last executing test programs:

9m51.627647788s ago: executing program 4 (id=1307):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001040)={&(0x7f0000000300)='sys_enter\x00', r0}, 0x10)
timerfd_settime(0xffffffffffffffff, 0x0, 0x0, 0x0)

9m51.627311728s ago: executing program 4 (id=1308):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000002400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r2}, 0x18)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x14e22, 0x0, @ipv4}, 0x1c)
listen(r0, 0x5)
syz_emit_ethernet(0x36, &(0x7f0000000e00)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)

9m51.626672328s ago: executing program 4 (id=1309):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0b00000005000000000400000900000001000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000d41798da7aedc07ebb9b2077d16fabb040fa425b65ea3f280ddb15438fcfe69b53200ac65b664554bdf4556f835c800000006ff1e28f3a2e00c398d470deb210121527b5cb085b23a07a2c8f040000000000000002eeea3d7b2dfce7f119dea821952176ceef12d15d296c429a0adfb9f4ed3f14e85a4102f5f45fd0867ba40d20270cdcdd94edc04f5d3356168e1a102f176be028b3836142e51c8a5c4ee1b220cb3326df7cf4edd65ebfd99b45101df8514670fffcbc7da6", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c)
sendmmsg$inet6(r0, 0x0, 0x0, 0x8001)
connect$inet6(0xffffffffffffffff, &(0x7f00000004c0)={0xa, 0x0, 0x0, @remote, 0x9}, 0x1c)
syz_emit_ethernet(0x6e, &(0x7f0000000180)=ANY=[@ANYBLOB="bbbbbbbbbbbb0180c200000386dd60f4adf700383a00fe880000000000000000000000000001ff020000000000000000000000000001"], 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
r2 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000029000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$int_in(r3, 0x5452, &(0x7f0000000180)=0xffffffffffffffff)
r5 = eventfd(0x0)
readv(r5, &(0x7f0000000240)=[{&(0x7f0000000000)=""/74, 0x4a}, {&(0x7f0000000300)=""/214, 0xd6}], 0x2)
fcntl$setsig(r3, 0xa, 0x12)
ppoll(&(0x7f0000000100)=[{r4}], 0x1, 0x0, 0x0, 0x0)
dup2(r3, r4)
fcntl$setown(r4, 0x8, r2)
tkill(r2, 0x13)

9m50.749180464s ago: executing program 4 (id=1316):
syz_mount_image$f2fs(&(0x7f0000000200), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f0000005780)=ANY=[], 0x1, 0x5522, &(0x7f0000000240)="$eJzs3E9rI2UYAPAn7Xb/uxbx4G0HFqGFTdh020VvVXfxD3Ypqx48aZqkIbtJpjRpWnvy4FE8+E1EwZNHP4MHz97Eg+JNqGRmqlt1YaFp4ra/H0yeed+8eeZ5w7LwzJQEcGbNJ7//WoprcSkiZiPiakR2XiqOzGoeXoqI6xEx89hRKub/mjgfEZcj4tooeZ6zVLz15c3hjZVf3vntux8unLvy1bc/Tm/XwLS9HBHdrfx8t5vHtJXHh8V8bdjOYnd5WMT8je6jYpzmcbe5kWXYrR2uq2Xxditfn27t9Edxs1Orj2KrvZnNb/XyC/aHrcM82Qce1razcaO5kcV2P81iaz+va28//79tvz/I8zSKfJ9k6WMwOIz5fHOvme9n61EW671BMZ/nTRvNvVEcFrG4XNTTTiOrY+M43/T/27vt3s5eMmxu99tpL1mpVF+pVO+Uq9tpozloLpdr3cad5WSh1RktKw+ate5qK01bnWalnnYXk4VWvV6uVpOFu82Ndq2XVKuV25Vb5ZXF4uxm8ub9D5JOI1kYxdfbvZ1Bu9NPNtPtJP/EYrJUuf3qYnKjmry3tp6sP7h3b239/bj74f3X1t5+o1j0r7KShaVbS0vl6q3yUnXxFO7/oyfs/7Oi6DHuH46lNO0CAJ49+n9gbOaefunJ9f/bD+LgIJs/yf4/9P9jMa7+92AS/e9Z7/9PYP9wLPp/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAz66e5r9/KTubz8ZVi/rli6oViXIqImYg4+A+zcf5Iztkiz9wT1s/9o4bvS5FlGF3jQnFcjojV4vjj+ZP+FgAAAOD0+ubT61/k3Xr+Mj/tgpik/KbNzNWPx5SvFBFz8z+PKdvM6OXFMSXL/n2fi70xZctuYF0cU7L8ltu5cWV7KrNHwsXHQikPMxMtBwAAmIijncBkuxAAAAAm6fNpF8B0lOLwUebhs+DsL+//fiB46cgIAAAAeAaVpl0AAAAAcOKy/t/v/wEAAMDplv/+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8yc793KgNRHEAfrZxIP8UFOWeVrhBGSkhxxwjCkgTlEBaSAPUQG4pIYIVHi9aVuxqJY/t3dX3STCMBT9mED7MG2kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD79rber3z+//uqaczh2k2c2AAAAwDX7ertqXsxT/317/WN76XPbLyKijIhra/cq3lxkVm1O/cD763tj+BPRJJy+Y9o+3kXEoopYRMT/T33/CgAAAPB67dabZVqtp6f52ANiSKloU374limviIh6/i9TWnnK+5IprPl/T+JHprSmgDXLFJZKbpNcaU/S3O7nqt3sTlOkpnz889nmDgAADKi6aIZdhQAAADCk72MPgHEUcbuVed4KnKam3d57e9EDAAAAXqBi7AEAAAAAvWvW/8/6/L9w/h8AAAB0lc7/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoE/7ervarTfLrjmHYzd5ZgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcsD/vKBACYRAGe9d3JnP/w0qDpqYmVSB8/I3BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw5nd/+T8xNc4kc6+NpeeRZO3U2Do19s6Noz+Mr18DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDF/rykQAgEQRTMGf876fsfVhL0DCJEQMOjilo0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHzR7375PzE1ziRzp42l45Fk7aqxddXYe9A4ejDe/g0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDFzh37xk2FAQB/ts8XWkCEgDIEIZAYYKHptbR0QwygiIE/ASlKryX0AFFuoFWFlIUNZe6CYEQICRS2in+hcyt1KVuHG4rEwHTo+ezETYOwirCP3u8nPb/vHMfve74oyufnHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGXy9kGcxc3yLE7LfbfuX9uK/e1DfXRj985abDFO2kz6/+HF+otktbtEAAAAWBxZVd+HEO7mexuxT5eL+j+vjok1/7dPz+Kqnj9c91d9VfvH9svP957fH2h5Nk486YXt0fDkw6n0/rtZzrdn/vGIXnHli3svWfGGpO/tPDfJi+uZfH3z5jv9IlxqI1sA4FGcqPoyqP4eiv2gy8QAWBi9WuFd1f/Zcrc5AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALRhshOerOIkhLDWO4ij2/evbR3V39i9s1a1s9ev79bPGU+RhxAubI+GJ1ucy7z7/MrVS5uj0fBy+8FLIYSuRn+rnP6lDxocHEIn10dwKEh6ITzKt6flmz0fs+g06Mef+WYHd/hLCQCAx1JetljX3833NuK+ZCWE6XcP1v+v1uLQsP6/9+HZW/Wx6vX/oLUZdmip2WHr4z+n0+mVq69vf7x5cXhx+MkbpwZvDk6fO3Pm3Hpxr2TdHRMAAAD+nX7Z6vV/uvLw+v/xWhwa1v+ffTP4sj5Wtmj1f0MHi35dZwIAALDYnn35j9+TI/Yn/X74YnM8vjyYbfdfn5ptO0j1aONf//ZLS2Wr1//ZSpvJAQAAAF2Z7CQPrP+fr8Wh4fr/U9+/8GP9nFkI4Vi5/n9i69PR+famM9fa+N/jrucIAABAt46Vrb7+nxfP/6f7jzykIYTXXpnF5ccANqr/s3e/+qE+Vv35/9PtTXEupauz61H0qyH0VrvOCAAAgMfZE2WLxf5v+d7GRz8df7/v+X8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAtv0VAAD//5+7QE8=")
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
lstat(&(0x7f0000002b00)='./file0\x00', 0x0)

9m50.250192057s ago: executing program 4 (id=1322):
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0xfe9b, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r0, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r2}, 0x10)
uname(0x0)

9m49.93362468s ago: executing program 4 (id=1327):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454d9, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r2}, 0x10)
syz_usb_connect(0x3, 0x10b, &(0x7f0000000000)=ANY=[@ANYBLOB="05010900b24b6a10e6040300770100000001090224000b07000000090480"], 0x0)

9m49.93340152s ago: executing program 32 (id=1327):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454d9, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r2}, 0x10)
syz_usb_connect(0x3, 0x10b, &(0x7f0000000000)=ANY=[@ANYBLOB="05010900b24b6a10e6040300770100000001090224000b07000000090480"], 0x0)

3m59.221665987s ago: executing program 3 (id=3875):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000004200)=ANY=[@ANYBLOB="12010000e2793b10d105012008d8286203010902120001000000000904"], 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
syz_usb_control_io$hid(r2, 0x0, 0x0)

3m57.136288279s ago: executing program 3 (id=3889):
pipe2$9p(&(0x7f0000002180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000700)=ANY=[@ANYBLOB="3801"], 0x138)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000880)=ANY=[@ANYBLOB="2001"], 0x120)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000000000f9"], 0x10)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
lgetxattr(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000480)=ANY=[@ANYBLOB='user.t'], 0x0, 0xf9)

3m57.10861306s ago: executing program 3 (id=3890):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r2, 0x40505412, 0x0)

3m56.98970673s ago: executing program 3 (id=3891):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYBLOB="00000031b0c468960089070000000100"/28], 0x48)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x0, &(0x7f0000000380)={[{@test_dummy_encryption}, {@dioread_lock}, {@test_dummy_encryption}, {@commit={'commit', 0x3d, 0x5}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x200005}}, {@max_batch_time}, {@data_err_abort}]}, 0xd, 0x5fb, &(0x7f0000001940)="$eJzs3c1vVFUbAPDnTqelpbxvCzEqLqSJMZAoLS1giDERtoY0+BE3bqy0IFKgoTVaJKEkuDExbowxceVC/C+UyJaVrlwYE1eGhChhaeKYO70XOu2dTr+n4f5+ydBzz5nbcy7TZ869Z865E0BpDaT/VCL2RsRUEtGXzD0sq0ZWODD/vAf3r55OH0nUam/+lUSS5eXPT7KfvdnO3RHx809J7OlYWu/07JXzY5OTE5ez7aGZC1ND07NXDp67MHZ24uzExZGXRo4dPXL02PChlRxGz+KMawVPOnnjg4/6Pht957tv/kmGv/9tNInj8Vr2xIXHsVEGYqD+f5IsLeo9ttGVtUlH9ney8CVOqm1sEKuSv36dEfFU9EVHPHrx+uLT19vaOGBT1ZKIGlBSifiHksrPA/Jr+8XXwZW2nJUAW+HeifkBgAf3r/6+az4ri//q/NhgdNfHBnY+SGLhsE4SESsamWshrfPO7dEbZ26P3ohNGocDis1dj4ini/r/pB7//dEd/fX4rzTEf3pecCr7mea/scb6Fw8Vi3/YOvPx371s/EeT+H93Qfy/t8b6Bx4l3+9piP8lH+kBAAAAAAAALdw6EREvFn3+X3k4/ycK5v/0RsTxDah/YNH20s//K3c3oBqgwL0TEa8Uzv+t5LN/+zuy1P/q8wE6kzPnJicORcT/I+JAdO5It4eXqePg53u+blY2kM3/yx9p/XeyuYBZO+5WdzTuMz42M7be4wYi7l2PeKbafP5f2v8nBf1/+n4wtcI69jx/81Szshbx37nmAwNaqn0bsb+w/39014pk+ftzDNXPB4bys4Klnv3kix+a1d+6/y/mFhOwfmn/v3P5+O9PFt6vZ3r1dRyerdaala31/L8reat+y5muLO/jsZmZy8MRXcnJjjS3IX9k9W2Gx1EeD3m8pPF/4Lnlx/+Kzv97ImJu0e9O/m5cU5x78t/eP5q1Z639P7B+afyPr6r/X31i5Gb/j83qX1n/f6Te1x/Icoz/wbyv8jDtaswvCMdqUdFWtxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgeViNgVSWXwYbpSGRyM6I2IJ2JnZfLS9MwLZy59eHE8Lat//38l/6bfvvntJP/+//4F2yOLtg9HxO6I+LKjp749ePrS5Hi7Dx4AAAAAAAAAAAAAAAAAAAC2id4m6/9Tf3a0u3XApqu2uwFA2xTE/y/taAew9fT/UF7iH8pL/EN5iX8oL/EP5SX+obzEP5SX+AcAAAAAgMfK7n23fk0iYu7lnvoj1ZWVdba1ZcBmq7S7AUDbuMUPlJepP1BervGBpEV5d9OdWu25nKnT69gZAAAAAAAAAAAAAEpn/17r/6GsrP+H8rL+H8orX/+/r83tALbeKq/xa+tZ7QtsX8vFduH6/5Z7AQAAAAAAAAAAAAAbaXr2yvmxycmJy6VLvBoRDTlvb5OGbWGiVqtdS/8Ktkt7tizRsym/OZ8Kvw0OsCiRr/Vb2V7te08CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAa/RcAAP//5kQfUg==")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x2, 0x0, &(0x7f0000000000))
chdir(0x0)
r0 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x9, 0x40}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
stat(&(0x7f00000004c0)='./bus\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
quotactl$Q_SETQUOTA(0x7fffffffc0000403, &(0x7f0000000340)=@loop={'/dev/loop', 0x0}, r2, &(0x7f0000000680)={0x8, 0x101, 0x200, 0x100000001, 0xff, 0x0, 0xfff, 0x3, 0xb})
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
linkat(r0, &(0x7f0000000280)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x1400)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="190000000400000004000000080000", @ANYRES32=0x0], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

