last executing test programs:

7m16.540612504s ago: executing program 2 (id=443):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
pipe2$9p(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
dup(0xffffffffffffffff)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, 0x0)
lstat(&(0x7f0000000440)='./file0\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
quotactl_fd$Q_GETINFO(r1, 0xffffffff80000500, r3, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
rt_sigsuspend(0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@ipv4_newrule={0x30, 0x20, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@FRA_GENERIC_POLICY=@FRA_GOTO={0x8, 0x4, 0xfffffffb}, @FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0x101}]}, 0x30}}, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x1e, &(0x7f0000000200), 0x2, 0x456, &(0x7f0000000600)="$eJzs3M1vVFUbAPDnzkzLy9fbivjBh1JFI9HY0oLKwgUYTVxoYqILXNa2EGSghtZECNHqApeGxL1xaeJf4Eo3Rl2ZuNW9ISGGDejqmjtzb5kOM3WYTpmW+f2SS8+590zOeXrumTnnHqYBDKyx7J8kYkdE/B4RI/XsygJj9R+3blye+fvG5Zkk0vTtv5JauZs3Ls8URYvXbS8yS/X8vhb1Lly8dHa6Wp27kOcnFs99MLFw8dLzZ85Nn547PXd+6tixo0cmX3px6oX2jU86jzNr0829H8/v3/P6u1ffnDl59b2fv02K+Jvi6JGxFufKReLpHlfWbzsb0kklT5T71Bg6lnVR1l1DtfE/EuWoLF8bidc+62vjgHWVpmm6pd3FJJZS4D6WRL9bAPRH8VGfrX+L455NPjaA6yfqC6As7lv5Ub9SiVJeZqhpfdtL2Wrr5NI/X2VHrM9zCACAFb4/Uf955/yvFA83lDue7w2NRsQDEbErIh6MiN0R8VBErewjEfFow2s62Z5p3iS5c/5TutZdZJ3J5n8v53tbK+d/xewvRst5bmct/qHk1Jnq3OGI+H9EHIqhLVl+cpU6fnj1ty/aXRtrmP9lR1Z/MRfM23Gt0vSAbnZ6cXotMTe6/mnE3kqr+JPlnYCsH/dExN4D3dVx5tlv9re79t/xr6LSXXsapV9HPFPv/6Voir+QrL4/OfG/qM4dnijuijv98uuVt9rVv6b4eyDr/20t7//l+EeTxv3ahbuv48ofn7dd03R7/w8n79TSw/m5j6YXFy9MRgwnb+Tnj98+P3X7tUW+KJ/Ff+hg6/G/K27/JvZFRHYTPxYRj0fEgbztT0TEkxFxcJX4f3rlqfe7j399ZfHP3lX/332ifPbH71ZUOrpK/Em06P+jtdSh/Ewn73+dNnCtvz8AAADYDEoRsSOS0vhyulQaH6//f/ndsa1UnV9YfO7U/IfnZ+vfERiNoVLxpGuk4XnoZP7EoMhP5cv8In8kf278ZXlrLT8+M1+d7XfwMOC2txn/mT99fwPufz3YRwM2qW7Hf5qmn/S4KcA95vMfBpfxD4Orxfjf2pRv+zcCgM2t1ee/hT0MBvN/GFzGPwwu4x8Gl/EPA2kt3+vvWSJ7/9kAzeg4kaZ9qn24/7EvJ6K0IZohsU6Jfr8zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Ma/AQAA//8prOfG")

7m15.397601221s ago: executing program 2 (id=448):
ioctl$PTP_EXTTS_REQUEST2(0xffffffffffffffff, 0x40103d0b, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x4000)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0xc, 0xfffffffffffff800}, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
tkill(r1, 0x35)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x3c1, 0x3, 0x3f0, 0x0, 0xc8, 0x8, 0x0, 0x5803, 0x320, 0x2e8, 0x2e8, 0x320, 0x2e8, 0x3, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @multicast1}, @mcast1, [], [], 'erspan0\x00', 'geneve1\x00'}, 0x0, 0x190, 0x1c0, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f34a214e67262c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x1}}, @common=@inet=@socket3={{0x28}}]}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xf8, 0x160, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x13}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x450)
ioctl$BTRFS_IOC_SET_FEATURES(r4, 0x40309439, &(0x7f0000000040)={0x3, 0x1, 0x8})
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0xb)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, 0xb)
socket$inet_udplite(0x2, 0x2, 0x88)
add_key(&(0x7f0000000040)='dns_resolver\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffb)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000073013f000000000095"], &(0x7f0000000200)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x27, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb30f, @void, @value}, 0x90)

7m14.835095704s ago: executing program 2 (id=450):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
pipe2$9p(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
dup(0xffffffffffffffff)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000380)='./file0/file0\x00', &(0x7f00000003c0), 0x2100)
quotactl_fd$Q_GETINFO(r1, 0xffffffff80000500, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
rt_sigsuspend(0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@ipv4_newrule={0x30, 0x20, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@FRA_GENERIC_POLICY=@FRA_GOTO={0x8, 0x4, 0xfffffffb}, @FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0x101}]}, 0x30}}, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x1e, &(0x7f0000000200), 0x2, 0x456, &(0x7f0000000600)="$eJzs3M1vVFUbAPDnzkzLy9fbivjBh1JFI9HY0oLKwgUYTVxoYqILXNa2EGSghtZECNHqApeGxL1xaeJf4Eo3Rl2ZuNW9ISGGDejqmjtzb5kOM3WYTpmW+f2SS8+590zOeXrumTnnHqYBDKyx7J8kYkdE/B4RI/XsygJj9R+3blye+fvG5Zkk0vTtv5JauZs3Ls8URYvXbS8yS/X8vhb1Lly8dHa6Wp27kOcnFs99MLFw8dLzZ85Nn547PXd+6tixo0cmX3px6oX2jU86jzNr0829H8/v3/P6u1ffnDl59b2fv02K+Jvi6JGxFufKReLpHlfWbzsb0kklT5T71Bg6lnVR1l1DtfE/EuWoLF8bidc+62vjgHWVpmm6pd3FJJZS4D6WRL9bAPRH8VGfrX+L455NPjaA6yfqC6As7lv5Ub9SiVJeZqhpfdtL2Wrr5NI/X2VHrM9zCACAFb4/Uf955/yvFA83lDue7w2NRsQDEbErIh6MiN0R8VBErewjEfFow2s62Z5p3iS5c/5TutZdZJ3J5n8v53tbK+d/xewvRst5bmct/qHk1Jnq3OGI+H9EHIqhLVl+cpU6fnj1ty/aXRtrmP9lR1Z/MRfM23Gt0vSAbnZ6cXotMTe6/mnE3kqr+JPlnYCsH/dExN4D3dVx5tlv9re79t/xr6LSXXsapV9HPFPv/6Voir+QrL4/OfG/qM4dnijuijv98uuVt9rVv6b4eyDr/20t7//l+EeTxv3ahbuv48ofn7dd03R7/w8n79TSw/m5j6YXFy9MRgwnb+Tnj98+P3X7tUW+KJ/Ff+hg6/G/K27/JvZFRHYTPxYRj0fEgbztT0TEkxFxcJX4f3rlqfe7j399ZfHP3lX/332ifPbH71ZUOrpK/Em06P+jtdSh/Ewn73+dNnCtvz8AAADYDEoRsSOS0vhyulQaH6//f/ndsa1UnV9YfO7U/IfnZ+vfERiNoVLxpGuk4XnoZP7EoMhP5cv8In8kf278ZXlrLT8+M1+d7XfwMOC2txn/mT99fwPufz3YRwM2qW7Hf5qmn/S4KcA95vMfBpfxD4Orxfjf2pRv+zcCgM2t1ee/hT0MBvN/GFzGPwwu4x8Gl/EPA2kt3+vvWSJ7/9kAzeg4kaZ9qn24/7EvJ6K0IZohsU6Jfr8zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Ma/AQAA//8prOfG")

7m13.966263568s ago: executing program 2 (id=456):
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x3000010, &(0x7f0000000080), 0x1, 0x513, &(0x7f00000010c0)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOt7rW1aSpOmNOk6LYt28T8QQcEnn3wR/AOEZR78A2RgQF/EB1FRRGf0QVDnSpIbp5Mmbd1pm07z+cBpzrn35n7PuSEn98fpvQGMrRci4o2ImIiIlyOimE9P87TYLux3l7t/753ldkoiy976axJJPq23rnZ5MiKud98SUxHxtS9HfDM5HLe5u7exVKtVt/NypVXfqjR3926u15fWqmvVzfn5udcWXl94dWE2yz1WO0u9zE++9Pn3Pv2t3y3++ca329X63EeiEH3tOE3dphc626KnvY22zyLYCEzk7SmMuiIAAJxIex//gxHxic7+fzEmOntzfSZGUTMAAADgtGRfmI5/JxEZAAAAcGmlETEdSVrOxwJMR5peyc8NfDiupbVGs/Wp1cbO5kp7XkQpCunqeq06m48VLkUhaZfn8jG2vfIrfeX5iHgmIr5fvNopl5cbtZURn/sAAACAcXG97/j/H8W0kz/egP8TAAAAAC6u0tACAAAAcFk45AcAAIDLr//4/70R1QMAAAA4E1958812ynrPv155e3dno/H2zZVqc6Nc31kuLze2t8prjcZa55599ePWV2s0tj4Tmzu3Kq1qs1Vp7u4t1hs7m63F9UcegQ0AAACco2c+fvvXSUTsf/ZqJ0V+H0CAR/xh1BUATtPEqCsAjIy7eMP4Koy6AsDIJcfMN3gHAACefDMfPXz9v/f8f+cG4HIz1gcAxo/r/zC+CkYAwlhLI+ID3exTw5YZev3/lyeNkmURd4oHpzi/CAAA52u6k5K0nB8HTEealssRT0ekpSgkq+u16mx+fPCrYuGpdnmu887k2DHDAAAAAAAAAAAAAAAAAAAAAAAAAEBXliWRAQAAAJdaRPqnpHM3/4iZ4kvT/ecHriT/LMYf88KP3vrBraVWa3uuPf1vnWd5XYmI1g/z6a8MfXwYAAAAcNqS/aGzusfp+evcudYKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDFw/947y710nnH/8sWIKA2KPxlTndepKETEtb8nMXngfUlETJxC/P13I+LZQfGTeJBlWSmvxaD4V884fqmzaQbHTyPi+inEh3F2u93/vDHo+5fGC53Xwd+/yTw9ruH9X5pHfrbTzw3qf54+tLb6wBjP3f1ZZWj8dyOemxzc//T632RI/BcPre1fWZYdjvGNr+/tDYuf/ThiZuDvT/JIrEqrvlVp7u7dXK8vrVXXqpvz83OvLby+8OrCbGV1vVbN/w6M8b2P/fzBUe2/NiD+b3/T7X+Pav9Lw1ba5z93b937UDdbGBT/xosDf3+nYkj8NP/t+2Seb8+f6eX3u/mDnv/pneePav/KkO1/3Od/44Ttf/mr3/39CRcFAM5Bc3dvY6lWq24fkZk6wTJPYuYXUxeiGv9nJvtO95O7KPV5v5n23urDKb1WXYCKHchk5xZrIi5Ik/+XGWm3BAAAnIGHO/2jrgkAAAAAAAAAAAAAAAAAAACMr/O4nVh/zP3RNBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Ej/DQAA///M/t/r")
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = epoll_create1(0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c696f636861727365743d63703933322c636f6465706167653d3835372c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c696f636861727365743d6575632d6a702c757466383d302c646f733178666c6f7070792c726f6469722c726f6469722c003fc604f8ff7d2b25d49c2bd2ac7ab8337b339de1ab71d62b2a6d60505e1d35e457f71de2567bf294092274d5bdbfe577f4189dad762567e7da2ad7b21b2377e7837945228bf549b93ca2c899e28253186632e400252f53db8277d503b621abb159d96790ba64b2938b7c7a712e96753dd7c83feb96a43d03515b03a2085b396541b7241b0e860b"], 0x1, 0x217, &(0x7f0000000700)="$eJzs3TFrE2EYB/CnttVSkGQQiiJ44uIUmop7ilQQA4qSQSeLTVGaWDAQ0KF180voV9DRVXAQV7+ACFIFF7t1ECL1YmNrYiM1OTG/35KH3Pu/e95LyEuGvLl1sr6ytNpY3tzciKmpsZgoRSm2xiIfh2I8Uo8CAPifbLVa8aWVyroXAGA4rP8AMHr6XP+vDrElAGDAfP8HgNFz/cbNy/Pl8sK1JJmKqD9uVpqV9DE9Pr8cd6MW1ZiNXHyNaO1I64uXyguzybaP+ajU19v59WZlfHe+GLnId88Xk9Tu/GRMt/PvpqMac5GLY93zc13zh+PsmZ+uX4hcvL0dq1GLpdjOdvJrxSS5cKW8J3/k+zgAAAAAAAAAAAAAAAAAAAAAABiEQrKj6/49hUKv42m+//2B9u7PMxEnJrKdOwAAAAAAAAAAAAAAAAAAAPwrGg8erizWatX7vyvuvXn2ar8xfRZj7ese9DwHL46e/vCk15jxP7s/f7d4eSrL29Jn8XrjzvFzjZnzmbUxGRG/PtPzrfU5FzGgfp5n+lr8mPW+g2eelhZfrL3/1O+Zh/5RBAAAAAAAAAAAAAAAAAAAI6/zo9+sOwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA7HT+/39wRdZzBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAbwEAAP//uSidyw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r7}, 0x10)
epoll_create(0x1ff)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000080)=@raw={'raw\x00', 0x3c1, 0x3, 0x358, 0x0, 0x4c, 0x1a, 0x0, 0x73, 0x288, 0x258, 0x258, 0x288, 0x258, 0x3, 0x0, {[{{@ipv6={@private0, @local, [], [], 'wg2\x00', 'macvlan1\x00', {}, {}, 0x73}, 0x0, 0x118, 0x160, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x3, 0x0, 0x7}}, @common=@unspec=@connlimit={{0x40}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz1\x00'}}}, {{@uncond, 0x0, 0xf8, 0x128, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@hl={{0x28}}]}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0, 0x0, {0x0, 0x5400}}, {0x28}}}}, 0x3b8)
r9 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_ALM_SET(r9, 0x5452, &(0x7f0000000040)={0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040))
read$FUSE(r1, &(0x7f0000001ac0)={0x2020}, 0x2020)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()

7m11.288292422s ago: executing program 2 (id=462):
bpf$MAP_CREATE(0x0, &(0x7f0000001500)=ANY=[@ANYBLOB="0600000004000000080000000c0000", @ANYRES32, @ANYRES64, @ANYRES32, @ANYBLOB='\x00'/25], 0x48)
r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802)
clock_gettime(0x0, &(0x7f0000000000)={<r1=>0x0, <r2=>0x0})
write$evdev(r0, &(0x7f0000001440)=[{{}, 0x0, 0xebdf, 0x1}, {{0x77359400}, 0x2, 0xe, 0x5}, {{r1, r2/1000+10000}, 0x5, 0x0, 0x98}], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0xffffffffffffffff, 0x0, &(0x7f00000014c0)=0x800)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000016c0)=ANY=[@ANYBLOB="1800000000690000000000000100000a94", @ANYRES32=0x0, @ANYRES8=0x0, @ANYRES16, @ANYRESDEC=0x0, @ANYBLOB], &(0x7f0000001340)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000140)='mm_page_alloc\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
io_submit(0x0, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYRES64=r3], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
connect$netlink(r5, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r5, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x18, 0x30, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0)
ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f00000012c0)={0x7b, 0x2, 0x4, 0x9, 0x3cf})
flock(r3, 0x8)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0})
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0)
write(r7, &(0x7f0000000000)="fa", 0xfffffdef)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000080)='./file1\x00', 0x10, &(0x7f0000001380)={[], [{@flag='ro'}, {@appraise_type}, {@appraise_type}, {@euid_gt}, {@seclabel}, {@uid_gt}, {@euid_lt}]}, 0x1, 0x4ef, &(0x7f0000000a00)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W")
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000002c0)=""/4095}, 0x20)

7m10.978724484s ago: executing program 2 (id=464):
socket$nl_route(0x10, 0x3, 0x0)
socket(0x9, 0x1, 0x3)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
ioctl$sock_inet_SIOCGIFPFLAGS(r3, 0x8935, 0x0)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x15, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="180005000000000000000000300f00008a00000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800, @void, @value}, 0x90)
syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x0, 0x0, &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
capset(&(0x7f0000000200)={0x19980330}, &(0x7f0000000040))
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r5, 0x4b63, 0x4)
sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="1800000056000106000000000000000007"], 0x18}], 0x1}, 0x0)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
r7 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_PKTINFO(r8, 0x10e, 0x5, &(0x7f0000001e40), 0x4)
write$selinux_attr(r7, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
socketpair(0x14, 0x0, 0x0, &(0x7f0000000300))

7m10.834756455s ago: executing program 32 (id=464):
socket$nl_route(0x10, 0x3, 0x0)
socket(0x9, 0x1, 0x3)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
ioctl$sock_inet_SIOCGIFPFLAGS(r3, 0x8935, 0x0)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x15, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="180005000000000000000000300f00008a00000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800, @void, @value}, 0x90)
syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x0, 0x0, &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
capset(&(0x7f0000000200)={0x19980330}, &(0x7f0000000040))
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r5, 0x4b63, 0x4)
sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="1800000056000106000000000000000007"], 0x18}], 0x1}, 0x0)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
r7 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_PKTINFO(r8, 0x10e, 0x5, &(0x7f0000001e40), 0x4)
write$selinux_attr(r7, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
socketpair(0x14, 0x0, 0x0, &(0x7f0000000300))

4m53.582558386s ago: executing program 5 (id=1176):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = dup(r0)
ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000050000f5"])
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESDEC=r2], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000040)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7fffffff}}, {@noquota}, {@data_err_ignore}, {@dioread_nolock}, {@max_batch_time={'max_batch_time', 0x3d, 0x8}}]}, 0x4, 0x4f3, &(0x7f00000012c0)="$eJzs3c9vVEUcAPDvbru0lEJBOahRQUTRELY/gIZwES4aQ0iMxJMHqO3SNN1lm26JtHIoR+8kknjSP8GbBxNOHrx505sXPJigEg018bDmvV3apb+1P9Z2P5/k9b2ZWfY702Vm9g3sTgAt62hEzEbEnoi4FhE99fxM/YgLtSN53ONHt4fnHt0ezkS1euW3TFqe5EXDn0nsqz9nZ0S8/07ER5mlcSvTM+NDxWJhsp7unSpN9FamZ06NZes5A4P9g33nTp8d2LS2Hil99fDtsUsffPP1Sw++n33zk6Ra3Z/uT8sa27GZak3PRXdDXntEXNqKYE3SXv/7w86T9LZnIuJY2v97oi19NQGA3axa7YlqT2MaANjtkvv/7shk8/W1gO7IZvP52hre4ejKFsuVqZM95Zs3RiJdwzoYuez1sWKhr75WeDBymSTdn14vpAeeSt8tnI6IQxFxt2NvWp4fLhdHmvnGBwBa2L5F8/+fHbX5HwDY5TqbXQEAYNuZ/wGg9Zj/AaD1/Iv536cDAWCXcP8PAK3H/A8ArWfN+f/O9tQDANgW712+nBzVudr3Xz/5pu5TI4XKeL50czg/XJ6cyI+Wy6PFQn64Wl3r+Yrl8kT/mflkZXrmaql888bU1bHS0GjhaiG3lY0BANbl0JH7PyaT/uz5vekRDXs5mKthd8s2uwJA07Q1uwJA0/g8D7SuddzjWwaAXW6ZLXqfsuJ/Ebpn81fYqU48b/0fWtVG1v+tHcDO9t/W/9/a9HoA288cDq2rWs3Y8x8AWow1fmBD//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALao7PTLZfLoX+GzyM5vPR+yPiIORy1wfKxb6IuJARPzQketI0v3NrjQAsEHZXzL1/b9O9BzvXly6J/NXR3qOiI8/v/LZraGpqcn+JP/3+fype/X8gT3NaAAA0OjC0qzaPF0/N9zIP350e/jJsZ1VfHixtrloEneuftRK2qM9PXdGLiK6/sjU0zXJ+5W2TYg/eycinlto/62GCN3pGkht59PF8ZPY+7cg/sLvf3H87FPxs2lZcs6lv4tnN6Eu0GruX6yNk/W+l3Sxev/LxtH0vHz/70xHqI1Lxr9kLJlbMv5l58e/tiXxM2mfPzqfXr0mD898++6SzGpPrexOxAvty8XPzMfPLD/+5o6vs40/vfjysZXKql9EnFi2/U92pC6lw2zvVGmitzI9c2qsNDRaGC3cGBgY7B/sO3f67EBvukZd+/ndcjF+PX/ywErxk/Z3rRC/c/X2x2vrbP+Xf1/78JVV4r/x6vKv/+FV4idz4uvrjD/UdWHF7buT+CMrtH+N1z9OrjP+g59nRtb5UABgG1SmZ8aHisXC5BoXyXvNtR7jYmdexGzEZj1huigREf+HdrnYyEWzRyZgqy10+mbXBAAAAAAAAAAAAAAAWEllema8Y4s/rdXsNgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB7/RMAAP//TwTJNg==")
syz_mount_image$fuse(0x0, &(0x7f0000000e80)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, 0x0, 0xff, 0x0, 0x0)
r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
renameat(r4, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r4, &(0x7f00000001c0)='./file0\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r2, <r5=>0xffffffffffffffff}, &(0x7f0000000800), 0x0}, 0x20)
recvmsg(r5, &(0x7f0000000300)={&(0x7f0000000280)=@ax25={{}, [@rose, @netrom, @netrom, @bcast, @rose, @null, @rose, @default]}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000380)=""/243, 0xf3}], 0x1, &(0x7f0000000a00)=""/4096, 0x1000}, 0x1)
r6 = open_tree(0xffffffffffffff9c, 0x0, 0x89901)
socket$inet(0x2, 0x80001, 0x84)
socket$inet(0x2, 0x3, 0x4)
socket(0x10, 0x3, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, 0x0, 0x4004)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x7f, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0xb8}}, 0x0)
mount_setattr(r6, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdir(0x0, 0x10)
mkdir(0x0, 0x0)
creat(0x0, 0x408)
mount$overlay(0x0, &(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000480), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})

4m53.010878509s ago: executing program 5 (id=1184):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r0, &(0x7f00000007c0)={&(0x7f0000000080)={0x24, @long={0x3, 0x1, {0xaaaaaaaaaaaa0002}}}, 0x14, &(0x7f0000000740)={&(0x7f0000000640)="af99541848d94b1bf4b2d26763c86ff093d30d16ddd3ca233c9e5f2f807bfb3221fec323411120f4b9a4c191d6802e62c2cbacaebc4e082619eecb14ece12043b5cde7e72332a06d2c87043fd8bdf01de2cac924c4abd9b7edb60ec8d50f183544559b33772aecf186130f4e4cf784b370a45a12ce7effcb850e242c87092ffbb43e3ef849e017919e65", 0x8a}, 0x1, 0x0, 0x0, 0x4}, 0x20000000)

4m52.954987979s ago: executing program 5 (id=1185):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newnexthop={0x24, 0x68, 0x1, 0x2, 0x7ffffffc, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x4, 0x0, 0xa00}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)

4m52.891439249s ago: executing program 5 (id=1187):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x800, &(0x7f0000000100)=ANY=[@ANYBLOB="696f636861727365743d170ddbbba28854f76e642c756d61736b3d30303030303030303030303030303030303030303030362c696f636861727365743d63703934392c6572726f72733d72656d6f756e742d726f2c7569643d", @ANYRESHEX=0x0, @ANYBLOB=',allow_utime=00000000000000000000003,gid=', @ANYRESHEX=0x0, @ANYBLOB=',errors=remount-ro,discard,errors=continue,\x00'], 0x5, 0x1510, &(0x7f00000037c0)="$eJzs3Am4TlX7MPD7Xmvt45D0dJLhsNa6N08yLCdJMiTJkCRJkmRKSDrJKwmJQ6akQxKS4ZAMh5AMJ0465nkekyTpJEmmTMn6rlN83t7qe//v/+17/a//uX/Xta9n3c/a99prP/czrL0N33UZWrNxrWoNiQj+LfjrQxIAxALAQAC4DgACACgXVy4uqz+nxKR/7yDsr/VI6tWeAbuauP7ZG9c/e+P6Z29c/+yN65+9cf2zN65/9sb1Zyw72zy94PW8Zd+N7/9nZ/z7/79IZumxX60tfWPXfyGF65+9cf3/1wr+Kztx/bM3rn/2xvXP3rj+2UGOP+3h+mdvXH/GsrOrff+Zt6u7Xe33H2OMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yx7OGsv0IBwOX21Z4XY4wxxhhjjDHG/jo+x9WeAWOMMcYYY4wxxv7/QxAgQUEAMZADYiEn5AIBANdCHrgOInA9xMENkBduhHyQHwpAQYiHQlAYNBiwQBBCESgKUbgJisHNUBxKQEkoBQ5KQwLcAmXgVigLt0E5uB3Kwx1QASpCJagMd0IVuAuqwt1QDe6B6lADakItuBdqw31QB+6HuvAA1IMHoT48BA3gYWgIj0AjeBQaw2PQBB6HptAMmkMLaPnfyn8JesDL0BN6QRL0hj7wCvSFftAfBsBAeBUGwWswGF6HZBgCQ+ENGAZvwnB4C0bASBgFb8NoeAfGwFgYB+MhBSbARHgXJsF7MBmmwFSYBqkwHWbA+zATZsFs+ADmwIcwF+bBfFgAafARLIRFkA4fw2L4BDJgCSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBbvhU9gDn8Fe+Bz2wRf/Yv6Zf8jvioCAAgUqVBiDMRiLsZgLc2FuzI15MA9GMIJxGId5MS/mw3xYAAtgPMZjYSyMBg0SEhbBIhjFKBbDYlgci2NJLIkOHSZgApbBW7EslsVyWA7LY3msgBWxIlbGylgFq2BVrIrVsBpWx+pYE2vivXgv9sY6WAfrYl2sh/Uu357ChtgQG2EjbIyNsQk2wabYFJtjc2yJLbEVtsLW2BrbYltsh+2wPbbHREzEDtgBO2JH7ISdsDN2xi7YBbtiN+yGL+UAfBlfxl5YXfTGPtgH+2Jyjv44AAfgqzgIX8PX8HVMxiE4FN/AN/BNHI6ncQSOxFE4CquId3AMjkUS4zEFU3AiTsRJOAkn4xScgtMwFafjDJyBM3EWzsIPcA5+iB/iPJyHCzAN03AhLsJ0TMfFeAYzcAkuxWW4HFfgclyFq3EVrsV1uBY34AbchJtwC27BbbgNd+AO3IUKAD/Fz/AzTMZ9uA/34348gAfwIB7ETMzEQ3gID+NhPIJH8CgexWN4HE/gcTyFp/A0nsGzeBbP43m8gC/Ef9NoV4k1ySCyKKFEjIgRsSJW5BK5RG6RW+QReURERESciBN5RV6RT+QTBUQBES/iRWFRWBhhBIkwBgBEVERFMVFMFBfFRUlRUjjhRIJIEGVEGVFWlBXlxO2ivLhDVBAVRRtXWVQWVURbV1XcLaqJaqK6qCFqilqilqgtaos6oo6oK+qKeqKeqC8eEg1Eb+yPj4isyjQWQ7CJGIpNRTMhL32DtRLDsbVoI9qKp8RIHIHtRSuXKJ4VHcQY7Cj+Jsbi86KzGI9dxIuiq+gmuouXRA/R2vUUvcRk7C36iGnYV/QT/cUAMRNriA9wTs6a4nWRLIaIoeINsQDfFMPFW2KEGClGibfFaPGOGCPGinFivEgRE8RE8a6YJN4Tk8UUMVVME6liupgh3hczxSwxW3wg5ogPxVwxT8wXC0Sa+EgsFItEuvhYLBafiAyxRCwVy8RysUKsFKvEarFGrBXrxHqxQWwUm8RmsUVsFdvEdrFD7BS7xG7xqdgjPhN7xedin/hC7BdfigPiK3FQfC0yxTfikPhWHBbfiSPie3FU/CCOiePihDgpTokfxWlxRpwV58R58ZO4IH4WF4UXIFEKKaWSgYyROWSszClzyWtkbhlcenWvl3HyBplX3ijzyfyygCwo42UhWVhqaaSVJENZRBaVUXmTLCZvlsVlCVlSlpJOlpYJ8hZZRt4qy8rbZDl5uywv75AVZEVZSVaWd8oq8i4JkV+PUV3WkDVlLXmvrC3vk3Xk/bKufEDWkw/K+vIh2UA+LBvKR2Qj+ahsLB+TTeTjsqlsJpvLFrKlfEK2kk/K1rKNbCufku3k07K9fEYmymdlB+kvvUWel53lC7KLfFF2ld1kd/mzvCi97Cl7SYDeso98RfaV/WR/OUAOlK/KQfI1OVi+LpPlEDlUviGHyTflcPmWHCFHylHybTlaviPHyLFynBwvU+QEOVG+KyfJ9+RkOUVOldNkqpwu+18aabaU/zT/3T/IH/zL0TfJzXKL3Cq3ye1yh9wpd8ndcrfcI/fIvXKv3Cf3yf1yvzwgD8iD8qDMlJnykDwkD8vD8og8Io/Ko/KYPC7PyZPylPxRnpZn5Bl5Tp6X5+WFS68BKFRCSaVUoGJUDhWrcqpc6hqVW12r8qjrVERdr+LUDSqvulHlU/lVAVVQxatCqrDSyiirSIWqiCqqouomvPSGUSVVKeVUaZWgbvlX8lUxdbMqrkr8Jv/y/JL+ZH4tVUvVSrVSrVVr1Va1Ve1UO9VetVeJKlF1UB1UR9VRdVKdVGfVWXVRXVRX1VV1V91VD9VD9VQ9VZJKUn3UK6qv6qf6qwFqoHpVDVKD1GA1WCWrZDVUDVXD1DA1XA1XI9QINUqNUqPVaDVGjVHj1DiVolLURDVRTVKT1GQ1WU1VU1WqSlUz1Aw1U81Us9VsNUfNUXPVXDVfzVdpKk0tVAtVukpXi9VilaGWqCVqmVqmVqgVapVapdaoNWqdWqc2qA0qQ21Wm9VWtVVtV9vVTrVT7Va71R61R+1Ve9U+tU/tV/vVAXVAHVQHVabKVIfUIXVYHVZH1BF1VB1Vx9QxdUKdUKfUKXVanVZn1Vl1Xp1XF9QFdVFdzFr2BSIQgQpUEBPEBLFBbJAryBXkDnIHeYI8QSSIBHFBXJA3uDHIF+QPCgQFg/igUFA40IEJbCAuFT0a3BQUC24OigclgpJBqcAFpYOE4JagTHBrUDa4LSgX3B6UD+4IKgQVg0pB5eDOoEpwV1A1uDuoFtwTVA9qBDWDWsG9Qe3gvqBOcH9QN3ggqBc8GNQPHgoaBA8HDYNHgkbBo0Hj4LGgSfB40DRoFjQPWgQt/9LxvT+d/0nXU/fSSbq37qNf0X11P91fD9AD9at6kH5ND9av62Q9RA/Vb+hh+k09XL+lR+iRepR+W4/W7+gxeqwep8frFD1BT9Tv6kn6PT1ZT9FT9TSdqqfrGfp9PVPP0rP1B3qO/lDP1fP0fL1Ap+mP9EK9SKfrj/Vi/YnO0Ev0Ur1ML9cr9Eq9Sq/Wa/RavU6v1xv0Rr1Jb9Zb9Fa9TW/XO/ROvUvv1p/qPfozvVd/rvfpL/R+/aU+oL/SB/XXOlN/ow/pb/Vh/Z0+or/XR/UP+pg+rk/ok/qU/lGf1mf0WX1On9c/6Qv6Z31R+6zFfdbPu1FGmRgTY2JNrMllcpncJrfJY/KYiImYOBNn8pq8Jp/JZwqYAibexJvCprDJQoZMEVPERE3UFDPFTHFT3JQ0JY0zziSYBFPGlDFlTVlTzpQz5U15U8FUMJVMJXOnudPcZe4yd5u7zT3mHlPD1DC1TC1T29Q2dUwdU9fUNfVMPVPf1DcNTAPT0DQ0jUwj09g0Nk1ME9PUNDXNTXPT0rQ0rUwr09q0Nm1NW9POtDPtTXuTaBJNB9PBdDQdTSfTyXQ2nU0X08V0NV1Nd9Pd9DA9TE/T0ySZJNPH9DF9TV/T3/Q3A81AM8gMMoPNYJNsks1QM9QMM8PMcDPcjDAjzaishap5x4wxY804M96kmBQz0Uw0k8wkM9lMNlPNVJNqUs0MM8PMNDPNbDPbzDFzzFwz18w3802aSTMLzUKTbtLNYrPYZJgMs9QsNcvNcrPSrDSrzWqz1qw162G92Wg2ms1ms9lqtprtZrvZaXaa3Wa32WP2mL1mr9ln9pn9Zr85YA6Yg+agyTSZ5pA5ZA6bw+aIOWKOmqPmmDlmTpgT5pQ5ZU6b0+asOWvOm/yXfi+9ibU5bS57jc1tr7V57HX2H+MCtqCNt4VsYattPpv/N7Gx1ha3JWxJW8o6W9om2Ft+F1ewFW0lW9neaavYu2zV38W17X22jr3f1rUP2Fr23t/E9eyDtr59zDZABLDNbCPbwja2j9km9nHb1DazzW0L284+bdvbZ2yifdZ2sM/9Ll5oF9nVdo1da9fZPfYze9aes4ftd/a8/cn2tL3sQPuqHWRfs4Pt6zbZDvldPMq+bUfbd+wYO9aOs+N/F0+102yqnW5n2PftTDvrd3Ga/cjOsel2rp1n59sFv8RZc0q3H9vF9hObYZfYpXaZXW5X2JV21f+d6zK7wW60m+xu+6ndarfZ7XaH3Wl3/RJnncde+7ndZ7+wh+y39oD9yh60R2ym/eaXOOv8jtjv7VH7gz1mj9sT9qQ9ZX+0p+2ZX84/69xP2p/tRestEBKQJEUBxVAOiqWclIuuodx0LeWh6yhC11Mc3UB56UbKR/mpABWkeCpEhUmTIUtEIRWhohSlm+jyOr0klSJHpSmBbqEydCuVpduoHN1O5ekOqkAVqRJVpjupCt1FVeluqkb3UHWqQTWpFt1Ltek+qkP3U116gOrRg1SfHqIG9DA1pEeoET1KjekxakKPU1NqRs2pBbWkJ6gVPUmtqQ21paeoHT1N7ekZSqRnqQM9Rx3pb9SJnqfO9AJ1oRepK3Wj7vQS9aCXqSf1oiTqTX3oFepL/ag/DaCB9CoNotdoML1OyTSEhtIbNIzepOH0Fo2gkTSK3qbR9A6NobE0jsZTCk2gifQuTaL3aDJNoak0jVJpOs2g92kmzaLZ9AHNoQ9pLs2j+bSA0ugjWkiLKJ0+psX0CWXQElpKy2g5raCVtIpW0xpaS+toPW2gjbSJNtMW2krbaDvtoJ20i3bTp7SHPqO99Dntoy9oP31JB+grOkhfUyZ9Q4foWzpM39ER+t73oh/oGB2nE3SSTtGPdJrO0Fk6R+fpJ7pAP9NF8gQhhiKUoQqDMCbMEcaGOcNc4TVh7vDaME94XRgJrw/jwhvCvOGNYb4wf1ggLBjGh4XCwqEOTWhDCsOwSFg0jIY3hcXCm8PiYYmwZFgqdGHpMCG8JSwT3hqWDW8Ly4W3h+XDO8IKYcXwsQcqh3eGVcK7wqrh3WG18J6welgjrBnWCu8Na4f3hXXC+8O64QNh2fDBsH74UNggfDhsGD4SNgofDRuHj4VNwsfDpmGzsHnYImwZPhG2Cp8MW4dtwrbhU2G78OmwffhMmBg+G3YIn/ul/8FFf96fFPYO+4SvhK+E3t8v50cXRNOiH0UXRhdF06MfRxdHP4lmRJdEl0aXRZdHV0RXRldFV0fXRNdG10XXRzdEN0Y3Rb2vlQMcOuGkUy5wMS6Hi3U5XS53jcvtrnV53HUu4q53ce4Gl9fd6PK5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd5Mr5m52xV0JV9KVcs6VdgmuhWvpWrpW7knX2rVxbd1T7in3tHvaPeOecc+6Du4519H9zXVyz7vO7gX3gnvRdXXdXHf3kuvhJuT59TOZ5Pq4Pq6v6+v6u/5uoBvoBrlBbrAb7JJdshvqhrphbpgb7oa7EW6EG+VGudFutBvjxrhxbpxLcSluopvoJrlJbrKb7Ka6qS7VpboZboab6Wa6KrN+PcpcN9fNd/NdmktzC13WmjHdLXaLXYbLcEvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O91Ot9vtdnv8db8O6va5/W6/O+AOuIPua5fpvnGH3LfusPvOHXHfu6PuB3fMHXcn3El3yv3oTrsz7qw75867n9wF97O76LxLiUyITIy8G5kUeS8yOTIlMjUyLZIamR6ZEXk/MjMyKzI78kFkTuTDyNzIvMj8yIJIWuSjyMLIokh65OPI4sgnkYzIksjSyLLI8siKiPeFtoa+iC/qo/4mX8zf7Iv7Er6kL+WdL+0T/C2+jL/Vl/W3+XL+dl/e3+Er+Iq+kn/cN/XNfHPfwrf0T/hW/knf2rfxbf1Tvp1/2rf3z/hE/6zv4J/zHf3ffCf/vO/sX/Bd/Iu+q+/mu/uXfA//su/pe/kk39v38a/4vr6f7+8H+IH+VT/Iv+YH+9d9sh/ih/o3/DD/ph/u3/Ij/Eg/KuZtP/ryJTKM9yl+gp/o3/WT/Ht+sp/ip/ppPtVP9zP8+36mn+Vn+w/8HP+hn+vn+fl+gU/zH/mFfpFP9x/7xf4Tn+GXXL6p7Ff6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+F3+l1+t//U7/Gf+b3+c7/Pf+H3+y/9Af+VP+i/9pn+G3/If+sP++/8Ef+9P+p/8Mf8cX/Cn/Sn/I/+tD/jz/pz/rz/yV/wP/uL/G/WGGOMMcb+SyZcaYo/6u/9B8+Jv9u5DwBcu61g5t/3Z60o1+f7td1PxLeLAMCzvbo8cnmrXj0pKenSvhkSgqLzAC7/SVCWGLgSL4G28DQkQhso84fz7ye6nad/Mn70doBcf5cTC1fiK+N/+SfjP/HUqIXlw7Nx/4/x5wEUL3olJydciZdAW5X12AbK/sn4+Vv9k/nn/CoFoPXf5eSGK/GV+SfAk/AcJP5mT8YYY4wxxhhj7Ff9RKVOl68/L/+Nzz+6Po9XV3JywJX4n12fM8YYY4wxxhhj7Op7vlv3Z55ITGzT6V9vVP1vZXHjf2rDe4DLzygA+DcHBPiPn8WW/8ixki99dP6xa/k5H8D/jFL+FY2r/MXEGGOMMcYY+8tdWfT/9nl1tSbEGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xlQ/+J/07sap8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdrX9nwAAAP//geYOMQ==")
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)

