  123.599780][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 10 @ nid 36
[  123.609221][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 6 @ nid 36
[  123.623739][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 4 @ nid 36
[  123.632864][ T6869] erofs: (device loop2): z_erofs_do_map_blocks: invalid logical cluster 0 at nid 36
[  123.642374][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 0 @ nid 36
[  123.651750][ T6869] syz.2.2735: attempt to access beyond end of device
[  123.651750][ T6869] loop2: rw=524288, sector=296, nr_sectors = 16 limit=16
[  123.666924][ T6869] syz.2.2735: attempt to access beyond end of device
[  123.666924][ T6869] loop2: rw=524288, sector=1049264, nr_sectors = 16 limit=16
[  123.682458][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 86 @ nid 36
[  123.702618][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 84 @ nid 36
[  123.731105][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 80 @ nid 36
[  123.740862][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 74 @ nid 36
[  123.774272][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 72 @ nid 36
[  123.795922][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 70 @ nid 36
[  123.821073][ T6869] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  123.857839][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 63 @ nid 36
[  123.886732][ T6869] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  123.907987][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 62 @ nid 36
[  123.936443][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 58 @ nid 36
[  123.961779][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 57 @ nid 36
[  123.982922][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 54 @ nid 36
[  124.007673][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 53 @ nid 36
[  124.029810][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 52 @ nid 36
[  124.055710][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 51 @ nid 36
[  124.075592][ T6869] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  124.087417][ T6915] loop3: detected capacity change from 0 to 256
[  124.094197][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 50 @ nid 36
[  124.103766][ T6915] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  124.116092][ T6911] SELinux: ebitmap: map size 2147549188 does not match my size 64 (high bit was 0)
[  124.125524][ T6911] SELinux: failed to load policy
[  124.130867][ T6915] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  124.139436][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 47 @ nid 36
[  124.156425][ T6915] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  124.169634][ T6869] erofs: (device loop2): z_erofs_readahead: readahead error at page 46 @ nid 36
[  124.183832][ T6899] loop6: detected capacity change from 0 to 40427
[  124.201175][ T6899] F2FS-fs (loop6): fault_injection options not supported
[  124.211652][ T6899] F2FS-fs (loop6): Image doesn't support compression
[  124.229388][ T6919] loop3: detected capacity change from 0 to 256
[  124.236475][ T6899] F2FS-fs (loop6): invalid crc value
[  124.246938][ T6919] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000001)
[  124.254836][ T6919] FAT-fs (loop3): Filesystem has been set read-only
[  124.267699][ T6899] F2FS-fs (loop6): Found nat_bits in checkpoint
[  124.328080][ T6899] F2FS-fs (loop6): Start checkpoint disabled!
[  124.351025][ T6899] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  124.422919][ T6943] tipc: Started in network mode
[  124.430563][ T6944] loop2: detected capacity change from 0 to 256
[  124.436921][ T6943] tipc: Node identity 7365725f69643d3, cluster identity 4711
[  124.444914][ T6944] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  124.456611][ T6943] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  124.465025][ T6944] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  124.505318][ T6944] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  124.710402][ T6957] syz.3.2764[6957] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  124.710486][ T6957] syz.3.2764[6957] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  124.762003][ T6965] loop7: detected capacity change from 0 to 256
[  124.790945][ T6965] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000001)
[  124.809605][ T6965] FAT-fs (loop7): Filesystem has been set read-only
[  124.819143][ T6967] SELinux: ebitmap: map size 2147549188 does not match my size 64 (high bit was 0)
[  124.831311][ T6967] SELinux: failed to load policy
[  124.951596][ T6974] tipc: Started in network mode
[  124.956611][ T6974] tipc: Node identity 7365725f69643d3, cluster identity 4711
[  124.964114][ T6974] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  125.358025][ T7002] syz.7.2793[7002] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.358105][ T7002] syz.7.2793[7002] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.381173][ T7004] SELinux: ebitmap: map size 2147549188 does not match my size 64 (high bit was 0)
[  125.403033][ T7004] SELinux: failed to load policy
[  125.427566][ T7006] loop8: detected capacity change from 0 to 512
[  125.449065][ T7006] ext4 filesystem being mounted at /125/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  125.585716][ T7013] loop7: detected capacity change from 0 to 1024
[  125.605741][ T7013] ext4 filesystem being mounted at /497/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  125.889496][ T7021] loop8: detected capacity change from 0 to 40427
[  125.920546][ T7050] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2803'.
[  125.925129][ T7047] SELinux: ebitmap: truncated map
[  125.934781][ T7047] SELinux: failed to load policy
[  125.940069][ T7021] F2FS-fs (loop8): invalid crc value
[  125.954329][ T7021] F2FS-fs (loop8): Found nat_bits in checkpoint
[  125.975666][    T6] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  126.008778][ T7021] F2FS-fs (loop8): Start checkpoint disabled!