3m56.725504312s ago: executing program 3 (id=3894):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r2 = dup(r1)
mount$9p_fd(0x0, 0x0, &(0x7f0000000240), 0x0, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000d00)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache}]}})
chdir(&(0x7f0000000000)='./file0\x00')
symlink(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file0\x00')
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)

3m56.529427053s ago: executing program 3 (id=3897):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240))
syz_usb_connect(0x0, 0x64, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000cb8be7406d04230848390102030109025200010000000009044000"], 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_generic(0x11, 0x3, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0x18}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000010008105e9c51c000000000000000000", @ANYRES32=r5, @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100000000000c0002000c0000000d00000008000500", @ANYRES64=r3], 0x50}}, 0x0)
sendmsg(r2, &(0x7f0000000640)={&(0x7f00000000c0)=@ll={0x11, 0x1a, r5, 0x1, 0x3, 0x6, @remote}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd8168", 0x7}], 0x1, 0x0, 0x0, 0x11000000}, 0x0)

3m56.499188854s ago: executing program 33 (id=3897):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240))
syz_usb_connect(0x0, 0x64, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000cb8be7406d04230848390102030109025200010000000009044000"], 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_generic(0x11, 0x3, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0x18}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000010008105e9c51c000000000000000000", @ANYRES32=r5, @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100000000000c0002000c0000000d00000008000500", @ANYRES64=r3], 0x50}}, 0x0)
sendmsg(r2, &(0x7f0000000640)={&(0x7f00000000c0)=@ll={0x11, 0x1a, r5, 0x1, 0x3, 0x6, @remote}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd8168", 0x7}], 0x1, 0x0, 0x0, 0x11000000}, 0x0)

7.283974911s ago: executing program 0 (id=5692):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0)
socket(0x10, 0x3, 0x9)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101a00, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffff4d, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$inet6(0x10, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
pipe2(&(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x0)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05", @ANYRES16=r0, @ANYRES8, @ANYRES16=r1, @ANYRES16=r2], 0x0)

4.201192002s ago: executing program 0 (id=5740):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)

4.106034892s ago: executing program 0 (id=5741):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c00170000000000120000f1850000007d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000000000010961b080000000000000109022400010000000109040000010300000009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000c80)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x6, {[@main=@item_012={0x0, 0x0, 0xa}, @main=@item_012={0x2, 0x0, 0xb, "dbfe"}, @global=@item_012={0x1, 0x1, 0x2, "aa"}]}}, 0x0}, 0x0)

3.475121877s ago: executing program 1 (id=5744):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x2)
readv(r1, &(0x7f0000000000)=[{&(0x7f0000001300)=""/241, 0xf1}], 0x1)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)

3.419028727s ago: executing program 5 (id=5745):
r0 = syz_open_dev$usbfs(0x0, 0x1ff, 0x2)
ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000240)={0x80, 0x6, 0x347, 0x0, 0x0, 0x0, 0x0})

3.345641687s ago: executing program 5 (id=5746):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
r2 = timerfd_create(0x9, 0x0)
timerfd_gettime(r2, &(0x7f0000000140))

3.345084898s ago: executing program 5 (id=5747):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000014000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000440)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_udp_encap(r2, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x47, &(0x7f0000000100)={@link_local, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010700", 0x11, 0x11, 0x0, @private1, @mcast2, {[], {0x0, 0xe22, 0x11, 0x0, @opaque="a2696f86455958eecf"}}}}}}, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)

3.344880408s ago: executing program 5 (id=5748):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
io_setup(0x3, 0x0)

3.342933527s ago: executing program 1 (id=5749):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x83, &(0x7f00000005c0)={[{@norecovery}, {@noblock_validity}, {@sysvgroups}]}, 0x21, 0x624, &(0x7f0000000d80)="$eJzs3UtvFFcWAOBT7fZ7ZmzQaGaYxWBpNAJpBht7IEJRpMAeIfLYJVk42CCCwQg7SkyQMBLZRImyySJSVlmE/IokSNnmD2SRTVYREooiFiFCoaMqV5n2o+32o122+/ukwvVw1z1lfHxv3763KoC2NZT+U4k4FBHXk4iBumPVyA8OLXzfo19uXUiXJGq1V35O4tbtZL7+XEn+9UD+4t8HIklffnDsqxXlzszdvDI+NTV5I98emb16fWRm7uaxy1fHL01emrw29tzYqZMnTp4aPb7168udvfvWOwMfnHvti8+eJKNf/nAuidPxtGPhWHpdy1/bvd7Jk/XKHoragsf1+9Of66nmL2FX+3Wg+D0p9EaS7bhdVkhswMX897EzIv4eA9FR9785EO+/VGpwQEvVkijqKKDtJJvK/57tDwTYYUU7oHhvv9r74JUqLW6VADvh4ZmFDoCF3O+MiCL/q3nfWU/WN9D3KFnSz5NExNZ65hakZXz37bm76RIN+uGA1pi/0513Yy+v/5MsNwejJ9vqe1RZkv+VuiXd//Imyx9ati3/YefM34mIf+T1f1dsKP+H6vL/zU2WL/8BAAAAAABg+9w/ExH/W238X2Vx/E/XKuN/+iPi9DaUv/7nf5UH+co6s+2AjXp4JuKFVcf/Lo7xHezIt/6cjQfoTC5enpo8HhF/iYij0dmdbo8uO2/9COFjHx38tFH59eP/0iUtvxgLmJ/pQXXZRNyJ8dnxrV43EPHwTsQ/s/G/h/M9S8f/pPV/skr9n+b39SbLOPife+cbHVs//4FWqX0ecWTV+v9ZcztZ+/4cI1l7YKRoFRSetQD+9d7HXzcqX/5DedL6v2/t/O9O6u/XM5Pte6PZ83dFxP/nqrVGxzfb/u9KXu0ozp96d3x29sZoRFdyduX+sWajhf2tyIciX9L8P/rvtfv/Ftv/dXnYGxHzy0/eoIfub0/7f2wUj/ofypPm/8Ta9f/g0vp/4ytj9wa/aVT++abq/xNZnX4036P/D+qtvB9HswlaSrgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsMdVIuJPkVSGF9crleHhiP6I+Gv0VaamZ2b/e3H67WsT6bHs+f+V4km/AwvbSfH8/8G67bGl271pWQci4pOO3uz48IXpqYmyLx4AAAAAAAAAAAAAAAAAAAB2if5szn+te/n8/9RPHWVHB7RcNf8q36H95Pn/4esbfmWte/ujAXZStewAgNI0n/+dLY0D2HmN8//xk1pmR8MBdpD2P7SvTea/jwtgH1D/Q7tqsk+vp9VxAGVoXP/r7wcAAAAAgD3owOH73ycRMf98b7akuvJjOv9hf6uUHQBQGmN4oX1Vp8uOACiL9/hAsrj226qT/RuP/k9aExAAAAAAAAAAAAAAsMKRQ+b/Q7tae/6/sf2wn60x/z9L/mrT3w7sNY0f/aHuh/1ujff4HvgFbWK92t78fwAAAAAAAAAAAADYBXpuXhmfmpq8MTO391Ze3B1hbGxlfnxXhLHVld6IWNzztDVldUZE+Vdaxkp2C470R1xeGGX/YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp/BAAA//+LWyb+")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={0x2, 0xe, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x4e23, 0x288, @private2, 0x9}}, @sadb_x_policy={0x8, 0x12, 0x0, 0x2, 0x0, 0x0, 0x4, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@mcast2, @in=@empty}}]}, 0x78}}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x606100, 0x0)
close(r2)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r1, &(0x7f0000000800)=[{&(0x7f0000000c00)="89b1ee2c7cf3d9b4b47381c988a8", 0xe}, {&(0x7f0000000180)="c2c10b270d0555", 0x7}], 0x2)

3.342589438s ago: executing program 5 (id=5750):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0)
socket(0x10, 0x3, 0x9)
r2 = syz_btf_id_by_name$bpf_lsm(0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffff4d, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$inet6(0x10, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
pipe2(&(0x7f0000000040)={<r3=>0xffffffffffffffff}, 0x0)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05", @ANYRES16=r0, @ANYRES8, @ANYRES16=r1, @ANYRES16=r3], 0x0)

3.193373718s ago: executing program 1 (id=5751):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/keys\x00', 0x0, 0x0)
r5 = add_key$user(&(0x7f0000000100), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000140)="ed", 0x1, 0xffffffffffffffff)
keyctl$set_timeout(0xf, r5, 0x21000)
read$FUSE(r4, &(0x7f00000001c0)={0x2020}, 0x18a8)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r6, 0x40045431, 0x0)
setresuid(0x0, 0xee01, 0x0)
prctl$PR_SET_KEEPCAPS(0x8, 0x1)

2.264282885s ago: executing program 1 (id=5756):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000340)={0xb8, 0x0, 0x9, 0x801, 0x0, 0x0, {0xa, 0x0, 0x9}, [@NFCTH_TUPLE={0xc, 0x2, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @NFCTH_TUPLE={0x88, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @rand_addr=0x64010101}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x14, 0x4, @loopback}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}]}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x1a}, @NFCTH_STATUS={0x8, 0x6, 0x1, 0x0, 0x1}]}, 0xb8}, 0x1, 0x0, 0x0, 0x4}, 0x80)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001040)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in=@broadcast, @in6=@remote}, {@in6=@private0, 0x0, 0x32}, @in6=@private0, {}, {}, {0x80000000}, 0x0, 0x0, 0xa, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}, 0x1, 0xe}, 0x0)

1.737925569s ago: executing program 2 (id=5758):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x3, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)

1.671888599s ago: executing program 2 (id=5759):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x2)
readv(r1, &(0x7f0000000000)=[{&(0x7f0000001300)=""/241, 0xf1}], 0x1)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)

1.628804479s ago: executing program 2 (id=5764):
openat$selinux_avc_cache_threshold(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x65, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x68}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
socket$xdp(0x2c, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r5}, 0xc)
syz_open_dev$usbfs(0x0, 0x76, 0x101301)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x200, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pwritev2(0xffffffffffffffff, &(0x7f0000000140)=[{0x0}], 0x1, 0x5405, 0x0, 0x0)

1.46017954s ago: executing program 6 (id=5765):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
rt_sigsuspend(0x0, 0x0)

1.394856491s ago: executing program 6 (id=5766):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x0)