4m52.687262351s ago: executing program 5 (id=1189):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
fcntl$lock(r0, 0x26, 0x0)
fcntl$lock(r0, 0x25, &(0x7f00000000c0))
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000140)='./bus\x00', 0x1d01e, &(0x7f0000000780)={[{@quota}, {@jqfmt_vfsv0}, {@errors_continue}, {@oldalloc}, {@nodiscard}, {@acl}], [{@uid_lt}, {@smackfstransmute={'smackfstransmute', 0x3d, '%\'@\\&(@+{'}}, {@uid_eq}, {@fsmagic={'fsmagic', 0x3d, 0x24}}]}, 0x1, 0x42f, &(0x7f0000000280)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r8, 0x6, 0x1, &(0x7f00000006c0)={0x8, 0x7, 0x9a9, 0x4, 0x80, 0xf6, 0xffff}, 0xc)
syz_open_procfs(0x0, &(0x7f0000000280)='net/snmp6\x00')
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
write$binfmt_script(r3, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
io_setup(0x100, &(0x7f0000000280))

4m52.587277611s ago: executing program 5 (id=1190):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
fcntl$lock(r0, 0x26, 0x0)
fcntl$lock(r0, 0x25, &(0x7f00000000c0))
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000140)='./bus\x00', 0x1d01e, &(0x7f0000000780)={[{@quota}, {@jqfmt_vfsv0}, {@errors_continue}, {@oldalloc}, {@nodiscard}, {@acl}], [{@uid_lt}, {@smackfstransmute={'smackfstransmute', 0x3d, '%\'@\\&(@+{'}}, {@uid_eq}, {@fsmagic={'fsmagic', 0x3d, 0x24}}]}, 0x1, 0x42f, &(0x7f0000000280)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r6, 0x6, 0x1, &(0x7f00000006c0)={0x8, 0x7, 0x9a9, 0x4, 0x80, 0xf6, 0xffff}, 0xc)
syz_open_procfs(0x0, &(0x7f0000000280)='net/snmp6\x00')
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
write$binfmt_script(r3, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
io_setup(0x100, &(0x7f0000000280))

4m52.550017001s ago: executing program 33 (id=1190):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
fcntl$lock(r0, 0x26, 0x0)
fcntl$lock(r0, 0x25, &(0x7f00000000c0))
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000140)='./bus\x00', 0x1d01e, &(0x7f0000000780)={[{@quota}, {@jqfmt_vfsv0}, {@errors_continue}, {@oldalloc}, {@nodiscard}, {@acl}], [{@uid_lt}, {@smackfstransmute={'smackfstransmute', 0x3d, '%\'@\\&(@+{'}}, {@uid_eq}, {@fsmagic={'fsmagic', 0x3d, 0x24}}]}, 0x1, 0x42f, &(0x7f0000000280)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r6, 0x6, 0x1, &(0x7f00000006c0)={0x8, 0x7, 0x9a9, 0x4, 0x80, 0xf6, 0xffff}, 0xc)
syz_open_procfs(0x0, &(0x7f0000000280)='net/snmp6\x00')
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
write$binfmt_script(r3, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
io_setup(0x100, &(0x7f0000000280))

2m10.841758624s ago: executing program 0 (id=2805):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$tipc(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000040)="fb", 0x1}], 0x1}, 0x0)
recvmsg(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x0)

2m10.797257104s ago: executing program 0 (id=2806):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)

2m10.758282354s ago: executing program 0 (id=2807):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000003000083850000002d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SURVEY(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="a90300000000000000003200000008004001"], 0x1c}}, 0x0)

2m10.731724174s ago: executing program 0 (id=2808):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000a00), 0xfe, 0x54d, &(0x7f0000000400)="$eJzs3d9rW1UcAPDvTdv96nQdjKE+SGEPTubStfXHBB/mo+hwoO8ztHdlNFlGk461Dtwe3IsvMgQRB+If4LuPw3/Av2KggyGj6IMvkZvedNmatFmXrZn5fOC259x703NPzv2enpOTkACG1mT2oxDxakR8m0Qcajs2GvnByfXz1h5cm8u2JBqNz/5KIsn3tc5P8t/jeeaViPjt64gThc3l1lZWF0vlcrqU56fqlctTtZXVkxcrpYV0Ib00Mzt7+p3Zmfffe7dvdX3z3D8/fHrno9PfHFv7/pd7h28lcSYO5sfa6/EUrrdnJmMyf07G4sxjJ073obBBkuz2BbAjI3mcj0XWBxyKkTzqgf+/ryKiAQypRPzDkGqNA1pz+z7Ng18Y9z9cnwBtrv/o+msjsa85NzqwljwyM8rmuxN9KD8r49c/b9/Ktujf6xAA27p+IyJOjY5u7v+SvP/buVM9nPN4Gfo/eH7uZOOftzqNfwob45/oMP4Z7xC7O7F9/Bfu9aGYrrLx3wcdx78bi1YTI3nupeaYbyy5cLGcZn3byxFxPMb2Zvmt1nNOr91tdDvWPv7Ltqz81lgwv457o3sffcx8qV56mjq3u38j4rWO499ko/2TDu2fPR/neizjaHr79W7Htq//s9X4OeKNju3/cEUr2Xp9cqp5P0y17orN/r559Pdu5e92/bP2P7B1/SeS9vXa2pOX8dO+f9Nux3Z6/+9JPm+m9+T7rpbq9aXpiD3JJ5v3zzx8bCvfOj+r//FjW/d/ne7//RHxRY/1v3nkZtdTB6H955+o/Z88cffjL3/sVn5v7f92M3U839NL/9frBT7NcwcAAAAAAACDphARByMpFDfShUKxuP7+jiNxoFCu1uonLlSXL81H87OyEzFWaK10j7e9H2I6fz9sKz/zWH42Ig5HxHcj+5v54ly1PL/blQcAAAAAAAAAAAAAAAAAAIABMd7l8/+ZP0Z2++qAZ85XfsPw2jb++/FNT8BA8v8fhpf4h+El/mF4iX8YXuIfhpf4h+El/mF4iX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoq3Nnz2ZbY+3BtbksP39lZXmxeuXkfFpbLFaW54pz1aXLxYVqdaGcFueqle3+XrlavTw9E8tXp+pprT5VW1k9X6kuX6qfv1gpLaTn07HnUisAAAAAAAAAAAAAAAAAAAB4sdRWVhdL5XK6JCGxo8ToYFyGRJ8Tu90zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBD/wUAAP//y284sw==")
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000000c0)='./bus\x00')
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02"], 0x4, 0x0)

2m10.484212396s ago: executing program 0 (id=2813):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x4)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x2f)

2m9.990929669s ago: executing program 0 (id=2817):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x10e, &(0x7f0000000280)={[{@errors_remount}, {@lazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6e}}, {@block_validity}, {@block_validity}, {@quota}]}, 0x1, 0x452, &(0x7f0000000780)="$eJzs289vFFUcAPDvTFug/LAV8Qc/1CoaG3+0tKBy8KLRxIMmJl7wWNtCkIUaWhMhRNEYPBoS78ajiX+BJ70Y9WTiVe+GhBguoqc1szvD/mC3tMu2g+znkwx9b+YN7333zdt9M283gIE1kf2TROyMiN8jYqyebS0wUf9z/dqF+X+uXZhPolp9+6+kVu7vaxfmi6LFeTvyzGQakX6WxP4O9S6fO39qrlJZPJvnp1dOvz+9fO78cydPz51YPLF4Zvbo0SOHZ158Yfb5vsR5b9bWfR8tHdj7+juX35w/dvndn78dKuJvi6NPJlY7+GS12ufqyrWrKZ0Ml9gQ1iUbA1l3jdTG/1gMRaPzxuK1T0ttHLChqrkuhy9WgbtYEmW3AChH8UGf3f8W2+bNPsp39eX6DVAW9/V8qx8ZjjQvM9J2f9tPExFx7OK/X2VbbMxzCACAFt9n859nO83/0nigqdw9+drQeL6Wsjsi7ouIPRFxf0St7IMR8dA6629fJLl5/pNe6SmwNcrmfy/la1ut879i9hfjQ3luVy3+keT4ycriofw1mYyRrVl+ZpU6fnj1ty+6HWue/2VbVn8xF8zbcWV4a+s5C3Mrc7cTc7Orn0TsG+4Uf3JjJSCJiL0Rsa/HOk4+/c2BbsduHf8q+rDOVP064ql6/1+MtvgLyerrk9PborJ4aLq4Km72y6+X3upW/23F3wdZ/2/veP3fiH88aV6vXV5/HZf++LzrPc1UT9d/Y8eW/O+HcysrZ2citiRv1BvdvH+2cW6RL8pn8U8e7Dz+d0fjldgfEdlF/HBEPBIRj+Z991hEPB4RB9viar6//umVJ97rFv+d0P8Lbf0/3lqkrf8biS3RvqdzYujUj9+1/o+N5Nre/47UUpP5nrW8/62lXb1dzQAAAPD/k0bEzkjSqRvp0XRqqv4d/j2xPa0sLa88c3zpgzML9d8IjMdIWjzpGmt6HjqT39YX+dm2/OH8ufGXQ6O1/NT8UmWh7OBhwO24afyntfGf+XOo7NYBG87vtWBwNY3/pMx2AJvP5z8MLuMfBleH8T9aRjuAzdfp8//jEtoBbL628W/ZDwaI+38YXMY/DK7m8e8LADAwlkfj1j+S75TYFr2cJXHXJCK9I5rRn0TS4yhYa2Jn2QGuP1H2OxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB//BcAAP//pgHvrg==")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
inotify_init()
lseek(r0, 0xfffffffffffffffc, 0x2)
getdents(r0, 0x0, 0x58)

2m9.968835188s ago: executing program 34 (id=2817):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x10e, &(0x7f0000000280)={[{@errors_remount}, {@lazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6e}}, {@block_validity}, {@block_validity}, {@quota}]}, 0x1, 0x452, &(0x7f0000000780)="$eJzs289vFFUcAPDvTFug/LAV8Qc/1CoaG3+0tKBy8KLRxIMmJl7wWNtCkIUaWhMhRNEYPBoS78ajiX+BJ70Y9WTiVe+GhBguoqc1szvD/mC3tMu2g+znkwx9b+YN7333zdt9M283gIE1kf2TROyMiN8jYqyebS0wUf9z/dqF+X+uXZhPolp9+6+kVu7vaxfmi6LFeTvyzGQakX6WxP4O9S6fO39qrlJZPJvnp1dOvz+9fO78cydPz51YPLF4Zvbo0SOHZ158Yfb5vsR5b9bWfR8tHdj7+juX35w/dvndn78dKuJvi6NPJlY7+GS12ufqyrWrKZ0Ml9gQ1iUbA1l3jdTG/1gMRaPzxuK1T0ttHLChqrkuhy9WgbtYEmW3AChH8UGf3f8W2+bNPsp39eX6DVAW9/V8qx8ZjjQvM9J2f9tPExFx7OK/X2VbbMxzCACAFt9n859nO83/0nigqdw9+drQeL6Wsjsi7ouIPRFxf0St7IMR8dA6629fJLl5/pNe6SmwNcrmfy/la1ut879i9hfjQ3luVy3+keT4ycriofw1mYyRrVl+ZpU6fnj1ty+6HWue/2VbVn8xF8zbcWV4a+s5C3Mrc7cTc7Orn0TsG+4Uf3JjJSCJiL0Rsa/HOk4+/c2BbsduHf8q+rDOVP064ql6/1+MtvgLyerrk9PborJ4aLq4Km72y6+X3upW/23F3wdZ/2/veP3fiH88aV6vXV5/HZf++LzrPc1UT9d/Y8eW/O+HcysrZ2citiRv1BvdvH+2cW6RL8pn8U8e7Dz+d0fjldgfEdlF/HBEPBIRj+Z991hEPB4RB9viar6//umVJ97rFv+d0P8Lbf0/3lqkrf8biS3RvqdzYujUj9+1/o+N5Nre/47UUpP5nrW8/62lXb1dzQAAAPD/k0bEzkjSqRvp0XRqqv4d/j2xPa0sLa88c3zpgzML9d8IjMdIWjzpGmt6HjqT39YX+dm2/OH8ufGXQ6O1/NT8UmWh7OBhwO24afyntfGf+XOo7NYBG87vtWBwNY3/pMx2AJvP5z8MLuMfBleH8T9aRjuAzdfp8//jEtoBbL628W/ZDwaI+38YXMY/DK7m8e8LADAwlkfj1j+S75TYFr2cJXHXJCK9I5rRn0TS4yhYa2Jn2QGuP1H2OxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB//BcAAP//pgHvrg==")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
inotify_init()
lseek(r0, 0xfffffffffffffffc, 0x2)
getdents(r0, 0x0, 0x58)

28.391939257s ago: executing program 3 (id=4349):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, 0x0)

28.391792607s ago: executing program 3 (id=4350):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000640)=ANY=[@ANYBLOB="0b000000000000000a00000000000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000a00000000000000fe8000000000000000000000000000bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000fc01"], 0x210)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x7d)
syz_emit_ethernet(0x42, &(0x7f0000000380)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010700", 0xc, 0x11, 0x0, @private1, @mcast2, {[], {0x0, 0xe22, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}}, 0x0)

28.391632007s ago: executing program 3 (id=4351):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x1208002, &(0x7f0000000400)={[{@grpquota}, {@delalloc}, {@init_itable_val={'init_itable', 0x3d, 0xf}}, {@debug}, {@jqfmt_vfsold}, {}, {@nomblk_io_submit}, {@nouid32}]}, 0x1, 0x5f5, &(0x7f0000000bc0)="$eJzs3c9vVNUeAPDvnU5LS3mvhby893iLRxNjIFFaWsAQ4wK2hjT4I27cWGlBpEBDa7RoQklwY2LcGGPiyoX4XyiRLStduXDjypAQNSxNGHOn95b+uNPfndtwP59k6LnnzO05l+m358zpOXcCqKyB9J9axMGImEoi+pK5hbJ6ZIUD88979OdH59NHEo3Ga78nkWR5+fOT7GtvdnJ3RPz4QxIHOlbWOz174/LY5OTE9ex4aObK1ND07I2jl66MXZy4OHF15IWRUydPnDw1fGxT13WzIO/s7Xff7/tk9M1vvvorGf72l9EkTsfL2RMXX8d2GYiB5v9JsrKo99R2V1aSjuznZPFLnNRLbBAbkr9+nRHxn+iLjnjy4vXFx6+U2jhgRzWSiAZQUUmr+K+3uSFAm+XjgPy9/fL3wbVSRiVAOzw8Mz8BsDL+6/Nzg9HdnBvY+yiJxdM6SURsbmZuqX0Rcf/e6O0L90Zvxw7NwwHF5m5FxH+L4j9pxn9/dEd/M/5rS+I/HRecy76m+a9usv7lU8XiH9pnPv67V43/aBH/by2K/7c3Wf/Ak+Q7PUviv2ezlwQAAAAAAACVdfdMRDxf9Pf/2sL6nyhY/9MbEae3of6BZccr//5fe7AN1QAFHp6JeKlw/W8tX/3b35Gl/tFcD9CZXLg0OXEsIv4ZEUeic096PLxKHUc/PfBlq7KBbP1f/kjrv5+tBcza8aC+Z+k542MzY1u9biDi4a2I/xWu/00W+v+koP9Pfx9MrbOOA8/eOdeqbO34B3ZK4+uIw4X9/5O7ViSr359jqDkeGMpHBSv9/8PPvmtV/2bj3y0mYOvS/n/v6vHfnyy+X8/0xus4PltvtCrb7Pi/K3m9ecuZrizvg7GZmevDEV3J2Y40d0n+yMbbDE+jPB7yeEnj/8gzq8//FY3/eyJibtn3Tv5Yuqc49+/Hvb+2ao/xP5Qnjf/xDfX/G0+M3On/vlX96+v/TzT7+iNZjvk/mPdFHqZdS/MLwrFeVNTu9gIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA06AWEfsiqQ0upGu1wcGI3oj4V+ytTV6bnnnuwrX3ro6nZc3P/6/ln/TbN3+c5J//37/oeGTZ8fGI2B8Rn3f0NI8Hz1+bHC/74gEAAAAAAAAAAAAAAAAAAGCX6G2x/z/1W0fZrQN2XL3sBgClKYj/n8poB9B++n+oLvEP1SX+obrEP1SX+IfqWnf8Nx43mna2OUAb6f+husQ/AAAAAAA8VfYfuvtzEhFzL/Y0H6murKyz1JYBO61WdgOA0rjFD1SXpT9QXd7jA8ka5d0tT1rrzNVMnd/CyQAAAAAAAAAAAABQOYcP2v8PVWX/P1SX/f9QXfn+/0MltwNoP+/xgVhjJ3/h/v81zwIAAAAAAAAAAAAAttP07I3LY5OTE9cl3tgdzWhnotFo3Ex/CrbyffKV4bvgctZMPG7M26Eq8qXwu+BKixL5Xr/1nVXO7yMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGClvwMAAP//4ygs8Q==")
lchown(&(0x7f00000006c0)='./file0\x00', 0x0, 0xee01)
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000480)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x9d})
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040))
chown(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)

28.217560448s ago: executing program 3 (id=4352):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000200)='./bus\x00', 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="6e6f646973636172640000008000200000ff5f78617474722c646973636172642c7768696e745f6d6f64653d757365722d626173651a9603642c6e6f696e6c696e48c8b8bd9db81b403801c199ffba3691ebc17570972cb0aab560ecd4a62772a15b05a04f8812838b6d154a85515cf6a313e8043c58707a92ff4e0d69fdd8fd380734190ccaff409ba8953c23b0c6f1c09d49447f1e1d0cedb97bb4daf266dcc2cec17b92cbbe1303abfc278ad789ffe0f34862de20f795a4b968385446d1964503b1815a337e284216bd6809000000000004000000d593d55b7516ceab7cd6f2aebee0e3b4e72511cc77b8aeb6cb60fe02009fbd67bd8d700393ec17bc2e14a4811bdefdda2f5f5ebead17e18e7fa077c6bf2fe6d11ac484b13898ad0c52acbc155d3426"], 0x1, 0x54f8, &(0x7f0000010140)="$eJzs3LtvW1UcB/DjpGn6okSIga1XqpASqbbiPCrYArTiIVJFPAYmcGzHcmv7RrHjhEwMjIiB/wSBxMTI38DAzIYYQGxIIN9zQpvyWOLECfl8pOvvvcfXv3uOVVX6XUc3ABfWXPbbL6VwM1wNIUyHEG6EUOyX0lZYi/FCCOFWCGHqia2Uxv8auBxCuBZCuJkKJqO3vrgzvL3681u/fvv97KXrX37zwwSWC5wRL4YQuttxf68bM2/FfJjGa8N2kd2VYcr4RvdROs5j7jU3iwp7tcPzakUut+L5+fZuf5RbnVp9lK32VjG+3YsX7A9bh3WKDzys7RTHjeZmke1+XmTrIM5r/yD+93bQH8Q6jVTv46J8GAwOM44395txPduPiqz3Bmk81s0bzf1RDlOmy4V63mkU89g8zjd9tr3d7u3uZ8PmTr+d97LVSvWlSvVuubqTN5qD5kq51m3cXcnmW53RaeVBs9Zda+V5q9Os1PPuQjbfqtfL1Wo2f6+52a71smq1slxZLK8upL072esP3s86jWx+lK+2e7uDdqefbeU7WfzEQrZUWX55Ibtdzd5d38g23rl/f33jvQ/vffDglfU3X0sn/W1a2fzS4tJSubpYXqouXKD1f5omPcb1w7GUJj0BgPPnRPv/uVizpP8HnnLe+/+g/x+Lc9X/XvT+/wTWD8ei/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLB+nPnqjWJnLh5fT+PPpKHn0nEphDAVQvjjH0yHy0dqTqc6M/9y/sxTc1gLoagwusZs2q6l8dH2+7Mn/S0AAADA/9fXn9z6PHbr8WVu0hPiNMWbNlM3PhpTvVIIYWbupzFVmxq9PD+mYsW/70thf0zVihtYV8ZULN5yuzSuav/h8X236SNx5YkoxZg6hekAAACn7GgncBpdCAAAAJPx2aQnwGSUwuPfBNMf8M/GSD8IXj1yBAAAAJxDpUlPAAAAADhxRf9/Fp7/913J8/8AAADgpMTn/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCf7NxPTsJAFAfg10IF/0Vi3HsVd3AMj+DSpeEAXoIj4BW8AGfAnUcwYGhLtAYTkw7FkO9L2jIT8uOVsHkzpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD69FfPJy9Ptc9uc1bqdNHcDAAAA7LIs5pPyxagan9fzl/XUdT3OIiKPiF29ey9OGpm9Oqf45f3FjxpeI8qEzWcM6uMsIu7q4+Nq398CAAAAHK/FdDauuvXqNDp0QXSpWrTJL+4T5WURUYzeE6Xlm9NNorDy992Px0Rp5QLWMFFYteTWT5X2J73GZfjtklWXvNNyAACATjQ7gW67EAAAALr0cOgCOIwstluZ273g8p/3XxuCp40RAAAA8L8Ndk1m3dcBAAAAdKzs/z3/DwAAAI5b9fw/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9mlZzCeL6WzcNme1bifN3QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfLI/7ygQAmEQBnvXdyZz/8NKg6amJlUgfPyNwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8+d1f/k9MjTPJ3Gtj6XkkWTs1tk6NvXPj6A/j69cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxf68pEAIBEEUzBn/O+n7H1YS9AwiREDDo4paNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/0u1/+T0yNM8ncaWPpeCRZu2psXTX2HjSOHoy3fwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxc79+8ZNxQEAf7bPF1pAHAFlCEIgMcBCr9fS0pUBFDHwJyBF6bUErvxoM9CqQsrChjJ3QTAihAQKW/6HzImUJWwZbggSc5B9duL8kDgIsa/J5yM9v+9Z1nvf50RRvn5OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDS8L2DOMkOnVEcF+c2dh8vZP3mkT6ztrI1m7UsjupM+unwavVDNNNcIgAAAFwcSVnfhxC209W5rI87ef2fltdkNf8Pz4/isp4/WveXfVn7Z+3333Ze3p+oM5onG/TO4qB/9XgqrbNb5WR74R+vaOV3Pn/2kuRfkPjD5ZeGaX4/o+/W199v5+FUHdkCAP/FlbIvgvL3oazvNZkYABdGq1J4l/V/0mk2JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA6DJfDs2UchRBmWwdxZnP38cJJ/drK1mzZbj55slIdMxsiDSHcWRz0r9a4lkn34OGjz+YHg/79+oPXQgjNzV4EH49xTQhNZig4bRAX3+v/48h70QSs62yDhn8wAQBw7qRFy+r67XR1LjsXTYew9+Ph+v/NShzGrP93Prm5UZ2rWv/3alvh5Osu3fuy++Dho7cX783f7d/tf/7Otd67veu3bty41c2flXQ9MQEAAOB02kWr1v/x9PH9/8uVOIxZ/3/1fe+b6lyJ+v9EB5t+TWcCAABwsb34+l9/Riecj9rt8PX80tL93ui4//na6NhAqv/aVNGq9X8y3XRWAAAAQB2Gy9Gh/f/blTiMuf//3E+v/FIdMwkhXCr2/68sfDG4Xd9yJlodf07c9BoBAABo1qWiVff/0/z9/3j/lYc4hPDWG6O4+DeAY9X/yQff/lydq/r+//X6ljiR4pnR/cj7qRBaM01nBAAAwHn2TNGyYv+PdHXu018vf9T2/j8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3f4OAAD//xwcQP8=")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x101)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x9000, &(0x7f0000000200)={0x7, 0x1, 0x20000}, 0x20)

27.87668812s ago: executing program 3 (id=4353):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x40000000004)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)

27.679278781s ago: executing program 3 (id=4354):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = epoll_create(0x80002)
epoll_pwait(r1, &(0x7f0000000140)=[{}], 0x1, 0x6, 0x0, 0x0)

27.679080781s ago: executing program 35 (id=4354):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = epoll_create(0x80002)
epoll_pwait(r1, &(0x7f0000000140)=[{}], 0x1, 0x6, 0x0, 0x0)

2.995249434s ago: executing program 1 (id=4665):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'macsec0\x00', 0x100})

2.949519444s ago: executing program 1 (id=4666):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="12010000e7ff00104355810700000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000080008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000400000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="c4ff05"], 0x0, 0x0, 0x0, 0x0}, 0x0)

2.470508757s ago: executing program 4 (id=4676):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10)
r1 = io_uring_setup(0x17b9, &(0x7f00000004c0))
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x11000)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r1, 0x11, &(0x7f00000002c0), 0x2)

1.613252972s ago: executing program 4 (id=4693):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x18, &(0x7f0000000540), 0x1, 0x4a3, &(0x7f0000000580)="$eJzs3c1rXOUaAPBnZpo0SXNvP+7l0vbCbaEXej9oJh9IE3XjSl0UxIIbhRqTaayZZEJmUpvQRaq7LlyIoiAu3PsXuLEriyCudS8upKI1ggrCyDkzk+Zr4qBpBnJ+Pzid95z3dJ73zfC8nHnPOXMCyKyzyT+5iMGI+DwijjZWN+9wtvGydv/mVLLkol6//F0u3S9Zb+3a+n9HImI1Ivoi4tknI17KbY9bXV6ZnSyXS4vN9WJtbqFYXV65cG1ucqY0U5ofGb84MTE+PDY6sWd9vf3GK7cvffR074c/vX7v7puffJw0a7BZt7Efe6nR9Z44vmHboYh4/GEE64JCsz/93W4If0jy+f0tIs6l+X80CumnCWRBvV6v/1o/3K56tQ4cWPn0GDiXH4qIRjmfHxpqHMP/PQby5Uq19v+rlaX56cax8rHoyV+9Vi4NN78rHIueXLI+kpYfrI9uWR+LSI+B3yr0p+tDU5Xy9P4OdcAWR7bk/4+FRv4DGeErP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h+yS/5BJz1y6lCz11v3v09eXl2Yr1y9Ml6qzQ3NLU0NTlcWFoZlKZSa9Z2fu996vXKksjDwSSzeKtVK1Vqwur1yZqyzN166k9/VfKfXsS6+AThw/c+fLXESsPtqfLoneZp1chYOtXs9Ft+9BBrqj0O0BCOgaU3+QXb7jAzv8RO8mfe0qFva+LcD+yHe7AUDXnD/l/B9klfl/yC7z/5BdjvEB8/+QPeb/IbsG2zz/6y8bnt01HBF/jYgvCj2HW8/6Ag6C/De55vH/+aP/Htxa25v7OT1F0BsRr753+Z0bk7Xa4kiy/fv17bV3m9tHu9F+oFOtPG3lMQCQXWv3b061lv2M++0TjYsQtsc/1Jyb7EvPUQ6s5TZdq5Dbo2sXVm9FxMmd4ueazztvnPkYWCtsi3+i+ZprvEXa3kPpc9P3J/6pDfH/tSH+6T/9V4FsuJOMP8M75V8+zelYz7/N48/gHl070X78y6+Pf4U249+ZDmO8/P5rX7eNfyvi9I7xW/H60lhb4ydtO99h/HsvPPePdnX1Dxrvs1P8lqRUrM0tFKvLKxfS35GbKc2PjF+cmBgfHhudKKZz1MXWTPV2j5387O5u/R9oE3+3/ifb/tth/3/556fPn90l/n/O7fz5n9glfn9E/K/D+D+MfvViu7ok/nSb/ud3iZ9sG+swfvXtpw53uCsAsA+qyyuzk+VyaVFBQUFhvdDtkQl42B4kfbdbAgAAAAAAAAAAAHRqPy4n7nYfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOgt8CAAD//1kn1ls=")
lsetxattr$system_posix_acl(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='system.posix_acl_default\x00', &(0x7f0000000400), 0x24, 0x0)
listxattr(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)

1.420562813s ago: executing program 4 (id=4701):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0xff, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
r1 = open(&(0x7f0000000140)='./file1\x00', 0x141042, 0x0)
fallocate(r1, 0x8, 0x0, 0x10000)
preadv(r1, &(0x7f0000000940)=[{&(0x7f0000000100)=""/34, 0x22}], 0x1, 0x40, 0xfffffff9)