[  126.020681][ T7021] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[  126.041062][ T7053] loop3: detected capacity change from 0 to 1024
[  126.053971][ T7060] loop7: detected capacity change from 0 to 512
[  126.086124][ T7053] ext4 filesystem being mounted at /521/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.097784][ T7060] ext4 filesystem being mounted at /502/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  126.116497][ T7053] EXT4-fs unmount: 40 callbacks suppressed
[  126.116517][ T7053] EXT4-fs (loop3): unmounting filesystem.
[  126.148508][ T1894] EXT4-fs (loop7): unmounting filesystem.
[  126.167086][    T6] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  126.184626][    T6] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  126.194528][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.209071][    T6] snd-usb-audio: probe of 3-1:27.0 failed with error -2
[  126.254048][ T7081] loop7: detected capacity change from 0 to 256
[  126.266221][ T7084] loop8: detected capacity change from 0 to 128
[  126.274466][ T7079] SELinux: ebitmap: truncated map
[  126.280495][ T7079] SELinux: failed to load policy
[  126.408603][    T6] usb 3-1: USB disconnect, device number 12
[  126.453453][ T7090] loop3: detected capacity change from 0 to 40427
[  126.461191][ T7090] F2FS-fs (loop3): invalid crc value
[  126.467518][ T7090] F2FS-fs (loop3): Found nat_bits in checkpoint
[  126.475770][  T306] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  126.499732][ T7090] F2FS-fs (loop3): Start checkpoint disabled!
[  126.506569][ T7090] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  126.558019][ T7104] loop7: detected capacity change from 0 to 512
[  126.560392][ T7102] loop8: detected capacity change from 0 to 1024
[  126.572340][ T7104] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  126.584701][ T7104] EXT4-fs (loop7): 1 truncate cleaned up
[  126.590817][ T7104] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  126.601049][ T7102] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  126.609760][ T7102] ext4 filesystem being mounted at /132/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.622386][ T7104] EXT4-fs warning (device loop7): __ext4fs_dirhash:270: inode #12: comm syz.7.2826: Siphash requires key
[  126.634359][ T7102] EXT4-fs (loop8): unmounting filesystem.
[  126.648460][ T1894] EXT4-fs (loop7): unmounting filesystem.
[  126.662973][ T7109] loop3: detected capacity change from 0 to 512
[  126.669337][  T306] usb 7-1: Using ep0 maxpacket: 16
[  126.676251][  T306] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  126.689260][  T306] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  126.704968][   T28] kauditd_printk_skb: 99 callbacks suppressed
[  126.704985][   T28] audit: type=1400 audit(2000001582.022:5324): avc:  denied  { mount } for  pid=7110 comm="syz.7.2838" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  126.707373][ T7109] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  126.711504][  T306] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  126.733384][ T7109] ext4 filesystem being mounted at /525/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  126.741975][  T306] usb 7-1: New USB device found, idVendor=046d, idProduct=c227, bcdDevice= 0.00
[  126.742004][  T306] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.742774][  T306] usb 7-1: config 0 descriptor??
[  126.788042][  T284] EXT4-fs (loop3): unmounting filesystem.
[  126.803881][   T28] audit: type=1400 audit(2000001582.122:5325): avc:  denied  { create } for  pid=7117 comm="syz.3.2828" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  126.823960][   T28] audit: type=1400 audit(2000001582.122:5326): avc:  denied  { setopt } for  pid=7117 comm="syz.3.2828" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  126.848047][   T28] audit: type=1400 audit(2000001582.122:5327): avc:  denied  { write } for  pid=7117 comm="syz.3.2828" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  126.867515][   T28] audit: type=1400 audit(2000001582.172:5328): avc:  denied  { connect } for  pid=7119 comm="syz.3.2829" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  126.887396][   T28] audit: type=1400 audit(2000001582.172:5329): avc:  denied  { listen } for  pid=7119 comm="syz.3.2829" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  126.955156][ T7126] SELinux: ebitmap: truncated map
[  126.960584][ T7126] SELinux: failed to load policy
[  126.969123][ T7130] loop3: detected capacity change from 0 to 512
[  126.984913][ T7132] loop2: detected capacity change from 0 to 512
[  126.991820][ T7132] EXT4-fs: Ignoring removed bh option
[  126.992062][ T7074] loop6: detected capacity change from 0 to 512
[  126.997759][ T7132] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  127.004940][ T7074] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  127.014390][ T7130] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  127.020807][ T7074] EXT4-fs (loop6): invalid journal inode
[  127.029569][ T7130] ext4 filesystem being mounted at /531/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  127.045446][ T7132] EXT4-fs (loop2): 1 truncate cleaned up
[  127.050776][ T7074] EXT4-fs (loop6): can't get journal size
[  127.056958][   T28] audit: type=1400 audit(2000001582.372:5330): avc:  denied  { create } for  pid=7129 comm="syz.3.2835" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=blk_file permissive=1
[  127.069005][ T7132] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  127.100789][ T7074] EXT4-fs (loop6): 1 truncate cleaned up
[  127.113022][   T28] audit: type=1400 audit(2000001582.432:5331): avc:  denied  { unlink } for  pid=7129 comm="syz.3.2835" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=blk_file permissive=1
[  127.156646][ T7074] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  127.163198][ T7132] EXT4-fs (loop2): shut down requested (0)
[  127.184384][  T284] EXT4-fs (loop3): unmounting filesystem.