1.218829922s ago: executing program 1 (id=5767):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYBLOB="00000031b0c468960089070000000100"/28], 0x48)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x0, &(0x7f0000000380)={[{@test_dummy_encryption}, {@dioread_lock}, {@test_dummy_encryption}, {@commit={'commit', 0x3d, 0x5}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x200005}}, {@max_batch_time}, {@data_err_abort}]}, 0xd, 0x5fb, &(0x7f0000001940)="$eJzs3c1vVFUbAPDnTqelpbxvCzEqLqSJMZAoLS1giDERtoY0+BE3bqy0IFKgoTVaJKEkuDExbowxceVC/C+UyJaVrlwYE1eGhChhaeKYO70XOu2dTr+n4f5+ydBzz5nbcy7TZ869Z865E0BpDaT/VCL2RsRUEtGXzD0sq0ZWODD/vAf3r55OH0nUam/+lUSS5eXPT7KfvdnO3RHx809J7OlYWu/07JXzY5OTE5ez7aGZC1ND07NXDp67MHZ24uzExZGXRo4dPXL02PChlRxGz+KMawVPOnnjg4/6Pht957tv/kmGv/9tNInj8Vr2xIXHsVEGYqD+f5IsLeo9ttGVtUlH9ney8CVOqm1sEKuSv36dEfFU9EVHPHrx+uLT19vaOGBT1ZKIGlBSifiHksrPA/Jr+8XXwZW2nJUAW+HeifkBgAf3r/6+az4ri//q/NhgdNfHBnY+SGLhsE4SESsamWshrfPO7dEbZ26P3ohNGocDis1dj4ini/r/pB7//dEd/fX4rzTEf3pecCr7mea/scb6Fw8Vi3/YOvPx371s/EeT+H93Qfy/t8b6Bx4l3+9piP8lH+kBAAAAAAAALdw6EREvFn3+X3k4/ycK5v/0RsTxDah/YNH20s//K3c3oBqgwL0TEa8Uzv+t5LN/+zuy1P/q8wE6kzPnJicORcT/I+JAdO5It4eXqePg53u+blY2kM3/yx9p/XeyuYBZO+5WdzTuMz42M7be4wYi7l2PeKbafP5f2v8nBf1/+n4wtcI69jx/81Szshbx37nmAwNaqn0bsb+w/39014pk+ftzDNXPB4bys4Klnv3kix+a1d+6/y/mFhOwfmn/v3P5+O9PFt6vZ3r1dRyerdaala31/L8reat+y5muLO/jsZmZy8MRXcnJjjS3IX9k9W2Gx1EeD3m8pPF/4Lnlx/+Kzv97ImJu0e9O/m5cU5x78t/eP5q1Z639P7B+afyPr6r/X31i5Gb/j83qX1n/f6Te1x/Icoz/wbyv8jDtaswvCMdqUdFWtxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgeViNgVSWXwYbpSGRyM6I2IJ2JnZfLS9MwLZy59eHE8Lat//38l/6bfvvntJP/+//4F2yOLtg9HxO6I+LKjp749ePrS5Hi7Dx4AAAAAAAAAAAAAAAAAAAC2id4m6/9Tf3a0u3XApqu2uwFA2xTE/y/taAew9fT/UF7iH8pL/EN5iX8oL/EP5SX+obzEP5SX+AcAAAAAgMfK7n23fk0iYu7lnvoj1ZWVdba1ZcBmq7S7AUDbuMUPlJepP1BervGBpEV5d9OdWu25nKnT69gZAAAAAAAAAAAAAEpn/17r/6GsrP+H8rL+H8orX/+/r83tALbeKq/xa+tZ7QtsX8vFduH6/5Z7AQAAAAAAAAAAAAAbaXr2yvmxycmJy6VLvBoRDTlvb5OGbWGiVqtdS/8Ktkt7tizRsym/OZ8Kvw0OsCiRr/Vb2V7te08CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAa/RcAAP//5kQfUg==")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x2, 0x0, &(0x7f0000000000))
chdir(0x0)
r0 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x9, 0x40}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x7528e000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
linkat(r0, &(0x7f0000000280)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x1400)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="190000000400000004000000080000", @ANYRES32=0x0], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace(0x8, r3)
waitid(0x2, 0x0, 0x0, 0x4, 0x0)

1.013674473s ago: executing program 0 (id=5768):
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000dc0)={0x0}, 0x18)
socket$inet_udplite(0x2, 0x2, 0x88)
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = socket$inet(0x2, 0x2, 0x1)
sendmmsg(r4, &(0x7f0000005b80)=[{{0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f0000000640)="49280f6b882ce1", 0x7}], 0x1}}], 0x1, 0x801)

706.594835ms ago: executing program 2 (id=5769):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xa, 0x2, 0x9, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r2, &(0x7f0000000500)={0xa, 0x0, 0x0, @loopback}, 0x1c)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0xfed7, &(0x7f00000002c0)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaaaa86dd6002adf700383a00fe880000000000000000000000000001ff020000000000000000000000000001"], 0x0)

685.150145ms ago: executing program 2 (id=5770):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$incfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000340), 0x0, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f00000006c0)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000000c0)='./bus\x00')
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
mkdirat(r1, &(0x7f0000000300)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
rename(&(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f00000000c0)='./file0\x00')

613.595046ms ago: executing program 2 (id=5771):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={0xffffffffffffffff, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r0}, 0x10)
r1 = timerfd_create(0x9, 0x0)
timerfd_gettime(r1, &(0x7f0000000140))

487.344177ms ago: executing program 6 (id=5772):
r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x2)
ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, 0x0)

474.990107ms ago: executing program 6 (id=5773):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de85000000040000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_udp_encap(r1, 0x11, 0x64, &(0x7f0000000000)=0x2, 0x4)
syz_emit_ethernet(0x86, &(0x7f00000000c0)={@multicast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x0, "09f0c6564b6ac6413304000000d9f8f22f81ae81c2bd7edd9aeaf6fd91c25227", "60326eacce5de87bf00be86b3ebbb957", {"fcc68dd1b5242bdc6466eba8cab8d7b2", "05fef0e9b077b6c6639938f9db7c621b"}}}}}}}, 0x0)

452.770957ms ago: executing program 6 (id=5774):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={0xffffffffffffffff, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r0}, 0x10)
timerfd_create(0x9, 0x0)

389.454308ms ago: executing program 6 (id=5775):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r4 = accept4$packet(0xffffffffffffffff, 0x0, &(0x7f0000000340), 0x80800)
getpeername$packet(r4, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000003c0)=0x14)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
write(0xffffffffffffffff, 0x0, 0x0)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r6=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3014850, &(0x7f00000001c0)={[{@quota}, {@barrier_val={'barrier', 0x3d, 0x1000}}, {@grpjquota}, {@norecovery}, {@dioread_lock}]}, 0x3, 0x4c1, &(0x7f0000000680)="$eJzs3d9rW9cdAPDvle3ESZzZ2faQBZaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX9AofQX7VOf+lLocymU/AmlEGjfSyktoU3Shz60VZF81SSubMvEshLr84Hje8+9V/5+j4SOdO656AbQsU5FxFhEdEXE2YjoT7dn0hJr66V63IP7tyarJYlK5dqXSSTptvr/StLlkfRhvRHxr39E/Df5adzSyurcRKGQX0rrufL8Yq60snpudn5iJj+TXxgbGb44emn0wujQrrX18t8+e+WFt/5++f0/3vhk/Isz/6um1Zfue7wdzVhr8rj1pvfUnou67ohY2kmwZ1hX2p6edicCAEBTqt/xfx4Rv42Ih6+3OxsAAACgFSp/6Ytvk4gKAAAAsG9latfAJplsei1AX2Qy2ez6Nby/jMOZQrFU/sN0cXlhav1a2YHoyUzPFvJD6bXCA9GTVOvDtfVH9fMb6iMRcSwiXuo/VKtnJ4uFqXaf/AAAAIAOcWTD+P/r/vXxPwAAALDPDLQ7AQAAAKDljP8BAABg/9t0/J90720iAAAAQCv888qVaqnU7389dX1lea54/dxUvjSXnV+ezE4WlxazM8XiTO03++a3+3+FYnHxT7GwfDNXzpfKudLK6vh8cXmhPF67r/d43n2iAQAAYO8d+82dj5OIWPvzoVqpOpDua2KsPtba7IBWyuzs8KRVeQB7r6vdCQBt4wJf6Fzm44FtBvYvb6jv8LQBAADwLBj81VPN/5sPhOeYgTx0LvP/0LnM/0PnMv8PHe7g9of0brbjg13OBQAAaJm+Wkky2XQusC8ymWw24mjttgA9yfRsIT8UET+LiI/6ew5W68PtThoAAAAAAAAAAAAAAAAAAAAAAAAAnjOVShIVAAAAYF+LyHyepDfyH+w/3bfx/MCB5Jv+2jIibrxx7dWbE+Xy0nB1+1c/bi+/lm4/344zGAAAAMBG9XF6fRwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALvpwf1bk/Wyl3Hv/TUiBhrF747e2rL33f6IOPwwie7HHpdERNcuxF+7HRHHG8VPqmnFQJrFxviZiDjU5vhHdiE+dLI71f5nrNH7LxOnasvG77/utDyte6c26/8y9f6v1s816v+ONhnjxN13cpvGvx1xortx/1OPnzxl//uff6+ubrav8mbEYMPPn+SJWLny/GKutLJ6bnZ+YiY/k18YGRm+OHpp9MLoUG56tpBP/zaM8eKv3/t+q/Yf3iT+wDbtP91k+7+7e/P+L7aIf+Z3jV//41vErz73v08/B6r7B+vra+vrjzv59ocnt2r/1Cbt3+71P9Nk+89e/f+nTR4KAOyB0srq3EShkF+yYsXK/lu5mr7Rd/zwNndMAADArnv0pb/dmQAAAAAAAAAAAAAAAAAAAEDnavmPkB188pcFetvXVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALf0QAAD//9sy0wA=")
renameat(0xffffffffffffffff, &(0x7f0000000400)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000440)='./file1\x00')