1.289673753s ago: executing program 6 (id=4703):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xb, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x9b}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0xb5, 0x10, &(0x7f0000000000), 0x7, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

1.266111844s ago: executing program 6 (id=4704):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x42)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000ac0)='./file0/../file0/file0\x00', &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x196fc41, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
umount2(&(0x7f0000000100)='./file0/file0\x00', 0xb)

1.195418994s ago: executing program 6 (id=4705):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f0000000040), 0x80000000003, 0x101301)
syz_emit_ethernet(0x2a, &(0x7f0000000000)=ANY=[@ANYBLOB="c5c3442e25f30600aa773888c21c000000000002"], 0x0)
ioctl$USBDEVFS_FREE_STREAMS(r2, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200a006002a17006000000002000020"])

1.195063514s ago: executing program 6 (id=4706):
syz_mount_image$f2fs(&(0x7f00000004c0), &(0x7f0000000040)='./bus\x00', 0x2008410, &(0x7f0000001f80)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c8426803000000005c000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd9701404", @ANYRESDEC], 0x1, 0x553b, &(0x7f000000ac00)="$eJzs3EtvG1UUAOA7TtPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKI9WduKk/T5pfGbujM+cO7ISnRnLAXhiLaS//pyES+FsCGEuhHAhCfl6Uiy51RieCyFcDiGU/rIkxfifA6dDCOdCCJdGyWPOpNj1+dXhlZWf3vjlm+/OnDr/xdffz27WwKw9H0LobsX13W6MWSvGu8V4bdjOY/fGsIhxR/desZ3FuNvcyDPs1sbH1fJ4vRWPz7Z2+qO42anVR7HV3szHt3rxhP1ha5wnf8Pd2na+3Whu5LHdz/LY2o917e3Hv237/UHM0yjyfZinD4PBOMbx5l4zzmfrXh7rvUExHvNmjebeKA6LWJwu1LNOI69jY5Irfby92e7t7KXD5na/nfXSlUr1hUr1Zrm6nTWag+aNcq3buHkjXWx1RoeVB81ad7WVZa1Os1LPukvpYqteL1er6eKt5ka71kur1cr1yrXyylKxdjV99c67aaeRLo7iy+3ezul2p59uZttpfMdSuly5/uJSeqWavr22nq6/dfv22vo77996785La6+/Uhz0QFnp4vK15eVy9Vp5ubp0DOY/+r/7kPMfTDL/T4qiH2H+yWSXB/6bDxjAI3ug/w/6f+DwnfT+P0yz/x+1VPr//+9/S5P3/xP1v8e1/z/B84eJ6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5YP8x/+Vq+shC3zxfjF4uhZ4rtJIRQCiH8/g/mwukDOeeKPPP/cvz832r4Ngl5htE5zhTLuRDCarH89vRhXwUAAAB4fH310eXPYrceXxZmXRBHKd60KV34YEr5khDC/MKPU8pWGr08O6Vk+ef7VNibUrb8BtZTU0oWb7mdmla2hzI3Dh9fvD+YTyiJoXSk5QAAAEdi7kA42i4EAACAo/TprAtgNpIwfpQ5fhacf/P+/qPNswf2AQAAACdQMusCAAAAgEOX9/9+/w8AAAAeb/H3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4g537uU0ciOIA/GwwsP+0aLX3bWVvUEZKyDHHQAFpghJIC2mAGsgtJUQQYY+QHIEUiXGsoO+TPM7Y0W9mgMsbSwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJztZ4/3v97uDRnt79MntUAAAAAp2yr9bz+Y9r0f6Trv9KlP6lfREQZEadq90GMWpmDlFOd+f/q3RyeIuqEwxjjdHyPiP/peP3d9acAAAAA12uzXM2aar1ppn1PiM/UbNqUP28y5RURUU1fMqWVh+ZvprD69z2Mu0xp9QbWJFNYs+U2PH1vlGuQtkHrlFYyWdRfYt0ruxkXAADoU7sSOFOFAAAAcAVu+54A/SiOzfE547g5pQeC31o9AAAA4Asq+p4AAAAA0Lm6/vf+PwAAALhuzfv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NK2Ws83y9Xs3P3FB3N2+8vkWxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBv7844CIRAGYbB3fWcy9z+sNGhobFIFwsffGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzPSwqEQBBEwZzxv5O+/2ElQc8gQgQ0PKqoRQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzcP28cRRQA8Hd7t5c/gDAGuTCgIFFAQ+xLSEgJBcii4CMgWc45GC4EEhckskBuoEKu0yAoEUICmS7fIXUspQldChdGogbt3u5lkxhyiszuEv9+0uy8Pa9m3uydLD/P2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAafedeCkp4m52mBnH5Wu39jZWsn7ngT5zY+v2fNayuPOoib55++CTb7eXqycn5ionX9WfDAAAAIdDt6zvI+JOur2U9clMXv+n5TVZzf/9M+O4rOcfrPt39jaOFl+aL+v/3369+8JkopnxPNmgq2uj4eLDqfT+oyW23rOPvKKX3/n8dy/d/A1J3t98fjfN72fn25s33+3n4ZE6sgUAHsfJsi+C8uehrB80mRgAh0avUniX9X93ptmcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqwuxlPlXEnIuZ79+LMzt7Gyn79ja3b82U7e/36VnXMbIg0IlbXRsO0xrW03ZWr1z5ZHo2Gl+sPTkREc7MXwYdTXBPx79cUH89obhX/HHTakUajQVK8P23J5yCD8rN38CM39A0JAIAnVlq0rK6/k24vZa91ZiP++uH++v+1ShxT1v93Pzp7qzpXtf4f1LbC9ltYv/jZwpWr195Yu7h8YXhh+OmbpwZvDU6fO3Pm3EJ2rxYXViMZLjadJgAAAP9j/aJV6/9k9uH9/+OVOKas/z//bvBlda6u+n9f9zb9ms4EAADgMOpPoude+fOPzj5XdPr9+GJ5ff3yYHycnJ8aH2tN9zEdKVq1/u/ONp0VAAAAUIfdzc59+//nK3FMuf//9I8v/lwdsxsRxyIuRcTw5Mql0fn6ltNqdfyhcj5Rv+mVAgAA0JRjRavu/6f58//J5JGHJCJef3Ucl//rapr6v/ve1z9V56o+/3+6viW2UjI3vh95PxfRm2s6IwAAAJ5kR4uWFfu/p9tLH/9y/IO+5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6vZ3AAAA//+pzDYD")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0xc9)
r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000002500)='\f7', 0x2}], 0x1)
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f00000003c0)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000480)='./file0\x00')

1.083613605s ago: executing program 4 (id=4707):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
r0 = socket$can_raw(0x1d, 0x3, 0x1)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000000)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
getsockopt$CAN_RAW_FD_FRAMES(r0, 0x65, 0x5, 0x0, &(0x7f0000000040))

1.082289484s ago: executing program 8 (id=4708):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000400)}], 0x1)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r2, 0x800448d2, &(0x7f0000000000))

1.004446895s ago: executing program 1 (id=4709):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="5300000007000046009de8bd4663c767e54b154965ceff42241204b72ad9716795c921db086b98ffbd9f3b4a34908a39f3b81c74bb"], 0x67)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})

946.474905ms ago: executing program 8 (id=4710):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x12, 0x9, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000580)=0x2, &(0x7f00000005c0)=r0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r2}, &(0x7f0000000240), &(0x7f0000000280)=r0}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r1, &(0x7f0000000040)}, 0x20)

880.295915ms ago: executing program 8 (id=4711):
r0 = socket(0x28, 0x5, 0x0)
r1 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x4}, 0x1c)

879.891305ms ago: executing program 1 (id=4712):
bpf$MAP_CREATE(0x0, &(0x7f0000001500)=ANY=[@ANYBLOB="0600000004000000080000000c0000", @ANYRES32, @ANYRES64, @ANYRES32, @ANYBLOB='\x00'/25], 0x48)
r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802)
clock_gettime(0x0, &(0x7f0000000000)={<r1=>0x0, <r2=>0x0})
write$evdev(r0, &(0x7f0000001440)=[{{}, 0x0, 0xebdf, 0x1}, {{0x77359400}, 0x2, 0xe, 0x5}, {{r1, r2/1000+10000}, 0x5, 0x0, 0x98}], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0xffffffffffffffff, 0x0, &(0x7f00000014c0)=0x800)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000016c0)=ANY=[@ANYBLOB="1800000000690000000000000100000a94", @ANYRES32=0x0, @ANYRES8=0x0, @ANYRES16, @ANYRESDEC=0x0, @ANYBLOB], &(0x7f0000001340)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={0x0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
io_submit(0x0, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYRES64=r3], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
connect$netlink(r5, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r5, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x18, 0x30, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0)
ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f00000012c0)={0x7b, 0x2, 0x4, 0x9, 0x3cf})
flock(r3, 0x8)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0})
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0)
write(r7, &(0x7f0000000000)="fa", 0xfffffdef)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
madvise(&(0x7f000000b000/0x3000)=nil, 0x3000, 0x3)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000080)='./file1\x00', 0x10, &(0x7f0000001380)={[], [{@flag='ro'}, {@appraise_type}, {@appraise_type}, {@euid_gt}, {@seclabel}, {@uid_gt}, {@euid_lt}]}, 0x1, 0x4ef, &(0x7f0000000a00)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W")
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000002c0)=""/4095}, 0x20)

879.560185ms ago: executing program 8 (id=4713):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x3, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f00000002c0)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r1}, 0x10)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000b00)=@base={0x6, 0x4, 0x70be, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

707.610107ms ago: executing program 8 (id=4716):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000001c0), 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="6800000010000100"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000480012800e0001006970366772657461700000003400028008000100", @ANYRES32, @ANYBLOB="14000600fe800000000000000000000000000015140007"], 0x68}}, 0x0)
sendto$packet(r0, &(0x7f0000000180)="a6bea8a120e5f8320c30ce5088a8a5e986f34c10d8c3", 0x16, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14)

514.109357ms ago: executing program 6 (id=4717):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$tipc(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="fb6bba8839fe8bc048c0cdafd1428437b3c8026bdfeb6db4ee9bcb25b1811d40a203bf40b3a7da5a8a64db04ed6dd26eea2a37229c339b1f91201c2796", 0x3d}], 0x1}, 0x0)
recvmsg(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x40fd)
close(r1)

507.835028ms ago: executing program 8 (id=4719):
bpf$MAP_CREATE(0x0, &(0x7f0000001500)=ANY=[@ANYBLOB="0600000004000000080000000c0000", @ANYRES32, @ANYRES64, @ANYRES32, @ANYBLOB='\x00'/25], 0x48)
r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802)
clock_gettime(0x0, &(0x7f0000000000)={<r1=>0x0, <r2=>0x0})
write$evdev(r0, &(0x7f0000001440)=[{{}, 0x0, 0xebdf, 0x1}, {{0x77359400}, 0x2, 0xe, 0x5}, {{r1, r2/1000+10000}, 0x5, 0x0, 0x98}], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0xffffffffffffffff, 0x0, &(0x7f00000014c0)=0x800)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000016c0)=ANY=[@ANYBLOB="1800000000690000000000000100000a94", @ANYRES32=0x0, @ANYRES8=0x0, @ANYRES16, @ANYRESDEC=0x0, @ANYBLOB], 0x0, 0x9, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000140)='mm_page_alloc\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
io_submit(0x0, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYRES64=r3], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
connect$netlink(r5, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r5, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x18, 0x30, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0)
ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f00000012c0)={0x7b, 0x2, 0x4, 0x9, 0x3cf})
flock(r3, 0x8)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0})
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0)
write(r7, &(0x7f0000000000)="fa", 0xfffffdef)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
madvise(&(0x7f000000b000/0x3000)=nil, 0x3000, 0x3)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000080)='./file1\x00', 0x10, &(0x7f0000001380)={[], [{@flag='ro'}, {@appraise_type}, {@appraise_type}, {@euid_gt}, {@seclabel}, {@uid_gt}, {@euid_lt}]}, 0x1, 0x4ef, &(0x7f0000000a00)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W")
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000002c0)=""/4095}, 0x20)

507.606748ms ago: executing program 4 (id=4720):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000180)={0x4, 0x0, 0xffff, 0x3, 0x1, 0x0, 0x0, 0x36a, 0x20003f})
r0 = open(&(0x7f0000000380)='./file1\x00', 0x109042, 0x0)
fallocate(r0, 0x0, 0x0, 0x7000000)
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080))
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

335.258899ms ago: executing program 4 (id=4723):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', <r2=>0x0})
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000001c0)=0x100, 0x4)
sendto$packet(r0, &(0x7f0000000180)="10030600e0ff020004004788aa96a13bb100001100007fca1a00", 0x10608, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14)

307.756019ms ago: executing program 36 (id=4723):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', <r2=>0x0})
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000001c0)=0x100, 0x4)
sendto$packet(r0, &(0x7f0000000180)="10030600e0ff020004004788aa96a13bb100001100007fca1a00", 0x10608, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14)

176.644729ms ago: executing program 6 (id=4728):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000001c0)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = dup2(r1, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
setpriority(0x1, 0x0, 0xfffffffffffffff7)
syz_emit_ethernet(0x0, 0x0, 0x0)

176.554239ms ago: executing program 37 (id=4728):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000001c0)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = dup2(r1, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
setpriority(0x1, 0x0, 0xfffffffffffffff7)
syz_emit_ethernet(0x0, 0x0, 0x0)

110.9609ms ago: executing program 7 (id=4731):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000006"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4e, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x1, 0x0, 0x7ffc0001}]})
set_tid_address(0x0)

103.07593ms ago: executing program 7 (id=4732):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b701000000000000850000006d00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
getsockopt$IP_SET_OP_GET_BYINDEX(0xffffffffffffffff, 0x1, 0x53, 0x0, &(0x7f00000001c0))
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xb, 0xa, 0x5, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0), &(0x7f00000003c0), 0x3f, r1}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0x57fc554e, r1}, 0x38)

94.31606ms ago: executing program 7 (id=4733):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x1, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
clock_adjtime(0x0, &(0x7f0000000680)={0x19b1, 0x0, 0x0, 0x0, 0x0, 0x3, 0xffffffffffffffff, 0x0, 0x10000, 0xe5, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf4b})

44.65205ms ago: executing program 7 (id=4734):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000800)={'syz1\x00', {0x0, 0xeb5}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x7fff], [0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffc00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5], [0x0, 0x8, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0xfffffaf6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe]}, 0x45c)
r1 = dup(r0)
ioctl$UI_DEV_CREATE(r1, 0x5501)
write$uinput_user_dev(r1, &(0x7f0000000080)={'syz0\x00', {}, 0xfffffffe, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x8, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x1], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x4, 0x10000, 0x0, 0x0, 0x0, 0x1, 0x8000000, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffc], [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x4, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9], [0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x800, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x8000, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe]}, 0x45c)
read$FUSE(r1, 0x0, 0x18)

44.26732ms ago: executing program 1 (id=4735):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000001880)={'wg1\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000fc0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001440)=ANY=[@ANYBLOB="d8000000", @ANYRES16=r3, @ANYBLOB="290a00000000000000000100000008000100", @ANYRES32=r2, @ANYBLOB="0800050001000000b4000880"], 0xd8}}, 0x0)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)={0x24, r3, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_LISTEN_PORT={0x6}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r2}]}, 0x24}}, 0x0)

27.147ms ago: executing program 7 (id=4737):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff1100000079a4f0ff00000000b706000000000081ad64020000000000450404005400ff0f1704000001130a00b7050000010000006a0af2fe0000000085000000a3000000b70000000000000095000000000000003f0c54cd844a954b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129da487130d5f24bf901115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752688300000000dbc2777df150b7cdd77b85b941092314fd085f1b1b2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1efc5f9094fa737c28b994a8512c830fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804d4a69bf9bc5fa77ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b8498aa787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28179f09943b1b0452d1b72183aacf4a84f9130b701b81675dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fd80f3876acb45821d0c48fb657c29b309c73f0977e7cde65a89d9458aac2795b2b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d2665016ac59dd20fde0745db06753a7ac7fe13cab6692422a47e9ffe2d4a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2084bb5d4045c9585638c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a3894696082417304fff0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bdb539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572ac45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af00200f900cd1d0000002000000001c800000000000000000000000928ee53595a779d243a48cea769470424d28804c024ab81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee78ebf9ef40662d7836961a8de6f2d252c566f5ee934c679dbfae9fb4a79f8a836804ed3a1079b0282a12043408816eae08cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c74f20675eb7819441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005391577f480000ea65559eb00e2b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cdfba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2f085185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5d81e710d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d3fcd116bce9c764c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d4ac534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f0300000000000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca396eeec1f53bb0bc1bc9ce45bb671f2dea5eafc74551cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b847e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247fde46ad265983eb1b1c6adb1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0c5605000063902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f617396c18cc7130000fc000000210000006e00002000000000000027c9a46157a3ffff6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4472b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc4c860495b240e80063bde261fd000000000072f6df342f3e7071e28ef6806b6b0d3958f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2b3a113e47edf76f7d116d2b0976cf2ec447c0309316d1dd315003b7a6a5433a2bb560ae99ec4b227eda2e63a1c31a2c2bd48a80500e92b6524e0cd8020ecaa34e19e7194d1eb3de6a5f99f301f89c2ee627e949c68b7a4a426a996d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273061fc5c0e0a33db7f2d43ea8086cf059f40fa2645944cd9e7f2e6ef5f1e3a94b108eb9750b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6e9a84aebe025c8a7f65819f397574db7ab01bd2b3e3cd28c5aec50f8edfe39a00bafd688a7eea04efdeed96f67012bc3f795edb68b5dec80ad31a858e13e8f0ba9d1dec469dc71e998d99ebf7cfda638d7ce859acfec3f14ec2aa98b53cd68a0d99d62a5620b7c0f61dc386c449664a94bca09859a35760b7b818087347697c239990daec8384a12d973d5470efe5dae887be689c6b1551f4c5a649d9dc563d7049c91453facecbee789a1d5a4896b2b7bec3ec5e60c4916e5561888502a12f4985f9c7dab41cbf31c26cd12d5116de95b521a57408adbbac278be82fef3f9d8a51385b376b57e20be83e7b27460729a626250ccd7982eba588f86195e15119eca569bebba8514e5bfcbe51f1a628793b4ed4424c95a731628fa38e167b79affcd50b561d3a9cb4bea872d9e5a06a4201fd09eecfe283854837a65ecf8cd6cdaad4bf223db323de9d4854d66d324a0d125e3ebe2ed3c78e47392962860de6bb86759406e74335443407d9ee7d4a4430b60b6ef369604e1282b0c1aa8d4b18e8db32a0eeaaabc7f7b5c49bd88cfe860f69f5510179d867970f975169591908282cd4367f82e62e3fa37876f30934c23dc2d02a0c25839f008ec099503c8d1b3169aa9c5a7db7f0116d203ac6503596c3a5b063c28f84c9eb4200000000000000000000000000000000000009f491210abc6ed14c49e22898d449d435f7e0e94a6b8b37924f725c47d17471ea258133681ff4dca50beba02eacfe0910c1676bdff06e737e0d12878ab5366985c0e8245864b3abd02e81ba0638e4de4b2f62098108535546b58ae8baee1fcc301a3b4101588e60f6f7678b82aa80e37832a2f49744d23e3a11bd2282ec7ff3400e8748f91e247b80e1b65400"/3088], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040), 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r3 = dup(r2)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)={r3, r1, 0x25, 0x4, @val=@tracing={0x0, 0x8}}, 0x20)
syz_emit_ethernet(0x3e, &(0x7f00000002c0)=ANY=[], 0x0)

15.694271ms ago: executing program 1 (id=4738):
bpf$MAP_CREATE(0x0, &(0x7f0000001500)=ANY=[@ANYBLOB="0600000004000000080000000c0000", @ANYRES32, @ANYRES64, @ANYRES32, @ANYBLOB='\x00'/25], 0x48)
r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802)
clock_gettime(0x0, &(0x7f0000000000)={<r1=>0x0, <r2=>0x0})
write$evdev(r0, &(0x7f0000001440)=[{{}, 0x0, 0xebdf, 0x1}, {{0x77359400}, 0x2, 0xe, 0x5}, {{r1, r2/1000+10000}, 0x5, 0x0, 0x98}], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0xffffffffffffffff, 0x0, &(0x7f00000014c0)=0x800)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000016c0)=ANY=[@ANYBLOB="180000000069000000", @ANYRES32=0x0, @ANYRES8=0x0, @ANYRES16, @ANYRESDEC=0x0, @ANYBLOB], &(0x7f0000001340)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000140)='mm_page_alloc\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
io_submit(0x0, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYRES64=r3], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
connect$netlink(r5, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r5, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x18, 0x30, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0)
ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f00000012c0)={0x7b, 0x2, 0x4, 0x9, 0x3cf})
flock(r3, 0x8)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0})
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0)
write(r7, &(0x7f0000000000)="fa", 0xfffffdef)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
madvise(&(0x7f000000b000/0x3000)=nil, 0x3000, 0x3)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000080)='./file1\x00', 0x10, &(0x7f0000001380)={[], [{@flag='ro'}, {@appraise_type}, {@appraise_type}, {@euid_gt}, {@seclabel}, {@uid_gt}, {@euid_lt}]}, 0x1, 0x4ef, &(0x7f0000000a00)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W")
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000002c0)=""/4095}, 0x20)

0s ago: executing program 7 (id=4739):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x3, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f00000005c0)}, 0x20)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newlink={0x64, 0x10, 0x421, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x0, 0x61}, [@IFLA_LINKINFO={0x38, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x24, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0x4}, @IFLA_GRE_OKEY={0x8, 0x5, 0xda4b}, @IFLA_GRE_ENCAP_SPORT={0x6, 0x10, 0x4e21}, @IFLA_GRE_ENCAP_DPORT={0x6}]}}}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x64}}, 0x8000)
syz_usb_connect(0x0, 0x10e, &(0x7f0000000380)=ANY=[@ANYBLOB="120100006a249f08ec1888323a3f010203010902fc0001870000000904e600030e01000006240600011005240008000d240f01000000000000a0010606241a0000000c241b000000000000ff01000424020c9024", @ANYRES16=r1], 0x0)

kernel console output (not intermixed with test programs):