[  127.190160][  T306] usbhid 7-1:0.0: can't add hid device: -71
[  127.196673][  T285] EXT4-fs (loop2): unmounting filesystem.
[  127.202431][  T306] usbhid: probe of 7-1:0.0 failed with error -71
[  127.210361][  T306] usb 7-1: USB disconnect, device number 10
[  127.226900][ T7141] loop3: detected capacity change from 0 to 16
[  127.233769][ T7141] erofs: (device loop3): mounted with root inode @ nid 36.
[  127.236916][   T28] audit: type=1400 audit(2000001582.552:5332): avc:  denied  { ioctl } for  pid=7142 comm="syz.2.2840" path="socket:[44426]" dev="sockfs" ino=44426 ioctlcmd=0x48e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  127.368790][ T7154] loop3: detected capacity change from 0 to 256
[  127.540197][   T28] audit: type=1400 audit(2000001582.862:5333): avc:  denied  { unmount } for  pid=1894 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  127.590351][ T7164] loop7: detected capacity change from 0 to 256
[  127.612932][ T7164] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000001)
[  127.634662][ T7166] loop7: detected capacity change from 0 to 1024
[  127.643405][ T7166] EXT4-fs error (device loop7): ext4_orphan_get:1426: comm syz.7.2851: bad orphan inode 2304
[  127.653941][ T7166] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  127.665653][   T39] usb 4-1: new full-speed USB device number 16 using dummy_hcd
[  127.676986][ T1894] EXT4-fs (loop7): unmounting filesystem.
[  127.712778][ T1829] EXT4-fs (loop6): unmounting filesystem.
[  127.731117][ T7176] loop6: detected capacity change from 0 to 256
[  127.737888][ T7176] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  127.750279][ T7176] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  127.805408][ T7183] overlayfs: failed to set xattr on upper
[  127.811456][ T7183] overlayfs: ...falling back to index=off,metacopy=off.
[  127.818523][ T7183] overlayfs: ...falling back to xino=off.
[  127.824325][ T7183] overlayfs: NFS export requires "index=on", falling back to nfs_export=off.
[  127.846732][   T39] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  127.857179][   T39] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  127.874070][   T39] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  127.883571][   T39] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.891938][   T39] usb 4-1: Product: syz
[  127.896212][   T39] usb 4-1: Manufacturer: syz
[  127.900880][   T39] usb 4-1: SerialNumber: syz
[  127.920172][ T7191] xt_bpf: check failed: parse error
[  127.951899][ T7195] I/O error, dev loop13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  127.961546][ T7195] F2FS-fs (loop13): Unable to read 1th superblock
[  127.968275][ T7195] I/O error, dev loop13, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  127.977693][ T7195] F2FS-fs (loop13): Unable to read 2th superblock
[  127.986598][ T7195] I/O error, dev loop13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  127.996118][ T7195] F2FS-fs (loop13): Unable to read 1th superblock
[  128.002686][ T7195] I/O error, dev loop13, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  128.012028][ T7195] F2FS-fs (loop13): Unable to read 2th superblock
[  128.108272][   T39] usb 4-1: 0:2 : does not exist
[  128.115438][   T39] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[  128.129946][   T39] usb 4-1: USB disconnect, device number 16
[  128.147803][ T7204] loop6: detected capacity change from 0 to 512
[  128.154636][ T7204] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  128.166657][ T7204] EXT4-fs (loop6): 1 truncate cleaned up
[  128.172311][ T7204] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  128.184301][ T7204] EXT4-fs warning (device loop6): __ext4fs_dirhash:270: inode #12: comm syz.6.2869: Siphash requires key
[  128.201662][ T1829] EXT4-fs (loop6): unmounting filesystem.
[  128.578557][ T7208] loop6: detected capacity change from 0 to 1024
[  128.607152][ T7208] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  128.650934][ T1829] EXT4-fs (loop6): unmounting filesystem.