312.336858ms ago: executing program 1 (id=5776):
r0 = syz_mount_image$exfat(&(0x7f0000000440), &(0x7f0000001b40)='./file0\x00', 0x208008de, &(0x7f0000000280)=ANY=[@ANYBLOB='namecase=1,discard,errors=continue,uid=', @ANYRESHEX=0x0, @ANYBLOB=',gid=', @ANYRESHEX=0x0, @ANYBLOB="2c756d61736b3d30303030303030303030303030303030303030303037372c756d61ada83d30303030303030303030303030303030303030353637342c646973636172642c6769643d", @ANYRESHEX=0xee00, @ANYBLOB=',\x00'], 0x80, 0x1503, &(0x7f0000000580)="$eJzs3AuYj1XXMPC99t43Y5L+TXIY9trr5p8G2yRJDgk5JEmSJDklJCZJEhJDTklDEnKcJIchJIdpTBrn8yHnpMkjTZKE5BT2d+np/Tzv0/O+fe9X3+e93lm/69qXvdz/tf7rnjXX3Pf9v66Z73uOqtu8Xq2mRCT+FPj7P8lCiBghxDAhxA1CiEAIUTGuYtyV4/kUJP+5N2F/rUfTrnUH7Fri+eduPP/cjeefu/H8czeef+7G88/deP65G8+fsdxs+5yiN/LKvYs//8/N+Pr/P0hOuclfbyx3c6//QgrPP3fj+eduPP/cjeefu/H8czee//98Nf+TYzz/3I3nz1hudq0/f+Z1bde1/v5jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZY7nPNXaSHEv+2vdV+MMcYYY4wxxhj76/i817oDxhhjjDHGGGOM/b8HQgoltAhEHpFXxIh8IlZcJ/KL60UBcYOIiBtFnLhJFBQ3i0KisCgiiop4UUwUF0agsIJEKEqIkiIqbhGlxK0iQZQWZURZ4UQ5kShuE+XF7aKCuENUFHeKSuIuUVlUEVVFNXG3qC7uETVETVFL3Ctqizqirqgn7hP1xf2igXhANBQPikbiIdFYPCyaiEdEU/GoaCYeE83F46KFeEK0FK1Ea9FGtP2/yn9Z9BWviH6iv0gWA8RA8aoYJAaLIWKoGCZeE8PF62KEeEOkiJFilHhTjBZviTHibTFWjBPjxTtigpgoJonJYoqYKlLFu2KaeE9MF++LGWKmmCVmizQxR8wVH4h5Yr5YID4UC8VHYpFYLJaIpSJdfCwyxDKRKT4Ry8WnIkusECvFKrFarBFrxTqxXmwQG8UmsVlsEVvFNrFdfCZ2iJ1il9gt9oi9Yp/4XOwXX4gD4kuRLb76L+af/af8XiBAgAQJGjTkgTwQAzEQC7GQH/JDASgAEYhAHMRBQSgIhaAQFIEiEA/xUByKAwICAUEJKAFRiEIpKAUJkABloAw4cJAIiVAebocKUAEqQkWoBJWgMlSBKlANqkF1qA41oAbUglpQG2pDXagL98F9cD80gAbQEBpCI2gEjaExNIEm0BSaQjNoBs2hObSAFtASWkJraA1toS20g3bQHtpDR+gInaATdIbOkARJ0BW6QjfoBt2hO/SAHtATekIv6A294WV4GV6BV6A/1JYDYCAMhEEwCIbAUBgKr8FweB1ehzcgBUbCKHgT3oS3YAycgbEwDsbDeKguJ8IkmAwkp0IqpMI0mAbTYTrMgJkwE2ZDGsyBuTAX5sF8mA8fwkL4CD6CxbAYlkI6pEMGLINMyITlcBayYAWshFWwGtbAalgH62EdbIRNsBG2wBbYBtvgM/gMdsJO2A27YS/shc/hc/gCvoAUyIZsOAgH4RAcgsNwGHIgB47AETgKR+EYHIPjcBxOwEk4BSfhNJyGM3AWzsE5uAAX4CK8GP9ts72lN6QIeYWWWuaReWSMjJGxMlbml/llAVlARmRExsk4WVAWlIVkIVlEFpHxMl4Wl8UlSpQkQ1lClogRQshSspRMkAmyjCwjnXQyUSbK8rK8rCAryIryTllJ3iUryyqyg6smq8nqsqOrIWvKWrKWrC3ryLqynqwn68v6soFsIBvKhrKRbCQby4dlEzkAhsCj8spkmsuR0EKOgpaylWwt28i34EnZTo6B9rKD7CifluNgLHSW7VySfFZ2lZOgm3xeToYXZA85FXrKl2Qv2Vv2kS/LvrK96yf7yxkwQA6Us2GQHCyHyKFyHtSRVyZWV74hU+RIOUq+KZfCW3KMfFuOlePkePmOnCAnyklyspwip8pU+a6cJt+T0+X7coacKWfJ2TJNzpFz5QdynpwvF8gP5UL5kVwkF8slcqlMlx/LDLlMZspP5HL5qcySK+RKuUqulmvkWrlOrpcb5Ea5SW6WW+RWuU1ul5/JHXKn3CV3yz1yr9wnP5f75RfygPxSZsuv5EH5N3lIfi0Py29kjvxWHpHfyaPye3lM/iCPyx/lCXlSnpI/ydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaDyqLwqRuVTseo6lV9drwqoG1RE3aji1E2qoLpZFVKFVRFVVMWrYqq4MgqVVaRCVUKVVFF1iyqlblUJqrQqo8oqp8qpRHWbKq9uVxXUHaqiulNVUnepyqqKqqqqqbtVdXWPqqFqqlrqXlVb1VF1VT11n6qv7lcN1AOqoXpQNVIPqcbqYdVEPaKaqkdVM/WYaq4eVy3UE6qlaqVaqzaqrXpStVNPqfaqg+qonlad1DOqs+qiktSzqqt6TnVTz6vu6gXVQ72oeqqXVC/VW/VRl9Rl5VU/1V8lqwFqoHpVDVKD1RA1VA1Tr6nh6nU1Qr2hUtRINUq9qUart9QY9bYaq8ap8eodNUFNVJPUZDVFTVWp6l01Tb2npqv31Qw1U81Ss1WamqOG/FZpwT/lD/jtqvuP+e/9i/wRv777NrVdfaZ2qJ1ql9qt9qi9ap/ap/ar/eqAOqCyVbY6qA6qQ+qQOqwOqxyVo46oI+qoOqqOqWPquDquTqiT6rz6SZ1WP6sz6qw6q86rC+qCuvjb10Bo0FIrrXWg8+i8Okbn07H6Op1fX68L6Bt0RN+o4/RNuqC+WRfShXURXVTH62K6uDYatdWkQ11Cl9RRfYsupW/VCbq0LqPLaqfL6UR925/O/6P+2uq2up1up9vr9rqj7qg76U66s+6sk3SS7qq76m66m+6uu+seuofuqXvqXrqX7qP76L66r+6n++lknawH6lf1ID1YD9FD9TD9mh6uh+sReoRO0Sl6lB6lR+vReoweo8fqsXq8Hq8n6Al6kp6kp+gpOlWn6ml6mp6up+sZeoaepWfpNJ2m5+q5ep6epxfoBXqhXqgX6UV6iV6i03W6ztAZOlNn6uV6uc7SK/QKvUqv0mv0Gr1Or9Mb9Aa9SW/SW/QWnaW36+16h96hd+ldeo/eo/fpfXq/3q8P6AM6W2frg/qgPqQP6cP6sM7ROfqIPqKP6qP6mD424Lg+rk/oE/qUPqVP69P6jD6jz+lz+oK+oC/qi/qyvnzlti+QgQx0oIM8QZ4gJogJYoPYIH+QPygQFAgiQSSIC+KCgsHNQaGgcFAkKBrEB8WC4oEJMLABBWFQIigZRINbglLBrUFCUDooE5QNXFAuSAxuC8oHtwcVgjuCisGdQaXgrqByUCWoGlQL7g6qB/cENYKaQa3g3qB2UCeoG9QL7gvqB/cHDYIHgobBg0Gj4KGgcfBw0CR4JGgaPBo0Cx4LmgePBy2CJ4KWQaugddAmaPuX1vf+TOGnXD/T3ySbAWagedUMMoPNEDPUDDOvmeHmdTPCvGFSzEgzyrxpRpu3zBjzthlrxpnx5h0zwUw0k8xkM8VMNanmXTPNvGemm/fNDDPTzDKzTZqZY+aaD8w8M98sMB+aheYjs8gsNkvMUpNuPjYZZpnJNJ+Y5eZTk2VWmJVmlVlt1py/UQiz3mwwG80ms9lsMVvNNrPdfGZ2mJ1ml9lt9pi9Zp/53Ow3X5gD5kuTbb4yB83fzCHztTlsvjE55ltzxHxnjprvzTHzgzlufjQnzElzyvxkTpufzRlz1pwz580F84u5aC6Zy8Zfubm/cnlHjRrzYB6MwRiMxVjMj/mxABbACEYwDuOwIBbEQlgIi2ARjMd4LI7F8QpCwhJYAqMYxVJYChMwActgGXToMBETsTyWxwpYAStiRayElbAyVsaqWBXvxrvxHrwHa2JNvBfvxTpYB+thPayP9bEBNsCG2BAbYSNsjI2xCTbBptgUm2EzbI7NsQW2wJbYEltja2yLbbEdtsP22B47YkfshJ2wM3bGJEzCrtgVu2E37I7dsQf2wJ7YE3thL+yDfbAv9sV+2A+TMRkH4kAchINwCA7BYTgMh+NwHIEjMAVTcBSOwtE4GsfgGByL43A8voMTcCJOwsk4BadiKqbiNJyG03E6zsAZOAtnYRqm4Vyci/NwHi7ABbgQF+IiXIRLcAmmYzpmYAZmYiYux+WYhVm4ElfialyNa3Etrsf1uBE34mbcjFtxK27H7bgDd+Au3IV7cA/uw324H/fjATyA2ZiNB/EgHsJDeBgPYw7m4BE8gkfxKB7DY3gcj+MJPIGn8BSextN4Bs/gOTyHF/AXvIiX8DJ6jLFSxNrrbH57vS1gb7AxNp/9x7iILWrjbTFb3BpbyBb+dzFaaxNsaVvGlrXOlrOJ9rbfxZVtFVvVVrN32+r2Hlvjd3F9e79tYB+wDe2Dtp6977c4769xI/uQbWwft03sE7apbWWb2Ta2uX3ctrBP2Ja2lW1t29hO9hnb2XaxSfZZ29U+97s4wy6z6+0Gu9FusvvtF/acPW+P2u/tBfuL7Wf722H2NTvcvm5H2Ddsih35u3i8fcdOsBPtJDvZTrFTfxfPsrNtmp1j59oP7Dw7/3dxuv3YLrSZdpFdbJfYpb/GV3rKtJ/Y5fZTm2VX2JV2lV1t19i1dt3/7nWV3WK32m12n/3c7rA77S672+6xe3+Nr5zHAfulzbZf2SP2O3vIfm0P22M2x377a3zl/I7ZH+xx+6M9YU/aU/Yne9r+bM/Ys7+e/5Vz/8lespett4KAJCnSFFAeyksxlI9i6TrKT9dTAbqBInQjxdFNVJBupkJUmIpQUYqnYlScDCFZIgqpBJWkKN1CpehWSqDSVIbKkqNylEi3UXm6nSrQHVSR7qRKdBdVpipUlarR3VSd7qEaVJNq0b1Um+pQXapH91F9up8a0APUkB6kRvQQNaaHqQk9Qk3pUWpGj1Fzepxa0BPUklpRa2pDbelJakdPUXvqQB3paepEz1Bn6kJJ9Cx1peeoGz1P3ekF6kEvUk96iXpRb+pDL1NfeoX6UX9KpgE0kF6lQTSYhtBQGkav0XB6nUbQG5RCI2kUvUmj6S0aQ2/TWBpH4+kdmkATaRJNpik0lVLpXTqb3qXIlXu9GTSTZtFsSqM5NJc+oHk0nxbQh7SQPqJFtJiW0FJKp48pg5ZRJn1Cy+lTyqIVtJJW0WpaQ2tpHa2nDbSRNtFm2kJbaRttp89oB+2kXbSb9tBe2kef0376gg7Ql5RNX9FB+hsdoq/pMH1DOfQtHaHv6Ch9T8foBzpOP9IJOkmn6Cc6TT/TGTpL5+g8XaBf6CJdosvkSYQQylCFOgzCPGHeMCbMF8aG14X5w+vDAuENYSS8MYwLbwoLhjeHhcLCYZGwaBgfFguLhybE0IYUhmGJsGQYDW8JS4W3hglh6bBMWDZ0YbkwMbwtLB/eHlYI7wgrhneGlcK7wsphlfDxB6uFd4fVw3vCGmHNsFZ4b1g7rBPWDeuF94X1w/vDBuEDYcPwwbBC+FDYOHw4bBI+EjYNHw2bhY+FzcPHwxbhE2HLsFXYOmwTtg2fDNuFT4Xtww5hx/DpsFP4TNg57BImhc+GXcPn/vB4cjggHBi+Gr4aev+AWhJdGk2PfhzNiC6LZkY/iS6PfhrNiq6Iroyuiq6Oromuja6Lro9uiG6Mbopujm6Jbo1ui3pfL69w4KRTTrvA5XF5XYzL52LddS6/u94VcDe4iLvRxbmbXEF3syvkCrsirqiLd8VccWccOuvIha6EK+mi7hZXyt3qElxpV8aVdc6Vc4mujWvr2rp27inX3nVwHd3T7mn3jHvGdXFd3LOuq3vOdXPPu+7uBdfDvehedC+5Xq636+Nedn3dK66f6++SXbIb6Aa6QW6QG+KGuGFumBvuhrsRboRLcSlulBvlRrvRbowb48a6sW68G+8muAlukpvkprgpLtWlumlumpvuprsZboab5Wa5NJfm5rq5bp6b5xa4BW5hwkK3yC1yS9wSl+7SXYbLcJku0y13y12Wy3Ir3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt8vtcnvcHrfP7XP73X53wB1w2S7bHXQH3SF3yB1237gc96074r5zR9337pj7wR13P7oT7qQ75X5yp93P7ow768658+6C+8VddJfcZeddauTdyLTIe5HpkfcjMyIzI7MisyNpkTmRuZEPIvMi8yMLIh9GFkY+iiyKLI4siSyNpEc+jmRElkUyI59Elkc+jWRFVkRWRlZFVkfWRLwvtiP0JXxJH/W3+FL+Vp/gS/syvqx3vpxP9Lf58v52X8Hf4Sv6O30lf5ev7Kv4qv4J39K38q19G9/WP+nb+ad8e9/Bd/RP+07+Gd/Zd/FJ/lnf1T/nu/nnfXf/gu/hX/Q9/Uu+l+/t+/iXfV//iu/n+/tkP8AP9K/6QX6wH+KH+mH+NT/cv+5H+Dd8ih/pR/k3/Wj/lh/j3/Zj/Tg/3r/jJ/iJfpKf7Kf4qT7Vv+un+ff8dP++n+Fn+ll+tk/zc/xc/4Gf5+f7Bf5Dv9B/5Bf5xX6JX+rT/cc+wy/zmf4Tv9x/6rP8Cr/Sr/Kr/Rq/1q/z6/0Gv9Fv8pv9Fr/Vb/Pb/Wd+h9/pd/ndfo/f6/f5z/1+/4U/4L/02f4rf9D/zR/yX/vD/huf47/1R/x3/qj/3h/zP/jj/kd/wp/0p/xP/rT/2Z/xZ/05f95f8L/4i/6Sv8y/s8YYY4wx9n9E/cHxAf/i/+Rv64qBQojrdxbN+eeamwv9fT9YxneKCCGe7d/z0X9btWsnJyf/9tosJYKSi4UQkav5ecTVeIXoKJ4RSaKDKP8v+xsse1+gP6gfvVOI2KuVfxUr/rn+7f9B/SefHp9RKTwX95/UXyxEQsmrOfnE1fhq/Qr/Qf3C7f6g/3xfpwrR/h9y8our8dX6ieIp8ZxI+nevZIwxxhhjjDHG/m6wrNr9j56frzyfx+urOXnF1fiPns8ZY4wxxhhjjDF27b3Qu0+XJ5OSOnTnzZ/Y1Pjv0QZvePOXba71TybGGGOMMcbYX+3qTf+17oQxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMu9/n/8ObFrfY6MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbYtfa/AgAA///mJjhh")
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_pidfd_open(r5, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x2000000000000022, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
r7 = socket$netlink(0x10, 0x3, 0x0)
writev(r7, &(0x7f00000003c0)=[{&(0x7f0000000480)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff08000400000000000000005300861e4f657a336ff78b13cea9c164cfb47597088215ee1229b8aa3ebf4c38cd0e5f42c7b28b11ec5176129c884ad552631b4f5a697d186b3aaee36ed581a3ad43f5c36a37b63cb61b6afaa61dd2b45fff76aa455a40a2dcfe92567d278af31a96da", 0x9c}], 0x1)
r8 = socket$inet6(0x10, 0x2, 0x100)
read(r8, 0x0, 0x0)
r9 = socket(0x10, 0x80003, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r9, 0x8914, 0x0)