etected capacity change from 0 to 512
[  513.333333][T12087] device sit0 entered promiscuous mode
[  513.341807][T12087] netlink: 'syz.6.3399': attribute type 1 has an invalid length.
[  513.349417][T12087] netlink: 1 bytes leftover after parsing attributes in process `syz.6.3399'.
[  513.367727][T12082] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[  513.375591][T12082] System zones: 0-2, 18-18, 34-34
[  513.381389][T12082] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.3397: bg 0: block 248: padding at end of block bitmap is not set
[  513.395986][T12082] EXT4-fs error (device loop4): ext4_acquire_dquot:6187: comm syz.4.3397: Failed to acquire dquot type 1
[  513.407857][T12082] EXT4-fs (loop4): 1 truncate cleaned up
[  513.413439][T12082] EXT4-fs (loop4): mounted filesystem without journal. Opts: discard,noload,,errors=continue. Quota mode: writeback.
[  513.425644][T12082] ext4 filesystem being mounted at /690/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  513.498212][T12094] bridge0: the hash_elasticity option has been deprecated and is always 16
[  513.507409][T12094] bridge0: port 3(erspan0) entered disabled state
[  513.513676][T12094] bridge0: port 2(bridge_slave_1) entered disabled state
[  513.520696][T12094] bridge0: port 1(bridge_slave_0) entered disabled state
[  513.646745][  T466] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  513.661800][T12111] loop3: detected capacity change from 0 to 2048
[  513.668230][  T466] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  513.678199][  T466] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  513.701299][  T466] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  513.710674][  T466] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  513.719568][T12119] input: syz0 as /devices/virtual/input/input30
[  513.726464][  T466] usb 2-1: config 0 descriptor??
[  513.894497][T12141] loop6: detected capacity change from 0 to 512
[  513.921093][T12144] loop3: detected capacity change from 0 to 512
[  513.921836][T12146] loop4: detected capacity change from 0 to 512
[  513.991697][T12146] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  514.000536][T12146] EXT4-fs (loop4): orphan cleanup on readonly fs
[  514.010884][T12146] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.3425: bg 0: block 248: padding at end of block bitmap is not set
[  514.025305][T12146] EXT4-fs (loop4): Remounting filesystem read-only
[  514.031750][T12146] EXT4-fs error (device loop4): ext4_acquire_dquot:6187: comm syz.4.3425: Failed to acquire dquot type 1
[  514.043187][T12146] EXT4-fs (loop4): 1 truncate cleaned up
[  514.048956][T12146] EXT4-fs (loop4): mounted filesystem without journal. Opts: data_err=abort,errors=remount-ro,quota,noblock_validity,usrquota,nomblk_io_submit,noload,nodioread_nolock,. Quota mode: writeback.
[  514.123771][T12146] EXT4-fs error (device loop4): ext4_lookup:1860: inode #2: comm syz.4.3425: deleted inode referenced: 12
[  514.211859][  T466] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0
[  514.219666][  T466] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0
[  514.227162][  T466] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0
[  514.234815][  T466] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0
[  514.248049][  T466] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0
[  514.256901][  T466] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0
[  514.264606][  T466] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0
[  514.272108][  T466] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0
[  514.279788][  T466] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0
[  514.287306][  T466] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0
[  514.296162][  T466] plantronics 0003:047F:FFFF.0018: No inputs registered, leaving
[  514.361329][  T466] plantronics 0003:047F:FFFF.0018: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  514.566967][  T466] Bluetooth: hci0: command 0x1003 tx timeout
[  514.575169][ T1956] Bluetooth: hci0: sending frame failed (-49)
[  514.587833][  T466] usb 2-1: USB disconnect, device number 28
[  514.590502][T12165] loop4: detected capacity change from 0 to 512
[  515.282812][T12180] loop6: detected capacity change from 0 to 2048
[  515.553911][T12198] loop4: detected capacity change from 0 to 128
[  515.597787][T12198] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  515.610260][T12198] ext4 filesystem being mounted at /706/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  515.691359][T12199] loop1: detected capacity change from 0 to 512
[  515.767558][T12199] EXT4-fs (loop1): Unrecognized mount option "ro" or missing value
[  515.995654][T12204] loop4: detected capacity change from 0 to 512
[  516.059527][T12204] EXT4-fs (loop4): Unrecognized mount option "ro" or missing value
[  516.105241][T12214] loop3: detected capacity change from 0 to 256
[  516.127437][T12214] exfat: Deprecated parameter 'namecase'
[  516.143060][T12214] exfat: Deprecated parameter 'utf8'
[  516.156640][T12214] exfat: Deprecated parameter 'namecase'
[  516.166685][T12214] exfat: Deprecated parameter 'utf8'
[  516.185989][T12214] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0x555ffa9e, utbl_chksum : 0xe619d30d)
[  516.518186][T12236] loop3: detected capacity change from 0 to 256
[  516.556660][  T902] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  516.646676][  T555] Bluetooth: hci0: command 0x1001 tx timeout
[  516.652864][ T1956] Bluetooth: hci0: sending frame failed (-49)
[  516.808830][T12244] loop3: detected capacity change from 0 to 512
[  516.890994][T12244] EXT4-fs (loop3): Unrecognized mount option "ro" or missing value
[  516.946712][  T902] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  516.959471][  T902] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  516.980647][  T902] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  516.993677][  T902] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  517.002568][  T902] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  517.011652][  T902] usb 2-1: config 0 descriptor??
[  517.105089][   T30] kauditd_printk_skb: 141 callbacks suppressed
[  517.105103][   T30] audit: type=1400 audit(1732154714.790:18056): avc:  denied  { write } for  pid=12245 comm="syz.3.3464" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  517.227075][T12248] loop3: detected capacity change from 0 to 40427
[  517.307140][T12248] F2FS-fs (loop3): fault_injection options not supported
[  517.318342][T12248] F2FS-fs (loop3): invalid crc value
[  517.326357][T12248] F2FS-fs (loop3): Found nat_bits in checkpoint
[  517.348746][T12248] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  517.356355][   T30] audit: type=1400 audit(1732154715.040:18057): avc:  denied  { mount } for  pid=12247 comm="syz.3.3465" name="/" dev="loop3" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  517.381687][   T30] audit: type=1400 audit(1732154715.070:18058): avc:  denied  { write } for  pid=12247 comm="syz.3.3465" name="/" dev="loop3" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  517.403436][   T30] audit: type=1400 audit(1732154715.070:18059): avc:  denied  { add_name } for  pid=12247 comm="syz.3.3465" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  517.424337][   T30] audit: type=1400 audit(1732154715.070:18060): avc:  denied  { create } for  pid=12247 comm="syz.3.3465" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=fifo_file permissive=1
[  517.424368][  T288] attempt to access beyond end of device
[  517.424368][  T288] loop3: rw=2049, want=45112, limit=40427
[  517.445226][   T30] audit: type=1400 audit(1732154715.070:18061): avc:  denied  { read write } for  pid=12247 comm="syz.3.3465" name="file0" dev="loop3" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=fifo_file permissive=1
[  517.487217][   T30] audit: type=1400 audit(1732154715.070:18062): avc:  denied  { open } for  pid=12247 comm="syz.3.3465" path="/725/file1/file0" dev="loop3" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=fifo_file permissive=1
[  517.511734][   T30] audit: type=1400 audit(1732154715.070:18063): avc:  denied  { create } for  pid=12247 comm="syz.3.3465" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  517.517928][  T902] plantronics 0003:047F:FFFF.0019: No inputs registered, leaving
[  517.532481][   T30] audit: type=1400 audit(1732154715.070:18064): avc:  denied  { read write open } for  pid=12247 comm="syz.3.3465" path="/725/file1/bus" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  517.575916][  T902] plantronics 0003:047F:FFFF.0019: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  517.576447][T12256] loop4: detected capacity change from 0 to 512
[  517.594479][   T30] audit: type=1400 audit(1732154715.070:18065): avc:  denied  { ioctl } for  pid=12247 comm="syz.3.3465" path="/725/file1/bus" dev="loop3" ino=15 ioctlcmd=0xf509 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  517.804299][  T902] usb 2-1: USB disconnect, device number 29
[  517.832743][T12260] loop3: detected capacity change from 0 to 40427
[  517.843130][T12264] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev ?, type ?) errno=-22
[  517.852675][T12264] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev tmpfs, type tmpfs) errno=-22
[  517.911540][T12260] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  517.919394][T12260] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  517.929907][T12260] F2FS-fs (loop3): Found nat_bits in checkpoint
[  517.952930][T12260] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  517.959944][T12260] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  518.156829][T12273] loop3: detected capacity change from 0 to 40427
[  518.241029][T12273] F2FS-fs (loop3): invalid crc value
[  518.247533][T12273] F2FS-fs (loop3): Found nat_bits in checkpoint
[  518.273689][T12273] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  518.300603][T12273] attempt to access beyond end of device
[  518.300603][T12273] loop3: rw=2049, want=45104, limit=40427
[  518.313028][T12273] attempt to access beyond end of device
[  518.313028][T12273] loop3: rw=0, want=45104, limit=40427
[  518.332401][  T288] attempt to access beyond end of device
[  518.332401][  T288] loop3: rw=2049, want=45112, limit=40427
[  518.437767][T12284] netlink: 104 bytes leftover after parsing attributes in process `syz.1.3478'.
[  518.561531][T12295] loop6: detected capacity change from 0 to 8192
[  518.591972][T12295] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  518.695632][T12301] loop6: detected capacity change from 0 to 512
[  518.726662][  T466] Bluetooth: hci0: command 0x1009 tx timeout
[  518.758908][T12299] loop3: detected capacity change from 0 to 512
[  518.766793][ T6849] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  518.803142][T12301] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  518.816060][T12301] ext4 filesystem being mounted at /426/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  518.833606][T12299] EXT4-fs (loop3): Unrecognized mount option "ro" or missing value
[  519.126741][ T6849] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  519.146750][ T6849] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  519.156319][ T6849] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  519.169011][ T6849] usb 2-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[  519.196628][ T6849] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  519.205075][ T6849] usb 2-1: config 0 descriptor??
[  519.345504][T12330] syz.3.3496[12330] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  519.345578][T12330] syz.3.3496[12330] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  519.384198][T12334] xt_hashlimit: max too large, truncated to 1048576
[  519.427583][T12338] netlink: 'syz.3.3500': attribute type 322 has an invalid length.
[  519.697366][ T6849] gt683r_led 0003:1770:FF00.001A: item fetching failed at offset 1/5
[  519.706149][ T6849] gt683r_led 0003:1770:FF00.001A: hid parsing failed
[  519.713062][ T6849] gt683r_led: probe of 0003:1770:FF00.001A failed with error -22
[  519.787984][T12342] loop4: detected capacity change from 0 to 256
[  519.885348][T12342] FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF
[  519.900318][  T386] usb 2-1: USB disconnect, device number 30
[  519.983791][  T902] kernel write not supported for file [eventfd] (pid: 902 comm: kworker/0:6)
[  520.157733][T12369] loop4: detected capacity change from 0 to 512
[  520.679372][T12390] loop4: detected capacity change from 0 to 512
[  521.032938][T12391] loop1: detected capacity change from 0 to 512
[  521.176936][T12392] loop3: detected capacity change from 0 to 512
[  521.207786][T12391] EXT4-fs (loop1): Unrecognized mount option "ro" or missing value
[  521.246679][T12392] EXT4-fs (loop3): Unrecognized mount option "ro" or missing value
[  521.510393][T12413] input: syz0 as /devices/virtual/input/input31
[  521.516545][T12413] input: failed to attach handler leds to device input31, error: -6
[  521.591548][T12419] loop1: detected capacity change from 0 to 512
[  521.615474][T12411] loop6: detected capacity change from 0 to 40427
[  521.625812][T12411] F2FS-fs (loop6): fault_injection options not supported
[  521.632831][T12411] F2FS-fs (loop6): fault_type options not supported
[  521.645556][T12411] F2FS-fs (loop6): invalid crc value
[  521.657206][T12411] F2FS-fs (loop6): Mismatch valid blocks 0 vs. 1
[  521.668420][T12411] F2FS-fs (loop6): Failed to initialize F2FS segment manager (-117)
[  521.696403][T12428] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3535'.
[  522.181775][   T30] kauditd_printk_skb: 79 callbacks suppressed
[  522.181791][   T30] audit: type=1400 audit(1732154719.870:18145): avc:  denied  { mount } for  pid=12444 comm="syz.1.3539" name="/" dev="ramfs" ino=58949 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  522.229519][   T30] audit: type=1400 audit(1732154719.910:18146): avc:  denied  { unmount } for  pid=12444 comm="syz.1.3539" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  522.279362][T12451] loop4: detected capacity change from 0 to 512
[  522.356642][  T555] usb 4-1: new full-speed USB device number 26 using dummy_hcd
[  522.404294][T12442] loop6: detected capacity change from 0 to 512
[  522.507903][T12442] EXT4-fs (loop6): Unrecognized mount option "ro" or missing value
[  522.660861][T12453] loop1: detected capacity change from 0 to 512
[  522.736807][  T555] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  522.756654][  T555] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  522.781478][  T555] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  522.795962][  T555] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  522.809869][  T555] usb 4-1: New USB device found, idVendor=17ef, idProduct=6085, bcdDevice= 0.00
[  522.819498][T12453] EXT4-fs (loop1): Unrecognized mount option "ro" or missing value
[  522.820614][  T555] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  522.837003][  T555] usb 4-1: config 0 descriptor??
[  522.915129][   T30] audit: type=1326 audit(1732154720.600:18147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12457 comm="syz.7.3543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8079904819 code=0x7ffc0000
[  522.939119][   T30] audit: type=1326 audit(1732154720.600:18148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12457 comm="syz.7.3543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8079904819 code=0x7ffc0000
[  522.962615][   T30] audit: type=1326 audit(1732154720.600:18149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12457 comm="syz.7.3543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7f8079904819 code=0x7ffc0000
[  523.062999][   T30] audit: type=1326 audit(1732154720.750:18150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12457 comm="syz.7.3543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f80798a01a9 code=0x7ffc0000
[  523.160114][   T30] audit: type=1326 audit(1732154720.750:18151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12457 comm="syz.7.3543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8079904819 code=0x7ffc0000
[  523.193864][   T30] audit: type=1326 audit(1732154720.750:18152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12457 comm="syz.7.3543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8079904819 code=0x7ffc0000
[  523.222658][   T30] audit: type=1400 audit(1732154720.870:18153): avc:  denied  { ioctl } for  pid=12464 comm="syz.4.3546" path="socket:[59497]" dev="sockfs" ino=59497 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  523.287136][   T30] audit: type=1400 audit(1732154720.940:18154): avc:  denied  { write } for  pid=12466 comm="syz.1.3547" path="socket:[58969]" dev="sockfs" ino=58969 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  523.312076][  T555] hid-rmi 0003:17EF:6085.001B: unknown main item tag 0x0
[  523.326817][  T555] hid-rmi 0003:17EF:6085.001B: unknown main item tag 0x0
[  523.333708][  T555] hid-rmi 0003:17EF:6085.001B: unknown main item tag 0x0
[  523.342277][T12476] syz.1.3551[12476] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  523.342362][T12476] syz.1.3551[12476] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  523.344834][  T555] hid-rmi 0003:17EF:6085.001B: unknown main item tag 0x0
[  523.375129][  T555] hid-rmi 0003:17EF:6085.001B: unknown main item tag 0x0
[  523.385877][  T555] hid-rmi 0003:17EF:6085.001B: hidraw0: USB HID v0.00 Device [HID 17ef:6085] on usb-dummy_hcd.3-1/input0
[  523.489196][T12463] loop7: detected capacity change from 0 to 40427
[  523.557465][  T555] usb 4-1: USB disconnect, device number 26
[  523.578608][T12463] F2FS-fs (loop7): invalid crc value
[  523.595798][T12463] F2FS-fs (loop7): Found nat_bits in checkpoint
[  523.657657][T12463] F2FS-fs (loop7): Start checkpoint disabled!
[  523.676686][T12463] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  523.794148][  T319] attempt to access beyond end of device
[  523.794148][  T319] loop7: rw=2049, want=40984, limit=40427
[  523.814988][T12488] loop1: detected capacity change from 0 to 512
[  523.850060][T12488] EXT4-fs (loop1): Unrecognized mount option "ro" or missing value
[  524.070998][T12527] loop7: detected capacity change from 0 to 256
[  524.127249][T12527] exfat: Deprecated parameter 'utf8'
[  524.138904][T12527] exfat: Deprecated parameter 'namecase'
[  524.144402][T12527] exfat: Deprecated parameter 'utf8'
[  524.173505][T12519] loop6: detected capacity change from 0 to 40427
[  524.189610][T12527] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  524.227285][T12519] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  524.241441][T12519] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  524.259133][T12519] F2FS-fs (loop6): Found nat_bits in checkpoint
[  524.307459][T12540] loop7: detected capacity change from 0 to 512
[  524.325839][T12519] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  524.333902][T12519] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  524.336795][T12543] loop1: detected capacity change from 0 to 512
[  524.390628][T12540] EXT4-fs (loop7): can't mount with commit=184467440737095513, fs mounted w/o journal
[  524.412950][T12543] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  524.491473][T12543] EXT4-fs warning (device loop1): ext4_enable_quotas:6422: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  524.526156][T12552] loop3: detected capacity change from 0 to 128
[  524.601818][T12552] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  524.656828][T12552] ext4 filesystem being mounted at /755/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  524.667628][T12540] loop7: detected capacity change from 0 to 40427
[  524.733150][T12540] F2FS-fs (loop7): Found nat_bits in checkpoint
[  524.766252][T12576] SELinux: failed to load policy
[  524.779158][T12579] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=12579 comm=syz.3.3586
[  524.839277][T12540] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  524.892148][T12591] loop4: detected capacity change from 0 to 256
[  524.897000][T10417] attempt to access beyond end of device
[  524.897000][T10417] loop7: rw=2049, want=45104, limit=40427
[  524.903140][T12591] exfat: Deprecated parameter 'namecase'
[  524.926759][T12591] exfat: Deprecated parameter 'namecase'
[  524.944759][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  524.956869][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  524.966019][T12591] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  524.982877][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  524.992386][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.000119][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.007969][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.026696][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.034376][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.050795][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.074762][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.096974][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.104226][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.104626][T12599] loop1: detected capacity change from 0 to 256
[  525.126902][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.145255][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.159121][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.169450][T12599] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  525.181316][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.181344][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.181363][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.181382][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.246141][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.260662][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.274744][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.294262][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.295463][T12616] loop1: detected capacity change from 0 to 512
[  525.306947][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.324850][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.332820][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.346657][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.353884][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.366644][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.373851][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.383637][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.432394][  T466] hid-generic 0000:0010:0000.001C: unknown main item tag 0x0
[  525.443804][  T466] hid-generic 0000:0010:0000.001C: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  525.490747][T12623] loop6: detected capacity change from 0 to 512
[  525.845307][T12641] loop3: detected capacity change from 0 to 512
[  525.865374][T12645] syz.4.3620[12645] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  525.865451][T12645] syz.4.3620[12645] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  525.878715][T12645] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=12645 comm=syz.4.3620
[  526.263707][T12641] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  526.283032][T12641] ext4 filesystem being mounted at /759/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  526.389664][T12675] loop3: detected capacity change from 0 to 512
[  526.497260][T12682] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3635'.
[  526.667042][T12682] netlink: 148 bytes leftover after parsing attributes in process `syz.1.3635'.
[  526.770088][T12701] loop4: detected capacity change from 0 to 512
[  526.838416][T12701] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[  526.850618][T12701] ext4 filesystem being mounted at /764/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  527.016630][  T386] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  527.203658][T12706] loop4: detected capacity change from 0 to 131072
[  527.238291][   T30] kauditd_printk_skb: 177 callbacks suppressed
[  527.238307][   T30] audit: type=1326 audit(1732154724.930:18331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12707 comm="syz.3.3645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69452be819 code=0x7ffc0000
[  527.268266][   T30] audit: type=1326 audit(1732154724.930:18332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12707 comm="syz.3.3645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69452be819 code=0x7ffc0000
[  527.292377][   T30] audit: type=1326 audit(1732154724.930:18333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12707 comm="syz.3.3645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7f69452be819 code=0x7ffc0000
[  527.321518][T12706] F2FS-fs (loop4): invalid crc value
[  527.333877][   T30] audit: type=1326 audit(1732154724.930:18334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12707 comm="syz.3.3645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69452be819 code=0x7ffc0000
[  527.358838][   T30] audit: type=1326 audit(1732154724.930:18335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12707 comm="syz.3.3645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69452be819 code=0x7ffc0000
[  527.358899][T12706] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387)
[  527.404825][T12706] F2FS-fs (loop4): Mounted with checkpoint version = 753bd00b
[  527.486754][  T386] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  527.497580][  T386] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  527.507410][  T386] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  527.520644][  T386] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  527.529705][  T386] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  527.542028][  T386] usb 2-1: config 0 descriptor??
[  527.570685][T12720] loop4: detected capacity change from 0 to 512
[  527.586678][  T466] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  528.431571][  T466] usb 4-1: Using ep0 maxpacket: 16
[  528.527637][   T30] audit: type=1400 audit(1732154726.220:18336): avc:  denied  { mounton } for  pid=12738 comm="syz.7.3653" path="/116/file0" dev="tmpfs" ino=666 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  528.546707][  T466] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  528.560573][  T466] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  528.597689][   T30] audit: type=1400 audit(1732154726.290:18337): avc:  denied  { write } for  pid=12744 comm="syz.4.3657" name="001" dev="devtmpfs" ino=177 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  528.624251][   T30] audit: type=1326 audit(1732154726.290:18338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12742 comm="syz.7.3656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8079904819 code=0x7ffc0000
[  528.636814][T12747] loop7: detected capacity change from 0 to 1024
[  528.654738][   T30] audit: type=1326 audit(1732154726.290:18339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12742 comm="syz.7.3656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8079904819 code=0x7ffc0000
[  528.678635][T12748] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  528.687005][  T386] plantronics 0003:047F:FFFF.001D: No inputs registered, leaving
[  528.695641][T12747] EXT4-fs (loop7): Ignoring removed orlov option
[  528.698139][   T30] audit: type=1326 audit(1732154726.290:18340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12742 comm="syz.7.3656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f8079904819 code=0x7ffc0000
[  528.702218][T12747] EXT4-fs (loop7): Ignoring removed nomblk_io_submit option
[  528.736720][  T386] plantronics 0003:047F:FFFF.001D: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  528.736828][  T466] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  528.765041][  T466] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  528.774196][  T466] usb 4-1: Product: syz
[  528.778555][  T466] usb 4-1: Manufacturer: syz
[  528.782973][  T466] usb 4-1: SerialNumber: syz
[  528.787785][T12747] EXT4-fs (loop7): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,init_itable,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  528.814880][T12750] loop4: detected capacity change from 0 to 512
[  529.087373][ T6849] usb 2-1: USB disconnect, device number 31
[  529.240686][T12771] loop7: detected capacity change from 0 to 128
[  529.306731][  T466] usb 4-1: 0:2 : does not exist
[  529.384678][T12773] loop7: detected capacity change from 0 to 16
[  529.467163][T12773] erofs: (device loop7): erofs_read_inode: unsupported chunk format 7fff of nid 36
[  529.512231][T12776] loop6: detected capacity change from 0 to 256
[  529.577206][T12776] FAT-fs (loop6): Unrecognized mount option "ÿÿI[C`òøzIŒƒ½ZXÄE§Js" or missing value
[  529.677808][T12787] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=12787 comm=syz.1.3673
[  529.741073][  T386] usb 4-1: USB disconnect, device number 27
[  529.744451][T12792] loop6: detected capacity change from 0 to 2048
[  529.795765][T12792] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  529.829333][T12792] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  529.844180][T12792] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 33 with error 28
[  529.857063][T12792] EXT4-fs (loop6): This should not happen!! Data will be lost
[  529.857063][T12792] 
[  529.866622][T12792] EXT4-fs (loop6): Total free blocks count 0
[  529.872401][T12792] EXT4-fs (loop6): Free/Dirty block details
[  529.878240][T12792] EXT4-fs (loop6): free_blocks=2415919104
[  529.884000][T12792] EXT4-fs (loop6): dirty_blocks=64
[  529.888989][T12792] EXT4-fs (loop6): Block reservation details
[  529.894790][T12792] EXT4-fs (loop6): i_reserved_data_blocks=4
[  529.901071][T12805] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 33 with error 28
[  529.923445][T12805] EXT4-fs (loop6): This should not happen!! Data will be lost
[  529.923445][T12805] 
[  529.978850][T12809] loop4: detected capacity change from 0 to 512
[  530.005726][T12815] syz.6.3684[12815] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  530.005819][T12815] syz.6.3684[12815] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  530.069405][T12819] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3687'.
[  530.160054][T12825] loop6: detected capacity change from 0 to 1024
[  530.340983][T12825] EXT4-fs (loop6): Ignoring removed orlov option
[  530.366250][T12825] EXT4-fs (loop6): Ignoring removed nomblk_io_submit option
[  530.457318][T12825] EXT4-fs (loop6): mounted filesystem without journal. Opts: noblock_validity,noload,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  530.570008][T12842] loop7: detected capacity change from 0 to 2048
[  530.626835][T12842] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  530.651697][T12842] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  530.671568][T12842] EXT4-fs warning (device loop7): ext4_resize_begin:83: There are errors in the filesystem, so online resizing is not allowed
[  530.784464][T12870] loop7: detected capacity change from 0 to 2048
[  530.877759][T12870] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  530.902600][T12884] loop4: detected capacity change from 0 to 512
[  530.909361][T12870] ext4 filesystem being mounted at /132/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  530.977824][T12884] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  531.007845][T12884] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  531.047019][T12884] EXT4-fs (loop4): 1 truncate cleaned up
[  531.052492][T12884] EXT4-fs (loop4): mounted filesystem without journal. Opts: lazytime,resuid=0x000000000000ee01,debug_want_extra_isize=0x000000000000002e,nombcache,quota,quota,,errors=continue. Quota mode: writeback.
[  531.070017][T12813] loop1: detected capacity change from 0 to 131072
[  531.080323][T12891] loop6: detected capacity change from 0 to 1024
[  531.128185][T12813] F2FS-fs (loop1): invalid crc value
[  531.135222][T12891] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  531.136813][ T3821] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  531.158658][T12813] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387)
[  531.188808][T12902] syz.4.3720[12902] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  531.188893][T12902] syz.4.3720[12902] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  531.247147][T12891] EXT4-fs error (device loop6): ext4_get_journal_inode:5150: inode #32: comm syz.6.3718: iget: special inode unallocated
[  531.346695][T12813] F2FS-fs (loop1): Mounted with checkpoint version = 753bd00b
[  531.361674][T12907] loop7: detected capacity change from 0 to 2048
[  531.396709][T12891] EXT4-fs (loop6): no journal found
[  531.401749][T12891] EXT4-fs (loop6): can't get journal size
[  531.476927][T12891] EXT4-fs error (device loop6): ext4_protect_reserved_inode:160: inode #32: comm syz.6.3718: iget: special inode unallocated
[  531.506928][ T3821] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  531.518213][T12891] EXT4-fs (loop6): failed to initialize system zone (-117)
[  531.525287][T12891] EXT4-fs (loop6): mount failed
[  531.576639][ T3821] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  531.631534][T12907] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  531.640108][ T3821] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  531.689630][T12907] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  531.691712][ T3821] usb 4-1: New USB device found, idVendor=056a, idProduct=00dd, bcdDevice= 0.00
[  531.704591][T12907] EXT4-fs (loop7): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  531.725456][T12907] EXT4-fs (loop7): This should not happen!! Data will be lost
[  531.725456][T12907] 
[  531.735307][T12907] EXT4-fs (loop7): Total free blocks count 0
[  531.741356][T12907] EXT4-fs (loop7): Free/Dirty block details
[  531.747147][T12907] EXT4-fs (loop7): free_blocks=2415919104
[  531.752695][T12907] EXT4-fs (loop7): dirty_blocks=16
[  531.757686][T12907] EXT4-fs (loop7): Block reservation details
[  531.757888][ T3821] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  531.763446][T12907] EXT4-fs (loop7): i_reserved_data_blocks=1
[  531.821484][ T3821] usb 4-1: config 0 descriptor??
[  531.834983][T12921] loop6: detected capacity change from 0 to 2048
[  531.908466][T12921] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  531.960949][T12921] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  531.989728][T12921] EXT4-fs (loop6): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  532.032493][T12921] EXT4-fs (loop6): This should not happen!! Data will be lost
[  532.032493][T12921] 
[  532.041117][T12941] loop1: detected capacity change from 0 to 512
[  532.052096][T12921] EXT4-fs (loop6): Total free blocks count 0
[  532.058188][T12921] EXT4-fs (loop6): Free/Dirty block details
[  532.064154][T12921] EXT4-fs (loop6): free_blocks=2415919104
[  532.070057][T12921] EXT4-fs (loop6): dirty_blocks=16
[  532.074974][T12921] EXT4-fs (loop6): Block reservation details
[  532.081108][T12921] EXT4-fs (loop6): i_reserved_data_blocks=1
[  532.149008][T12941] EXT4-fs (loop1): mounted filesystem without journal. Opts: user_xattr,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  532.165384][T12941] ext4 filesystem being mounted at /737/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  532.296954][T12945] loop6: detected capacity change from 0 to 40427
[  532.317623][ T3821] wacom 0003:056A:00DD.001E: unknown main item tag 0x0
[  532.324350][ T3821] wacom 0003:056A:00DD.001E: unknown main item tag 0x0
[  532.331118][ T3821] wacom 0003:056A:00DD.001E: unknown main item tag 0x1
[  532.341189][T12945] F2FS-fs (loop6): Insane cp_payload (553648128 >= 504)
[  532.349888][T12945] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  532.358069][ T3821] wacom 0003:056A:00DD.001E: unknown main item tag 0x0
[  532.365515][ T3821] wacom 0003:056A:00DD.001E: unknown main item tag 0x0
[  532.372772][T12945] F2FS-fs (loop6): invalid crc value
[  532.378334][ T3821] wacom 0003:056A:00DD.001E: Unknown device_type for 'HID 056a:00dd'. Assuming pen.
[  532.388432][T12945] F2FS-fs (loop6): Found nat_bits in checkpoint
[  532.397199][ T3821] wacom 0003:056A:00DD.001E: hidraw0: USB HID v0.00 Device [HID 056a:00dd] on usb-dummy_hcd.3-1/input0
[  532.417412][ T3821] input: Wacom Bamboo Connect Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:056A:00DD.001E/input/input32
[  532.438174][   T30] kauditd_printk_skb: 114 callbacks suppressed
[  532.438187][   T30] audit: type=1400 audit(1732154730.130:18455): avc:  denied  { read } for  pid=86 comm="acpid" name="event3" dev="devtmpfs" ino=2426 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  532.447049][T12945] F2FS-fs (loop6): Start checkpoint disabled!
[  532.471379][   T30] audit: type=1400 audit(1732154730.130:18456): avc:  denied  { open } for  pid=86 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=2426 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  532.502233][T12945] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  532.509247][T12945] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  532.517146][   T30] audit: type=1400 audit(1732154730.210:18457): avc:  denied  { ioctl } for  pid=86 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=2426 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  532.579603][  T386] usb 4-1: USB disconnect, device number 28
[  532.599694][  T408] attempt to access beyond end of device
[  532.599694][  T408] loop6: rw=1, want=53256, limit=40427
[  532.616090][  T408] attempt to access beyond end of device
[  532.616090][  T408] loop6: rw=2049, want=40992, limit=40427
[  532.748371][   T30] audit: type=1400 audit(1732154730.440:18458): avc:  denied  { create } for  pid=12961 comm="syz.4.3741" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  532.770459][   T30] audit: type=1400 audit(1732154730.460:18459): avc:  denied  { connect } for  pid=12961 comm="syz.4.3741" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  532.812851][T12964] loop4: detected capacity change from 0 to 512
[  532.859839][T12958] loop6: detected capacity change from 0 to 40427
[  532.889065][T12964] EXT4-fs (loop4): Mount option "journal_async_commit" incompatible with ext2
[  532.947001][T12958] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  532.954723][T12958] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  532.963898][T12958] F2FS-fs (loop6): invalid crc value
[  532.970672][T12958] F2FS-fs (loop6): Found nat_bits in checkpoint
[  532.983556][T12964] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3742'.
[  533.012098][   T30] audit: type=1400 audit(1732154730.700:18460): avc:  denied  { write } for  pid=12968 comm="syz.4.3743" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  533.043035][T12958] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  533.051088][T12958] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  533.081690][   T30] audit: type=1400 audit(1732154730.770:18461): avc:  denied  { remove_name } for  pid=12957 comm="syz.6.3739" name="file1" dev="loop6" ino=455 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  533.105744][   T30] audit: type=1400 audit(1732154730.770:18462): avc:  denied  { rename } for  pid=12957 comm="syz.6.3739" name="file1" dev="loop6" ino=455 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  533.138590][   T30] audit: type=1400 audit(1732154730.820:18463): avc:  denied  { read } for  pid=12973 comm="syz.3.3745" name="event0" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  533.165496][   T30] audit: type=1400 audit(1732154730.820:18464): avc:  denied  { open } for  pid=12973 comm="syz.3.3745" path="/dev/input/event0" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  533.190953][  T408] F2FS-fs (loop6): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  533.207806][  T408] F2FS-fs (loop6): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  533.208733][T12976] overlayfs: failed to clone upperpath
[  533.225286][T12978] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  533.263642][T12980] loop3: detected capacity change from 0 to 2048
[  533.289688][T12980] EXT4-fs (loop3): Ignoring removed orlov option
[  533.319122][T12980] EXT4-fs (loop3): mounted filesystem without journal. Opts: orlov,errors=remount-ro,. Quota mode: none.