[  128.662335][ T7220] loop3: detected capacity change from 0 to 1024
[  128.671816][ T7220] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  128.680412][ T7220] EXT4-fs (loop3): orphan cleanup on readonly fs
[  128.687776][ T7220] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.2875: bg 0: block 10: padding at end of block bitmap is not set
[  128.702379][ T7220] EXT4-fs error (device loop3): ext4_acquire_dquot:6801: comm syz.3.2875: Failed to acquire dquot type 0
[  128.714176][ T7220] EXT4-fs error (device loop3): ext4_acquire_dquot:6801: comm syz.3.2875: Failed to acquire dquot type 0
[  128.727507][ T7220] EXT4-fs error (device loop3): ext4_free_blocks:6210: comm syz.3.2875: Freeing blocks not in datazone - block = 0, count = 4096
[  128.743871][ T7220] EXT4-fs error (device loop3): ext4_acquire_dquot:6801: comm syz.3.2875: Failed to acquire dquot type 0
[  128.755449][ T7220] EXT4-fs (loop3): 1 orphan inode deleted
[  128.761613][ T7220] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  128.783176][  T284] EXT4-fs (loop3): unmounting filesystem.
[  128.899185][ T7245] loop7: detected capacity change from 0 to 512
[  128.907006][ T7245] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  128.918387][ T7245] EXT4-fs (loop7): 1 truncate cleaned up
[  128.924072][ T7245] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  128.934298][ T7245] EXT4-fs error (device loop7): ext4_empty_dir:3177: inode #2: block 13: comm syz.7.2885: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  128.953835][ T7245] EXT4-fs (loop7): Remounting filesystem read-only
[  128.967041][ T1894] EXT4-fs (loop7): unmounting filesystem.
[  129.005696][    T6] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  129.185655][    T6] usb 7-1: Using ep0 maxpacket: 16
[  129.192119][    T6] usb 7-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  129.200862][    T6] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  129.210976][    T6] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  129.221241][    T6] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  129.230413][    T6] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.238431][    T6] usb 7-1: Product: syz
[  129.242586][    T6] usb 7-1: Manufacturer: syz
[  129.247189][    T6] usb 7-1: SerialNumber: syz
[  129.295673][ T5100] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  129.295710][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[  129.308003][ T7143] Bluetooth: hci0: Opcode 0x080f failed: -22
[  129.364944][ T7262] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  129.400118][ T7266] I/O error, dev loop15, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  129.411560][ T7266] F2FS-fs (loop15): Unable to read 1th superblock
[  129.418300][ T7266] I/O error, dev loop15, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  129.427883][ T7266] F2FS-fs (loop15): Unable to read 2th superblock
[  129.436699][ T7266] I/O error, dev loop15, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  129.446224][ T7266] F2FS-fs (loop15): Unable to read 1th superblock
[  129.454150][ T7266] I/O error, dev loop15, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  129.463517][ T7266] F2FS-fs (loop15): Unable to read 2th superblock
[  129.588145][ T7282] loop3: detected capacity change from 0 to 512
[  129.595708][ T7282] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  129.607325][ T7282] EXT4-fs (loop3): 1 truncate cleaned up
[  129.613073][ T7282] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  129.632567][  T284] EXT4-fs (loop3): unmounting filesystem.
[  129.654668][    T6] usb 7-1: 0:2 : does not exist
[  129.762531][ T7295] loop8: detected capacity change from 0 to 1024
[  129.778121][ T7295] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  129.802700][ T5275] EXT4-fs (loop8): unmounting filesystem.
[  129.823937][ T7299] loop8: detected capacity change from 0 to 2048
[  129.837092][ T7299] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  129.853367][ T5275] EXT4-fs (loop8): unmounting filesystem.
[  129.925650][  T987] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  130.105635][  T987] usb 4-1: Using ep0 maxpacket: 16
[  130.112064][  T987] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  130.123034][  T987] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  130.132856][  T987] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  130.146109][  T987] usb 4-1: New USB device found, idVendor=046d, idProduct=c227, bcdDevice= 0.00
[  130.155253][  T987] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.164236][  T987] usb 4-1: config 0 descriptor??
[  130.265776][    T6] usb 7-1: USB disconnect, device number 11
[  130.273967][  T477] Bluetooth: hci1: Frame reassembly failed (-84)
[  130.373467][ T7287] loop3: detected capacity change from 0 to 512
[  130.380577][ T7287] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  130.389311][ T7287] EXT4-fs (loop3): invalid journal inode
[  130.395015][ T7287] EXT4-fs (loop3): can't get journal size
[  130.402053][ T7287] EXT4-fs (loop3): 1 truncate cleaned up
[  130.407825][ T7287] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  130.423164][  T987] usbhid 4-1:0.0: can't add hid device: -71
[  130.429257][  T987] usbhid: probe of 4-1:0.0 failed with error -71
[  130.436301][  T987] usb 4-1: USB disconnect, device number 17
[  130.934772][  T284] EXT4-fs (loop3): unmounting filesystem.