249.179348ms ago: executing program 5 (id=5777):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000340)={0xb8, 0x0, 0x9, 0x801, 0x0, 0x0, {0xa, 0x0, 0x9}, [@NFCTH_TUPLE={0xc, 0x2, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @NFCTH_TUPLE={0x88, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @rand_addr=0x64010101}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x14, 0x4, @loopback}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}]}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x1a}, @NFCTH_STATUS={0x8, 0x6, 0x1, 0x0, 0x1}]}, 0xb8}, 0x1, 0x0, 0x0, 0x4}, 0x80)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001040)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in=@broadcast, @in6=@remote}, {@in6=@private0, 0x0, 0x32}, @in6=@private0, {}, {}, {0x80000000}, 0x0, 0x0, 0xa, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}, 0x1, 0xe}, 0x0)

27.76289ms ago: executing program 0 (id=5778):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='task_rename\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='task_rename\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x10, 0x4, 0x8, 0x7, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000940)={{r3}, &(0x7f00000008c0), &(0x7f0000000900)=r2}, 0x20)

0s ago: executing program 0 (id=5779):
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x2, 0x0, &(0x7f0000000000))
chdir(0x0)
r0 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x9, 0x40}, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
stat(&(0x7f00000004c0)='./bus\x00', 0x0)
quotactl$Q_SETQUOTA(0x7fffffffc0000403, &(0x7f0000000340)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000680)={0x8, 0x101, 0x200, 0x100000001, 0xff, 0x0, 0xfff, 0x3, 0xb})
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x7528e000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
linkat(r0, &(0x7f0000000280)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x1400)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="190000000400000004000000080000", @ANYRES32=0x0], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r4], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