[  533.336745][ T3821] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  533.378245][  T408] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  533.407000][  T408] EXT4-fs (loop3): Remounting filesystem read-only
[  533.453766][T12993] device veth0_to_team entered promiscuous mode
[  533.513483][T12998] loop6: detected capacity change from 0 to 1024
[  533.553707][T12989] loop1: detected capacity change from 0 to 512
[  533.564193][T12989] EXT4-fs (loop1): Unrecognized mount option "ro" or missing value
[  533.598377][T12998] EXT4-fs (loop6): mounted filesystem without journal. Opts: jqfmt=vfsv1,bsddf,barrier=0x0000000000000000,norecovery,debug_want_extra_isize=0x0000000000000080,resuid=0x0000000000000000,nodelalloc,acl,abort,,errors=continue. Quota mode: none.
[  533.716737][ T3821] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  533.727890][ T3821] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 16
[  533.896826][ T3821] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  533.910316][ T3821] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  533.919272][ T3821] usb 5-1: Product: syz
[  533.923675][ T3821] usb 5-1: Manufacturer: syz
[  533.928357][ T3821] usb 5-1: SerialNumber: syz
[  533.966436][T13021] loop1: detected capacity change from 0 to 256
[  534.171926][T13027] syz.1.3766[13027] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  534.172014][T13027] syz.1.3766[13027] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  534.174004][T12972] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  534.360362][T13036] loop3: detected capacity change from 0 to 512
[  534.448292][T13036] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,nouid32,minixdf,,errors=continue. Quota mode: writeback.
[  534.462130][T13036] ext4 filesystem being mounted at /780/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  534.555099][T13037] loop1: detected capacity change from 0 to 512
[  534.610118][T13051] loop3: detected capacity change from 0 to 256
[  534.617546][T13037] EXT4-fs (loop1): Unrecognized mount option "ro" or missing value
[  534.668860][T13055] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3777'.
[  534.751205][T13061] blk_update_request: I/O error, dev loop13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  534.768230][T13051] incfs: ino conflict with backing FS 1
[  534.806759][T13061] F2FS-fs (loop13): Unable to read 1th superblock
[  534.816322][T13061] blk_update_request: I/O error, dev loop13, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  534.828383][T13061] F2FS-fs (loop13): Unable to read 2th superblock
[  534.909408][T13070] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0)
[  534.917922][T13070] SELinux: failed to load policy
[  535.068668][T13088] loop1: detected capacity change from 0 to 256
[  535.118609][ T3821] cdc_ncm 5-1:1.0: bind() failure
[  535.124109][ T3821] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  535.135793][ T3821] cdc_ncm 5-1:1.1: bind() failure
[  535.149954][ T3821] usb 5-1: USB disconnect, device number 27
[  535.343506][T13122] loop1: detected capacity change from 0 to 1024
[  535.464938][T13122] EXT4-fs (loop1): Ignoring removed bh option
[  535.501915][T13122] EXT4-fs (loop1): mounted filesystem without journal. Opts: nojournal_checksum,nombcache,barrier,norecovery,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,usrquota,noauto_da_alloc,bh,init_itable,,errors=continue. Quota mode: writeback.
[  535.503524][T13101] loop7: detected capacity change from 0 to 512
[  535.567601][T13142] SELinux:  Context Ü is not valid (left unmapped).
[  535.606775][T13101] EXT4-fs (loop7): Unrecognized mount option "ro" or missing value
[  535.642901][T13148] loop6: detected capacity change from 0 to 1024
[  535.647055][T13151] loop1: detected capacity change from 0 to 512
[  535.676923][T13148] SELinux: security_context_str_to_sid(user_u) failed for (dev ?, type ?) errno=-22
[  535.697465][T13148] SELinux:  duplicate or incompatible mount options
[  535.849217][T13169] loop3: detected capacity change from 0 to 1024
[  536.117380][T13169] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[  536.139277][T13176] loop4: detected capacity change from 0 to 512
[  536.153023][T13169] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,mblk_io_submit,data_err=abort,sysvgroups,,errors=continue. Quota mode: writeback.
[  536.214448][T13176] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.3831: bg 0: block 248: padding at end of block bitmap is not set
[  536.247480][T13176] EXT4-fs error (device loop4): ext4_acquire_dquot:6187: comm syz.4.3831: Failed to acquire dquot type 1
[  536.260522][T13176] EXT4-fs (loop4): 1 truncate cleaned up
[  536.266128][T13176] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  536.277471][T13176] ext4 filesystem being mounted at /796/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  536.309088][  T408] EXT4-fs error (device loop4): ext4_release_dquot:6210: comm kworker/u4:4: Failed to release dquot type 1
[  536.355288][T13160] loop6: detected capacity change from 0 to 512
[  536.357688][T13187] loop3: detected capacity change from 0 to 1024
[  536.417201][T13187] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[  536.435340][T13187] EXT4-fs (loop3): Unrecognized mount option "smackfstransmute=" or missing value
[  536.467134][T13160] EXT4-fs (loop6): Unrecognized mount option "ro" or missing value
[  536.605344][T13204] loop3: detected capacity change from 0 to 2048
[  536.650402][T13211] netlink: 'syz.4.3846': attribute type 34 has an invalid length.
[  536.697587][T13217] loop6: detected capacity change from 0 to 16
[  536.698800][T13215] loop4: detected capacity change from 0 to 1024
[  536.718231][T13204] EXT4-fs (loop3): Ignoring removed bh option
[  536.738327][T13204] EXT4-fs (loop3): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000000000,bsddf,bh,usrjquota=,journal_ioprio=0x0000000000000001,noinit_itable,,errors=continue. Quota mode: none.
[  536.767639][T13217] erofs: (device loop6): mounted with root inode @ nid 36.
[  536.775248][T13215] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  536.816055][T13205] loop1: detected capacity change from 0 to 512
[  536.832400][T13215] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,barrier,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,noquota,nogrpid,noauto_da_alloc,mblk_io_submit,,errors=continue. Quota mode: none.
[  536.888826][T13229] loop6: detected capacity change from 0 to 512
[  536.889608][T13205] EXT4-fs (loop1): Unrecognized mount option "ro" or missing value
[  537.457330][T13249] loop1: detected capacity change from 0 to 512
[  537.479033][T13249] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  537.505910][T13247] loop3: detected capacity change from 0 to 512
[  537.516793][T13249] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_dir_size_kb=0x000000007fffffff,noquota,data_err=ignore,dioread_nolock,max_batch_time=0x0000000000000008,,errors=continue. Quota mode: writeback.
[  537.544752][   T30] kauditd_printk_skb: 195 callbacks suppressed
[  537.544766][   T30] audit: type=1400 audit(1732154735.230:18657): avc:  denied  { unmount } for  pid=10417 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  537.580202][T13249] ext4 filesystem being mounted at /765/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  537.591697][T13247] EXT4-fs (loop3): Unrecognized mount option "ro" or missing value
[  537.594415][   T30] audit: type=1400 audit(1732154735.240:18658): avc:  denied  { write } for  pid=83 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  537.621665][   T30] audit: type=1400 audit(1732154735.240:18659): avc:  denied  { remove_name } for  pid=83 comm="syslogd" name="messages" dev="tmpfs" ino=12 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  537.640196][T13249] EXT4-fs error (device loop1): ext4_empty_dir:3134: inode #12: comm syz.1.3860: invalid size
[  537.645856][   T30] audit: type=1400 audit(1732154735.240:18660): avc:  denied  { rename } for  pid=83 comm="syslogd" name="messages" dev="tmpfs" ino=12 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  537.676536][   T30] audit: type=1400 audit(1732154735.240:18661): avc:  denied  { add_name } for  pid=83 comm="syslogd" name="messages.0" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  537.699130][   T30] audit: type=1400 audit(1732154735.240:18662): avc:  denied  { unlink } for  pid=83 comm="syslogd" name="messages.0" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  537.726762][   T30] audit: type=1400 audit(1732154735.240:18663): avc:  denied  { create } for  pid=83 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  537.785810][   T30] audit: type=1400 audit(1732154735.280:18664): avc:  denied  { write } for  pid=13254 comm="syz.7.3861" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  537.823943][   T30] audit: type=1400 audit(1732154735.320:18665): avc:  denied  { rename } for  pid=13248 comm="syz.1.3860" name=131377C5FC35D41454D5D41D29AD1A6029598146E6BE166E41AD0DBD4054033C9F33BBDA8224A2F3D772E7636E48B33CBF708372E8F1B9933EC5127743BE2206209EF02DF9CBF2F6E880D338 dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  537.860277][T13257] incfs: Error accessing: ./file0.
[  537.887424][T13257] incfs: mount failed -20
[  537.905050][   T30] audit: type=1400 audit(1732154735.320:18666): avc:  denied  { rmdir } for  pid=13248 comm="syz.1.3860" name="file0" dev="loop1" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  537.952555][T13271] loop1: detected capacity change from 0 to 128
[  537.965937][T13271] EXT4-fs (loop1): Ignoring removed nobh option
[  537.973940][T13271] EXT4-fs (loop1): mounted filesystem without journal. Opts: nobh,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[  537.988859][T13271] ext4 filesystem being mounted at /767/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  538.043686][T13274] syz.7.3870[13274] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  538.043770][T13274] syz.7.3870[13274] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  538.098532][T13278] loop1: detected capacity change from 0 to 512
[  538.141480][T13278] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  538.147605][T13282] rtc_cmos 00:00: Alarms can be up to one day in the future
[  538.220396][T13291] loop7: detected capacity change from 0 to 256
[  538.281872][T13303] loop1: detected capacity change from 0 to 512
[  538.291112][T13291] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  538.332154][T13307] loop3: detected capacity change from 0 to 2048
[  538.368022][T13303] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,auto_da_alloc,minixdf,,errors=continue. Quota mode: writeback.
[  538.393389][T13303] ext4 filesystem being mounted at /774/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  538.426756][T13307] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  538.483013][T13311] loop4: detected capacity change from 0 to 512
[  538.497551][T13317] loop1: detected capacity change from 0 to 1024
[  538.510083][T13319] SELinux: failed to load policy
[  538.527280][T13317] JBD2: no valid journal superblock found
[  538.534014][T13317] EXT4-fs (loop1): error loading journal
[  538.540078][T13311] EXT4-fs (loop4): Unrecognized mount option "ro" or missing value
[  538.683340][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  538.695514][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  538.714044][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  538.733184][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  538.743273][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  538.763470][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  538.773578][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  538.793778][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  538.803880][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  538.813966][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  538.821244][  T902] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  538.834066][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  538.847880][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  538.862540][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  538.876363][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  538.889084][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  538.903945][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  538.918815][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  538.933191][T13335] loop7: detected capacity change from 0 to 512
[  538.939415][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  538.951115][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  538.959022][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  538.959095][T13335] EXT4-fs (loop7): Unrecognized mount option "ro" or missing value
[  538.974167][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  538.981426][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  538.989016][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  538.996415][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  539.003924][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  539.011385][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  539.018942][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  539.026330][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  539.033802][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  539.041302][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  539.048786][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  539.056185][    T6] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  539.066758][  T902] usb 4-1: Using ep0 maxpacket: 16
[  539.072562][    T6] hid-generic 0000:0000:0000.001F: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  539.109581][T13337] loop1: detected capacity change from 0 to 512
[  539.366742][  T902] usb 4-1: New USB device found, idVendor=0456, idProduct=f000, bcdDevice=f3.7f
[  539.375605][  T902] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  539.383624][  T902] usb 4-1: Product: syz
[  539.396608][  T902] usb 4-1: Manufacturer: syz
[  539.401031][  T902] usb 4-1: SerialNumber: syz
[  539.413821][  T902] usb 4-1: config 0 descriptor??
[  539.457227][  T902] ftdi_sio 4-1:0.0: Ignoring interface reserved for JTAG
[  539.657001][T13366] loop1: detected capacity change from 0 to 512
[  539.667851][    T6] usb 4-1: USB disconnect, device number 29
[  539.731700][T13366] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  539.757164][T13366] EXT4-fs (loop1): 1 truncate cleaned up
[  539.762632][T13366] EXT4-fs (loop1): mounted filesystem without journal. Opts: i_version,nombcache,debug_want_extra_isize=0x0000000000000006,lazytime,noblock_validity,quota,,errors=continue. Quota mode: writeback.
[  539.787873][T13366] EXT4-fs (loop1): re-mounted. Opts: (null). Quota mode: writeback.
[  539.796886][T13366] EXT4-fs (loop1): re-mounted. Opts: (null). Quota mode: writeback.
[  539.875747][T13382] loop1: detected capacity change from 0 to 512
[  540.136613][  T555] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  540.286400][T13398] loop3: detected capacity change from 0 to 1024
[  540.298765][T13398] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  540.376450][T13403] SELinux: failed to load policy
[  540.433783][T13412] device gretap0 entered promiscuous mode
[  540.439724][T13412] device macsec1 entered promiscuous mode
[  540.496703][  T555] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  540.507522][  T555] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  540.517672][  T555] usb 5-1: New USB device found, idVendor=06cb, idProduct=73f5, bcdDevice= 0.00
[  540.526516][  T555] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  540.535727][  T555] usb 5-1: config 0 descriptor??
[  540.605842][T13420] loop1: detected capacity change from 0 to 40427
[  540.687006][T13420] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  540.694740][T13420] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  540.703830][T13420] F2FS-fs (loop1): invalid crc value
[  540.710427][T13420] F2FS-fs (loop1): Found nat_bits in checkpoint
[  540.733168][T13420] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  540.740153][T13420] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  540.900468][T13435] loop1: detected capacity change from 0 to 512
[  540.923977][T13437] syz.6.3933[13437] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  540.924033][T13437] syz.6.3933[13437] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  540.927582][T13435] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  540.969385][T13440] loop6: detected capacity change from 0 to 1024
[  540.976182][T13435] EXT4-fs (loop1): 1 orphan inode deleted
[  540.981869][T13435] EXT4-fs (loop1): 1 truncate cleaned up
[  540.987375][T13435] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,nodelalloc,debug_want_extra_isize=0x000000000000002e,inode_readahead_blks=0x0000000000010000,block_validity,quota,. Quota mode: writeback.
[  541.017397][T13435] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  541.018264][  T555] itetech 0003:06CB:73F5.0020: unknown main item tag 0x0
[  541.033059][T13440] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  541.051384][  T555] itetech 0003:06CB:73F5.0020: hidraw0: USB HID v0.00 Device [HID 06cb:73f5] on usb-dummy_hcd.4-1/input0
[  541.058260][T13435] EXT4-fs (loop1): Remounting filesystem read-only
[  541.068355][T13440] ext4 filesystem being mounted at /521/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  541.167145][T13445] loop6: detected capacity change from 0 to 4096
[  541.179815][T13445] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  541.196500][T13445] fs-verity: sha256 using implementation "sha256-avx2"
[  541.204769][T13445] fs-verity (loop6, inode 16): fs-verity keyring is empty, rejecting signed file!
[  541.235364][  T902] usb 5-1: USB disconnect, device number 28
[  541.277179][T13450] loop6: detected capacity change from 0 to 512
[  541.328882][T13447] loop1: detected capacity change from 0 to 40427
[  541.410367][T13447] F2FS-fs (loop1): Invalid Fs Meta Ino: node(1) meta(262146) root(3)
[  541.418861][T13447] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  541.467580][T13447] F2FS-fs (loop1): Found nat_bits in checkpoint
[  541.490189][T13447] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  541.497090][T13447] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  541.512434][   T10] attempt to access beyond end of device
[  541.512434][   T10] loop1: rw=2049, want=45104, limit=40427
[  542.015166][T13467] loop1: detected capacity change from 0 to 40427
[  542.087393][T13467] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  542.095023][T13467] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  542.104065][T13467] F2FS-fs (loop1): invalid crc value
[  542.110816][T13467] F2FS-fs (loop1): Found nat_bits in checkpoint
[  542.149656][T13467] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  542.158863][T13467] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  542.188893][T13467] attempt to access beyond end of device
[  542.188893][T13467] loop1: rw=2049, want=45208, limit=40427
[  542.203817][T13485] SELinux: failed to load policy
[  542.210152][  T555] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  542.239106][   T10] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  542.248761][   T10] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  542.348346][T13498] input: syz1 as /devices/virtual/input/input35
[  542.370655][T13500] loop6: detected capacity change from 0 to 512
[  542.407259][T13500] EXT4-fs (loop6): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[  542.411784][T13504] loop1: detected capacity change from 0 to 512
[  542.419806][T13500] ext4 filesystem being mounted at /529/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  542.443288][T13500] EXT4-fs error (device loop6): ext4_xattr_block_get:546: inode #15: comm syz.6.3957: corrupted xattr block 33
[  542.455226][T13500] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop6 ino=15
[  542.459629][  T555] usb 5-1: Using ep0 maxpacket: 16
[  542.470216][T13500] EXT4-fs error (device loop6): ext4_xattr_block_get:546: inode #15: comm syz.6.3957: corrupted xattr block 33
[  542.485367][T13504] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  542.501901][T13500] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop6 ino=15
[  542.514127][T13504] EXT4-fs (loop1): 1 truncate cleaned up
[  542.523185][T13504] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  542.537361][T13500] EXT4-fs error (device loop6): ext4_xattr_block_get:546: inode #15: comm syz.6.3957: corrupted xattr block 33
[  542.549114][   T30] kauditd_printk_skb: 151 callbacks suppressed
[  542.549128][   T30] audit: type=1400 audit(1732154740.230:18818): avc:  denied  { read write } for  pid=13499 comm="syz.6.3957" name="file1" dev="loop6" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  542.582158][T13500] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop6 ino=15
[  542.584259][T13510] EXT4-fs error (device loop6): ext4_xattr_block_get:546: inode #15: comm syz.6.3957: corrupted xattr block 33
[  542.606832][T13510] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop6 ino=15
[  542.612683][   T30] audit: type=1400 audit(1732154740.290:18819): avc:  denied  { open } for  pid=13499 comm="syz.6.3957" path="/529/file0/file1" dev="loop6" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  542.616521][T13510] EXT4-fs error (device loop6): ext4_xattr_block_get:546: inode #15: comm syz.6.3957: corrupted xattr block 33
[  542.650479][  T555] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  542.662973][  T555] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  542.666716][   T30] audit: type=1400 audit(1732154740.300:18820): avc:  denied  { setattr } for  pid=13499 comm="syz.6.3957" name="file1" dev="loop6" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  542.673120][  T555] usb 5-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  542.726488][  T555] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  542.726522][T13500] EXT4-fs error (device loop6): ext4_xattr_block_get:546: inode #15: comm syz.6.3957: corrupted xattr block 33
[  542.735155][  T555] usb 5-1: config 0 descriptor??
[  542.752826][T13500] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop6 ino=15
[  542.774881][T13513] loop1: detected capacity change from 0 to 256
[  542.781096][   T30] audit: type=1400 audit(1732154740.470:18821): avc:  denied  { ioctl } for  pid=13499 comm="syz.6.3957" path="/529/file0/file1" dev="loop6" ino=15 ioctlcmd=0x4c06 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  542.817662][T13513] exfat: Deprecated parameter 'namecase'
[  542.823158][T13513] exfat: Deprecated parameter 'utf8'
[  542.835263][   T30] audit: type=1326 audit(1732154740.510:18822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13516 comm="syz.7.3962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8079904819 code=0x7ffc0000
[  542.860985][T13519] loop6: detected capacity change from 0 to 256
[  542.867171][T13513] exfat: Deprecated parameter 'namecase'
[  542.872907][   T30] audit: type=1326 audit(1732154740.510:18823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13516 comm="syz.7.3962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8079904819 code=0x7ffc0000
[  542.904251][T13513] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0xe1a8932d, utbl_chksum : 0xe619d30d)
[  542.921799][T13519] FAT-fs (loop6): Directory bread(block 64) failed
[  542.923626][   T30] audit: type=1326 audit(1732154740.510:18824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13516 comm="syz.7.3962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8079904819 code=0x7ffc0000
[  542.951556][T13519] FAT-fs (loop6): Directory bread(block 65) failed
[  542.951622][T13519] FAT-fs (loop6): Directory bread(block 66) failed
[  542.967562][T13519] FAT-fs (loop6): Directory bread(block 67) failed
[  542.978748][T13519] FAT-fs (loop6): Directory bread(block 68) failed
[  542.985099][T13519] FAT-fs (loop6): Directory bread(block 69) failed
[  542.996962][T13519] FAT-fs (loop6): Directory bread(block 70) failed
[  543.003485][T13519] FAT-fs (loop6): Directory bread(block 71) failed
[  543.004307][   T30] audit: type=1326 audit(1732154740.510:18825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13516 comm="syz.7.3962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8079904819 code=0x7ffc0000
[  543.014675][T13519] FAT-fs (loop6): Directory bread(block 72) failed
[  543.043869][T13519] FAT-fs (loop6): Directory bread(block 73) failed
[  543.076348][   T30] audit: type=1326 audit(1732154740.520:18826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13516 comm="syz.7.3962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8079904819 code=0x7ffc0000
[  543.112900][   T30] audit: type=1326 audit(1732154740.520:18827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13516 comm="syz.7.3962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8079904819 code=0x7ffc0000
[  543.145680][T13533] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  543.224781][T13543] loop6: detected capacity change from 0 to 256
[  543.233306][T13541] tipc: Enabled bearer <udp:syz2>, priority 10
[  543.247728][T13543] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  543.267579][  T555] hid-multitouch 0003:1FD2:6007.0021: unknown main item tag 0x6
[  543.293126][  T555] hid-multitouch 0003:1FD2:6007.0021: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.4-1/input0
[  543.483228][T13565] loop6: detected capacity change from 0 to 1024
[  543.549955][T13565] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  543.577103][ T3821] usb 5-1: USB disconnect, device number 29
[  543.577147][T13565] EXT4-fs (loop6): orphan cleanup on readonly fs
[  543.607159][T13565] EXT4-fs error (device loop6): ext4_free_blocks:6223: comm syz.6.3982: Freeing blocks not in datazone - block = 0, count = 4096
[  543.629335][T13565] EXT4-fs (loop6): 1 orphan inode deleted
[  543.635096][  T906] Bluetooth: hci0: Frame reassembly failed (-84)
[  543.638083][T13565] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  543.751240][T13589] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  543.796147][T13593] loop6: detected capacity change from 0 to 1024
[  543.836680][  T386] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  543.848497][T13581] loop3: detected capacity change from 0 to 40427
[  543.857463][T13593] EXT4-fs (loop6): Quota format mount options ignored when QUOTA feature is enabled
[  543.867573][T13581] F2FS-fs (loop3): fault_type options not supported
[  543.876399][T13581] F2FS-fs (loop3): invalid crc value
[  543.883463][T13593] EXT4-fs (loop6): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,quota,,errors=continue. Quota mode: writeback.
[  543.917630][T13581] F2FS-fs (loop3): Found nat_bits in checkpoint
[  543.948491][T13581] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  543.979412][T13581] attempt to access beyond end of device
[  543.979412][T13581] loop3: rw=10241, want=45104, limit=40427
[  543.997569][  T288] attempt to access beyond end of device
[  543.997569][  T288] loop3: rw=2049, want=45112, limit=40427
[  544.190388][T13619] input: syz0 as /devices/virtual/input/input36
[  544.196709][  T386] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  544.219214][  T386] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  544.229822][  T386] usb 2-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  544.243034][  T386] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  544.259873][  T386] usb 2-1: config 0 descriptor??
[  544.346761][ T3821] tipc: Node number set to 1278083072
[  544.536640][  T555] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  544.757830][  T386] hid-led 0003:1D34:000A.0022: unknown main item tag 0x0
[  544.896723][  T555] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  544.907543][  T555] usb 4-1: config 0 interface 0 has no altsetting 0
[  544.913968][  T555] usb 4-1: New USB device found, idVendor=054c, idProduct=1000, bcdDevice= 0.00
[  544.923650][  T555] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  544.936314][  T555] usb 4-1: config 0 descriptor??
[  544.978941][  T386] hid-led 0003:1D34:000A.0022: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.1-1/input0
[  544.997739][  T386] hid-led 0003:1D34:000A.0022: Dream Cheeky Webmail Notifier initialized
[  545.182728][ T3821] usb 2-1: USB disconnect, device number 32
[  545.419104][  T555] sony 0003:054C:1000.0023: hidraw0: USB HID v0.00 Device [HID 054c:1000] on usb-dummy_hcd.3-1/input0
[  545.430114][  T555] sony 0003:054C:1000.0023: failed to claim input
[  545.494354][T13655] loop4: detected capacity change from 0 to 40427
[  545.579189][T13655] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  545.586861][T13655] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  545.595704][T13655] F2FS-fs (loop4): invalid crc value
[  545.602519][T13655] F2FS-fs (loop4): Found nat_bits in checkpoint
[  545.619420][  T555] usb 4-1: USB disconnect, device number 30
[  545.631761][T13655] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  545.638642][T13655] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  545.686642][  T902] Bluetooth: hci0: command 0x1003 tx timeout
[  545.692492][ T1956] Bluetooth: hci0: sending frame failed (-49)
[  545.806838][T13671] loop1: detected capacity change from 0 to 1024
[  545.848356][T13671] EXT4-fs (loop1): mounted filesystem without journal. Opts: user_xattr,nombcache,dioread_lock,inode_readahead_blks=0x0000000000000001,debug_want_extra_isize=0x000000000000007e,lazytime,init_itable=0x0000000000000005,usrquota,nojournal_checksum,,errors=continue. Quota mode: writeback.
[  545.972507][T13681] loop4: detected capacity change from 0 to 256
[  545.987675][T13683] syz.1.4029[13683] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  545.987729][T13683] syz.1.4029[13683] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  545.999636][T13681] exfat: Deprecated parameter 'namecase'
[  546.026651][T13681] exfat: Deprecated parameter 'utf8'
[  546.031815][T13681] exfat: Deprecated parameter 'namecase'
[  546.039634][T13681] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f41, chksum : 0xe1a8932d, utbl_chksum : 0xe619d30d)
[  546.146119][T13697] loop1: detected capacity change from 0 to 128
[  546.172989][T13699] loop4: detected capacity change from 0 to 2048
[  546.209409][  T408] attempt to access beyond end of device
[  546.209409][  T408] loop1: rw=1, want=1041, limit=128
[  546.278410][T13699] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  546.292121][T13699] ext4 filesystem being mounted at /840/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  546.359372][T13711] loop4: detected capacity change from 0 to 128
[  546.392771][T13700] loop3: detected capacity change from 0 to 512
[  546.436747][T13711] attempt to access beyond end of device
[  546.436747][T13711] loop4: rw=2049, want=1041, limit=128
[  546.476142][T13700] EXT4-fs (loop3): Unrecognized mount option "ro" or missing value
[  546.606645][  T902] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  546.856613][  T902] usb 2-1: Using ep0 maxpacket: 8
[  546.889865][T13727] loop4: detected capacity change from 0 to 512
[  546.967513][T13727] EXT4-fs (loop4): Unrecognized mount option "ro" or missing value
[  546.976707][  T902] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  547.076734][  T902] usb 2-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  547.086072][  T902] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[  547.100604][  T902] usb 2-1: SerialNumber: syz
[  547.110736][  T902] usb 2-1: config 0 descriptor??
[  547.116468][T13730] loop3: detected capacity change from 0 to 40427
[  547.167245][  T902] usb 2-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[  547.174072][  T902] usb 2-1: No streaming interface found for terminal 36.
[  547.190066][T13730] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  547.211552][T13730] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  547.223537][T13730] F2FS-fs (loop3): Found nat_bits in checkpoint
[  547.283355][T13730] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  547.290354][T13730] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  547.359282][T13730] attempt to access beyond end of device
[  547.359282][T13730] loop3: rw=2049, want=45640, limit=40427
[  547.373370][ T6849] usb 2-1: USB disconnect, device number 33
[  547.504823][T13746] loop4: detected capacity change from 0 to 512
[  547.586992][T13746] EXT4-fs (loop4): bad s_want_extra_isize: 11962
[  547.622932][   T30] kauditd_printk_skb: 62 callbacks suppressed
[  547.622947][   T30] audit: type=1326 audit(1732154745.310:18890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13755 comm="syz.3.4059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69452be819 code=0x7ffc0000
[  547.652412][   T30] audit: type=1326 audit(1732154745.310:18891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13755 comm="syz.3.4059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69452be819 code=0x7ffc0000
[  547.676258][   T30] audit: type=1326 audit(1732154745.320:18892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13755 comm="syz.3.4059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7f69452be819 code=0x7ffc0000
[  547.705006][   T30] audit: type=1326 audit(1732154745.320:18893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13755 comm="syz.3.4059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69452be819 code=0x7ffc0000
[  547.729259][   T30] audit: type=1326 audit(1732154745.320:18894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13755 comm="syz.3.4059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69452be819 code=0x7ffc0000
[  547.766620][  T386] Bluetooth: hci0: command 0x1001 tx timeout
[  547.772478][ T1956] Bluetooth: hci0: sending frame failed (-49)
[  547.797865][T13767] ------------[ cut here ]------------
[  547.803135][T13767] WARNING: CPU: 1 PID: 13767 at kernel/trace/bpf_trace.c:1411 bpf_get_stack_raw_tp+0x1d3/0x220
[  547.813372][T13767] Modules linked in:
[  547.817050][T13767] CPU: 1 PID: 13767 Comm: syz.4.4064 Not tainted 5.15.167-syzkaller-00348-g2e66050fb753 #0
[  547.826855][T13767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  547.836748][T13767] RIP: 0010:bpf_get_stack_raw_tp+0x1d3/0x220
[  547.842537][T13767] Code: f1 45 31 c0 e8 2e 8f 14 00 65 ff 0d 4f 56 87 7e 4c 63 e8 4c 89 e8 48 83 c4 18 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 6d 7e f4 ff <0f> 0b 65 ff 0d 2c 56 87 7e 49 c7 c5 f0 ff ff ff eb d7 e8 56 7e f4
[  547.862034][T13767] RSP: 0018:ffffc90000ad6a30 EFLAGS: 00010283
[  547.867901][T13767] RAX: ffffffff817bd8f3 RBX: 0000000000000003 RCX: 0000000000080000
[  547.875691][T13767] RDX: ffffc90003343000 RSI: 00000000000000b8 RDI: 00000000000000b9
[  547.883550][T13767] RBP: ffffc90000ad6a70 R08: ffffffff817bd7b3 R09: fffffbfff0e5333e
[  547.891340][T13767] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc90000ad6a88
[  547.899181][T13767] R13: 0000000000000000 R14: 0000000000000900 R15: ffff8881f7132d30
[  547.906968][T13767] FS:  00007f2f6542c6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  547.908713][T13769] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  547.915708][T13767] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  547.915733][T13767] CR2: 000000110c27e4f2 CR3: 0000000116ca6000 CR4: 00000000003506a0
[  547.915748][T13767] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  547.915759][T13767] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  547.915771][T13767] Call Trace:
[  547.960351][T13767]  <TASK>
[  547.963127][T13767]  ? show_regs+0x58/0x60
[  547.967251][T13767]  ? __warn+0x160/0x2f0
[  547.971316][T13767]  ? bpf_get_stack_raw_tp+0x1d3/0x220
[  547.976519][T13767]  ? report_bug+0x3d9/0x5b0
[  547.980856][T13767]  ? bpf_get_stack_raw_tp+0x1d3/0x220
[  547.986062][T13767]  ? handle_bug+0x41/0x70
[  547.990270][T13767]  ? exc_invalid_op+0x1b/0x50
[  547.994744][T13767]  ? asm_exc_invalid_op+0x1b/0x20
[  547.999656][T13767]  ? bpf_get_stack_raw_tp+0x93/0x220
[  548.004734][T13767]  ? bpf_get_stack_raw_tp+0x1d3/0x220
[  548.009988][T13767]  ? bpf_get_stack_raw_tp+0x1d3/0x220
[  548.015151][T13767]  ? strlcpy+0x88/0xd0
[  548.019106][T13767]  bpf_prog_ec3b2eefa702d8d3+0x3a/0x86c
[  548.024431][T13767]  bpf_trace_run4+0x13f/0x270
[  548.028992][T13767]  ? bpf_trace_run3+0x250/0x250
[  548.033632][T13767]  ? get_mem_cgroup_from_mm+0x18e/0x230
[  548.039054][T13767]  __bpf_trace_mmap_lock_acquire_returned+0x33/0x40
[  548.045438][T13767]  __mmap_lock_do_trace_acquire_returned+0x198/0x200
[  548.052002][T13767]  ? get_mm_memcg_path+0x240/0x240
[  548.056918][T13767]  stack_map_get_build_id_offset+0x5ec/0x900
[  548.062703][T13767]  ? __bpf_get_stackid+0x950/0x950
[  548.067697][T13767]  ? __change_page_attr_set_clr+0x244f/0x2480
[  548.073553][T13767]  __bpf_get_stack+0x495/0x570
[  548.078213][T13767]  ? stack_map_get_build_id_offset+0x900/0x900
[  548.084142][T13767]  ? __kasan_check_write+0x14/0x20
[  548.089126][T13767]  ? _raw_spin_lock_irqsave+0xf9/0x210
[  548.094383][T13767]  bpf_get_stack+0x31/0x40
[  548.098660][T13767]  bpf_get_stack_raw_tp+0x1b2/0x220
[  548.103672][T13767]  bpf_prog_ec3b2eefa702d8d3+0x3a/0x86c
[  548.109077][T13767]  bpf_trace_run4+0x13f/0x270
[  548.113577][T13767]  ? bpf_trace_run3+0x250/0x250
[  548.118291][T13767]  ? get_mem_cgroup_from_mm+0x18e/0x230
[  548.123633][T13767]  __bpf_trace_mmap_lock_acquire_returned+0x33/0x40
[  548.130106][T13767]  __mmap_lock_do_trace_acquire_returned+0x198/0x200
[  548.136605][T13767]  ? __update_load_avg_cfs_rq+0xb1/0x2f0
[  548.142034][T13767]  ? get_mm_memcg_path+0x240/0x240
[  548.147024][T13767]  stack_map_get_build_id_offset+0x5ec/0x900
[  548.152799][T13767]  ? __bpf_get_stackid+0x950/0x950
[  548.157790][T13767]  ? tracing_record_taskinfo_sched_switch+0x84/0x390
[  548.164261][T13767]  __bpf_get_stack+0x495/0x570
[  548.168898][T13767]  ? stack_map_get_build_id_offset+0x900/0x900
[  548.174840][T13767]  ? __kasan_check_write+0x14/0x20
[  548.176646][   T30] audit: type=1326 audit(1732154745.850:18895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13770 comm="syz.1.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36e356819 code=0x7ffc0000
[  548.179812][T13767]  ? _raw_spin_lock_irqsave+0xf9/0x210
[  548.208452][T13767]  bpf_get_stack+0x31/0x40
[  548.212677][T13767]  bpf_get_stack_raw_tp+0x1b2/0x220
[  548.217745][T13767]  bpf_prog_ec3b2eefa702d8d3+0x3a/0x86c
[  548.223093][T13767]  bpf_trace_run4+0x13f/0x270
[  548.227653][T13767]  ? bpf_trace_run3+0x250/0x250
[  548.232292][T13767]  ? __kernel_text_address+0x9b/0x110
[  548.237528][T13767]  ? get_mem_cgroup_from_mm+0x18e/0x230
[  548.242880][T13767]  __bpf_trace_mmap_lock_acquire_returned+0x33/0x40
[  548.243647][   T30] audit: type=1326 audit(1732154745.850:18896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13770 comm="syz.1.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36e356819 code=0x7ffc0000
[  548.249322][T13767]  __mmap_lock_do_trace_acquire_returned+0x198/0x200
[  548.249344][T13767]  ? get_mm_memcg_path+0x240/0x240
[  548.284108][T13767]  ? stack_trace_save+0x113/0x1c0
[  548.289037][T13767]  stack_map_get_build_id_offset+0x5ec/0x900
[  548.294788][T13767]  ? __bpf_get_stackid+0x950/0x950
[  548.299847][T13767]  __bpf_get_stack+0x495/0x570
[  548.304705][T13767]  ? stack_map_get_build_id_offset+0x900/0x900
[  548.310852][T13767]  ? __kasan_check_write+0x14/0x20
[  548.315784][T13767]  ? _raw_spin_lock_irqsave+0xf9/0x210
[  548.321122][T13767]  bpf_get_stack+0x31/0x40
[  548.325331][T13767]  bpf_get_stack_raw_tp+0x1b2/0x220
[  548.330410][T13767]  bpf_prog_ec3b2eefa702d8d3+0x3a/0x86c
[  548.335751][T13767]  bpf_trace_run4+0x13f/0x270
[  548.340301][T13767]  ? bpf_trace_run3+0x250/0x250
[  548.344551][T13775] input: syz0 as /devices/virtual/input/input37
[  548.344944][T13767]  ? get_mem_cgroup_from_mm+0x18e/0x230
[  548.356407][T13767]  __bpf_trace_mmap_lock_acquire_returned+0x33/0x40
[  548.362867][T13767]  __mmap_lock_do_trace_acquire_returned+0x198/0x200
[  548.369364][T13767]  ? get_mm_memcg_path+0x240/0x240