[  131.375630][    C1] ==================================================================
[  131.383804][    C1] BUG: KASAN: use-after-free in __run_timers+0x32b/0x9a0
[  131.390872][    C1] Write of size 8 at addr ffff888129060a00 by task swapper/1/0
[  131.398414][    C1] 
[  131.400740][    C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.1.141-syzkaller-00025-g45271a2c461a #0
[  131.410186][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  131.420248][    C1] Call Trace:
[  131.423524][    C1]  <IRQ>
[  131.426363][    C1]  __dump_stack+0x21/0x24
[  131.430714][    C1]  dump_stack_lvl+0xee/0x150
[  131.435303][    C1]  ? __cfi_dump_stack_lvl+0x8/0x8
[  131.440329][    C1]  ? update_rq_clock+0x536/0x5c0
[  131.445264][    C1]  ? __run_timers+0x32b/0x9a0
[  131.449939][    C1]  print_address_description+0x71/0x210
[  131.455487][    C1]  print_report+0x4a/0x60
[  131.459815][    C1]  kasan_report+0x122/0x150
[  131.464312][    C1]  ? __run_timers+0x32b/0x9a0
[  131.468992][    C1]  __asan_report_store8_noabort+0x17/0x20
[  131.474718][    C1]  __run_timers+0x32b/0x9a0
[  131.479223][    C1]  ? sched_clock+0x9/0x10
[  131.483570][    C1]  ? sched_clock_cpu+0x6e/0x250
[  131.488418][    C1]  ? calc_index+0x200/0x200
[  131.493009][    C1]  ? kvm_sched_clock_read+0x18/0x40
[  131.498208][    C1]  run_timer_softirq+0x6a/0xf0
[  131.502992][    C1]  handle_softirqs+0x1d7/0x600
[  131.507756][    C1]  ? irqtime_account_irq+0xc4/0x240
[  131.512957][    C1]  __irq_exit_rcu+0x52/0xf0
[  131.517457][    C1]  irq_exit_rcu+0x9/0x10
[  131.521697][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  131.527328][    C1]  </IRQ>
[  131.530257][    C1]  <TASK>
[  131.533181][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  131.539167][    C1] RIP: 0010:default_idle+0xf/0x20
[  131.544195][    C1] Code: e9 47 ff ff ff 00 00 cc cc 00 00 90 90 90 90 90 90 90 90 90 90 90 b8 0c 67 40 a5 55 48 89 e5 66 90 0f 00 2d 03 29 56 00 fb f4 <5d> c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 90 90 90 90 90
[  131.563799][    C1] RSP: 0018:ffffc90000147dd8 EFLAGS: 00000257
[  131.569889][    C1] RAX: ffff8881f7100000 RBX: ffff8881003b1440 RCX: 1bb11adbad813100
[  131.577860][    C1] RDX: 0000000000000001 RSI: ffffffff85a9fec0 RDI: ffffffff85a9fe80
[  131.585827][    C1] RBP: ffffc90000147dd8 R08: dffffc0000000000 R09: ffffed103ee26917
[  131.593793][    C1] R10: 0000000000000000 R11: ffffffff84f00a70 R12: 0000000000000000
[  131.601759][    C1] R13: 0000000000000000 R14: ffff8881003b1440 R15: dffffc0000000000
[  131.609727][    C1]  ? __cfi_default_idle+0x10/0x10
[  131.614780][    C1]  arch_cpu_idle+0x1c/0x20
[  131.619189][    C1]  default_idle_call+0x71/0x1d0
[  131.624135][    C1]  do_idle+0x1a7/0x520
[  131.628202][    C1]  ? ct_irq_exit+0x9/0x10
[  131.632530][    C1]  ? idle_inject_timer_fn+0x60/0x60
[  131.637727][    C1]  cpu_startup_entry+0x43/0x60
[  131.642489][    C1]  start_secondary+0x119/0x120
[  131.647255][    C1]  secondary_startup_64_no_verify+0xce/0xdb
[  131.653146][    C1]  </TASK>
[  131.656160][    C1] 
[  131.658504][    C1] Allocated by task 7143:
[  131.662860][    C1]  kasan_set_track+0x4b/0x70
[  131.667467][    C1]  kasan_save_alloc_info+0x25/0x30
[  131.672591][    C1]  __kasan_kmalloc+0x95/0xb0
[  131.677186][    C1]  __kmalloc+0xb1/0x1e0
[  131.681348][    C1]  hci_alloc_dev_priv+0x27/0x1bd0
[  131.686372][    C1]  hci_uart_tty_ioctl+0x3d6/0xa20
[  131.691396][    C1]  tty_ioctl+0x8ef/0xc60
[  131.695656][    C1]  __se_sys_ioctl+0x12f/0x1b0
[  131.700348][    C1]  __x64_sys_ioctl+0x7b/0x90
[  131.704937][    C1]  x64_sys_call+0x58b/0x9a0
[  131.709439][    C1]  do_syscall_64+0x4c/0xa0
[  131.713850][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  131.719749][    C1] 
[  131.722066][    C1] Freed by task 7143:
[  131.726034][    C1]  kasan_set_track+0x4b/0x70
[  131.730618][    C1]  kasan_save_free_info+0x31/0x50
[  131.735641][    C1]  ____kasan_slab_free+0x132/0x180
[  131.740751][    C1]  __kasan_slab_free+0x11/0x20
[  131.745511][    C1]  slab_free_freelist_hook+0xc2/0x190
[  131.750905][    C1]  __kmem_cache_free+0xb7/0x1b0
[  131.755760][    C1]  kfree+0x6f/0xf0
[  131.759483][    C1]  hci_release_dev+0x13ad/0x1500
[  131.764415][    C1]  bt_host_release+0x82/0x90
[  131.769000][    C1]  device_release+0xa4/0x1d0
[  131.773639][    C1]  kobject_put+0x19d/0x280
[  131.778050][    C1]  put_device+0x1f/0x30
[  131.782220][    C1]  hci_dev_cmd+0x265/0x720
[  131.786632][    C1]  hci_sock_ioctl+0x41e/0x7f0
[  131.791315][    C1]  sock_do_ioctl+0x101/0x310
[  131.795904][    C1]  sock_ioctl+0x4d8/0x6e0
[  131.800229][    C1]  __se_sys_ioctl+0x12f/0x1b0
[  131.804916][    C1]  __x64_sys_ioctl+0x7b/0x90
[  131.809512][    C1]  x64_sys_call+0x58b/0x9a0
[  131.814037][    C1]  do_syscall_64+0x4c/0xa0
[  131.818446][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  131.824332][    C1] 
[  131.826648][    C1] Last potentially related work creation:
[  131.832350][    C1]  kasan_save_stack+0x3a/0x60
[  131.837030][    C1]  __kasan_record_aux_stack+0xb6/0xc0
[  131.842400][    C1]  kasan_record_aux_stack_noalloc+0xb/0x10
[  131.848206][    C1]  insert_work+0x51/0x300
[  131.852545][    C1]  __queue_work+0x9b1/0xd30
[  131.857055][    C1]  queue_work_on+0xd2/0x140
[  131.861562][    C1]  __hci_cmd_sync_sk+0xa3e/0xcf0
[  131.866516][    C1]  hci_cmd_sync_status+0x53/0x120
[  131.871544][    C1]  hci_dev_cmd+0x628/0x720
[  131.875976][    C1]  hci_sock_ioctl+0x41e/0x7f0
[  131.880656][    C1]  sock_do_ioctl+0x101/0x310
[  131.885251][    C1]  sock_ioctl+0x4d8/0x6e0
[  131.889577][    C1]  __se_sys_ioctl+0x12f/0x1b0
[  131.894289][    C1]  __x64_sys_ioctl+0x7b/0x90
[  131.899659][    C1]  x64_sys_call+0x58b/0x9a0
[  131.904158][    C1]  do_syscall_64+0x4c/0xa0
[  131.908568][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  131.914461][    C1] 
[  131.916803][    C1] Second to last potentially related work creation:
[  131.923381][    C1]  kasan_save_stack+0x3a/0x60
[  131.928067][    C1]  __kasan_record_aux_stack+0xb6/0xc0
[  131.933461][    C1]  kasan_record_aux_stack_noalloc+0xb/0x10
[  131.939280][    C1]  insert_work+0x51/0x300
[  131.943632][    C1]  __queue_work+0x9b1/0xd30
[  131.948134][    C1]  queue_work_on+0xd2/0x140
[  131.952650][    C1]  hci_cmd_timeout+0x191/0x200
[  131.957442][    C1]  process_one_work+0x71f/0xc40
[  131.962293][    C1]  worker_thread+0xa29/0x11f0
[  131.967052][    C1]  kthread+0x281/0x320
[  131.971119][    C1]  ret_from_fork+0x1f/0x30
[  131.975552][    C1] 
[  131.977880][    C1] The buggy address belongs to the object at ffff888129060000
[  131.977880][    C1]  which belongs to the cache kmalloc-8k of size 8192
[  131.991956][    C1] The buggy address is located 2560 bytes inside of
[  131.991956][    C1]  8192-byte region [ffff888129060000, ffff888129062000)
[  132.005405][    C1] 
[  132.007733][    C1] The buggy address belongs to the physical page:
[  132.014136][    C1] page:ffffea0004a41800 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x129060
[  132.024374][    C1] head:ffffea0004a41800 order:3 compound_mapcount:0 compound_pincount:0
[  132.032699][    C1] flags: 0x4000000000010200(slab|head|zone=1)
[  132.038780][    C1] raw: 4000000000010200 0000000000000000 dead000000000122 ffff888100043500
[  132.047361][    C1] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000
[  132.055938][    C1] page dumped because: kasan: bad access detected
[  132.062337][    C1] page_owner tracks the page as allocated
[  132.068046][    C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 7074, tgid 7073 (syz.6.2813), ts 127020366074, free_ts 125242502371