0: Alarms can be up to one day in the future
[  645.606827][ T5713] rtc rtc0: __rtc_set_alarm: err=-22
[  645.612762][   T30] audit: type=1326 audit(2000000443.880:5033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14288 comm="syz.5.4845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f15181c64d7 code=0x7ffc0000
[  645.688419][   T30] audit: type=1326 audit(2000000443.880:5034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14288 comm="syz.5.4845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f15181c60f0 code=0x7ffc0000
[  645.722727][   T30] audit: type=1326 audit(2000000443.880:5035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14288 comm="syz.5.4845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f15181c735b code=0x7ffc0000
[  645.781137][T14313] 9pnet: Insufficient options for proto=fd
[  645.813480][   T30] audit: type=1326 audit(2000000443.890:5036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14288 comm="syz.5.4845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f15181c63ea code=0x7ffc0000
[  645.841346][   T30] audit: type=1326 audit(2000000443.890:5037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14288 comm="syz.5.4845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15181c7759 code=0x7ffc0000
[  645.874515][T14321] loop6: detected capacity change from 0 to 512
[  645.880859][   T30] audit: type=1326 audit(2000000443.890:5038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14288 comm="syz.5.4845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15181c7759 code=0x7ffc0000
[  645.906158][   T30] audit: type=1326 audit(2000000443.890:5039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14288 comm="syz.5.4845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7f15181c7759 code=0x7ffc0000
[  645.999984][   T30] audit: type=1326 audit(2000000443.900:5040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14288 comm="syz.5.4845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15181c7759 code=0x7ffc0000
[  646.157409][T14321] EXT4-fs (loop6): orphan cleanup on readonly fs
[  646.175376][   T30] audit: type=1326 audit(2000000443.900:5041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14288 comm="syz.5.4845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15181c7759 code=0x7ffc0000
[  646.183930][T14321] EXT4-fs error (device loop6): ext4_ext_check_inode:501: inode #4: comm syz.6.4856: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 2048(2048)
[  646.217204][T14321] EXT4-fs error (device loop6): ext4_quota_enable:6381: comm syz.6.4856: Bad quota inode: 4, type: 1
[  646.233610][T14321] EXT4-fs warning (device loop6): ext4_enable_quotas:6422: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  646.256802][T14321] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  646.285172][T14321] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  647.135885][T14326] rtc_cmos 00:00: Alarms can be up to one day in the future
[  648.222269][  T312] rtc_cmos 00:00: Alarms can be up to one day in the future
[  648.233166][  T312] rtc_cmos 00:00: Alarms can be up to one day in the future
[  648.396874][T14358] loop6: detected capacity change from 0 to 512
[  649.715467][  T312] rtc_cmos 00:00: Alarms can be up to one day in the future
[  649.723107][  T312] rtc_cmos 00:00: Alarms can be up to one day in the future
[  649.730992][  T312] rtc rtc0: __rtc_set_alarm: err=-22
[  649.736439][T14358] EXT4-fs (loop6): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback.
[  649.753281][T14358] ext4 filesystem being mounted at /166/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  649.790949][T14375] usb usb7: usbfs: process 14375 (syz.0.4870) did not claim interface 0 before use
[  649.825540][T14377] device wg2 left promiscuous mode
[  649.841492][T14377] device wg2 entered promiscuous mode
[  650.385693][T14392] fuse: Bad value for 'group_id'
[  651.281886][T14378] rtc_cmos 00:00: Alarms can be up to one day in the future
[  651.333764][  T312] rtc_cmos 00:00: Alarms can be up to one day in the future
[  651.341344][  T312] rtc_cmos 00:00: Alarms can be up to one day in the future
[  651.369469][  T312] rtc_cmos 00:00: Alarms can be up to one day in the future
[  651.384115][  T312] rtc_cmos 00:00: Alarms can be up to one day in the future
[  651.399649][  T312] rtc rtc0: __rtc_set_alarm: err=-22
[  651.444086][T14404] usb usb7: usbfs: process 14404 (syz.6.4882) did not claim interface 0 before use
[  651.596436][T14421] fuse: Bad value for 'group_id'
[  652.555133][T14428] rtc_cmos 00:00: Alarms can be up to one day in the future
[  652.879273][  T312] rtc_cmos 00:00: Alarms can be up to one day in the future
[  652.930151][  T312] rtc_cmos 00:00: Alarms can be up to one day in the future
[  652.937754][  T312] rtc_cmos 00:00: Alarms can be up to one day in the future
[  652.945262][  T312] rtc_cmos 00:00: Alarms can be up to one day in the future
[  652.953532][  T312] rtc rtc0: __rtc_set_alarm: err=-22
[  655.605192][T14467] loop2: detected capacity change from 0 to 512
[  657.115298][T14465] rtc_cmos 00:00: Alarms can be up to one day in the future
[  657.165754][  T295] Bluetooth: hci0: command 0x1003 tx timeout
[  657.182412][  T552] Bluetooth: hci0: sending frame failed (-49)
[  657.202404][T14471] loop0: detected capacity change from 0 to 512
[  657.209317][   T30] kauditd_printk_skb: 25 callbacks suppressed
[  657.209656][   T30] audit: type=1326 audit(2000000453.670:5067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14462 comm="syz.2.4900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d217ab759 code=0x7ffc0000
[  657.222082][T14473] incfs: Error accessing: ./file0.
[  657.244062][T14473] incfs: mount failed -20
[  657.245374][   T30] audit: type=1326 audit(2000000453.670:5068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14462 comm="syz.2.4900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d217ab759 code=0x7ffc0000
[  657.271662][   T30] audit: type=1326 audit(2000000453.910:5069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14462 comm="syz.2.4900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f3d217ab759 code=0x7ffc0000
[  657.303024][   T30] audit: type=1326 audit(2000000453.910:5070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14462 comm="syz.2.4900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f3d217ab793 code=0x7ffc0000
[  657.328422][   T30] audit: type=1326 audit(2000000454.150:5071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14462 comm="syz.2.4900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3d217aa23f code=0x7ffc0000
[  657.359811][T14471] EXT4-fs (loop0): Ignoring removed nobh option
[  657.365327][   T30] audit: type=1326 audit(2000000454.170:5072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14462 comm="syz.2.4900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f3d217ab7e7 code=0x7ffc0000
[  657.375286][T14471] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  657.389615][   T30] audit: type=1326 audit(2000000454.180:5073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14462 comm="syz.2.4900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3d217aa0f0 code=0x7ffc0000
[  657.411528][T14471] EXT4-fs (loop0): can't mount with commit=14, fs mounted w/o journal
[  657.422520][   T30] audit: type=1326 audit(2000000454.180:5074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14462 comm="syz.2.4900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3d217ab35b code=0x7ffc0000
[  657.453715][   T30] audit: type=1326 audit(2000000454.190:5075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14462 comm="syz.2.4900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f3d217aa3ea code=0x7ffc0000
[  657.477715][   T30] audit: type=1326 audit(2000000454.190:5076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14462 comm="syz.2.4900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f3d217aa3ea code=0x7ffc0000
[  657.510288][T14467] EXT4-fs (loop2): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback.
[  657.527889][T14467] ext4 filesystem being mounted at /385/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  657.829121][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  657.836588][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  657.844058][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  657.858820][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  657.875994][ T5713] rtc rtc0: __rtc_set_alarm: err=-22
[  659.258133][  T465] Bluetooth: hci0: command 0x1001 tx timeout
[  659.264043][  T552] Bluetooth: hci0: sending frame failed (-49)
[  660.010211][T14522] loop6: detected capacity change from 0 to 1024
[  660.238451][T14522] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  660.372283][T14522] EXT4-fs (loop6): mounted filesystem without journal. Opts: delalloc,bsddf,nojournal_checksum,norecovery,debug_want_extra_isize=0x0000000000000080,dioread_nolock,nodelalloc,acl,auto_da_alloc=0x0000000000800347,,errors=continue. Quota mode: none.
[  660.405901][T14530] device wg2 left promiscuous mode
[  660.413514][T14530] device wg2 entered promiscuous mode
[  660.802384][T14518] rtc_cmos 00:00: Alarms can be up to one day in the future
[  660.939751][  T312] rtc_cmos 00:00: Alarms can be up to one day in the future
[  660.972792][  T312] rtc_cmos 00:00: Alarms can be up to one day in the future
[  661.003651][  T312] rtc_cmos 00:00: Alarms can be up to one day in the future
[  661.013909][  T312] rtc_cmos 00:00: Alarms can be up to one day in the future
[  661.248204][  T312] rtc rtc0: __rtc_set_alarm: err=-22
[  661.338923][  T465] Bluetooth: hci0: command 0x1009 tx timeout
[  661.820638][T14557] xt_l2tp: missing protocol rule (udp|l2tpip)
[  662.120753][T14563] loop2: detected capacity change from 0 to 512
[  662.145468][T14563] SELinux: security_context_str_to_sid(staff_u) failed for (dev ?, type ?) errno=-22
[  662.171867][T14563] EXT4-fs (loop2): Unrecognized mount option "uid<00000000000000000000" or missing value
[  662.356704][T14577] loop0: detected capacity change from 0 to 1024
[  662.701631][T14577] EXT4-fs (loop0): Test dummy encryption mode enabled
[  662.708486][T14577] EXT4-fs (loop0): Test dummy encryption mode enabled
[  662.715159][T14577] EXT4-fs (loop0): Ignoring removed orlov option
[  662.725519][T14577] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000200005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  662.826985][   T30] kauditd_printk_skb: 32 callbacks suppressed
[  662.827002][   T30] audit: type=1400 audit(2000000461.400:5109): avc:  denied  { unlink } for  pid=14562 comm="syz.2.4928" name="#7" dev="tmpfs" ino=2140 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  662.838651][T14583] overlayfs: failed to resolve './file0': -2
[  663.117617][T14573] rtc_cmos 00:00: Alarms can be up to one day in the future
[  663.800973][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  663.810543][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  663.826182][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  663.837801][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  663.845318][ T5713] rtc rtc0: __rtc_set_alarm: err=-22
[  663.947402][T14616] xt_l2tp: missing protocol rule (udp|l2tpip)
[  664.211864][T14619] loop1: detected capacity change from 0 to 512
[  664.250077][T14621] tipc: Started in network mode
[  664.254966][T14621] tipc: Node identity b685dc1ec766, cluster identity 4711
[  664.263465][T14621] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  664.271715][T14621] tipc: Disabling bearer <eth:syzkaller0>
[  664.287639][T14619] EXT4-fs (loop1): Ignoring removed nobh option
[  664.293878][T14619] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  664.322064][T14619] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,nobh,max_batch_time=0x00000000000003ff,nojournal_checksum,usrquota,dioread_nolock,nodiscard,. Quota mode: writeback.
[  664.341453][T14619] ext4 filesystem being mounted at /424/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  665.192479][T14528] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 224: padding at end of block bitmap is not set
[  665.369335][T14624] rtc_cmos 00:00: Alarms can be up to one day in the future
[  665.446079][T14528] EXT4-fs (loop1): Remounting filesystem read-only
[  665.814145][    T6] rtc_cmos 00:00: Alarms can be up to one day in the future
[  665.821572][    T6] rtc_cmos 00:00: Alarms can be up to one day in the future
[  665.828971][    T6] rtc_cmos 00:00: Alarms can be up to one day in the future
[  665.836298][    T6] rtc_cmos 00:00: Alarms can be up to one day in the future
[  665.843421][    T6] rtc rtc0: __rtc_set_alarm: err=-22
[  666.004211][    T6] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  666.218477][ T6457] Bluetooth: hci0: command 0x1003 tx timeout
[  666.224401][  T552] Bluetooth: hci0: sending frame failed (-49)
[  666.367533][T14659] ------------[ cut here ]------------
[  666.368267][    T6] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  666.372860][T14659] WARNING: CPU: 1 PID: 14659 at mm/vmalloc.c:3018 __vmalloc_node_range+0x7ca/0x8d0
[  666.392740][T14659] Modules linked in:
[  666.396490][T14659] CPU: 0 PID: 14659 Comm: syz.5.4960 Not tainted 5.15.167-syzkaller-00348-g2e66050fb753 #0
[  666.406501][T14659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  666.416583][T14659] RIP: 0010:__vmalloc_node_range+0x7ca/0x8d0
[  666.422574][T14659] Code: 89 d8 48 81 c4 88 00 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 37 12 c4 ff eb e2 e8 30 12 c4 ff e9 18 fd ff ff e8 26 12 c4 ff <0f> 0b eb cf e8 1d 12 c4 ff 4c 89 f7 e8 25 eb ff ff eb c0 89 d9 80
[  666.442148][T14659] RSP: 0018:ffffc90000e27a68 EFLAGS: 00010287
[  666.448061][T14659] RAX: ffffffff81ac453a RBX: 0000000000000000 RCX: 0000000000040000
[  666.455869][T14659] RDX: ffffc9000332d000 RSI: 0000000000000021 RDI: 0000000000000022
[  666.463845][T14659] RBP: ffffc90000e27b18 R08: ffffffff81ac3daa R09: 8000000000000163
[  666.471830][T14659] R10: fffff520001c4f5a R11: dffffc0000000001 R12: 0000000000000001
[  666.479716][T14659] R13: 0000000000000000 R14: ffffe8ffffffffff R15: ffffc90000000000
[  666.487514][T14659] FS:  00007f1516e406c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  666.496619][T14659] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  666.503058][T14659] CR2: 0000000000000000 CR3: 0000000126745000 CR4: 00000000003506a0
[  666.510811][T14659] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  666.518633][T14659] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  666.526406][T14659] Call Trace:
[  666.529551][T14659]  <TASK>
[  666.532309][T14659]  ? show_regs+0x58/0x60
[  666.536385][T14659]  ? __warn+0x160/0x2f0
[  666.538213][    T6] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  666.540586][T14659]  ? __vmalloc_node_range+0x7ca/0x8d0
[  666.549886][    T6] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  666.554440][T14659]  ? report_bug+0x3d9/0x5b0
[  666.554470][T14659]  ? __vmalloc_node_range+0x7ca/0x8d0
[  666.562701][    T6] usb 3-1: Product: syz
[  666.566650][T14659]  ? handle_bug+0x41/0x70
[  666.572063][    T6] usb 3-1: Manufacturer: syz
[  666.575810][T14659]  ? exc_invalid_op+0x1b/0x50
[  666.575836][T14659]  ? asm_exc_invalid_op+0x1b/0x20
[  666.580315][    T6] usb 3-1: SerialNumber: syz
[  666.584429][T14659]  ? __vmalloc_node_range+0x3a/0x8d0
[  666.603316][T14659]  ? __vmalloc_node_range+0x7ca/0x8d0
[  666.608540][T14659]  ? __vmalloc_node_range+0x7ca/0x8d0
[  666.613727][T14659]  ? __vmalloc_node_range+0x7ca/0x8d0
[  666.618970][T14659]  ? avc_has_perm_noaudit+0x430/0x430
[  666.624133][T14659]  ? sel_write_load+0x282/0x580
[  666.628865][T14659]  vmalloc+0x78/0x90
[  666.632555][T14659]  ? sel_write_load+0x282/0x580
[  666.637240][T14659]  sel_write_load+0x282/0x580
[  666.641781][T14659]  ? avc_policy_seqno+0x1b/0x70
[  666.646440][T14659]  ? sel_make_dir+0x270/0x270
[  666.651025][T14659]  ? fsnotify_perm+0x6a/0x5b0
[  666.655468][T14659]  ? security_file_permission+0x86/0xb0
[  666.660877][T14659]  ? sel_make_dir+0x270/0x270
[  666.665363][T14659]  vfs_write+0x406/0x1110
[  666.669572][T14659]  ? putname+0xfa/0x150
[  666.673520][T14659]  ? file_end_write+0x1c0/0x1c0
[  666.678236][T14659]  ? __kasan_check_write+0x14/0x20
[  666.683153][T14659]  ? mutex_lock+0xb6/0x1e0
[  666.687408][T14659]  ? wait_for_completion_killable_timeout+0x10/0x10
[  666.693859][T14659]  ? __fdget_pos+0x2e7/0x3a0
[  666.698278][T14659]  ? ksys_write+0x77/0x2c0
[  666.702507][T14659]  ksys_write+0x199/0x2c0
[  666.706674][T14659]  ? __ia32_sys_read+0x90/0x90
[  666.711308][T14659]  ? __kasan_check_write+0x14/0x20
[  666.716226][T14659]  ? switch_fpu_return+0x15f/0x2e0
[  666.721221][T14659]  __x64_sys_write+0x7b/0x90
[  666.725601][T14659]  x64_sys_call+0x2f/0x9a0
[  666.729885][T14659]  do_syscall_64+0x3b/0xb0
[  666.734341][T14659]  ? clear_bhb_loop+0x35/0x90
[  666.739122][T14659]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  666.744996][T14659] RIP: 0033:0x7f15181c7759
[  666.749518][T14659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  666.769392][T14659] RSP: 002b:00007f1516e40038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  666.778647][T14659] RAX: ffffffffffffffda RBX: 00007f151837ef80 RCX: 00007f15181c7759
[  666.786490][T14659] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  666.794406][T14659] RBP: 00007f151823a75e R08: 0000000000000000 R09: 0000000000000000
[  666.802413][T14659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  666.810283][T14659] R13: 0000000000000000 R14: 00007f151837ef80 R15: 00007ffdbbd08a08
[  666.818177][T14659]  </TASK>
[  666.821016][T14659] ---[ end trace 9b85607dcf4a8bf9 ]---
[  667.684380][T14662] rtc_cmos 00:00: Alarms can be up to one day in the future
[  667.735145][T14672] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  667.768972][T14674] binder: binder_mmap: 14673 20ffd000-21000000 bad vm_flags failed -1
[  667.800732][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  667.808550][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  667.816069][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  667.823880][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  667.831694][ T5713] rtc rtc0: __rtc_set_alarm: err=-22
[  667.880392][T14674] binder_alloc: 14673: binder_alloc_buf, no vma
[  668.298141][  T465] Bluetooth: hci0: command 0x1001 tx timeout
[  668.304057][  T552] Bluetooth: hci0: sending frame failed (-49)