[  548.372641][   T30] audit: type=1326 audit(1732154745.900:18897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13770 comm="syz.1.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7fc36e356819 code=0x7ffc0000
[  548.374284][T13767]  ? __x64_sys_futex+0x100/0x100
[  548.399039][   T30] audit: type=1326 audit(1732154745.900:18898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13770 comm="syz.1.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36e356819 code=0x7ffc0000
[  548.402401][T13767]  __se_sys_mincore+0x54c/0x5e0
[  548.402428][T13767]  ? switch_fpu_return+0x15f/0x2e0
[  548.426229][   T30] audit: type=1326 audit(1732154745.900:18899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13770 comm="syz.1.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36e356819 code=0x7ffc0000
[  548.430482][T13767]  __x64_sys_mincore+0x7b/0x90
[  548.463336][T13767]  x64_sys_call+0xe5/0x9a0
[  548.467629][T13767]  do_syscall_64+0x3b/0xb0
[  548.471835][T13767]  ? clear_bhb_loop+0x35/0x90
[  548.476345][T13767]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  548.482112][T13767] RIP: 0033:0x7f2f66db3819
[  548.486328][T13767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  548.505834][T13767] RSP: 002b:00007f2f6542c038 EFLAGS: 00000246 ORIG_RAX: 000000000000001b
[  548.514032][T13767] RAX: ffffffffffffffda RBX: 00007f2f66f6afa0 RCX: 00007f2f66db3819
[  548.521850][T13767] RDX: 0000000020000000 RSI: 0000000000001000 RDI: 0000000020ffe000
[  548.529661][T13767] RBP: 00007f2f66e2675e R08: 0000000000000000 R09: 0000000000000000
[  548.537472][T13767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  548.545258][T13767] R13: 0000000000000000 R14: 00007f2f66f6afa0 R15: 00007ffc14f27318
[  548.553101][T13767]  </TASK>
[  548.555948][T13767] ---[ end trace d77f9cdf9ec8fae2 ]---
[  548.627753][T13784] bridge_slave_0: default FDB implementation only supports local addresses
[  548.674385][T13788] loop4: detected capacity change from 0 to 512
[  548.716663][  T555] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  548.725586][T13788] EXT4-fs (loop4): orphan cleanup on readonly fs
[  548.732892][T13788] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.4074: bg 0: block 248: padding at end of block bitmap is not set
[  548.747798][T13788] EXT4-fs error (device loop4): ext4_acquire_dquot:6187: comm syz.4.4074: Failed to acquire dquot type 1
[  548.759633][T13788] EXT4-fs (loop4): 1 truncate cleaned up
[  548.765389][T13788] EXT4-fs (loop4): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,noload,,errors=continue. Quota mode: writeback.
[  548.804701][T13788] EXT4-fs error (device loop4): ext4_remount:5845: comm syz.4.4074: Abort forced by user
[  548.869632][T13796] loop6: detected capacity change from 0 to 1024
[  548.943251][T13808] loop4: detected capacity change from 0 to 512
[  548.951942][T13796] EXT4-fs (loop6): Test dummy encryption mode enabled
[  548.956838][  T555] usb 4-1: Using ep0 maxpacket: 16
[  548.963821][T13796] EXT4-fs (loop6): Journaled quota options ignored when QUOTA feature is enabled
[  548.976185][T13796] EXT4-fs (loop6): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,inlinecrypt,commit=0x0000000000000005,noinit_itable,usrjquota=./file0,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  549.017071][T13808] EXT4-fs (loop4): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback.
[  549.034506][T13808] ext4 filesystem being mounted at /861/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  549.065438][T13814] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 0
[  549.076735][  T555] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  549.095968][T13816] loop4: detected capacity change from 0 to 256
[  549.097900][  T555] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  549.114838][  T555] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  549.128301][  T555] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  549.138731][  T555] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  549.147706][  T555] usb 4-1: config 0 descriptor??
[  549.154273][T13818] loop6: detected capacity change from 0 to 512
[  549.164799][T13816] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x11cf727b, utbl_chksum : 0xe619d30d)
[  549.208252][T13818] EXT4-fs error (device loop6): ext4_orphan_get:1406: comm syz.6.4086: couldn't read orphan inode 26 (err -116)
[  549.227997][T13818] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  549.256507][T13818] ext4 filesystem being mounted at /559/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  549.271667][T13831] SELinux:  Context system_u:object_r:mouse_device_t:s0 is not valid (left unmapped).
[  549.311531][T13837] loop1: detected capacity change from 0 to 512
[  549.332745][T13839] loop4: detected capacity change from 0 to 256
[  549.371070][T13839] exfat: Deprecated parameter 'utf8'
[  549.372262][T13837] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #15: comm syz.1.4094: casefold flag without casefold feature
[  549.376232][T13839] exfat: Unknown parameter '
'
[  549.389150][T13837] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.4094: couldn't read orphan inode 15 (err -117)
[  549.405956][T13837] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  549.516370][T13854] netlink: 78 bytes leftover after parsing attributes in process `syz.4.4101'.
[  549.598953][T13863] loop1: detected capacity change from 0 to 2048
[  549.615556][T13863]  loop1: p3 < > p4 < >
[  549.619736][T13863] loop1: partition table partially beyond EOD, truncated
[  549.631590][T13863] loop1: p3 start 4284289 is beyond EOD, truncated
[  549.642259][  T555] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0024/input/input38
[  549.657203][  T555] microsoft 0003:045E:07DA.0024: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  549.695737][T13863] syz.1.4105[13863] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  549.700127][T13863] syz.1.4105[13863] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  549.758826][  T660] udevd[660]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  549.761105][T13863] loop1: detected capacity change from 0 to 512
[  549.832994][  T660] udevd[660]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  549.843575][  T555] usb 4-1: USB disconnect, device number 31
[  549.851893][T13863] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,auto_da_alloc,minixdf,,errors=continue. Quota mode: writeback.
[  549.865578][  T386] Bluetooth: hci0: command 0x1009 tx timeout
[  549.866834][T13863] ext4 filesystem being mounted at /836/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  550.012388][T13875] loop6: detected capacity change from 0 to 512
[  550.067814][T13875] EXT4-fs (loop6): Unrecognized mount option "ro" or missing value
[  550.225283][T13883] loop1: detected capacity change from 0 to 40427
[  550.319672][T13883] F2FS-fs (loop1): Invalid SB checksum offset: 0
[  550.325833][T13883] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  550.364431][T13883] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  550.447903][T13883] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  550.456639][T13883] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  550.494316][T13883] attempt to access beyond end of device
[  550.494316][T13883] loop1: rw=2049, want=53256, limit=40427
[  550.525796][  T289] attempt to access beyond end of device
[  550.525796][  T289] loop1: rw=2049, want=45104, limit=40427
[  550.678153][T13901] loop1: detected capacity change from 0 to 512
[  550.686783][  T555] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  550.703700][T13901] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[  550.728030][T13901] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.4118: inode #1: comm syz.1.4118: iget: illegal inode #
[  550.741170][T13901] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.4118: error while reading EA inode 1 err=-117
[  550.741794][T13909] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4121'.
[  550.754047][T13901] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.4118: inode #1: comm syz.1.4118: iget: illegal inode #
[  550.763009][T13909] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  550.784806][T13901] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.4118: error while reading EA inode 1 err=-117
[  550.797789][T13901] EXT4-fs (loop1): 1 orphan inode deleted
[  550.803428][T13901] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,max_batch_time=0x0000000000000002,auto_da_alloc=0x0000000000000009,mblk_io_submit,,errors=continue. Quota mode: none.
[  550.991193][T13929] loop1: detected capacity change from 0 to 512
[  551.066712][  T555] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  551.077609][  T555] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  551.087466][  T555] usb 5-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  551.096478][  T555] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  551.140139][  T555] usb 5-1: config 0 descriptor??
[  551.392164][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  551.633748][  T555] sony 0003:054C:0268.0025: hiddev96,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.4-1/input0
[  551.657772][  T555] sony 0003:054C:0268.0025: failed to claim input
[  551.798061][T13954] loop6: detected capacity change from 0 to 40427
[  551.829686][  T555] usb 5-1: USB disconnect, device number 30
[  551.847545][T13952] loop3: detected capacity change from 0 to 131072
[  551.857826][T13954] F2FS-fs (loop6): fault_injection options not supported
[  551.865483][T13954] F2FS-fs (loop6): invalid crc value
[  551.881209][T13952] F2FS-fs (loop3): Test dummy encryption mode enabled
[  551.897667][T13954] F2FS-fs (loop6): Found nat_bits in checkpoint
[  551.915043][T13952] F2FS-fs (loop3): invalid crc value
[  551.941196][T13952] F2FS-fs (loop3): Found nat_bits in checkpoint
[  551.983018][T13954] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  551.994662][T13969] loop1: detected capacity change from 0 to 512
[  552.011683][T13952] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  552.041792][ T5298] attempt to access beyond end of device
[  552.041792][ T5298] loop6: rw=2049, want=45104, limit=40427
[  552.533575][T13979] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4147'.
[  554.103883][T13990] loop1: detected capacity change from 0 to 512
[  554.110922][   T30] kauditd_printk_skb: 136 callbacks suppressed
[  554.110936][   T30] audit: type=1326 audit(1732154751.800:19034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13986 comm="syz.4.4150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f66db3819 code=0x7ffc0000
[  554.142100][   T30] audit: type=1326 audit(1732154751.800:19035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13986 comm="syz.4.4150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f66db3819 code=0x7ffc0000
[  554.165606][   T30] audit: type=1326 audit(1732154751.840:19036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13986 comm="syz.4.4150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f2f66db3819 code=0x7ffc0000
[  554.189190][   T30] audit: type=1326 audit(1732154751.840:19037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13986 comm="syz.4.4150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f66db3819 code=0x7ffc0000
[  554.212686][   T30] audit: type=1326 audit(1732154751.840:19038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13986 comm="syz.4.4150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f66db3819 code=0x7ffc0000
[  554.236273][   T30] audit: type=1326 audit(1732154751.840:19039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13986 comm="syz.4.4150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f2f66db3819 code=0x7ffc0000
[  554.273666][   T30] audit: type=1326 audit(1732154751.840:19040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13986 comm="syz.4.4150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f66db3819 code=0x7ffc0000
[  554.316683][   T30] audit: type=1326 audit(1732154751.840:19041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13986 comm="syz.4.4150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f66db3819 code=0x7ffc0000
[  554.346156][   T30] audit: type=1326 audit(1732154751.990:19042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13995 comm="syz.7.4153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8079904819 code=0x7ffc0000
[  554.381401][   T30] audit: type=1326 audit(1732154751.990:19043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13995 comm="syz.7.4153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7f8079904819 code=0x7ffc0000
[  554.392789][T14002] loop4: detected capacity change from 0 to 2048
[  554.464255][T14006] syz.7.4157[14006] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  554.464340][T14006] syz.7.4157[14006] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  554.483867][T14009] loop6: detected capacity change from 0 to 512
[  554.511776][T14002] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  554.660199][T14009] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[  554.707339][T14009] EXT4-fs error (device loop6): ext4_orphan_get:1401: inode #15: comm syz.6.4158: iget: bad i_size value: -67835469387268086
[  554.742050][T14009] EXT4-fs error (device loop6): ext4_orphan_get:1406: comm syz.6.4158: couldn't read orphan inode 15 (err -117)
[  554.754308][T14009] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  554.765179][T14009] ext2 filesystem being mounted at /572/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  554.950925][T14015] loop7: detected capacity change from 0 to 40427
[  555.010330][T14015] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[  555.024877][T14015] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  555.048736][T14015] F2FS-fs (loop7): invalid crc value
[  555.077556][T14015] F2FS-fs (loop7): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  555.106371][T14015] F2FS-fs (loop7): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  555.188218][T14015] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  555.189365][T14061] loop6: detected capacity change from 0 to 512
[  555.195219][T14015] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  555.224796][T14069] loop1: detected capacity change from 0 to 2048
[  555.258160][T14069] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  555.285298][T14075] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  555.307626][T14015] attempt to access beyond end of device
[  555.307626][T14015] loop7: rw=2049, want=77960, limit=40427
[  555.326808][T14061] EXT4-fs (loop6): Unrecognized mount option "fowner<00000000000000000000" or missing value
[  555.364208][T14015] attempt to access beyond end of device
[  555.364208][T14015] loop7: rw=2049, want=45104, limit=40427
[  555.440961][T14084] loop1: detected capacity change from 0 to 256
[  555.455233][T14053] loop4: detected capacity change from 0 to 40427
[  555.497148][T14053] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  555.504759][T14053] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  555.515143][T14053] F2FS-fs (loop4): invalid crc value
[  555.557485][T14053] F2FS-fs (loop4): Found nat_bits in checkpoint
[  555.570226][T14084] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  555.626071][T14053] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  555.634507][T14053] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  555.662699][T14077] loop3: detected capacity change from 0 to 40427
[  555.680325][T14095] loop1: detected capacity change from 0 to 2048
[  555.737360][T14077] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  555.746685][T14077] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  555.765376][T14095] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  555.777734][T14077] F2FS-fs (loop3): Found nat_bits in checkpoint
[  555.888955][T14077] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  555.895857][T14077] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  555.964147][T14122] loop1: detected capacity change from 0 to 512
[  555.974835][T14122] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  555.987200][T14122] EXT4-fs (loop1): 1 truncate cleaned up
[  555.992878][T14122] EXT4-fs (loop1): mounted filesystem without journal. Opts: i_version,nombcache,debug_want_extra_isize=0x0000000000000068,lazytime,block_validity,quota,,errors=continue. Quota mode: writeback.
[  556.003365][  T288] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  556.013773][  T288] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  556.025661][  T288] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  556.037207][  T288] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  556.044888][  T288] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  556.052334][  T288] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  556.059831][  T288] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  556.161728][T14137] loop1: detected capacity change from 0 to 512
[  556.274629][T14137] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  556.294082][T14137] ext4 filesystem being mounted at /865/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  556.418885][T14163] device gretap0 entered promiscuous mode
[  556.424457][T14163] device macsec1 entered promiscuous mode
[  556.436357][T14165] loop6: detected capacity change from 0 to 256
[  556.489484][T14171] loop1: detected capacity change from 0 to 2048
[  556.507110][T14165] exfat: Deprecated parameter 'namecase'
[  556.524154][T14171] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  556.524454][T14165] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  556.540171][T14171] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  556.566780][T14171] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 23 with error 28
[  556.589807][T14177] loop7: detected capacity change from 0 to 512
[  556.589858][T14171] EXT4-fs (loop1): This should not happen!! Data will be lost
[  556.589858][T14171] 
[  556.622595][T14171] EXT4-fs (loop1): Total free blocks count 0
[  556.638003][T14171] EXT4-fs (loop1): Free/Dirty block details
[  556.643727][T14171] EXT4-fs (loop1): free_blocks=2415919504
[  556.654873][T14171] EXT4-fs (loop1): dirty_blocks=48
[  556.670504][T14179] EXT4-fs (loop1): re-mounted. Opts: (null). Quota mode: none.
[  556.711593][T14171] EXT4-fs (loop1): Block reservation details
[  556.729966][T14171] EXT4-fs (loop1): i_reserved_data_blocks=3
[  556.741655][T14178] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  556.851061][T14188] overlayfs: missing 'lowerdir'
[  557.210862][T14199] loop3: detected capacity change from 0 to 512
[  557.800206][T14204] loop4: detected capacity change from 0 to 40427
[  557.848322][T14204] F2FS-fs (loop4): invalid crc value
[  557.858568][T14204] F2FS-fs (loop4): Found nat_bits in checkpoint
[  557.900246][T14204] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  557.964496][  T291] attempt to access beyond end of device
[  557.964496][  T291] loop4: rw=2049, want=45104, limit=40427
[  558.123777][T14224] loop1: detected capacity change from 0 to 512
[  558.137667][T14224] EXT4-fs (loop1): Unrecognized mount option "ro" or missing value
[  558.171652][T14228] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 0
[  558.185035][T14230] SELinux: security_context_str_to_sid(user_u) failed for (dev ?, type ?) errno=-22
[  558.198476][T14230] SELinux: security_context_str_to_sid(user_u) failed for (dev incremental-fs, type incremental-fs) errno=-22
[  558.258528][T14234] loop3: detected capacity change from 0 to 512
[  558.262304][T14236] input: syz1 as /devices/virtual/input/input39
[  558.633755][T14254] loop4: detected capacity change from 0 to 512
[  558.689710][T14261] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  559.253818][T14273] loop3: detected capacity change from 0 to 512
[  559.328817][T14273] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,nouid32,minixdf,,errors=continue. Quota mode: writeback.
[  559.341954][T14273] ext4 filesystem being mounted at /884/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  559.393854][T14278] syz.3.4258[14278] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  559.393933][T14278] syz.3.4258[14278] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  559.563274][   T30] kauditd_printk_skb: 149 callbacks suppressed
[  559.563289][   T30] audit: type=1326 audit(1732154757.250:19193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14288 comm="syz.1.4264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36e356819 code=0x7ffc0000
[  559.623633][   T30] audit: type=1326 audit(1732154757.290:19194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14288 comm="syz.1.4264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36e356819 code=0x7ffc0000
[  559.647444][   T30] audit: type=1326 audit(1732154757.290:19195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14288 comm="syz.1.4264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc36e356819 code=0x7ffc0000
[  559.673628][T14291] overlayfs: failed to resolve './file0': -2
[  559.685195][   T30] audit: type=1326 audit(1732154757.290:19196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14288 comm="syz.1.4264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36e356819 code=0x7ffc0000
[  559.721540][   T30] audit: type=1326 audit(1732154757.290:19197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14288 comm="syz.1.4264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36e356819 code=0x7ffc0000
[  559.732079][T14292] loop3: detected capacity change from 0 to 512
[  559.753229][   T30] audit: type=1326 audit(1732154757.290:19198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14288 comm="syz.1.4264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc36e356819 code=0x7ffc0000
[  559.810525][   T30] audit: type=1326 audit(1732154757.300:19199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14288 comm="syz.1.4264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36e356819 code=0x7ffc0000
[  559.840195][T14302] loop1: detected capacity change from 0 to 128
[  559.846456][   T30] audit: type=1326 audit(1732154757.300:19200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14288 comm="syz.1.4264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36e356819 code=0x7ffc0000
[  559.848883][T14292] EXT4-fs (loop3): Unrecognized mount option "ro" or missing value
[  559.872135][   T30] audit: type=1326 audit(1732154757.300:19201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14288 comm="syz.1.4264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc36e356819 code=0x7ffc0000
[  559.912240][T14302] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  559.922862][T14302] ext4 filesystem being mounted at /885/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  559.966710][   T30] audit: type=1326 audit(1732154757.300:19202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14288 comm="syz.1.4264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36e356819 code=0x7ffc0000
[  559.968484][T14307] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=14307 comm=syz.6.4271
[  560.119535][T14313] loop6: detected capacity change from 0 to 512
[  560.165838][T14320] loop1: detected capacity change from 0 to 2048
[  560.249258][T14320] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  560.571062][T14327] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  560.599275][T14327] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1274 with error 28
[  560.622287][T14327] EXT4-fs (loop1): This should not happen!! Data will be lost
[  560.622287][T14327] 
[  560.632213][T14327] EXT4-fs (loop1): Total free blocks count 0
[  560.638252][T14327] EXT4-fs (loop1): Free/Dirty block details
[  560.648654][T14327] EXT4-fs (loop1): free_blocks=2415919104
[  560.676677][T14327] EXT4-fs (loop1): dirty_blocks=2448
[  560.694376][T14327] EXT4-fs (loop1): Block reservation details
[  560.710227][T14327] EXT4-fs (loop1): i_reserved_data_blocks=153
[  560.928699][  T906] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 1274 with max blocks 1162 with error 28
[  560.962254][  T906] EXT4-fs (loop1): This should not happen!! Data will be lost
[  560.962254][  T906] 
[  561.030773][T14368] device wireguard0 entered promiscuous mode
[  561.257091][T14359] loop3: detected capacity change from 0 to 512
[  561.349837][T14359] EXT4-fs (loop3): Unrecognized mount option "ro" or missing value
[  561.376790][ T3821] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  561.641433][T14383] loop3: detected capacity change from 0 to 256
[  561.713972][T14383] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000001)
[  561.722199][T14383] FAT-fs (loop3): Filesystem has been set read-only
[  561.742697][T14363] loop4: detected capacity change from 0 to 131072
[  561.746758][ T3821] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  561.760526][ T3821] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  561.768641][T14385] loop3: detected capacity change from 0 to 512
[  561.770159][ T3821] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  561.785100][ T3821] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  561.793719][ T3821] usb 2-1: config 0 descriptor??
[  561.800454][T14363] F2FS-fs (loop4): invalid crc value
[  561.815759][T14385] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  561.829419][T14385] EXT4-fs error (device loop3): __ext4_iget:4903: inode #11: block 16: comm syz.3.4302: invalid block
[  561.842235][T14363] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387)
[  561.846846][T14385] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.4302: couldn't read orphan inode 11 (err -117)
[  561.865187][T14385] EXT4-fs (loop3): 1 truncate cleaned up
[  561.870875][T14385] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,init_itable=0x0000000000000006,dioread_nolock,,errors=continue. Quota mode: writeback.
[  561.887872][T14363] F2FS-fs (loop4): Mounted with checkpoint version = 753bd00b
[  561.901164][T14385] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm syz.3.4302: bg 0: block 16: invalid block bitmap
[  561.913910][T14385] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6183: Corrupt filesystem
[  562.082114][  T906] Bluetooth: hci0: Frame reassembly failed (-84)
[  562.226629][   T26] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  562.277584][ T3821] pyra 0003:1E7D:2CF6.0026: unknown main item tag 0x0
[  562.284303][ T3821] pyra 0003:1E7D:2CF6.0026: unknown main item tag 0x0
[  562.291835][ T3821] pyra 0003:1E7D:2CF6.0026: item fetching failed at offset 3/7
[  562.299591][ T3821] pyra 0003:1E7D:2CF6.0026: parse failed
[  562.305034][ T3821] pyra: probe of 0003:1E7D:2CF6.0026 failed with error -22
[  562.480316][  T902] usb 2-1: USB disconnect, device number 34
[  562.586740][   T26] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  562.597494][   T26] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  562.607024][   T26] usb 4-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  562.615840][   T26] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  562.624345][   T26] usb 4-1: config 0 descriptor??
[  563.108781][   T26] isku 0003:1E7D:319C.0027: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.3-1/input0
[  563.266603][ T3821] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  563.519697][  T386] usb 4-1: USB disconnect, device number 32
[  563.626650][ T3821] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  563.637428][ T3821] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  563.646919][ T3821] usb 2-1: New USB device found, idVendor=057d, idProduct=3000, bcdDevice= 0.00
[  563.655795][ T3821] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  563.664552][ T3821] usb 2-1: config 0 descriptor??
[  563.848905][T14402] loop6: detected capacity change from 0 to 40427
[  563.927085][T14402] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  563.934709][T14402] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  563.943590][T14402] F2FS-fs (loop6): invalid crc value
[  563.950184][T14402] F2FS-fs (loop6): Found nat_bits in checkpoint
[  563.973044][T14402] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  563.980002][T14402] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  564.009236][T14402] attempt to access beyond end of device
[  564.009236][T14402] loop6: rw=2049, want=45112, limit=40427
[  564.025638][  T906] F2FS-fs (loop6): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  564.040969][  T906] F2FS-fs (loop6): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  564.096662][  T902] Bluetooth: hci0: command 0x1003 tx timeout
[  564.102593][ T1956] Bluetooth: hci0: sending frame failed (-49)
[  564.147670][ T3821] hid-generic 0003:057D:3000.0028: unknown main item tag 0x0
[  564.154904][ T3821] hid-generic 0003:057D:3000.0028: item fetching failed at offset 5/7
[  564.176798][ T3821] hid-generic: probe of 0003:057D:3000.0028 failed with error -22
[  564.267408][T14420] SELinux: failed to load policy
[  564.284340][T14422] loop7: detected capacity change from 0 to 512
[  564.347856][ T3821] usb 2-1: USB disconnect, device number 35
[  564.458895][T14431] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4318'.
[  564.691295][T14443] loop6: detected capacity change from 0 to 40427
[  564.806177][T14443] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  564.813855][T14443] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  564.823591][T14443] F2FS-fs (loop6): invalid crc value
[  564.838128][T14443] F2FS-fs (loop6): Found nat_bits in checkpoint
[  564.888205][T14443] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  564.895115][T14443] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  565.007642][  T319] F2FS-fs (loop6): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  565.037161][  T319] F2FS-fs (loop6): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  565.046365][T14449] loop7: detected capacity change from 0 to 40427
[  565.086439][T14449] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[  565.099687][T14449] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  565.118759][T14449] F2FS-fs (loop7): invalid crc value
[  565.141015][T14449] F2FS-fs (loop7): Found nat_bits in checkpoint
[  565.181461][T14449] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  565.188430][T14449] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  565.212026][T14454] loop1: detected capacity change from 0 to 40427
[  565.234832][T14449] attempt to access beyond end of device
[  565.234832][T14449] loop7: rw=2049, want=45104, limit=40427
[  565.248444][T14464] syz.6.4329[14464] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  565.248538][T14464] syz.6.4329[14464] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  565.275701][T14457] loop3: detected capacity change from 0 to 40427
[  565.277343][T10417] attempt to access beyond end of device
[  565.277343][T10417] loop7: rw=2051, want=45104, limit=40427
[  565.305760][T10417] F2FS-fs (loop7): Issue discard(5637, 5637, 1) failed, ret: -5
[  565.312161][T14454] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  565.337115][T14454] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  565.346340][T14467] loop6: detected capacity change from 0 to 128
[  565.372591][T14457] F2FS-fs (loop3): fault_injection options not supported
[  565.385766][T14454] F2FS-fs (loop1): invalid crc value
[  565.387604][T14457] F2FS-fs (loop3): invalid crc value
[  565.398506][T14454] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  565.409174][T14467] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  565.427799][T14467] ext4 filesystem being mounted at /598/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  565.431092][T14457] F2FS-fs (loop3): Found nat_bits in checkpoint
[  565.466985][T14454] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  565.495266][T14457] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  565.522365][T14454] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  565.529542][  T288] attempt to access beyond end of device
[  565.529542][  T288] loop3: rw=2049, want=45104, limit=40427
[  565.540622][T14454] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  565.568697][T14477] loop7: detected capacity change from 0 to 512
[  565.658190][   T30] kauditd_printk_skb: 52 callbacks suppressed
[  565.658206][   T30] audit: type=1400 audit(1732154763.350:19255): avc:  denied  { read } for  pid=14479 comm="syz.6.4333" path="socket:[66451]" dev="sockfs" ino=66451 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  565.758150][T14484] loop3: detected capacity change from 0 to 128
[  566.122935][T14501] loop1: detected capacity change from 0 to 512
[  566.156439][T14501] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,nouid32,minixdf,,errors=continue. Quota mode: writeback.
[  566.166612][ T3821] Bluetooth: hci0: command 0x1001 tx timeout
[  566.176022][ T1956] Bluetooth: hci0: sending frame failed (-49)
[  566.186703][T14501] ext4 filesystem being mounted at /896/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  566.206226][   T30] audit: type=1400 audit(1732154763.890:19256): avc:  denied  { map } for  pid=14500 comm="syz.1.4339" path="/896/bus/file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  566.226870][T14489] loop6: detected capacity change from 0 to 512
[  566.301468][T14489] EXT4-fs (loop6): Unrecognized mount option "ro" or missing value
[  566.443995][T14502] loop3: detected capacity change from 0 to 512
[  566.459435][T14502] EXT4-fs (loop3): Unrecognized mount option "ro" or missing value
[  566.626623][ T3821] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  566.898726][T14530] loop3: detected capacity change from 0 to 1024
[  566.959745][T14530] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[  566.969180][T14530] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option
[  566.977323][T14530] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e814e01c, mo2=0003]
[  566.985251][T14530] System zones: 0-1, 3-36
[  566.989515][ T3821] usb 2-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config
[  566.999605][ T3821] usb 2-1: config 17 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  567.012426][ T3821] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  567.013906][T14530] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,delalloc,init_itable=0x000000000000000f,debug,jqfmt=vfsold,bsddf,nomblk_io_submit,nouid32,,errors=continue. Quota mode: writeback.
[  567.021705][ T3821] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  567.199915][T14534] loop3: detected capacity change from 0 to 40427
[  567.286941][T14534] F2FS-fs (loop3): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  567.306658][T14534] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  567.315716][T14534] F2FS-fs (loop3): invalid crc value
[  567.326434][T14534] F2FS-fs (loop3): Found nat_bits in checkpoint
[  567.346675][ T3821] usb 2-1: string descriptor 0 read error: -71
[  567.353132][ T3821] aiptek 2-1:17.0: interface has no int in endpoints, but must have minimum 1
[  567.358098][T14534] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  567.366626][ T3821] usb 2-1: USB disconnect, device number 36
[  567.368805][T14534] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  567.404371][  T288] attempt to access beyond end of device
[  567.404371][  T288] loop3: rw=524288, want=45072, limit=40427
[  567.415860][  T288] attempt to access beyond end of device
[  567.415860][  T288] loop3: rw=0, want=45072, limit=40427
[  567.429677][  T288] attempt to access beyond end of device
[  567.429677][  T288] loop3: rw=2049, want=45112, limit=40427
[  567.513280][   T10] tipc: Disabling bearer <udp:syz2>
[  567.518629][   T10] tipc: Left network mode
[  567.604781][   T30] audit: type=1400 audit(1732154765.290:19257): avc:  denied  { mounton } for  pid=14540 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  567.641155][T14540] bridge0: port 1(bridge_slave_0) entered blocking state
[  567.648149][T14540] bridge0: port 1(bridge_slave_0) entered disabled state
[  567.655375][T14540] device bridge_slave_0 entered promiscuous mode
[  567.664245][T14540] bridge0: port 2(bridge_slave_1) entered blocking state
[  567.671138][T14540] bridge0: port 2(bridge_slave_1) entered disabled state
[  567.678418][T14540] device bridge_slave_1 entered promiscuous mode
[  567.722844][T14540] bridge0: port 2(bridge_slave_1) entered blocking state
[  567.729707][T14540] bridge0: port 2(bridge_slave_1) entered forwarding state
[  567.736840][T14540] bridge0: port 1(bridge_slave_0) entered blocking state
[  567.743579][T14540] bridge0: port 1(bridge_slave_0) entered forwarding state
[  567.766097][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  567.773659][  T319] bridge0: port 1(bridge_slave_0) entered disabled state
[  567.780902][  T319] bridge0: port 2(bridge_slave_1) entered disabled state
[  567.791046][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  567.799327][  T319] bridge0: port 1(bridge_slave_0) entered blocking state
[  567.806157][  T319] bridge0: port 1(bridge_slave_0) entered forwarding state
[  567.818483][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  567.826483][  T319] bridge0: port 2(bridge_slave_1) entered blocking state
[  567.833419][  T319] bridge0: port 2(bridge_slave_1) entered forwarding state
[  567.845024][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  567.857214][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  567.872343][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  567.884033][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  567.892338][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  567.899794][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  567.907883][T14540] device veth0_vlan entered promiscuous mode
[  567.922165][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  567.931607][T14540] device veth1_macvtap entered promiscuous mode
[  567.942360][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  567.953293][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  567.971268][   T30] audit: type=1400 audit(1732154765.660:19258): avc:  denied  { mounton } for  pid=14540 comm="syz-executor" path="/root/syzkaller.uDb1mH/syz-tmp" dev="sda1" ino=1956 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  567.996077][   T30] audit: type=1400 audit(1732154765.660:19259): avc:  denied  { mount } for  pid=14540 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  568.024752][T14545] loop8: detected capacity change from 0 to 512
[  568.025671][   T30] audit: type=1400 audit(1732154765.660:19260): avc:  denied  { mounton } for  pid=14540 comm="syz-executor" path="/root/syzkaller.uDb1mH/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  568.060630][   T30] audit: type=1400 audit(1732154765.660:19261): avc:  denied  { mounton } for  pid=14540 comm="syz-executor" path="/root/syzkaller.uDb1mH/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=67252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  568.089491][   T30] audit: type=1400 audit(1732154765.680:19262): avc:  denied  { mounton } for  pid=14540 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=514 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  568.113205][   T30] audit: type=1400 audit(1732154765.690:19263): avc:  denied  { mounton } for  pid=14540 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  568.148367][   T10] device bridge_slave_1 left promiscuous mode
[  568.154293][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  568.163032][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  568.170316][T14549] loop1: detected capacity change from 0 to 512
[  568.186247][   T10] device veth1_macvtap left promiscuous mode
[  568.193352][   T10] device veth0_vlan left promiscuous mode
[  568.228515][T14549] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.4357: invalid indirect mapped block 256 (level 2)
[  568.243797][T14549] EXT4-fs (loop1): Remounting filesystem read-only
[  568.246622][ T3821] Bluetooth: hci0: command 0x1009 tx timeout
[  568.252408][T14549] EXT4-fs (loop1): 2 truncates cleaned up
[  568.266671][T14549] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,debug_want_extra_isize=0x0000000000000008,data_err=ignore,. Quota mode: writeback.