[  132.090801][    C1]  post_alloc_hook+0x1f5/0x210
[  132.095578][    C1]  prep_new_page+0x1c/0x110
[  132.100087][    C1]  get_page_from_freelist+0x2c7b/0x2cf0
[  132.105648][    C1]  __alloc_pages+0x19e/0x3a0
[  132.110262][    C1]  alloc_slab_page+0x6e/0xf0
[  132.114858][    C1]  new_slab+0x98/0x3d0
[  132.118921][    C1]  ___slab_alloc+0x6f6/0xb50
[  132.123546][    C1]  __slab_alloc+0x5e/0xa0
[  132.127874][    C1]  __kmem_cache_alloc_node+0x203/0x2c0
[  132.133341][    C1]  __kmalloc+0xa1/0x1e0
[  132.137494][    C1]  mb_cache_create+0x187/0x5a0
[  132.142259][    C1]  ext4_xattr_create_cache+0x13/0x20
[  132.147539][    C1]  ext4_fill_super+0x5293/0x7930
[  132.152475][    C1]  get_tree_bdev+0x444/0x680
[  132.157069][    C1]  ext4_get_tree+0x1c/0x20
[  132.161483][    C1]  vfs_get_tree+0x9a/0x270
[  132.165906][    C1] page last free stack trace:
[  132.170564][    C1]  free_unref_page_prepare+0x742/0x750
[  132.176026][    C1]  free_unref_page+0x8f/0x530
[  132.180709][    C1]  __free_pages+0x67/0x100
[  132.185134][    C1]  __free_slab+0xca/0x1a0
[  132.189555][    C1]  __unfreeze_partials+0x160/0x190
[  132.194671][    C1]  put_cpu_partial+0xa9/0x100
[  132.199346][    C1]  __slab_free+0x1c4/0x280
[  132.203892][    C1]  ___cache_free+0xbf/0xd0
[  132.208404][    C1]  qlist_free_all+0xc6/0x140
[  132.212993][    C1]  kasan_quarantine_reduce+0x14a/0x170
[  132.218453][    C1]  __kasan_slab_alloc+0x24/0x80
[  132.223316][    C1]  slab_post_alloc_hook+0x4f/0x2d0
[  132.228435][    C1]  kmem_cache_alloc+0x16e/0x330
[  132.233301][    C1]  getname_flags+0xb9/0x500
[  132.237824][    C1]  __x64_sys_unlink+0x3c/0x50
[  132.242516][    C1]  x64_sys_call+0x958/0x9a0
[  132.247025][    C1] 
[  132.249345][    C1] Memory state around the buggy address:
[  132.254966][    C1]  ffff888129060900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  132.263030][    C1]  ffff888129060980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  132.271091][    C1] >ffff888129060a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  132.279157][    C1]                    ^
[  132.283214][    C1]  ffff888129060a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  132.291264][    C1]  ffff888129060b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  132.299326][    C1] ==================================================================
[  132.307388][    C1] Disabling lock debugging due to kernel taint
[  132.313611][    C1] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  132.325326][    C1] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  132.333729][    C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G    B              6.1.141-syzkaller-00025-g45271a2c461a #0
[  132.344653][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  132.354701][    C1] RIP: 0010:__queue_work+0x575/0xd30
[  132.355716][  T906] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  132.359990][    C1] Code: 39 2b 0f 84 b9 00 00 00 e8 68 d2 28 00 4c 89 ff e8 f0 0f a9 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 6c 2c 6d 00 49 8b 7d 00 e8 d3 0b
[  132.385659][    C1] RSP: 0018:ffffc900001b0c70 EFLAGS: 00010046
[  132.391728][    C1] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff8881003b1440
[  132.399705][    C1] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  132.407683][    C1] RBP: ffffc900001b0d08 R08: fffffffffffffffb R09: 0000000000000007
[  132.415658][    C1] R10: ffffed102520c139 R11: 1ffff1102520c139 R12: dffffc0000000000
[  132.423631][    C1] R13: 0000000000000000 R14: ffff8881290609c8 R15: 0000000000000008
[  132.431600][    C1] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  132.440530][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  132.447109][    C1] CR2: 00007f1226e8c245 CR3: 00000001249bc000 CR4: 00000000003506a0