[  668.500727][T14689] loop6: detected capacity change from 0 to 512
[  668.578582][T14689] EXT4-fs (loop6): Ignoring removed nobh option
[  668.584798][T14689] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  668.600411][T14689] EXT4-fs (loop6): mounted filesystem without journal. Opts: errors=remount-ro,nobh,max_batch_time=0x00000000000003ff,nojournal_checksum,usrquota,dioread_nolock,nodiscard,. Quota mode: writeback.
[  668.619545][T14689] ext4 filesystem being mounted at /194/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  668.748218][    T6] cdc_ncm 3-1:1.0: bind() failure
[  668.768196][    T6] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  668.788196][    T6] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  668.899040][T14700] binder: BINDER_SET_CONTEXT_MGR bad uid 60928 != 0
[  668.905568][T14700] binder: 14693:14700 ioctl 4018620d 20000100 returned -1
[  669.232449][    T6] usb 3-1: USB disconnect, device number 50
[  669.648440][T14713] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  669.672263][T14715] incfs: Error accessing: ./file0.
[  669.677359][T14715] incfs: mount failed -20
[  670.300851][T14726] loop6: detected capacity change from 0 to 2048
[  670.388177][ T6457] Bluetooth: hci0: command 0x1009 tx timeout
[  670.396860][T14709] rtc_cmos 00:00: Alarms can be up to one day in the future
[  670.406884][T14726] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  670.718173][  T465] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[  670.800241][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  670.807701][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  670.815111][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  670.822534][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  670.829687][ T5713] rtc rtc0: __rtc_set_alarm: err=-22
[  670.950068][T14735] loop5: detected capacity change from 0 to 512
[  671.008650][T14735] EXT4-fs (loop5): Ignoring removed nobh option
[  671.014880][T14735] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  671.030418][T14735] EXT4-fs (loop5): mounted filesystem without journal. Opts: errors=remount-ro,nobh,max_batch_time=0x00000000000003ff,nojournal_checksum,usrquota,dioread_nolock,nodiscard,. Quota mode: writeback.
[  671.049813][T14735] ext4 filesystem being mounted at /153/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  671.108227][  T465] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  671.348255][  T465] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  671.357169][  T465] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  671.364976][  T465] usb 2-1: Product: syz
[  671.368960][  T465] usb 2-1: Manufacturer: syz
[  671.373350][  T465] usb 2-1: SerialNumber: syz
[  671.656043][T14751] incfs: Error accessing: ./file0.
[  671.661069][T14751] incfs: mount failed -20
[  673.195910][T14760] rtc_cmos 00:00: Alarms can be up to one day in the future
[  673.250462][T14775] loop2: detected capacity change from 0 to 2048
[  673.275617][   T30] audit: type=1326 audit(2000000471.850:5110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14780 comm="syz.6.4997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  673.301936][T14783] incfs: Error accessing: ./file0.
[  673.307275][T14783] incfs: mount failed -20
[  673.307318][   T30] audit: type=1326 audit(2000000471.850:5111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14780 comm="syz.6.4997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  673.335331][   T30] audit: type=1326 audit(2000000471.850:5112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14780 comm="syz.6.4997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  673.363905][   T30] audit: type=1326 audit(2000000471.850:5113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14780 comm="syz.6.4997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  673.387545][   T30] audit: type=1326 audit(2000000471.850:5114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14780 comm="syz.6.4997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  673.411144][   T30] audit: type=1326 audit(2000000471.850:5115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14780 comm="syz.6.4997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  673.435172][   T30] audit: type=1326 audit(2000000471.850:5116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14780 comm="syz.6.4997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  673.462654][   T30] audit: type=1326 audit(2000000471.850:5117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14780 comm="syz.6.4997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  673.478007][T14775] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  673.486474][   T30] audit: type=1326 audit(2000000471.850:5118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14780 comm="syz.6.4997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  673.558355][  T465] cdc_ncm 2-1:1.0: bind() failure
[  673.638185][  T465] cdc_ncm: probe of 2-1:1.1 failed with error -71
[  673.712520][  T465] cdc_mbim: probe of 2-1:1.1 failed with error -71
[  673.724194][  T465] usb 2-1: USB disconnect, device number 51
[  673.800048][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  673.807458][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  673.815009][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  673.822393][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  673.829527][ T5713] rtc rtc0: __rtc_set_alarm: err=-22
[  674.202731][T14803] loop2: detected capacity change from 0 to 40427
[  674.316850][T14803] F2FS-fs (loop2): invalid crc value
[  674.431117][T14803] F2FS-fs (loop2): Found nat_bits in checkpoint
[  674.509055][T14803] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  675.582097][T14804] rtc_cmos 00:00: Alarms can be up to one day in the future
[  675.803386][T14822] loop1: detected capacity change from 0 to 40427
[  675.810157][   T30] audit: type=1400 audit(2000000473.250:5119): avc:  denied  { bind } for  pid=14816 comm="syz.1.5008" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  675.830655][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  675.843806][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  675.868522][T14822] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  675.876294][T14822] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  675.995328][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  676.070498][T14822] F2FS-fs (loop1): Found nat_bits in checkpoint
[  676.176040][T14822] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  676.183029][T14822] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  676.402803][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  676.708346][ T5713] rtc rtc0: __rtc_set_alarm: err=-22
[  676.741059][T14832] 9pnet: Insufficient options for proto=fd
[  676.816757][T14835] loop5: detected capacity change from 0 to 128
[  676.899936][T14835] EXT4-fs (loop5): Test dummy encryption mode enabled
[  676.907115][ T8579] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  676.907140][ T8579] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  676.915968][ T8579] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  676.924797][ T8579] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  676.932768][T14835] EXT4-fs (loop5): mounted filesystem without journal. Opts: minixdf,test_dummy_encryption=v1,,errors=continue. Quota mode: none.
[  676.954182][ T8579] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  676.954204][ T8579] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  676.967322][ T8579] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  676.975142][T14835] ext4 filesystem being mounted at /162/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  677.138156][    T6] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  677.548193][    T6] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  677.718345][    T6] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  677.738281][    T6] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  677.746121][    T6] usb 3-1: Product: syz
[  677.768665][    T6] usb 3-1: Manufacturer: syz
[  677.773104][    T6] usb 3-1: SerialNumber: syz
[  677.796300][T14870] 9pnet: Insufficient options for proto=fd
[  677.872265][T14876] usb usb7: usbfs: process 14876 (syz.0.5026) did not claim interface 0 before use
[  677.970795][T14882] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  678.772352][T14908] loop6: detected capacity change from 0 to 512
[  678.793167][   T30] kauditd_printk_skb: 17 callbacks suppressed
[  678.793183][   T30] audit: type=1400 audit(2000000477.370:5137): avc:  denied  { setopt } for  pid=14909 comm="syz.1.5039" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  678.820766][   T30] audit: type=1400 audit(2000000477.400:5138): avc:  denied  { bind } for  pid=14909 comm="syz.1.5039" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  678.848614][T14908] EXT4-fs (loop6): Ignoring removed nobh option
[  678.854906][T14908] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  678.880200][T14908] EXT4-fs (loop6): mounted filesystem without journal. Opts: errors=remount-ro,nobh,max_batch_time=0x00000000000003ff,nojournal_checksum,usrquota,dioread_nolock,nodiscard,. Quota mode: writeback.
[  678.899615][T14908] ext4 filesystem being mounted at /217/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  679.466657][T14920] binder: BINDER_SET_CONTEXT_MGR bad uid 60928 != 0
[  679.473118][T14920] binder: 14919:14920 ioctl 4018620d 20000100 returned -1
[  679.833945][   T30] audit: type=1326 audit(2000000478.410:5139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14941 comm="syz.0.5051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  679.857803][   T30] audit: type=1326 audit(2000000478.410:5140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14941 comm="syz.0.5051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  679.898584][   T30] audit: type=1326 audit(2000000478.410:5141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14941 comm="syz.0.5051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  679.922180][   T30] audit: type=1326 audit(2000000478.410:5142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14941 comm="syz.0.5051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  679.946518][   T30] audit: type=1326 audit(2000000478.460:5143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14941 comm="syz.0.5051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  679.972088][    T6] cdc_ncm 3-1:1.0: bind() failure
[  679.978685][   T30] audit: type=1326 audit(2000000478.460:5144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14941 comm="syz.0.5051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  680.002117][    T6] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  680.010232][   T30] audit: type=1326 audit(2000000478.460:5145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14941 comm="syz.0.5051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  680.033644][    T6] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  680.038519][    T6] usb 3-1: USB disconnect, device number 51
[  680.043474][   T30] audit: type=1326 audit(2000000478.460:5146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14941 comm="syz.0.5051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  680.718130][    T6] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  680.858149][  T465] Bluetooth: hci0: command 0x1003 tx timeout
[  680.864246][  T552] Bluetooth: hci0: sending frame failed (-49)
[  681.018622][T14969] fuse: Bad value for 'fd'
[  681.284538][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  681.295260][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  681.304820][    T6] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  681.313646][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  681.322130][    T6] usb 3-1: config 0 descriptor??
[  681.485673][T14981] binder: BINDER_SET_CONTEXT_MGR already set
[  681.491513][T14981] binder: 14980:14981 ioctl 4018620d 20000040 returned -16
[  681.509674][T14983] 9pnet: Insufficient options for proto=fd
[  681.779989][    T6] pyra 0003:1E7D:2CF6.0050: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.2-1/input0
[  682.139818][    T6] pyra 0003:1E7D:2CF6.0050: couldn't init struct pyra_device
[  682.147053][    T6] pyra 0003:1E7D:2CF6.0050: couldn't install mouse
[  682.155197][    T6] pyra: probe of 0003:1E7D:2CF6.0050 failed with error -5
[  682.279844][    T6] usb 3-1: USB disconnect, device number 52
[  682.534322][T14998] fuse: Bad value for 'fd'
[  682.714449][T15009] loop5: detected capacity change from 0 to 16
[  682.793648][T15012] binder: BINDER_SET_CONTEXT_MGR already set
[  682.800079][T15012] binder: 15011:15012 ioctl 4018620d 20000040 returned -16
[  682.807234][T15009] erofs: (device loop5): mounted with root inode @ nid 36.
[  682.941392][    T6] Bluetooth: hci0: command 0x1001 tx timeout
[  682.948710][  T552] Bluetooth: hci0: sending frame failed (-49)
[  683.615938][T15029] fuse: Invalid rootmode
[  683.730373][T15035] loop5: detected capacity change from 0 to 256
[  683.758424][T15035] exfat: Deprecated parameter 'namecase'
[  683.763958][T15035] exfat: Unknown parameter 'uma­¨'
[  683.835445][T15037] loop2: detected capacity change from 0 to 512
[  683.860438][T15037] EXT4-fs error (device loop2): ext4_do_update_inode:5205: inode #3: comm syz.2.5088: corrupted inode contents
[  683.872609][T15037] EXT4-fs error (device loop2): ext4_dirty_inode:6038: inode #3: comm syz.2.5088: mark_inode_dirty error
[  683.884420][T15037] EXT4-fs error (device loop2): ext4_do_update_inode:5205: inode #3: comm syz.2.5088: corrupted inode contents
[  683.896676][T15037] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #3: comm syz.2.5088: mark_inode_dirty error
[  683.908454][T15037] __quota_error: 15 callbacks suppressed
[  683.908472][T15037] Quota error (device loop2): write_blk: dquota write failed
[  683.921445][T15037] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  683.931371][T15037] EXT4-fs error (device loop2): ext4_acquire_dquot:6187: comm syz.2.5088: Failed to acquire dquot type 0
[  683.947004][T15037] EXT4-fs (loop2): 1 orphan inode deleted
[  683.952685][T15037] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  683.963925][T15037] ext4 filesystem being mounted at /413/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  683.983034][T15043] netlink: 'syz.5.5087': attribute type 4 has an invalid length.
[  685.135637][T15050] binder: 15049:15050 ioctl c0306201 0 returned -14
[  685.213585][T15056] loop2: detected capacity change from 0 to 16
[  685.230527][  T465] Bluetooth: hci0: command 0x1009 tx timeout
[  685.258773][T15056] erofs: (device loop2): mounted with root inode @ nid 36.
[  686.126894][T15068] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5096'.
[  686.137221][T15068] device bridge0 entered promiscuous mode
[  686.142886][T15068] device macsec1 entered promiscuous mode
[  686.220262][T15076] loop5: detected capacity change from 0 to 128
[  686.233886][T15076] EXT4-fs (loop5): Test dummy encryption mode enabled
[  686.242000][T15076] EXT4-fs (loop5): mounted filesystem without journal. Opts: minixdf,test_dummy_encryption=v1,,errors=continue. Quota mode: none.
[  686.255431][T15076] ext4 filesystem being mounted at /181/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  686.334754][T15080] binder: 15079:15080 ioctl c0306201 0 returned -14
[  687.843496][T15100] loop2: detected capacity change from 0 to 512
[  687.850163][   T30] audit: type=1326 audit(2000000486.420:5162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15089 comm="syz.2.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d217ab759 code=0x7ffc0000
[  687.853612][T15099] loop5: detected capacity change from 0 to 16
[  687.880504][   T30] audit: type=1326 audit(2000000486.420:5163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15089 comm="syz.2.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d217ab759 code=0x7ffc0000
[  687.904927][   T30] audit: type=1326 audit(2000000486.420:5164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15089 comm="syz.2.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f3d217ab759 code=0x7ffc0000
[  687.928853][   T30] audit: type=1326 audit(2000000486.420:5165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15089 comm="syz.2.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f3d217ab793 code=0x7ffc0000
[  687.955371][T15099] erofs: (device loop5): mounted with root inode @ nid 36.
[  688.066151][T15100] EXT4-fs (loop2): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback.
[  688.083098][T15100] ext4 filesystem being mounted at /421/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  688.107374][   T30] audit: type=1326 audit(2000000486.420:5166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15089 comm="syz.2.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3d217aa23f code=0x7ffc0000
[  688.464422][   T30] audit: type=1326 audit(2000000486.420:5167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15089 comm="syz.2.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f3d217ab7e7 code=0x7ffc0000
[  688.539100][   T30] audit: type=1326 audit(2000000486.420:5168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15089 comm="syz.2.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3d217aa0f0 code=0x7ffc0000
[  688.585737][   T30] audit: type=1326 audit(2000000486.420:5169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15089 comm="syz.2.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3d217ab35b code=0x7ffc0000
[  688.627271][T15109] usb usb7: usbfs: process 15109 (syz.6.5109) did not claim interface 0 before use
[  689.478117][    T6] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  689.585644][T15136] device wg2 left promiscuous mode
[  689.596423][T15136] device wg2 entered promiscuous mode
[  689.981982][T15147] loop6: detected capacity change from 0 to 16
[  690.088884][T15147] erofs: (device loop6): mounted with root inode @ nid 36.
[  690.290346][T15152] attempt to access beyond end of device
[  690.290346][T15152] loop6: rw=0, want=34359739352, limit=16
[  690.546372][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  690.557163][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  690.566710][    T6] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  690.587034][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  690.600784][T15156] usb usb7: usbfs: process 15156 (syz.0.5122) did not claim interface 0 before use