[  568.300016][T14549] EXT4-fs error (device loop1): ext4_check_dx_root:2264: inode #2: comm syz.1.4357: Corrupt dir, invalid name_len for '.', running e2fsck is recommended
[  568.494708][T14549] EXT4-fs (loop1): Remounting filesystem read-only
[  568.918497][T14561] loop1: detected capacity change from 0 to 40427
[  568.929026][T14561] F2FS-fs (loop1): fault_injection options not supported
[  568.935980][T14561] F2FS-fs (loop1): fault_type options not supported
[  568.944358][T14561] F2FS-fs (loop1): invalid crc value
[  568.957873][T14561] F2FS-fs (loop1): Found nat_bits in checkpoint
[  568.987946][T14566] netlink: 'syz.8.4362': attribute type 34 has an invalid length.
[  568.991264][T14561] F2FS-fs (loop1): Start checkpoint disabled!
[  569.008527][T14561] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  569.044355][T14569] loop8: detected capacity change from 0 to 1024
[  569.053821][T14561] attempt to access beyond end of device
[  569.053821][T14561] loop1: rw=2049, want=45112, limit=40427
[  569.076289][   T10] attempt to access beyond end of device
[  569.076289][   T10] loop1: rw=2049, want=45128, limit=40427
[  569.077822][T14569] JBD2: no valid journal superblock found
[  569.106626][T14569] EXT4-fs (loop8): error loading journal
[  569.197765][T14571] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=14571 comm=syz.8.4365
[  569.230616][T14574] loop8: detected capacity change from 0 to 1024
[  569.287474][T14574] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  569.460019][T14586] loop7: detected capacity change from 0 to 256
[  569.530548][T14586] exFAT-fs (loop7): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d)
[  569.557185][T14584] loop8: detected capacity change from 0 to 40427
[  569.570129][   T30] audit: type=1400 audit(1732154767.260:19264): avc:  denied  { rename } for  pid=14585 comm="syz.7.4370" name="file0" dev="loop7" ino=1048821 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  569.653590][T14584] F2FS-fs (loop8): fault_injection options not supported
[  569.670374][T14588] loop7: detected capacity change from 0 to 512
[  569.681720][T14584] F2FS-fs (loop8): invalid crc value
[  569.701681][T14584] F2FS-fs (loop8): Found nat_bits in checkpoint
[  569.777323][T14584] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  569.822205][  T906] attempt to access beyond end of device
[  569.822205][  T906] loop8: rw=2049, want=45104, limit=40427
[  569.848831][T14578] loop1: detected capacity change from 0 to 131072
[  569.885295][T14578] F2FS-fs (loop1): Test dummy encryption mode enabled
[  569.907047][T14578] F2FS-fs (loop1): invalid crc value
[  569.915431][T14578] F2FS-fs (loop1): Found nat_bits in checkpoint
[  570.060880][T14578] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  570.174000][T14590] loop6: detected capacity change from 0 to 40427
[  570.230971][T14590] F2FS-fs (loop6): fault_injection options not supported
[  570.248320][T14590] F2FS-fs (loop6): invalid crc value
[  570.255772][T14590] F2FS-fs (loop6): Found nat_bits in checkpoint
[  570.296708][T14590] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  570.348044][T14590] F2FS-fs (loop6): access invalid blkaddr:2816
[  570.354093][T14590] CPU: 0 PID: 14590 Comm: syz.6.4372 Tainted: G        W         5.15.167-syzkaller-00348-g2e66050fb753 #0
[  570.365228][T14590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  570.375123][T14590] Call Trace:
[  570.378242][T14590]  <TASK>
[  570.381027][T14590]  dump_stack_lvl+0x151/0x1c0
[  570.385532][T14590]  ? io_uring_drop_tctx_refs+0x190/0x190
[  570.391003][T14590]  ? arch_stack_walk+0xf3/0x140
[  570.395693][T14590]  dump_stack+0x15/0x20
[  570.399680][T14590]  f2fs_is_valid_blkaddr+0xcc3/0x12d0
[  570.404884][T14590]  f2fs_map_blocks+0x1622/0x3ab0
[  570.409657][T14590]  ? __stack_depot_save+0x34/0x470
[  570.414608][T14590]  ? f2fs_do_map_lock+0x70/0x70
[  570.419294][T14590]  ? debug_smp_processor_id+0x17/0x20
[  570.424497][T14590]  ? try_charge_memcg+0x213/0x1550
[  570.429447][T14590]  f2fs_mpage_readpages+0xc9a/0x21a0
[  570.434566][T14590]  ? __mem_cgroup_uncharge_list+0x8b/0x150
[  570.440211][T14590]  ? dquot_release_reservation_block+0xa0/0xa0
[  570.446198][T14590]  ? __this_cpu_preempt_check+0x13/0x20
[  570.451580][T14590]  ? __pagevec_lru_add+0xcde/0xd70
[  570.456525][T14590]  f2fs_readahead+0xfd/0x250
[  570.460951][T14590]  ? blk_start_plug+0x5a/0x170
[  570.465551][T14590]  read_pages+0x15e/0xb00
[  570.469717][T14590]  ? lru_cache_add+0x279/0x540
[  570.474319][T14590]  ? page_cache_ra_unbounded+0xa50/0xa50
[  570.479783][T14590]  ? add_to_page_cache_lru+0x225/0x2c0
[  570.485080][T14590]  ? add_to_page_cache_locked+0x40/0x40
[  570.486632][   T26] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  570.490466][T14590]  page_cache_ra_unbounded+0x7ed/0xa50
[  570.503050][T14590]  ? read_cache_pages_invalidate_pages+0x1c0/0x1c0
[  570.509387][T14590]  ondemand_readahead+0x9c8/0xfa0
[  570.514241][T14590]  ? kasan_set_free_info+0x23/0x40
[  570.519197][T14590]  ? ____kasan_slab_free+0x126/0x160
[  570.524306][T14590]  ? __kasan_slab_free+0x11/0x20
[  570.529087][T14590]  ? putname+0xfa/0x150
[  570.533075][T14590]  ? page_cache_sync_ra+0x4d0/0x4d0
[  570.538112][T14590]  page_cache_sync_ra+0x2e9/0x4d0
[  570.542969][T14590]  ? strncpy_from_kernel_nofault+0x169/0x1e0
[  570.548790][T14590]  ? force_page_cache_ra+0x420/0x420
[  570.553904][T14590]  ? bpf_probe_read_compat_str+0x131/0x180
[  570.559551][T14590]  f2fs_readdir+0x52d/0xba0
[  570.563888][T14590]  ? f2fs_fill_dentries+0xd60/0xd60
[  570.568921][T14590]  ? avc_policy_seqno+0x1b/0x70
[  570.573608][T14590]  ? __kasan_check_read+0x11/0x20
[  570.578466][T14590]  ? security_file_permission+0x86/0xb0
[  570.583849][T14590]  iterate_dir+0x265/0x600
[  570.588102][T14590]  ? f2fs_fill_dentries+0xd60/0xd60
[  570.593135][T14590]  __se_sys_getdents64+0x1c1/0x460
[  570.598084][T14590]  ? __x64_sys_getdents64+0x90/0x90
[  570.603114][T14590]  ? filldir+0x680/0x680
[  570.607196][T14590]  ? __kasan_check_write+0x14/0x20
[  570.612141][T14590]  ? switch_fpu_return+0x15f/0x2e0
[  570.617091][T14590]  __x64_sys_getdents64+0x7b/0x90
[  570.621952][T14590]  x64_sys_call+0x5ae/0x9a0
[  570.626287][T14590]  do_syscall_64+0x3b/0xb0
[  570.630541][T14590]  ? clear_bhb_loop+0x35/0x90
[  570.635055][T14590]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  570.640782][T14590] RIP: 0033:0x7f8dbde05819
[  570.645035][T14590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  570.656629][ T6849] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  570.664485][T14590] RSP: 002b:00007f8dbc47e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[  570.664514][T14590] RAX: ffffffffffffffda RBX: 00007f8dbdfbcfa0 RCX: 00007f8dbde05819
[  570.687914][T14590] RDX: 0000000000000022 RSI: 0000000000000000 RDI: 0000000000000004
[  570.695722][T14590] RBP: 00007f8dbde7875e R08: 0000000000000000 R09: 0000000000000000
[  570.703533][T14590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  570.711350][T14590] R13: 0000000000000000 R14: 00007f8dbdfbcfa0 R15: 00007ffc4296d7d8
[  570.719160][T14590]  </TASK>
[  570.724904][T14614] F2FS-fs (loop6): Found FS corruption, run fsck to fix.
[  570.725117][T14590] F2FS-fs (loop6): access invalid blkaddr:2816
[  570.737844][T14590] CPU: 0 PID: 14590 Comm: syz.6.4372 Tainted: G        W         5.15.167-syzkaller-00348-g2e66050fb753 #0
[  570.748933][T14590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  570.758826][T14590] Call Trace:
[  570.761952][T14590]  <TASK>
[  570.764726][T14590]  dump_stack_lvl+0x151/0x1c0
[  570.769415][T14590]  ? io_uring_drop_tctx_refs+0x190/0x190
[  570.774886][T14590]  dump_stack+0x15/0x20
[  570.778874][T14590]  f2fs_is_valid_blkaddr+0xcc3/0x12d0
[  570.784081][T14590]  f2fs_map_blocks+0x1622/0x3ab0
[  570.788854][T14590]  ? __stack_depot_save+0x34/0x470
[  570.793807][T14590]  ? f2fs_do_map_lock+0x70/0x70
[  570.798489][T14590]  f2fs_mpage_readpages+0xc9a/0x21a0
[  570.803609][T14590]  ? __mem_cgroup_uncharge_list+0x8b/0x150
[  570.809256][T14590]  ? dquot_release_reservation_block+0xa0/0xa0
[  570.815246][T14590]  ? __this_cpu_preempt_check+0x13/0x20
[  570.820623][T14590]  ? __pagevec_lru_add+0xcde/0xd70
[  570.825568][T14590]  f2fs_readahead+0xfd/0x250
[  570.829999][T14590]  ? blk_start_plug+0x5a/0x170
[  570.834597][T14590]  read_pages+0x15e/0xb00
[  570.838768][T14590]  ? lru_cache_add+0x279/0x540
[  570.843373][T14590]  ? page_cache_ra_unbounded+0xa50/0xa50
[  570.848834][T14590]  ? add_to_page_cache_lru+0x225/0x2c0
[  570.854133][T14590]  ? add_to_page_cache_locked+0x40/0x40
[  570.856727][   T26] usb 9-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  570.859511][T14590]  page_cache_ra_unbounded+0x7ed/0xa50
[  570.870401][   T26] usb 9-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  570.875485][T14590]  ? read_cache_pages_invalidate_pages+0x1c0/0x1c0
[  570.886958][   T26] usb 9-1: config 0 interface 0 has no altsetting 0
[  570.891366][T14590]  ondemand_readahead+0x9c8/0xfa0
[  570.898193][   T26] usb 9-1: New USB device found, idVendor=0c12, idProduct=0030, bcdDevice= 0.00
[  570.902644][T14590]  ? kasan_set_free_info+0x23/0x40
[  570.911904][   T26] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  570.916441][T14590]  ? ____kasan_slab_free+0x126/0x160
[  570.928732][   T26] usb 9-1: config 0 descriptor??
[  570.929371][T14590]  ? __kasan_slab_free+0x11/0x20
[  570.938919][T14590]  ? putname+0xfa/0x150
[  570.942909][T14590]  ? page_cache_sync_ra+0x4d0/0x4d0
[  570.947946][T14590]  page_cache_sync_ra+0x2e9/0x4d0
[  570.952800][T14590]  ? strncpy_from_kernel_nofault+0x169/0x1e0
[  570.958620][T14590]  ? force_page_cache_ra+0x420/0x420
[  570.963737][T14590]  ? bpf_probe_read_compat_str+0x131/0x180
[  570.969389][T14590]  f2fs_readdir+0x52d/0xba0
[  570.973721][T14590]  ? f2fs_fill_dentries+0xd60/0xd60
[  570.978758][T14590]  ? avc_policy_seqno+0x1b/0x70
[  570.983440][T14590]  ? __kasan_check_read+0x11/0x20
[  570.988302][T14590]  ? security_file_permission+0x86/0xb0
[  570.993680][T14590]  iterate_dir+0x265/0x600
[  570.997937][T14590]  ? f2fs_fill_dentries+0xd60/0xd60
[  571.002970][T14590]  __se_sys_getdents64+0x1c1/0x460
[  571.007924][T14590]  ? __x64_sys_getdents64+0x90/0x90
[  571.012953][T14590]  ? filldir+0x680/0x680
[  571.017033][T14590]  ? __kasan_check_write+0x14/0x20
[  571.021976][T14590]  ? switch_fpu_return+0x15f/0x2e0
[  571.026924][T14590]  __x64_sys_getdents64+0x7b/0x90
[  571.031784][T14590]  x64_sys_call+0x5ae/0x9a0
[  571.036129][T14590]  do_syscall_64+0x3b/0xb0
[  571.040377][T14590]  ? clear_bhb_loop+0x35/0x90
[  571.044890][T14590]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  571.050618][T14590] RIP: 0033:0x7f8dbde05819
[  571.054995][T14590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  571.074433][T14590] RSP: 002b:00007f8dbc47e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[  571.082797][T14590] RAX: ffffffffffffffda RBX: 00007f8dbdfbcfa0 RCX: 00007f8dbde05819
[  571.090598][T14590] RDX: 0000000000000022 RSI: 0000000000000000 RDI: 0000000000000004
[  571.098407][T14590] RBP: 00007f8dbde7875e R08: 0000000000000000 R09: 0000000000000000
[  571.106219][T14590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  571.114031][T14590] R13: 0000000000000000 R14: 00007f8dbdfbcfa0 R15: 00007ffc4296d7d8
[  571.121845][T14590]  </TASK>
[  571.125045][T14590] attempt to access beyond end of device
[  571.125045][T14590] loop6: rw=0, want=45072, limit=40427
[  571.142309][ T5298] attempt to access beyond end of device
[  571.142309][ T5298] loop6: rw=2049, want=45104, limit=40427
[  571.196716][ T6849] usb 2-1: New USB device found, idVendor=13d3, idProduct=3333, bcdDevice=84.ed
[  571.205556][ T6849] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  571.214320][ T6849] usb 2-1: Product: syz
[  571.229795][T14616] loop7: detected capacity change from 0 to 1024
[  571.236013][ T6849] usb 2-1: Manufacturer: syz
[  571.240664][ T6849] usb 2-1: SerialNumber: syz
[  571.245797][ T6849] usb 2-1: config 0 descriptor??
[  571.269099][T14621] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  571.297453][T14624] syz.6.4380[14624] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  571.297509][T14624] syz.6.4380[14624] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  571.311604][T14616] EXT4-fs error (device loop7): ext4_ext_check_inode:501: inode #11: comm syz.7.4378: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  571.347481][T14616] EXT4-fs error (device loop7): ext4_orphan_get:1406: comm syz.7.4378: couldn't read orphan inode 11 (err -117)
[  571.359608][T14616] EXT4-fs (loop7): mounted filesystem without journal. Opts: mb_optimize_scan=0x0000000000000001,nobarrier,nodelalloc,usrquota,nolazytime,noblock_validity,block_validity,barrier,,errors=continue. Quota mode: writeback.
[  571.385500][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  571.385513][   T30] audit: type=1400 audit(1732154769.080:19267): avc:  denied  { create } for  pid=14615 comm="syz.7.4378" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=fifo_file permissive=1
[  571.386137][T14616] EXT4-fs error (device loop7): ext4_read_block_bitmap_nowait:476: comm syz.7.4378: Invalid block bitmap block 0 in block_group 0
[  571.427444][   T26] zeroplus 0003:0C12:0030.0029: hidraw0: USB HID v0.01 Device [HID 0c12:0030] on usb-dummy_hcd.8-1/input0
[  571.438695][   T26] zeroplus 0003:0C12:0030.0029: no inputs found
[  571.449255][T14616] Quota error (device loop7): write_blk: dquota write failed
[  571.458624][T14616] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[  571.468946][T14616] EXT4-fs error (device loop7): ext4_acquire_dquot:6187: comm syz.7.4378: Failed to acquire dquot type 0
[  571.503544][  T902] usb 2-1: USB disconnect, device number 37
[  571.549690][T14635] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  571.608510][   T30] audit: type=1326 audit(1732154769.300:19268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14643 comm="syz.7.4388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8079904819 code=0x7ffc0000
[  571.627672][T14646] loop6: detected capacity change from 0 to 1024
[  571.632313][   T30] audit: type=1326 audit(1732154769.300:19269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14643 comm="syz.7.4388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8079904819 code=0x7ffc0000
[  571.663300][  T386] usb 9-1: USB disconnect, device number 2
[  571.664456][   T30] audit: type=1326 audit(1732154769.330:19270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14643 comm="syz.7.4388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f8079904819 code=0x7ffc0000
[  571.693665][   T30] audit: type=1326 audit(1732154769.330:19271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14643 comm="syz.7.4388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8079904819 code=0x7ffc0000
[  571.719172][T14646] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  571.737123][   T30] audit: type=1326 audit(1732154769.330:19272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14643 comm="syz.7.4388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8079904819 code=0x7ffc0000
[  571.774087][T14652] loop7: detected capacity change from 0 to 256
[  571.781527][T14646] EXT4-fs (loop6): mounted filesystem without journal. Opts: jqfmt=vfsold,noauto_da_alloc,jqfmt=vfsold,bsdgroups,resuid=0x0000000000000000,dioread_nolock,usrjquota=,discard,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  571.815331][T14652] FAT-fs (loop7): Directory bread(block 64) failed
[  571.821818][T14652] FAT-fs (loop7): Directory bread(block 65) failed
[  571.828553][T14652] FAT-fs (loop7): Directory bread(block 66) failed
[  571.836290][T14652] FAT-fs (loop7): Directory bread(block 67) failed
[  571.843239][T14652] FAT-fs (loop7): Directory bread(block 68) failed
[  571.849895][T14652] FAT-fs (loop7): Directory bread(block 69) failed
[  571.856677][T14652] FAT-fs (loop7): Directory bread(block 70) failed
[  571.863078][T14652] FAT-fs (loop7): Directory bread(block 71) failed
[  571.869413][T14652] FAT-fs (loop7): Directory bread(block 72) failed
[  571.875670][T14652] FAT-fs (loop7): Directory bread(block 73) failed
[  571.987087][T14657] Illegal XDP return value 4294967274, expect packet loss!
[  572.015840][T14662] blk_update_request: I/O error, dev loop15, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  572.039739][T14662] F2FS-fs (loop15): Unable to read 1th superblock
[  572.046120][T14662] blk_update_request: I/O error, dev loop15, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  572.059453][T14662] F2FS-fs (loop15): Unable to read 2th superblock
[  572.094617][T14668] loop7: detected capacity change from 0 to 512
[  572.122018][T14670] tipc: Started in network mode
[  572.126766][T14670] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  572.138846][T14670] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  572.147446][T14670] tipc: Enabled bearer <udp:s>, priority 10
[  572.190436][T14668] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  572.217681][T14668] ext4 filesystem being mounted at /229/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  572.229483][T14676] loop4: detected capacity change from 0 to 128
[  572.236147][   T30] audit: type=1326 audit(1732154769.920:19273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14678 comm="syz.8.4402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa450771819 code=0x7ffc0000
[  572.273057][T14676] FAT-fs (loop4): Unrecognized mount option "ýÑ
ãshortn^·e=winnt" or missing value
[  572.292745][T14668] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  572.307542][   T30] audit: type=1326 audit(1732154769.920:19274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14678 comm="syz.8.4402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa450771819 code=0x7ffc0000
[  572.361180][  T319] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28
[  572.383758][  T319] EXT4-fs (loop7): This should not happen!! Data will be lost
[  572.383758][  T319] 
[  572.423855][T14671] loop1: detected capacity change from 0 to 512
[  572.453364][  T319] EXT4-fs (loop7): Total free blocks count 0
[  572.465595][  T319] EXT4-fs (loop7): Free/Dirty block details
[  572.470257][T14671] EXT4-fs (loop1): Unrecognized mount option "ro" or missing value
[  572.478028][  T319] EXT4-fs (loop7): free_blocks=65280
[  572.484412][  T319] EXT4-fs (loop7): dirty_blocks=1
[  572.501531][  T319] EXT4-fs (loop7): Block reservation details
[  572.517170][  T319] EXT4-fs (loop7): i_reserved_data_blocks=1
[  572.698157][T14705] loop7: detected capacity change from 0 to 128
[  572.761835][T14694] loop8: detected capacity change from 0 to 40427
[  572.821011][T14705] EXT4-fs (loop7): Ignoring removed bh option
[  572.827177][T14694] F2FS-fs (loop8): Invalid SB checksum offset: 0
[  572.836680][T14705] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem
[  572.845932][T14694] F2FS-fs (loop8): Can't find valid F2FS filesystem in 2th superblock
[  572.864246][T14705] EXT4-fs (loop7): mounted filesystem without journal. Opts: auto_da_alloc,bh,,errors=continue. Quota mode: none.
[  572.880012][T14705] ext2 filesystem being mounted at /232/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  572.924414][T14694] F2FS-fs (loop8): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  572.995169][T14694] F2FS-fs (loop8): Try to recover 2th superblock, ret: 0
[  573.017167][T14694] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  573.266648][ T6849] tipc: Node number set to 1
[  573.305377][T14731] loop4: detected capacity change from 0 to 512
[  573.326794][   T26] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  573.344700][T14698] loop6: detected capacity change from 0 to 131072
[  573.368965][T14731] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.4420: casefold flag without casefold feature
[  573.377532][T14698] F2FS-fs (loop6): Test dummy encryption mode enabled
[  573.389116][T14731] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.4420: couldn't read orphan inode 15 (err -117)
[  573.389372][T14698] F2FS-fs (loop6): invalid crc value
[  573.407043][T14731] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  573.407853][T14698] F2FS-fs (loop6): Found nat_bits in checkpoint
[  573.452299][T14698] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  573.616740][  T902] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  573.616739][   T26] usb 2-1: too many configurations: 65, using maximum allowed: 8
[  573.898555][T14746] loop6: detected capacity change from 0 to 512
[  573.908648][T14746] EXT4-fs (loop6): Unrecognized mount option "ro" or missing value
[  574.016680][  T902] usb 9-1: config 0 has no interfaces?
[  574.021997][  T902] usb 9-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  574.047989][  T902] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  574.071350][  T902] usb 9-1: config 0 descriptor??
[  574.101719][T14754] loop7: detected capacity change from 0 to 256
[  574.157768][T14754] FAT-fs (loop7): Directory bread(block 64) failed
[  574.164117][T14754] FAT-fs (loop7): Directory bread(block 65) failed
[  574.186668][T14754] FAT-fs (loop7): Directory bread(block 66) failed
[  574.193020][T14754] FAT-fs (loop7): Directory bread(block 67) failed
[  574.199670][T14754] FAT-fs (loop7): Directory bread(block 68) failed
[  574.206001][T14754] FAT-fs (loop7): Directory bread(block 69) failed
[  574.212616][T14754] FAT-fs (loop7): Directory bread(block 70) failed
[  574.219182][T14754] FAT-fs (loop7): Directory bread(block 71) failed
[  574.225543][T14754] FAT-fs (loop7): Directory bread(block 72) failed
[  574.231903][T14754] FAT-fs (loop7): Directory bread(block 73) failed
[  574.256776][   T26] usb 2-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  574.265648][   T26] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  574.319634][T14733] UDC core: couldn't find an available UDC or it's busy: -16
[  574.333328][T14733] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  574.353507][T14733] UDC core: couldn't find an available UDC or it's busy: -16
[  574.373291][T14733] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  574.393514][  T902] usb 9-1: USB disconnect, device number 3
[  574.611619][  T408] attempt to access beyond end of device
[  574.611619][  T408] loop7: rw=1, want=1832, limit=256
[  574.634045][  T408] attempt to access beyond end of device
[  574.634045][  T408] loop7: rw=1, want=5392, limit=256
[  574.661716][  T408] attempt to access beyond end of device
[  574.661716][  T408] loop7: rw=1, want=7440, limit=256
[  574.683205][  T408] attempt to access beyond end of device
[  574.683205][  T408] loop7: rw=1, want=9488, limit=256
[  574.699517][T14758] loop4: detected capacity change from 0 to 512
[  574.708330][  T408] attempt to access beyond end of device
[  574.708330][  T408] loop7: rw=1, want=11536, limit=256
[  574.724391][T14764] loop6: detected capacity change from 0 to 512
[  574.733154][  T408] attempt to access beyond end of device
[  574.733154][  T408] loop7: rw=1, want=15576, limit=256
[  574.740480][T14758] EXT4-fs (loop4): Unrecognized mount option "ro" or missing value
[  574.749812][  T408] attempt to access beyond end of device
[  574.749812][  T408] loop7: rw=1, want=23336, limit=256
[  574.766875][   T26] usb 2-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  574.773584][   T26] usb 2-1: No valid video chain found.
[  574.786190][  T408] attempt to access beyond end of device
[  574.786190][  T408] loop7: rw=1, want=25752, limit=256
[  574.790265][T14764] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  574.799679][  T408] attempt to access beyond end of device
[  574.799679][  T408] loop7: rw=1, want=28008, limit=256
[  574.820017][  T408] attempt to access beyond end of device
[  574.820017][  T408] loop7: rw=1, want=31456, limit=256
[  574.831343][T14764] EXT4-fs (loop6): orphan cleanup on readonly fs
[  574.838169][T14764] EXT4-fs warning (device loop6): ext4_enable_quotas:6422: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  574.853092][T14764] EXT4-fs (loop6): Cannot turn on quotas: error -22
[  574.865225][T14764] EXT4-fs error (device loop6): ext4_ext_check_inode:501: inode #13: comm syz.6.4432: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  574.883536][T14764] EXT4-fs error (device loop6): ext4_orphan_get:1406: comm syz.6.4432: couldn't read orphan inode 13 (err -117)
[  574.895767][T14764] EXT4-fs (loop6): mounted filesystem without journal. Opts: sysvgroups,noblock_validity,debug,grpquota,debug,debug,grpid,,errors=continue. Quota mode: writeback.
[  574.938061][T14764] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  574.950742][T14764] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  574.969293][  T312] usb 2-1: USB disconnect, device number 38
[  574.979712][T14764] EXT4-fs warning (device loop6): ext4_enable_quotas:6422: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  574.996932][T14769] EXT4-fs (loop6): warning: mounting unchecked fs, running e2fsck is recommended
[  575.008365][T14768] loop7: detected capacity change from 0 to 1024
[  575.026630][T14769] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  575.066603][  T902] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  575.104726][T14768] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  575.128645][T14768] EXT4-fs (loop7): shut down requested (0)
[  575.476664][  T466] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  575.486658][  T902] usb 9-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  575.497745][  T902] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  575.507829][  T902] usb 9-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  575.516629][  T902] usb 9-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping
[  575.525498][  T902] usb 9-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  575.535841][  T902] usb 9-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8
[  575.554585][T14769] EXT4-fs warning (device loop6): ext4_multi_mount_protect:340: MMP startup interrupted, failing mount
[  575.554585][T14769] 
[  575.716595][  T466] usb 5-1: Using ep0 maxpacket: 16
[  575.716821][  T902] usb 9-1: New USB device found, idVendor=0dba, idProduct=1000, bcdDevice= 1.40
[  575.730673][  T902] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  575.738476][  T902] usb 9-1: Product: syz
[  575.742563][  T902] usb 9-1: Manufacturer: syz
[  575.746894][  T902] usb 9-1: SerialNumber: syz
[  575.769991][   T26] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  575.836675][  T466] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  576.006788][  T466] usb 5-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4
[  576.018663][  T466] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  576.029981][  T466] usb 5-1: Product: syz
[  576.034111][  T466] usb 5-1: Manufacturer: syz
[  576.039021][  T466] usb 5-1: SerialNumber: syz
[  576.041471][  T902] usb 9-1: USB disconnect, device number 4
[  576.046489][  T466] usb 5-1: config 0 descriptor??
[  576.095459][  T408] Bluetooth: hci0: Frame reassembly failed (-84)
[  576.136710][   T26] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11
[  576.147841][   T26] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024
[  576.158829][   T26] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  576.167610][   T26] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  576.186706][T14780] raw-gadget.4 gadget: fail, usb_ep_enable returned -22
[  576.556714][  T466] usb 5-1: Found UVC 0.00 device syz (045e:0721)
[  576.563000][  T466] usb 5-1: No valid video chain found.
[  576.571115][  T466] usb 5-1: USB disconnect, device number 31
[  576.796627][  T902] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  577.046652][  T902] usb 9-1: Using ep0 maxpacket: 16
[  577.176671][  T902] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  577.186253][  T902] usb 9-1: config 0 interface 0 has no altsetting 0
[  577.192661][  T902] usb 9-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00
[  577.201519][  T902] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  577.210371][  T902] usb 9-1: config 0 descriptor??
[  577.296824][  T466] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  577.536654][  T466] usb 5-1: Using ep0 maxpacket: 16
[  577.646666][   T26] aiptek 2-1:17.0: Aiptek using 400 ms programming speed
[  577.654781][   T26] input: Aiptek as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:17.0/input/input42
[  577.663872][  T466] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  577.676016][   T26] usb 2-1: USB disconnect, device number 39
[  577.678151][  T902] hid (null): nested delimiters
[  577.681791][  T466] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  577.696023][    C1] aiptek 2-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[  577.698789][  T902] hid-generic 0003:060B:500A.002A: unexpected long global item
[  577.704344][  T466] usb 5-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  577.720627][  T902] hid-generic: probe of 0003:060B:500A.002A failed with error -22
[  577.720702][  T466] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  577.730591][  T466] usb 5-1: config 0 descriptor??
[  577.889748][ T6849] usb 9-1: USB disconnect, device number 5
[  577.928272][T14799] loop1: detected capacity change from 0 to 512
[  577.937327][T14799] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  577.951936][T14799] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  577.960278][T14799] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.4443: invalid indirect mapped block 2683928664 (level 1)
[  577.974227][T14799] EXT4-fs (loop1): Remounting filesystem read-only
[  577.980771][T14799] EXT4-fs (loop1): 1 truncate cleaned up
[  577.986345][T14799] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,dioread_nolock,errors=remount-ro,minixdf,jqfmt=vfsv0,usrjquota=.max_batch_time=0x0000000000000001,,. Quota mode: writeback.
[  578.008975][   T30] kauditd_printk_skb: 38 callbacks suppressed
[  578.008991][   T30] audit: type=1400 audit(1732154775.700:19313): avc:  denied  { quotaon } for  pid=14798 comm="syz.1.4443" name="file0" dev="loop1" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  578.166695][ T6849] Bluetooth: hci0: command 0x1003 tx timeout
[  578.172820][ T1956] Bluetooth: hci0: sending frame failed (-49)
[  578.217415][  T466] hid-multitouch 0003:1FD2:6007.002B: unknown main item tag 0x0
[  578.224933][  T466] hid-multitouch 0003:1FD2:6007.002B: unknown main item tag 0x0
[  578.232693][  T466] hid-multitouch 0003:1FD2:6007.002B: unbalanced collection at end of report description
[  578.242579][  T466] hid-multitouch: probe of 0003:1FD2:6007.002B failed with error -22
[  578.263839][T14817] loop1: detected capacity change from 0 to 256
[  578.275992][T14817] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  578.292623][T14817] exFAT-fs (loop1): hint_cluster is invalid (17)
[  578.455010][  T312] usb 5-1: USB disconnect, device number 32
[  578.567590][T14839] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  578.577202][T14839] SELinux: failed to load policy
[  578.590767][   T30] audit: type=1326 audit(1732154776.280:19314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14840 comm="syz.1.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36e356819 code=0x7ffc0000
[  578.614328][   T30] audit: type=1326 audit(1732154776.280:19315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14840 comm="syz.1.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc36e356819 code=0x7ffc0000
[  578.654432][   T30] audit: type=1326 audit(1732154776.280:19316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14840 comm="syz.1.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36e356819 code=0x7ffc0000
[  578.683908][   T30] audit: type=1326 audit(1732154776.280:19317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14840 comm="syz.1.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc36e356819 code=0x7ffc0000
[  578.712420][   T30] audit: type=1326 audit(1732154776.280:19318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14840 comm="syz.1.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36e356819 code=0x7ffc0000
[  578.735903][  T466] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  578.740136][   T30] audit: type=1326 audit(1732154776.280:19319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14840 comm="syz.1.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc36e356819 code=0x7ffc0000
[  578.766909][   T30] audit: type=1326 audit(1732154776.300:19320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14840 comm="syz.1.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36e356819 code=0x7ffc0000
[  578.791470][   T30] audit: type=1326 audit(1732154776.310:19321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14840 comm="syz.1.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36e356819 code=0x7ffc0000
[  578.815691][   T30] audit: type=1326 audit(1732154776.320:19322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14840 comm="syz.1.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc36e356819 code=0x7ffc0000
[  579.045575][T14864] syz.4.4470[14864] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  579.045633][T14864] syz.4.4470[14864] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  579.076057][T14866] loop4: detected capacity change from 0 to 512
[  579.096742][  T466] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  579.106891][  T466] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[  579.162569][T14866] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  579.170831][T14866] EXT4-fs (loop4): orphan cleanup on readonly fs
[  579.177452][T14866] EXT4-fs warning (device loop4): ext4_enable_quotas:6422: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  579.192275][  T466] usb 9-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  579.196818][T14866] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  579.201284][  T466] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  579.208716][T14866] EXT4-fs error (device loop4): ext4_ext_check_inode:501: inode #13: comm syz.4.4471: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  579.215503][  T466] usb 9-1: SerialNumber: syz
[  579.233514][T14866] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.4471: couldn't read orphan inode 13 (err -117)
[  579.249504][T14866] EXT4-fs (loop4): mounted filesystem without journal. Opts: sysvgroups,noblock_validity,debug,grpquota,debug,debug,grpid,,errors=continue. Quota mode: writeback.
[  579.284927][T14866] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  579.294393][T14866] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  579.307237][T14866] EXT4-fs warning (device loop4): ext4_enable_quotas:6422: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  579.322691][T14866] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[  579.332100][T14866] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  579.347007][T14866] EXT4-fs warning (device loop4): ext4_enable_quotas:6422: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  579.422877][  T312] hid-generic 0000:1000000:0000.002C: unknown main item tag 0x0
[  579.431024][  T312] hid-generic 0000:1000000:0000.002C: unknown main item tag 0x0
[  579.438510][  T312] hid-generic 0000:1000000:0000.002C: unknown main item tag 0x0
[  579.445941][  T312] hid-generic 0000:1000000:0000.002C: unknown main item tag 0x0
[  579.453818][  T312] hid-generic 0000:1000000:0000.002C: unknown main item tag 0x0
[  579.461280][  T312] hid-generic 0000:1000000:0000.002C: unknown main item tag 0x0
[  579.468729][  T312] hid-generic 0000:1000000:0000.002C: unknown main item tag 0x0
[  579.476181][  T312] hid-generic 0000:1000000:0000.002C: unknown main item tag 0x0
[  579.484586][  T312] hid-generic 0000:1000000:0000.002C: unknown main item tag 0x0
[  579.492082][  T312] hid-generic 0000:1000000:0000.002C: unknown main item tag 0x0
[  579.499682][  T312] hid-generic 0000:1000000:0000.002C: unknown main item tag 0x0
[  579.507139][  T312] hid-generic 0000:1000000:0000.002C: unknown main item tag 0x0
[  579.514587][  T312] hid-generic 0000:1000000:0000.002C: unknown main item tag 0x0
[  579.522121][  T312] hid-generic 0000:1000000:0000.002C: unknown main item tag 0x0
[  579.522805][  T466] usb 9-1: 0:2 : does not exist
[  579.529575][  T312] hid-generic 0000:1000000:0000.002C: unknown main item tag 0x0
[  579.541940][  T312] hid-generic 0000:1000000:0000.002C: unknown main item tag 0x0
[  579.549415][  T312] hid-generic 0000:1000000:0000.002C: unknown main item tag 0x0
[  579.556871][  T312] hid-generic 0000:1000000:0000.002C: unknown main item tag 0x0
[  579.564309][  T312] hid-generic 0000:1000000:0000.002C: unknown main item tag 0x0
[  579.570675][  T466] usb 9-1: USB disconnect, device number 6
[  579.572767][  T312] hid-generic 0000:1000000:0000.002C: unknown main item tag 0x0
[  579.585750][  T312] hid-generic 0000:1000000:0000.002C: unknown main item tag 0x0
[  579.593815][  T312] hid-generic 0000:1000000:0000.002C: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  579.615198][  T660] udevd[660]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  579.696598][ T6849] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  579.967280][T14881] loop1: detected capacity change from 0 to 40427
[  580.037356][T14881] F2FS-fs (loop1): Mismatch start address, segment0(134218240) cp_blkaddr(0)
[  580.056632][ T6849] usb 5-1: config 0 has no interfaces?
[  580.061941][ T6849] usb 5-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  580.071050][T14881] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  580.079113][ T6849] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  580.088741][ T6849] usb 5-1: config 0 descriptor??
[  580.095336][T14881] F2FS-fs (loop1): Found nat_bits in checkpoint
[  580.146908][T14881] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  580.156678][T14881] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  580.218028][  T289] handle_bad_sector: 1 callbacks suppressed
[  580.218046][  T289] attempt to access beyond end of device
[  580.218046][  T289] loop1: rw=2049, want=45104, limit=40427
[  580.246680][  T466] Bluetooth: hci0: command 0x1001 tx timeout
[  580.252618][T14848] Bluetooth: hci0: sending frame failed (-49)
[  580.298419][T14891] loop8: detected capacity change from 0 to 40427
[  580.334295][  T466] usb 5-1: USB disconnect, device number 33
[  580.361748][T14891] F2FS-fs (loop8): invalid crc value
[  580.379240][T14891] F2FS-fs (loop8): Found nat_bits in checkpoint
[  580.414715][T14891] F2FS-fs (loop8): Start checkpoint disabled!
[  580.421504][T14891] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[  580.490239][T14900] loop1: detected capacity change from 0 to 512
[  580.527002][   T10] attempt to access beyond end of device
[  580.527002][   T10] loop8: rw=2049, want=40968, limit=40427
[  580.547169][T14900] EXT4-fs (loop1): Ignoring removed nobh option
[  580.554288][T14900] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  580.577607][T14900] EXT4-fs (loop1): 1 truncate cleaned up
[  580.583128][T14900] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_batch_time=0x0000000001800000,nobh,data_err=ignore,jqfmt=vfsold,init_itable=0x0000000000000004,acl,,errors=continue. Quota mode: none.
[  580.689332][T14909] loop8: detected capacity change from 0 to 512
[  580.758370][T14909] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  580.769267][T14909] ext4 filesystem being mounted at /22/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  580.836382][T14915] loop8: detected capacity change from 0 to 512
[  580.996677][  T466] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  581.137904][T14920] loop4: detected capacity change from 0 to 512
[  581.167364][T14924] netlink: 'syz.8.4491': attribute type 22 has an invalid length.
[  581.181468][T14920] EXT4-fs (loop4): Unrecognized mount option "ro" or missing value
[  581.227005][T14926] device veth0_vlan left promiscuous mode
[  581.233563][T14926] device veth0_vlan entered promiscuous mode
[  581.253759][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  581.256679][  T466] usb 2-1: Using ep0 maxpacket: 16
[  581.267103][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  581.285643][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  581.386741][  T466] usb 2-1: config 0 has an invalid interface number: 105 but max is 0