[  132.455076][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  132.463040][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  132.471007][    C1] Call Trace:
[  132.474278][    C1]  <IRQ>
[  132.477117][    C1]  delayed_work_timer_fn+0x61/0x80
[  132.482230][    C1]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[  132.488032][    C1]  call_timer_fn+0x46/0x2a0
[  132.492530][    C1]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[  132.498334][    C1]  __run_timers+0x667/0x9a0
[  132.502833][    C1]  ? calc_index+0x200/0x200
[  132.507336][    C1]  ? kvm_sched_clock_read+0x18/0x40
[  132.512576][    C1]  run_timer_softirq+0x6a/0xf0
[  132.517336][    C1]  handle_softirqs+0x1d7/0x600
[  132.522096][    C1]  ? irqtime_account_irq+0xc4/0x240
[  132.527306][    C1]  __irq_exit_rcu+0x52/0xf0
[  132.531813][    C1]  irq_exit_rcu+0x9/0x10
[  132.536052][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  132.541710][    C1]  </IRQ>
[  132.544644][    C1]  <TASK>
[  132.547572][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  132.553557][    C1] RIP: 0010:default_idle+0xf/0x20
[  132.558584][    C1] Code: e9 47 ff ff ff 00 00 cc cc 00 00 90 90 90 90 90 90 90 90 90 90 90 b8 0c 67 40 a5 55 48 89 e5 66 90 0f 00 2d 03 29 56 00 fb f4 <5d> c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 90 90 90 90 90
[  132.578195][    C1] RSP: 0018:ffffc90000147dd8 EFLAGS: 00000257
[  132.584267][    C1] RAX: ffff8881f7100000 RBX: ffff8881003b1440 RCX: 1bb11adbad813100
[  132.592265][    C1] RDX: 0000000000000001 RSI: ffffffff85a9fec0 RDI: ffffffff85a9fe80
[  132.600239][    C1] RBP: ffffc90000147dd8 R08: dffffc0000000000 R09: ffffed103ee26917
[  132.608226][    C1] R10: 0000000000000000 R11: ffffffff84f00a70 R12: 0000000000000000
[  132.616197][    C1] R13: 0000000000000000 R14: ffff8881003b1440 R15: dffffc0000000000
[  132.624176][    C1]  ? __cfi_default_idle+0x10/0x10
[  132.629214][    C1]  arch_cpu_idle+0x1c/0x20
[  132.633632][    C1]  default_idle_call+0x71/0x1d0
[  132.638497][    C1]  do_idle+0x1a7/0x520
[  132.642582][    C1]  ? ct_irq_exit+0x9/0x10
[  132.646943][    C1]  ? idle_inject_timer_fn+0x60/0x60
[  132.652141][    C1]  cpu_startup_entry+0x43/0x60
[  132.656903][    C1]  start_secondary+0x119/0x120
[  132.661665][    C1]  secondary_startup_64_no_verify+0xce/0xdb
[  132.667559][    C1]  </TASK>
[  132.670580][    C1] Modules linked in:
[  132.674476][    C1] ---[ end trace 0000000000000000 ]---
[  132.679925][    C1] RIP: 0010:__queue_work+0x575/0xd30
[  132.685240][    C1] Code: 39 2b 0f 84 b9 00 00 00 e8 68 d2 28 00 4c 89 ff e8 f0 0f a9 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 6c 2c 6d 00 49 8b 7d 00 e8 d3 0b
[  132.705029][    C1] RSP: 0018:ffffc900001b0c70 EFLAGS: 00010046
[  132.711270][    C1] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff8881003b1440
[  132.719264][    C1] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  132.727232][    C1] RBP: ffffc900001b0d08 R08: fffffffffffffffb R09: 0000000000000007
[  132.735201][    C1] R10: ffffed102520c139 R11: 1ffff1102520c139 R12: dffffc0000000000
[  132.743168][    C1] R13: 0000000000000000 R14: ffff8881290609c8 R15: 0000000000000008
[  132.751135][    C1] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  132.760061][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  132.766679][    C1] CR2: 00007f1226e8c245 CR3: 00000001249bc000 CR4: 00000000003506a0
[  132.774652][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  132.782621][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  132.790604][    C1] Kernel panic - not syncing: Fatal exception in interrupt
[  132.798029][    C1] Kernel Offset: disabled
[  132.802398][    C1] Rebooting in 86400 seconds..