[  581.394948][  T466] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  581.405544][  T466] usb 2-1: config 0 has no interface number 0
[  581.425563][T14934] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[  581.446766][T14934] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev incremental-fs, type incremental-fs) errno=-22
[  581.566794][  T466] usb 2-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  581.582322][  T466] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  581.586169][T14945] loop8: detected capacity change from 0 to 512
[  581.591577][  T466] usb 2-1: Product: syz
[  581.602799][  T466] usb 2-1: Manufacturer: syz
[  581.612860][T14945] EXT4-fs (loop8): Ignoring removed nobh option
[  581.619207][T14945] EXT4-fs (loop8): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  581.631123][  T466] usb 2-1: SerialNumber: syz
[  581.636394][  T466] usb 2-1: config 0 descriptor??
[  581.648717][T14945] EXT4-fs (loop8): mounted filesystem without journal. Opts: errors=remount-ro,nobh,max_batch_time=0x00000000000003ff,nojournal_checksum,usrquota,dioread_nolock,nodiscard,. Quota mode: writeback.
[  581.667996][T14945] ext4 filesystem being mounted at /33/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  581.684431][T14945] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm syz.8.4500: bg 0: block 224: padding at end of block bitmap is not set
[  581.699339][T14945] EXT4-fs (loop8): Remounting filesystem read-only
[  581.706067][T14945] EXT4-fs error (device loop8) in ext4_evict_inode:258: Readonly filesystem
[  581.715213][T14945] EXT4-fs error (device loop8) in ext4_evict_inode:258: Readonly filesystem
[  581.776050][T14955] loop8: detected capacity change from 0 to 512
[  581.937434][  T466] usb 2-1: Found UVC 0.00 device syz (046d:08f3)
[  581.943623][  T466] usb 2-1: No valid video chain found.
[  582.069162][T14959] loop4: detected capacity change from 0 to 40427
[  582.136281][ T3821] usb 2-1: USB disconnect, device number 40
[  582.151729][T14959] F2FS-fs (loop4): fault_injection options not supported
[  582.159453][T14959] F2FS-fs (loop4): invalid crc value
[  582.165717][T14959] F2FS-fs (loop4): Found nat_bits in checkpoint
[  582.188083][T14959] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  582.213432][T14959] attempt to access beyond end of device
[  582.213432][T14959] loop4: rw=524288, want=45072, limit=40427
[  582.224758][T14959] attempt to access beyond end of device
[  582.224758][T14959] loop4: rw=0, want=45072, limit=40427
[  582.239822][  T291] attempt to access beyond end of device
[  582.239822][  T291] loop4: rw=2049, want=45104, limit=40427
[  582.326635][   T26] Bluetooth: hci0: command 0x1009 tx timeout
[  582.386623][  T466] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  582.530073][T14974] loop4: detected capacity change from 0 to 512
[  582.609196][T14974] EXT4-fs (loop4): Unrecognized mount option "ro" or missing value
[  582.746705][  T466] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  582.766715][  T466] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  582.776295][  T466] usb 9-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  582.796602][  T466] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  582.816887][  T466] usb 9-1: config 0 descriptor??
[  583.126453][T14981] loop4: detected capacity change from 0 to 512
[  583.177617][T14981] EXT4-fs (loop4): Unrecognized mount option "ro" or missing value
[  583.297764][  T466] isku 0003:1E7D:319C.002D: ignoring exceeding usage max
[  583.306498][  T466] isku 0003:1E7D:319C.002D: unbalanced collection at end of report description
[  583.328702][  T466] isku 0003:1E7D:319C.002D: parse failed
[  583.336324][  T466] isku: probe of 0003:1E7D:319C.002D failed with error -22
[  583.391754][T14978] loop1: detected capacity change from 0 to 131072
[  583.490366][T14978] F2FS-fs (loop1): invalid crc value
[  583.501417][  T312] usb 9-1: USB disconnect, device number 7
[  583.524273][T14978] F2FS-fs (loop1): Found nat_bits in checkpoint
[  583.559361][T14978] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  583.641775][   T30] kauditd_printk_skb: 13 callbacks suppressed
[  583.641787][   T30] audit: type=1326 audit(1732154781.330:19334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14987 comm="syz.4.4515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f66db3819 code=0x7ffc0000
[  583.672181][   T30] audit: type=1326 audit(1732154781.340:19335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14987 comm="syz.4.4515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f66db3819 code=0x7ffc0000
[  583.697395][   T30] audit: type=1326 audit(1732154781.370:19336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14987 comm="syz.4.4515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2f66db3819 code=0x7ffc0000
[  583.721059][   T30] audit: type=1326 audit(1732154781.370:19337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14987 comm="syz.4.4515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f66db3819 code=0x7ffc0000
[  583.749693][   T30] audit: type=1326 audit(1732154781.370:19338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14987 comm="syz.4.4515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f66db3819 code=0x7ffc0000
[  583.773219][   T30] audit: type=1326 audit(1732154781.390:19339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14987 comm="syz.4.4515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2f66db3819 code=0x7ffc0000
[  583.796718][   T30] audit: type=1326 audit(1732154781.390:19340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14987 comm="syz.4.4515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f66db3819 code=0x7ffc0000
[  583.814056][T14988] loop4: detected capacity change from 0 to 512
[  583.820687][   T30] audit: type=1326 audit(1732154781.390:19341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14987 comm="syz.4.4515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f66db3819 code=0x7ffc0000
[  583.851286][   T30] audit: type=1326 audit(1732154781.390:19342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14987 comm="syz.4.4515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2f66db3819 code=0x7ffc0000
[  583.874997][   T30] audit: type=1326 audit(1732154781.420:19343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14987 comm="syz.4.4515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f66db3819 code=0x7ffc0000
[  583.909022][T14988] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  583.912815][T14990] loop1: detected capacity change from 0 to 1024
[  583.929220][T14990] EXT4-fs (loop1): Ignoring removed bh option
[  583.933043][T14988] EXT4-fs (loop4): 1 truncate cleaned up
[  583.935425][T14990] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  583.941016][T14988] EXT4-fs (loop4): mounted filesystem without journal. Opts: resuid=0x0000000000000000,init_itable,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[  583.982929][T14990] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,noblock_validity,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,max_batch_time=0x0000000000000002,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  584.087969][T14998] loop8: detected capacity change from 0 to 512
[  584.347562][T15017] loop4: detected capacity change from 0 to 256
[  584.411426][T15017] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  584.789132][T15048] loop1: detected capacity change from 0 to 512
[  584.836169][T15048] EXT4-fs (loop1): Unrecognized mount option "ro" or missing value
[  584.866659][  T466] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  585.106619][  T466] usb 5-1: Using ep0 maxpacket: 8
[  585.160767][T15062] device veth0_vlan left promiscuous mode
[  585.168101][T15062] device veth0_vlan entered promiscuous mode
[  585.226779][  T466] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  585.396667][  T466] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  585.405680][  T466] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  585.413806][  T466] usb 5-1: Product: syz
[  585.418072][  T466] usb 5-1: Manufacturer: syz
[  585.423621][  T466] usb 5-1: SerialNumber: syz
[  585.550592][T15089] loop8: detected capacity change from 0 to 512
[  585.561339][T15089] EXT4-fs (loop8): Unrecognized mount option "ro" or missing value
[  585.891694][T15094] loop8: detected capacity change from 0 to 2048
[  585.917367][T15094]  loop8: p1 < > p4
[  585.921661][T15094] loop8: p4 size 8388608 extends beyond EOD, truncated
[  586.119152][  T436] udevd[436]: inotify_add_watch(7, /dev/loop8p4, 10) failed: No such file or directory
[  586.129994][  T314] udevd[314]: inotify_add_watch(7, /dev/loop8p1, 10) failed: No such file or directory
[  586.296025][T15096] device veth0_vlan left promiscuous mode
[  586.315765][T15096] device veth0_vlan entered promiscuous mode
[  586.324123][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  586.333823][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  586.345967][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  586.417011][T15122] loop1: detected capacity change from 0 to 512
[  586.493732][T15122] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.4570: invalid indirect mapped block 4294967295 (level 1)
[  586.507768][T15122] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.4570: invalid indirect mapped block 4294967295 (level 1)
[  586.522212][T15122] EXT4-fs (loop1): 2 truncates cleaned up
[  586.528098][T15122] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  586.566709][  T466] cdc_ncm 5-1:1.0: MAC-Address: 42:42:42:42:42:42
[  586.572960][  T466] cdc_ncm 5-1:1.0: setting tx_max = 16384
[  586.639346][T15132] loop1: detected capacity change from 0 to 256
[  586.713476][T15132] FAT-fs (loop1): Directory bread(block 64) failed
[  586.719995][T15132] FAT-fs (loop1): Directory bread(block 65) failed
[  586.726361][T15132] FAT-fs (loop1): Directory bread(block 66) failed
[  586.733378][T15132] FAT-fs (loop1): Directory bread(block 67) failed
[  586.739864][T15132] FAT-fs (loop1): Directory bread(block 68) failed
[  586.746208][T15132] FAT-fs (loop1): Directory bread(block 69) failed
[  586.752595][T15132] FAT-fs (loop1): Directory bread(block 70) failed
[  586.758945][T15132] FAT-fs (loop1): Directory bread(block 71) failed
[  586.765282][T15132] FAT-fs (loop1): Directory bread(block 72) failed
[  586.772067][T15132] FAT-fs (loop1): Directory bread(block 73) failed
[  586.778605][  T466] cdc_ncm 5-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.4-1, CDC NCM, 42:42:42:42:42:42
[  586.808002][  T466] usb 5-1: USB disconnect, device number 34
[  586.821359][  T466] cdc_ncm 5-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.4-1, CDC NCM
[  586.928721][   T10] attempt to access beyond end of device
[  586.928721][   T10] loop1: rw=1, want=1832, limit=256
[  586.940131][   T10] attempt to access beyond end of device
[  586.940131][   T10] loop1: rw=1, want=4256, limit=256
[  586.952386][   T10] attempt to access beyond end of device
[  586.952386][   T10] loop1: rw=1, want=8032, limit=256
[  586.964482][   T10] attempt to access beyond end of device
[  586.964482][   T10] loop1: rw=1, want=11312, limit=256
[  586.976891][   T10] attempt to access beyond end of device
[  586.976891][   T10] loop1: rw=1, want=14088, limit=256
[  586.988552][   T10] attempt to access beyond end of device
[  586.988552][   T10] loop1: rw=1, want=16184, limit=256
[  587.000457][   T10] attempt to access beyond end of device
[  587.000457][   T10] loop1: rw=1, want=18824, limit=256
[  587.012515][   T10] attempt to access beyond end of device
[  587.012515][   T10] loop1: rw=1, want=22480, limit=256
[  587.025084][   T10] attempt to access beyond end of device
[  587.025084][   T10] loop1: rw=1, want=26496, limit=256
[  587.037410][   T10] attempt to access beyond end of device
[  587.037410][   T10] loop1: rw=1, want=29784, limit=256
[  587.158598][T15139] loop1: detected capacity change from 0 to 256
[  587.226193][T15139] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  587.361020][T15141] loop7: detected capacity change from 0 to 40427
[  587.411482][T15141] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[  587.425684][T15141] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  587.467562][T15141] F2FS-fs (loop7): Found nat_bits in checkpoint
[  587.505817][T15141] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  587.512801][T15141] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  587.577409][T15166] tipc: Started in network mode
[  587.582180][T15166] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  587.592768][T15166] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  587.602180][T15166] tipc: Enabled bearer <udp:syz1>, priority 10
[  587.608920][  T312] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  587.623333][T15141] overlayfs: invalid origin (0000)
[  587.659678][T10417] F2FS-fs (loop7): invalid namelen(0), ino:0, run fsck to fix.
[  587.659702][T10417] F2FS-fs (loop7): invalid namelen(0), ino:0, run fsck to fix.
[  587.676605][T10417] F2FS-fs (loop7): invalid namelen(0), ino:0, run fsck to fix.
[  587.683974][T10417] F2FS-fs (loop7): invalid namelen(0), ino:0, run fsck to fix.
[  587.706635][T10417] F2FS-fs (loop7): invalid namelen(0), ino:0, run fsck to fix.
[  587.714014][T10417] F2FS-fs (loop7): invalid namelen(0), ino:0, run fsck to fix.
[  587.721693][T10417] F2FS-fs (loop7): invalid namelen(0), ino:0, run fsck to fix.
[  587.866670][  T312] usb 2-1: Using ep0 maxpacket: 16
[  587.981382][T15169] loop4: detected capacity change from 0 to 512
[  588.014077][T15169] EXT4-fs (loop4): Unrecognized mount option "ro" or missing value
[  588.026957][  T312] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  588.031268][T15148] loop8: detected capacity change from 0 to 131072
[  588.043968][  T312] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  588.064127][T15148] F2FS-fs (loop8): invalid crc value
[  588.072590][T15148] F2FS-fs (loop8): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387)
[  588.083464][  T312] usb 2-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  588.108029][  T312] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  588.116288][T15148] F2FS-fs (loop8): Mounted with checkpoint version = 753bd00b
[  588.117529][  T312] usb 2-1: config 0 descriptor??
[  588.372735][T15172] loop7: detected capacity change from 0 to 40427
[  588.481927][T15172] F2FS-fs (loop7): invalid crc value
[  588.501717][T15172] F2FS-fs (loop7): Found nat_bits in checkpoint
[  588.539041][T15172] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  588.573616][T15195] netem: change failed
[  588.576173][T15196] ------------[ cut here ]------------
[  588.583495][T15196] WARNING: CPU: 0 PID: 15196 at mm/page_alloc.c:5754 __alloc_pages+0x770/0x8f0
[  588.596630][  T386] tipc: Node number set to 1
[  588.596701][T15196] Modules linked in:
[  588.616643][T15196] CPU: 1 PID: 15196 Comm: syz.4.4595 Tainted: G        W         5.15.167-syzkaller-00348-g2e66050fb753 #0
[  588.640437][  T312] hid-multitouch 0003:1FD2:6007.002E: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.1-1/input0
[  588.646856][T15196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  588.687873][T15196] RIP: 0010:__alloc_pages+0x770/0x8f0
[  588.697574][T15196] Code: df e9 aa fb ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c ba fb ff ff e8 af 16 05 00 48 ba 00 00 00 00 00 fc ff df e9 a6 fb ff ff <0f> 0b 45 31 e4 e9 73 fc ff ff 48 8d 4c 24 40 80 e1 07 80 c1 03 38
[  588.756872][T15196] RSP: 0018:ffffc900009679a0 EFLAGS: 00010246
[  588.762961][T15196] RAX: 0000000000000004 RBX: 0000000000040d40 RCX: ffffc90000967903
[  588.786638][T15196] RDX: dffffc0000000000 RSI: 0000000000000000 RDI: ffffc90000967a38
[  588.794567][T15196] RBP: ffffc90000967aa8 R08: dffffc0000000000 R09: ffffc90000967a10
[  588.802784][T15196] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000
[  588.815165][T15196] R13: 1ffff9200012cf3c R14: 1ffff9200012cf3e R15: 1ffff9200012cf38
[  588.824058][T15196] FS:  00007f2f6542c6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  588.834178][T15196] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  588.853481][  T386] usb 2-1: USB disconnect, device number 41
[  588.860945][T15196] CR2: 00007f513e2adca0 CR3: 0000000120da6000 CR4: 00000000003506b0
[  588.873309][T15196] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  588.881631][T15196] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  588.890115][T15196] Call Trace:
[  588.907484][T15196]  <TASK>
[  588.910294][T15196]  ? show_regs+0x58/0x60
[  588.914399][T15196]  ? __warn+0x160/0x2f0
[  588.919059][T15196]  ? __alloc_pages+0x770/0x8f0
[  588.926451][T15196]  ? report_bug+0x3d9/0x5b0
[  588.931592][T15196]  ? __alloc_pages+0x770/0x8f0
[  588.936277][T15196]  ? handle_bug+0x41/0x70
[  588.946684][T15196]  ? exc_invalid_op+0x1b/0x50
[  588.951251][T15196]  ? asm_exc_invalid_op+0x1b/0x20
[  588.966259][T15196]  ? __alloc_pages+0x770/0x8f0
[  588.971252][T15196]  ? slab_free_freelist_hook+0xbd/0x190
[  588.976694][T15196]  ? putname+0xfa/0x150
[  588.980644][T15196]  ? prep_new_page+0x110/0x110
[  588.985256][T15196]  ? do_vfs_ioctl+0x1a90/0x2a80
[  588.990154][T15196]  kmalloc_order+0x4a/0x160
[  588.994574][T15196]  kmalloc_order_trace+0x1a/0xb0
[  588.999334][T15196]  __kmalloc+0x19c/0x270
[  589.003439][T15196]  ? __kasan_check_write+0x14/0x20
[  589.008596][T15196]  pending_reads_dispatch_ioctl+0xe3d/0x26c0
[  589.016086][T15196]  ? ioctl_has_perm+0x3f5/0x560
[  589.021145][T15196]  ? __kasan_slab_free+0x11/0x20
[  589.026281][T15196]  ? pending_reads_poll+0x190/0x190
[  589.031623][T15196]  ? has_cap_mac_admin+0x3c0/0x3c0
[  589.036838][  T312] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  589.044473][T15196]  ? selinux_file_ioctl+0x3cc/0x540
[  589.049992][T15196]  ? selinux_file_alloc_security+0x120/0x120
[  589.055993][T15196]  ? __se_sys_mount+0x367/0x3b0
[  589.060832][T15196]  ? __fget_files+0x31e/0x380
[  589.065328][T15196]  ? security_file_ioctl+0x84/0xb0
[  589.070783][T15196]  ? pending_reads_poll+0x190/0x190
[  589.076071][T15196]  __se_sys_ioctl+0x114/0x190
[  589.081047][T15196]  __x64_sys_ioctl+0x7b/0x90
[  589.085692][T15196]  x64_sys_call+0x98/0x9a0
[  589.090261][T15196]  do_syscall_64+0x3b/0xb0
[  589.094504][T15196]  ? clear_bhb_loop+0x35/0x90
[  589.099249][T15196]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  589.101597][T15211] loop6: detected capacity change from 0 to 512
[  589.105242][T15196] RIP: 0033:0x7f2f66db3819
[  589.116056][T15196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  589.135614][T15196] RSP: 002b:00007f2f6542c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  589.143903][T15196] RAX: ffffffffffffffda RBX: 00007f2f66f6afa0 RCX: 00007f2f66db3819
[  589.151774][T15196] RDX: 0000000020000000 RSI: 0000000040106726 RDI: 0000000000000004
[  589.159676][T15196] RBP: 00007f2f66e2675e R08: 0000000000000000 R09: 0000000000000000
[  589.171272][T15211] EXT4-fs (loop6): Unrecognized mount option "ro" or missing value
[  589.174078][T15196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  589.186931][T15196] R13: 0000000000000000 R14: 00007f2f66f6afa0 R15: 00007ffc14f27318
[  589.194730][T15196]  </TASK>
[  589.197667][T15196] ---[ end trace d77f9cdf9ec8fae3 ]---
[  589.238112][T15218] loop4: detected capacity change from 0 to 1024
[  589.278312][T15218] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  589.318608][T15218] EXT4-fs (loop4): mounted filesystem without journal. Opts: user_xattr,noquota,barrier=0x0000000000000002,jqfmt=vfsv1,block_validity,dioread_nolock,noquota,min_batch_time=0x0000000000000008,delalloc,user_xattr,quota,,errors=continue. Quota mode: writeback.
[  589.377846][T15223] loop1: detected capacity change from 0 to 256
[  589.419548][T15223] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  589.431805][  T312] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 253, changing to 11
[  589.442925][  T312] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  589.452865][  T312] usb 9-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[  589.462820][  T312] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  589.471508][  T312] usb 9-1: config 0 descriptor??
[  589.519643][   T30] kauditd_printk_skb: 84 callbacks suppressed
[  589.519659][   T30] audit: type=1326 audit(1732154787.210:19428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15227 comm="syz.4.4609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f66db3819 code=0x7ffc0000
[  589.559383][   T30] audit: type=1326 audit(1732154787.210:19429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15227 comm="syz.4.4609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f66db3819 code=0x7ffc0000
[  589.585286][   T30] audit: type=1326 audit(1732154787.210:19430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15227 comm="syz.4.4609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=91 compat=0 ip=0x7f2f66db3819 code=0x7ffc0000
[  589.608930][   T30] audit: type=1400 audit(1732154787.210:19431): avc:  denied  { setattr } for  pid=15227 comm="syz.4.4609" name="TIPC" dev="sockfs" ino=70797 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  589.636799][   T30] audit: type=1326 audit(1732154787.210:19432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15227 comm="syz.4.4609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f66db3819 code=0x7ffc0000
[  589.666115][T15232] netlink: 92 bytes leftover after parsing attributes in process `syz.4.4610'.
[  589.682127][   T30] audit: type=1326 audit(1732154787.210:19433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15227 comm="syz.4.4609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f66db3819 code=0x7ffc0000
[  589.714518][   T30] audit: type=1400 audit(1732154787.400:19434): avc:  denied  { map } for  pid=15233 comm="syz.4.4611" path="socket:[70290]" dev="sockfs" ino=70290 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  589.744970][   T30] audit: type=1400 audit(1732154787.400:19435): avc:  denied  { read accept } for  pid=15233 comm="syz.4.4611" path="socket:[70290]" dev="sockfs" ino=70290 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  589.805148][T15240] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  589.846697][  T386] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  589.864559][T15249] syz.7.4619[15249] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  589.864637][T15249] syz.7.4619[15249] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  589.877124][T15251] loop4: detected capacity change from 0 to 256
[  589.956921][  T312] hid (null): report_id 0 is invalid
[  589.963276][  T312] hid-steam 0003:28DE:1102.002F: report_id 0 is invalid
[  589.974193][  T312] hid-steam 0003:28DE:1102.002F: item 0 1 1 8 parsing failed
[  589.982142][  T312] hid-steam 0003:28DE:1102.002F: steam_probe:parse of hid interface failed
[  589.992681][  T312] hid-steam: probe of 0003:28DE:1102.002F failed with error -22
[  590.098294][   T30] audit: type=1326 audit(1732154787.790:19436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15265 comm="syz.6.4625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dbde05819 code=0x7ffc0000
[  590.123549][   T30] audit: type=1326 audit(1732154787.810:19437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15265 comm="syz.6.4625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f8dbde05819 code=0x7ffc0000
[  590.161822][    T6] usb 9-1: USB disconnect, device number 8
[  590.193349][  T466] hid-generic 0000:0003:0000.0030: unknown main item tag 0x0
[  590.200991][  T466] hid-generic 0000:0003:0000.0030: unknown main item tag 0x0
[  590.216728][  T466] hid-generic 0000:0003:0000.0030: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  590.236685][  T386] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  590.258770][  T386] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  590.396717][  T386] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  590.405981][  T386] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  590.414021][  T386] usb 2-1: SerialNumber: syz
[  590.432175][T15286] loop4: detected capacity change from 0 to 512
[  590.442616][T15286] EXT4-fs (loop4): Unrecognized mount option "ro" or missing value
[  590.697483][  T386] usb 2-1: 0:2 : does not exist
[  590.707193][  T386] usb 2-1: USB disconnect, device number 42
[  590.723834][  T660] udevd[660]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  590.727501][T15290] loop8: detected capacity change from 0 to 1024
[  590.780044][T15290] EXT4-fs (loop8): Ignoring removed nobh option
[  590.788544][T15290] EXT4-fs (loop8): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  590.831326][T15290] EXT4-fs (loop8): mounted filesystem without journal. Opts: nobh,noauto_da_alloc,jqfmt=vfsold,data_err=ignore,resuid=0x0000000000000000,dioread_nolock,usrjquota=,noload,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  591.124180][T15304] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4640'.
[  591.146633][   T26] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  591.154068][  T466] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  591.223620][T15310] loop7: detected capacity change from 0 to 8192
[  591.288015][T15310] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  591.308675][T15310] FAT-fs (loop7): error, fat_free_clusters: deleting FAT entry beyond EOF
[  591.317140][T15310] FAT-fs (loop7): Filesystem has been set read-only
[  591.343235][T15316] loop1: detected capacity change from 0 to 40427
[  591.406679][   T26] usb 5-1: Using ep0 maxpacket: 16
[  591.415996][T15316] F2FS-fs (loop1): Small segment_count (9 < 1 * 24)
[  591.427197][T15316] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  591.446096][T15316] F2FS-fs (loop1): Found nat_bits in checkpoint
[  591.470111][T15316] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  591.477030][T15316] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  591.501344][T15316] F2FS-fs (loop1): switch extent_cache option is not allowed
[  591.527151][  T466] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  591.537172][   T26] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  591.548210][  T466] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[  591.557740][   T26] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  591.567491][   T26] usb 5-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00
[  591.576328][   T26] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  591.585474][   T26] usb 5-1: config 0 descriptor??
[  591.639796][T15331] loop1: detected capacity change from 0 to 128
[  591.646782][  T466] usb 9-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  591.655801][  T466] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  591.663693][  T466] usb 9-1: SerialNumber: syz
[  591.784106][T15333] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4653'.
[  591.947305][  T466] usb 9-1: 0:2 : does not exist
[  591.952716][  T466] usb 9-1: USB disconnect, device number 9
[  591.988807][T15353] loop1: detected capacity change from 0 to 256
[  592.067843][   T26] lenovo 0003:17EF:6009.0031: item fetching failed at offset 1/5
[  592.075707][   T26] lenovo 0003:17EF:6009.0031: hid_parse failed
[  592.082288][   T26] lenovo: probe of 0003:17EF:6009.0031 failed with error -22
[  592.259648][T15358] xt_hashlimit: max too large, truncated to 1048576
[  592.270836][  T386] usb 5-1: USB disconnect, device number 35
[  592.290437][T15360] device veth1_macvtap left promiscuous mode
[  592.296418][T15360] device macsec0 entered promiscuous mode
[  592.524040][T15375] binder: 15374:15375 ioctl c0306201 200001c0 returned -22
[  592.586686][  T312] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  592.691082][T15380] loop8: detected capacity change from 0 to 40427
[  592.788656][T15380] F2FS-fs (loop8): invalid crc value
[  592.795781][T15380] F2FS-fs (loop8): Found nat_bits in checkpoint
[  592.826704][T15380] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  592.836653][  T312] usb 2-1: Using ep0 maxpacket: 16
[  592.875950][T15380] handle_bad_sector: 6 callbacks suppressed
[  592.875965][T15380] attempt to access beyond end of device
[  592.875965][T15380] loop8: rw=2049, want=78800, limit=40427
[  592.904265][T14540] attempt to access beyond end of device
[  592.904265][T14540] loop8: rw=2049, want=45104, limit=40427
[  592.986727][  T312] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  592.997521][  T312] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  593.007353][  T312] usb 2-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[  593.016308][  T312] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  593.025172][  T312] usb 2-1: config 0 descriptor??
[  593.046302][T15390] loop8: detected capacity change from 0 to 1024
[  593.148528][T15390] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  593.163173][T15390] EXT4-fs (loop8): shut down requested (0)
[  593.240416][T15399] loop8: detected capacity change from 0 to 512
[  593.258783][T15399] EXT4-fs error (device loop8): ext4_do_update_inode:5205: inode #3: comm syz.8.4680: corrupted inode contents
[  593.271124][T15399] EXT4-fs error (device loop8): ext4_dirty_inode:6038: inode #3: comm syz.8.4680: mark_inode_dirty error
[  593.284481][T15399] EXT4-fs error (device loop8): ext4_do_update_inode:5205: inode #3: comm syz.8.4680: corrupted inode contents
[  593.296643][T15399] EXT4-fs error (device loop8): __ext4_ext_dirty:183: inode #3: comm syz.8.4680: mark_inode_dirty error
[  593.308132][T15399] EXT4-fs error (device loop8): ext4_acquire_dquot:6187: comm syz.8.4680: Failed to acquire dquot type 0
[  593.320835][T15399] EXT4-fs (loop8): 1 orphan inode deleted
[  593.326484][T15399] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  593.337862][T15399] ext4 filesystem being mounted at /87/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  593.441562][T15419] loop6: detected capacity change from 0 to 128
[  593.451696][T15419] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  593.472386][T15419] ext4 filesystem being mounted at /645/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  593.548825][T15425] netlink: 'syz.8.4691': attribute type 4 has an invalid length.
[  593.558130][  T312] uclogic 0003:5543:0781.0032: unknown main item tag 0x0
[  593.565169][  T312] uclogic 0003:5543:0781.0032: unknown main item tag 0x0
[  593.575343][T15425] netlink: 'syz.8.4691': attribute type 4 has an invalid length.
[  593.582969][  T312] uclogic 0003:5543:0781.0032: unknown main item tag 0x0
[  593.582998][  T312] uclogic 0003:5543:0781.0032: unknown main item tag 0x0
[  593.583018][  T312] uclogic 0003:5543:0781.0032: unknown main item tag 0x0
[  593.612028][  T312] uclogic 0003:5543:0781.0032: No inputs registered, leaving
[  593.621551][  T312] uclogic 0003:5543:0781.0032: hidraw0: USB HID v0.00 Device [HID 5543:0781] on usb-dummy_hcd.1-1/input0
[  593.636329][T15428] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4690'.
[  593.645632][T15428] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  593.659551][T15429] devtmpfs: Unknown parameter 'nr_'
[  593.692646][T15431] input: syz1 as /devices/virtual/input/input43
[  593.702260][T15433] loop4: detected capacity change from 0 to 512
[  593.760649][  T312] usb 2-1: USB disconnect, device number 43
[  593.780104][T15443] loop6: detected capacity change from 0 to 4096
[  593.783997][T15433] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  593.797448][T15433] ext4 filesystem being mounted at /969/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  593.820516][T15443] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  593.933830][T15451] loop4: detected capacity change from 0 to 128
[  593.952118][T15448] loop8: detected capacity change from 0 to 40427
[  593.973134][T15453] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  593.989003][T15448] F2FS-fs (loop8): fault_injection options not supported
[  593.997333][T15448] F2FS-fs (loop8): invalid crc value
[  594.007776][T15448] F2FS-fs (loop8): Found nat_bits in checkpoint
[  594.027454][T15451] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  594.054493][T15462] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  594.079400][T15451] ext4 filesystem being mounted at /970/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  594.127051][T15448] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  594.177947][T15448] attempt to access beyond end of device
[  594.177947][T15448] loop8: rw=2049, want=45104, limit=40427
[  594.197416][T14540] attempt to access beyond end of device
[  594.197416][T14540] loop8: rw=2049, want=45112, limit=40427
[  594.245168][T15467] loop4: detected capacity change from 0 to 512
[  594.252867][T15464] loop6: detected capacity change from 0 to 40427
[  594.283230][T15469] 9pnet: p9_errstr2errno: server reported unknown error �è½FcÇgåKIeÎÿB$·*Ùqg•É!Ûk˜ÿ½Ÿ;J4�Š9ó¸t»
[  594.302546][T15464] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  594.314483][T15467] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.4707: casefold flag without casefold feature
[  594.338238][T15464] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  594.383796][T15467] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.4707: couldn't read orphan inode 15 (err -117)
[  594.406793][T15464] F2FS-fs (loop6): Found nat_bits in checkpoint
[  594.453864][T15467] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  594.502509][T15464] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  594.510133][T15464] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  594.543288][   T30] kauditd_printk_skb: 132 callbacks suppressed
[  594.543303][   T30] audit: type=1400 audit(1732154792.230:19568): avc:  denied  { create } for  pid=15463 comm="syz.6.4706" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  594.574566][   T30] audit: type=1400 audit(1732154792.270:19569): avc:  denied  { create } for  pid=15466 comm="syz.4.4707" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  594.601844][ T5298] F2FS-fs (loop6): invalid namelen(0), ino:0, run fsck to fix.
[  594.601864][ T5298] F2FS-fs (loop6): invalid namelen(0), ino:0, run fsck to fix.
[  594.609971][ T5298] F2FS-fs (loop6): invalid namelen(0), ino:0, run fsck to fix.
[  594.623089][ T5298] F2FS-fs (loop6): invalid namelen(0), ino:0, run fsck to fix.
[  594.631986][   T30] audit: type=1404 audit(1732154792.290:19570): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[  594.654642][ T5298] F2FS-fs (loop6): invalid namelen(0), ino:0, run fsck to fix.
[  594.654671][ T5298] F2FS-fs (loop6): invalid namelen(0), ino:0, run fsck to fix.
[  594.666974][ T5298] F2FS-fs (loop6): invalid namelen(0), ino:0, run fsck to fix.
[  594.702005][   T30] audit: type=1400 audit(1732154792.290:19571): avc:  denied  { quotaon } for  pid=15463 comm="syz.6.4706" name="file0" dev="loop6" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=0
[  594.731482][T14066] bridge0: port 3(syz_tun) entered disabled state
[  594.734821][   T30] audit: type=1400 audit(1732154792.290:19572): avc:  denied  { unmount } for  pid=5298 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=0
[  594.758615][T14066] device syz_tun left promiscuous mode
[  594.763912][T14066] bridge0: port 3(syz_tun) entered disabled state
[  594.816004][   T30] audit: type=1400 audit(1732154792.290:19573): avc:  denied  { unmount } for  pid=5298 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=0
[  594.841077][   T30] audit: type=1400 audit(1732154792.290:19574): avc:  denied  { create } for  pid=15491 comm="syz.8.4716" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0
[  594.861985][   T30] audit: type=1400 audit(1732154792.300:19575): avc:  denied  { map } for  pid=15466 comm="syz.4.4707" path="/971/file0/cpu.stat" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=0
[  594.906581][  T319] tipc: Disabling bearer <udp:syz1>
[  594.918738][  T319] tipc: Left network mode
[  594.942613][   T30] audit: type=1400 audit(1732154792.300:19576): avc:  denied  { read write } for  pid=14540 comm="syz-executor" name="loop8" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  594.971651][   T30] audit: type=1400 audit(1732154792.310:19577): avc:  denied  { getopt } for  pid=15466 comm="syz.4.4707" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=0
[  595.189304][  T319] device erspan0 left promiscuous mode
[  595.194780][  T319] bridge0: port 3(erspan0) entered disabled state
[  595.328389][  T319] device bridge_slave_1 left promiscuous mode
[  595.337160][  T319] bridge0: port 2(bridge_slave_1) entered disabled state
[  595.352429][  T319] device bridge_slave_0 left promiscuous mode
[  595.358525][  T319] bridge0: port 1(bridge_slave_0) entered disabled state
[  595.368566][  T319] device veth1_macvtap left promiscuous mode
[  595.374489][  T319] device veth0_vlan left promiscuous mode
[  595.919185][  T319] tipc: Left network mode
[  595.923741][  T319] tipc: Disabling bearer <udp:s>
[  595.928714][  T319] tipc: Left network mode
[  596.557884][  T319] device bridge_slave_1 left promiscuous mode
[  596.563808][  T319] bridge0: port 2(bridge_slave_1) entered disabled state
[  596.571329][  T319] device bridge_slave_0 left promiscuous mode
[  596.577310][  T319] bridge0: port 1(bridge_slave_0) entered disabled state
[  596.584868][  T319] device bridge_slave_1 left promiscuous mode
[  596.590841][  T319] bridge0: port 2(bridge_slave_1) entered disabled state
[  596.598268][  T319] device bridge_slave_0 left promiscuous mode
[  596.604221][  T319] bridge0: port 1(bridge_slave_0) entered disabled state
[  596.612694][  T319] device bridge_slave_1 left promiscuous mode
[  596.618662][  T319] bridge0: port 2(bridge_slave_1) entered disabled state
[  596.625920][  T319] device bridge_slave_0 left promiscuous mode
[  596.631985][  T319] bridge0: port 1(bridge_slave_0) entered disabled state
[  596.640463][  T319] device veth0_vlan left promiscuous mode
[  596.646373][  T319] device veth1_macvtap left promiscuous mode
[  596.652349][  T319] device veth0_vlan left promiscuous mode
[  596.658538][  T319] device veth1_macvtap left promiscuous mode
[  596.664364][  T319] device veth0_vlan left promiscuous mode
[  600.404557][   T30] kauditd_printk_skb: 191 callbacks suppressed
[  600.404568][   T30] audit: type=1400 audit(1732155027.094:19769): avc:  denied  { read } for  pid=83 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
[  600.433126][   T30] audit: type=1400 audit(1732155027.104:19770): avc:  denied  { read } for  pid=83 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
[  600.454913][   T30] audit: type=1400 audit(1732155027.124:19771): avc:  denied  { read } for  pid=83 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
[  600.454938][   T30] audit: type=1400 audit(1732155027.124:19772): avc:  denied  { read } for  pid=83 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
[  600.498790][   T30] audit: type=1400 audit(1732155027.194:19773): avc:  denied  { read } for  pid=83 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
[  600.520934][   T30] audit: type=1400 audit(1732155027.214:19774): avc:  denied  { read } for  pid=83 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
[  600.543172][   T30] audit: type=1400 audit(1732155027.234:19775): avc:  denied  { read } for  pid=83 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
[  600.565210][   T30] audit: type=1400 audit(1732155027.264:19776): avc:  denied  { read } for  pid=83 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
[  600.587331][   T30] audit: type=1400 audit(1732155027.284:19777): avc:  denied  { read } for  pid=83 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
[  600.609685][   T30] audit: type=1400 audit(1732155027.304:19778): avc:  denied  { read } for  pid=83 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
[  605.439656][   T30] kauditd_printk_skb: 11 callbacks suppressed
[  605.439670][   T30] audit: type=1400 audit(1732155032.134:19790): avc:  denied  { read } for  pid=83 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
[  605.467891][   T30] audit: type=1400 audit(1732155032.164:19791): avc:  denied  { read } for  pid=83 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
[