[  690.611235][    T6] usb 3-1: config 0 descriptor??
[  691.237573][    T6] pyra 0003:1E7D:2CF6.0051: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.2-1/input0
[  691.318451][    T6] pyra 0003:1E7D:2CF6.0051: couldn't init struct pyra_device
[  691.325780][    T6] pyra 0003:1E7D:2CF6.0051: couldn't install mouse
[  691.333118][    T6] pyra: probe of 0003:1E7D:2CF6.0051 failed with error -5
[  691.527926][  T465] usb 3-1: USB disconnect, device number 53
[  692.048339][   T30] kauditd_printk_skb: 14 callbacks suppressed
[  692.048357][   T30] audit: type=1326 audit(2000000490.630:5184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.2.5131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d217ab759 code=0x7ffc0000
[  692.081104][   T30] audit: type=1326 audit(2000000490.650:5185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.2.5131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d217ab759 code=0x7ffc0000
[  692.104569][   T30] audit: type=1326 audit(2000000490.650:5186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.2.5131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d217ab759 code=0x7ffc0000
[  692.142981][T15189] device syzkaller0 entered promiscuous mode
[  692.148886][   T30] audit: type=1326 audit(2000000490.650:5187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.2.5131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d217ab759 code=0x7ffc0000
[  692.176704][   T30] audit: type=1326 audit(2000000490.650:5188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.2.5131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d217ab759 code=0x7ffc0000
[  692.205761][   T30] audit: type=1326 audit(2000000490.650:5189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.2.5131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d217ab759 code=0x7ffc0000
[  692.229801][   T30] audit: type=1326 audit(2000000490.650:5190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.2.5131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d217ab759 code=0x7ffc0000
[  692.254286][   T30] audit: type=1326 audit(2000000490.650:5191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.2.5131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d217ab759 code=0x7ffc0000
[  692.280003][   T30] audit: type=1326 audit(2000000490.650:5192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.2.5131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d217ab759 code=0x7ffc0000
[  692.303719][   T30] audit: type=1326 audit(2000000490.650:5193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.2.5131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d217ab759 code=0x7ffc0000
[  692.943931][T15224] device syzkaller0 entered promiscuous mode
[  694.276284][T15245] loop0: detected capacity change from 0 to 16
[  694.328930][T15245] erofs: (device loop0): mounted with root inode @ nid 36.
[  695.201956][T15267] loop6: detected capacity change from 0 to 256
[  695.240954][T15273] loop5: detected capacity change from 0 to 256
[  695.241846][T15267] exfat: Deprecated parameter 'namecase'
[  695.253367][T15267] exfat: Unknown parameter 'uma­¨'
[  695.278574][T15273] exfat: Deprecated parameter 'namecase'
[  695.286601][T15273] exfat: Deprecated parameter 'namecase'
[  695.366948][T15273] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  695.382934][T15278] tipc: Cannot configure node identity twice
[  695.476325][T15281] netlink: 'syz.6.5161': attribute type 4 has an invalid length.
[  696.350105][T15290] loop0: detected capacity change from 0 to 16
[  696.419074][T15290] erofs: (device loop0): mounted with root inode @ nid 36.
[  696.729866][T15304] attempt to access beyond end of device
[  696.729866][T15304] loop0: rw=0, want=34359739352, limit=16
[  697.471677][T15309] binder: 15308:15309 ioctl 4018620d 0 returned -22
[  697.504672][T15315] fuse: Unknown parameter 'user_i00000000000000000000'
[  697.557973][T15322] loop5: detected capacity change from 0 to 512
[  697.577582][T15322] EXT4-fs (loop5): Unrecognized mount option "subj_type=bsddf" or missing value
[  697.634935][T15325] incfs: Options parsing error. -22
[  697.640225][T15325] incfs: mount failed -22
[  697.674794][T15331] loop6: detected capacity change from 0 to 256
[  697.738548][T15331] exfat: Deprecated parameter 'namecase'
[  697.744601][T15331] exfat: Unknown parameter 'uma­¨'
[  697.776031][T15336] futex_wake_op: syz.1.5183 tries to shift op by 144; fix this program
[  697.982858][T15341] netlink: 'syz.6.5181': attribute type 4 has an invalid length.
[  699.160294][   T30] kauditd_printk_skb: 14 callbacks suppressed
[  699.160310][   T30] audit: type=1326 audit(2000000497.740:5208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15349 comm="syz.1.5187" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fee5f25a759 code=0x0
[  699.260568][T15355] fuse: Unknown parameter 'user_i00000000000000000000'
[  699.283247][   T30] audit: type=1400 audit(2000000497.860:5209): avc:  denied  { watch watch_reads } for  pid=15349 comm="syz.1.5187" path="/456/file0" dev="tmpfs" ino=2464 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  699.392701][   T30] audit: type=1400 audit(2000000497.890:5210): avc:  denied  { execute } for  pid=15349 comm="syz.1.5187" name="file0" dev="tmpfs" ino=2464 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  699.666518][   T30] audit: type=1400 audit(2000000497.890:5211): avc:  denied  { execute_no_trans } for  pid=15349 comm="syz.1.5187" path="/456/file0" dev="tmpfs" ino=2464 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  700.830826][T15390] fuse: Unknown parameter 'user_i00000000000000000000'
[  701.430661][T15406] usb usb7: usbfs: process 15406 (syz.0.5205) did not claim interface 0 before use
[  702.152518][T15428] fuse: Unknown parameter 'user_id00000000000000000000'
[  702.235889][T15433] loop2: detected capacity change from 0 to 256
[  702.247503][T15435] device wg2 left promiscuous mode
[  702.255675][T15435] device wg2 entered promiscuous mode
[  702.268411][T15433] exfat: Deprecated parameter 'namecase'
[  702.276274][T15433] exfat: Deprecated parameter 'namecase'
[  702.287781][   T30] audit: type=1326 audit(2000000500.860:5212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15437 comm="syz.0.5216" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f39f5b02759 code=0x0
[  702.334096][T15433] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  702.416779][T15443] usb usb7: usbfs: process 15443 (syz.5.5218) did not claim interface 0 before use
[  702.479130][T15451] loop5: detected capacity change from 0 to 16
[  702.731637][T15451] erofs: (device loop5): mounted with root inode @ nid 36.
[  703.139125][T15461] fuse: Unknown parameter 'user_id00000000000000000000'
[  703.186478][   T30] audit: type=1326 audit(2000000501.760:5213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15466 comm="syz.1.5227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee5f25a759 code=0x7ffc0000
[  703.223234][   T30] audit: type=1326 audit(2000000501.790:5214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15466 comm="syz.1.5227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fee5f25a759 code=0x7ffc0000
[  703.247134][   T30] audit: type=1326 audit(2000000501.790:5215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15466 comm="syz.1.5227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee5f25a759 code=0x7ffc0000
[  703.281389][   T30] audit: type=1326 audit(2000000501.790:5216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15466 comm="syz.1.5227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fee5f25a759 code=0x7ffc0000
[  703.319158][   T30] audit: type=1326 audit(2000000501.790:5217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15466 comm="syz.1.5227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee5f25a759 code=0x7ffc0000
[  703.411616][T15480] usb usb7: usbfs: process 15480 (syz.1.5232) did not claim interface 0 before use
[  703.585258][T15493] loop1: detected capacity change from 0 to 16
[  703.602314][T15493] erofs: (device loop1): mounted with root inode @ nid 36.
[  703.777946][T15496] attempt to access beyond end of device
[  703.777946][T15496] loop1: rw=0, want=34359739352, limit=16
[  705.147684][T15503] rtc_cmos 00:00: Alarms can be up to one day in the future
[  705.292568][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  705.292589][   T30] audit: type=1400 audit(2000000503.870:5223): avc:  denied  { audit_write } for  pid=15513 comm="syz.5.5243" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  705.327449][T15529] 9pnet: Insufficient options for proto=fd
[  705.344131][   T30] audit: type=1107 audit(2000000503.870:5224): pid=15513 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='¯'
[  705.367237][   T30] audit: type=1326 audit(2000000503.940:5225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15534 comm="syz.0.5252" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f39f5b02759 code=0x0
[  705.548153][ T6880] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  705.564845][   T30] audit: type=1326 audit(2000000504.140:5226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15530 comm="syz.5.5251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15181c7759 code=0x7ffc0000
[  705.599989][T15537] loop5: detected capacity change from 0 to 512
[  705.623325][   T30] audit: type=1326 audit(2000000504.170:5227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15530 comm="syz.5.5251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f15181c7759 code=0x7ffc0000
[  705.626877][T15539] loop6: detected capacity change from 0 to 16
[  705.658380][   T30] audit: type=1326 audit(2000000504.170:5228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15530 comm="syz.5.5251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f15181c7793 code=0x7ffc0000
[  705.683609][   T30] audit: type=1326 audit(2000000504.170:5229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15530 comm="syz.5.5251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f15181c623f code=0x7ffc0000
[  705.707997][   T30] audit: type=1326 audit(2000000504.180:5230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15530 comm="syz.5.5251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f15181c77e7 code=0x7ffc0000
[  705.732165][   T30] audit: type=1326 audit(2000000504.180:5231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15530 comm="syz.5.5251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f15181c60f0 code=0x7ffc0000
[  705.756196][   T30] audit: type=1326 audit(2000000504.180:5232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15530 comm="syz.5.5251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f15181c735b code=0x7ffc0000
[  705.784578][T15539] erofs: (device loop6): mounted with root inode @ nid 36.
[  705.791093][T15537] EXT4-fs (loop5): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback.
[  705.811993][    T6] rtc_cmos 00:00: Alarms can be up to one day in the future
[  705.826061][    T6] rtc_cmos 00:00: Alarms can be up to one day in the future
[  705.842261][    T6] rtc_cmos 00:00: Alarms can be up to one day in the future
[  705.849800][ T6880] usb 3-1: Using ep0 maxpacket: 16
[  705.859866][T15537] ext4 filesystem being mounted at /217/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  705.873900][    T6] rtc_cmos 00:00: Alarms can be up to one day in the future
[  705.906857][    T6] rtc rtc0: __rtc_set_alarm: err=-22
[  705.996600][T15545] attempt to access beyond end of device
[  705.996600][T15545] loop6: rw=0, want=34359739352, limit=16
[  706.294345][T15549] 9pnet: Insufficient options for proto=fd
[  706.589671][  T465] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  706.837740][ T6880] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=d8.08
[  706.846738][ T6880] usb 3-1: New USB device strings: Mfr=40, Product=98, SerialNumber=3
[  706.854711][ T6880] usb 3-1: Product: syz
[  706.868141][ T6880] usb 3-1: Manufacturer: syz
[  706.872604][ T6880] usb 3-1: SerialNumber: syz
[  706.888440][ T6880] usb 3-1: config 0 descriptor??
[  706.928983][ T6880] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[  706.936797][ T6880] usb 3-1: Detected FT-X
[  706.958187][  T465] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  706.968990][  T465] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  706.978625][  T465] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  706.987451][  T465] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  707.002707][  T465] usb 2-1: config 0 descriptor??
[  707.148187][ T6880] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  707.208384][T15555] rtc_cmos 00:00: Alarms can be up to one day in the future
[  707.549744][  T465] pyra 0003:1E7D:2CF6.0052: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.1-1/input0
[  707.611891][ T6880] ftdi_sio 3-1:0.0: GPIO initialisation failed: -71
[  707.618868][ T6880] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  707.627518][ T6880] usb 3-1: USB disconnect, device number 54
[  707.635140][ T6880] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  707.646503][ T6880] ftdi_sio 3-1:0.0: device disconnected
[  707.758279][  T465] pyra 0003:1E7D:2CF6.0052: couldn't init struct pyra_device
[  707.766060][  T465] pyra 0003:1E7D:2CF6.0052: couldn't install mouse
[  707.773022][  T465] pyra: probe of 0003:1E7D:2CF6.0052 failed with error -5
[  707.797454][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  707.805017][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  707.812724][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  707.820267][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  707.827544][ T5713] rtc rtc0: __rtc_set_alarm: err=-22
[  707.951682][T15584] 9pnet: Insufficient options for proto=fd
[  707.960865][  T465] usb 2-1: USB disconnect, device number 52
[  707.964425][T15586] loop5: detected capacity change from 0 to 16
[  707.996392][T15590] loop2: detected capacity change from 0 to 1024
[  708.018759][T15586] erofs: (device loop5): mounted with root inode @ nid 36.
[  708.039059][T15590] EXT4-fs (loop2): Test dummy encryption mode enabled
[  708.045876][T15590] EXT4-fs (loop2): Test dummy encryption mode enabled
[  708.052805][T15590] EXT4-fs (loop2): Ignoring removed orlov option
[  708.075368][T15590] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000200005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  709.360720][T15601] rtc_cmos 00:00: Alarms can be up to one day in the future
[  709.797323][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  709.805317][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  709.817494][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  709.825144][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  709.832608][ T5713] rtc rtc0: __rtc_set_alarm: err=-22
[  709.871109][T15627] 9pnet: Insufficient options for proto=fd
[  709.968984][T15632] loop2: detected capacity change from 0 to 512
[  710.040703][T15632] EXT4-fs (loop2): Ignoring removed nobh option
[  710.046914][T15632] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  710.070646][T15632] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nobh,max_batch_time=0x00000000000003ff,nojournal_checksum,usrquota,dioread_nolock,nodiscard,. Quota mode: writeback.
[  710.090163][T15632] ext4 filesystem being mounted at /454/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  710.432701][T15642] loop1: detected capacity change from 0 to 1024
[  710.498730][T15642] EXT4-fs (loop1): Test dummy encryption mode enabled
[  710.505595][T15642] EXT4-fs (loop1): Test dummy encryption mode enabled
[  710.512310][T15642] EXT4-fs (loop1): Ignoring removed orlov option
[  710.520401][T15642] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000200005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  711.232731][   T30] kauditd_printk_skb: 38 callbacks suppressed
[  711.232751][   T30] audit: type=1326 audit(2000000509.810:5271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15660 comm="syz.0.5291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  711.263027][   T30] audit: type=1326 audit(2000000509.820:5272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15660 comm="syz.0.5291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  711.296207][   T30] audit: type=1326 audit(2000000509.820:5273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15660 comm="syz.0.5291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  711.320200][   T30] audit: type=1326 audit(2000000509.820:5274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15660 comm="syz.0.5291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  711.344056][   T30] audit: type=1326 audit(2000000509.820:5275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15660 comm="syz.0.5291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  711.380997][   T30] audit: type=1326 audit(2000000509.820:5276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15660 comm="syz.0.5291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  711.406645][T15666] loop0: detected capacity change from 0 to 256
[  711.413231][   T30] audit: type=1326 audit(2000000509.820:5277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15660 comm="syz.0.5291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  711.437139][   T30] audit: type=1326 audit(2000000509.820:5278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15660 comm="syz.0.5291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  711.462813][   T30] audit: type=1326 audit(2000000509.820:5279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15660 comm="syz.0.5291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  711.486797][T15666] exfat: Deprecated parameter 'namecase'
[  711.489182][T15644] rtc_cmos 00:00: Alarms can be up to one day in the future
[  711.492448][T15666] exfat: Deprecated parameter 'namecase'
[  711.506036][T15668] 9pnet: Insufficient options for proto=fd
[  711.519390][   T30] audit: type=1326 audit(2000000510.100:5280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15655 comm="syz.2.5289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d217ab759 code=0x7ffc0000
[  711.621171][T15666] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  712.277055][  T465] Bluetooth: hci0: command 0x1003 tx timeout
[  712.284140][  T552] Bluetooth: hci0: sending frame failed (-49)
[  712.415837][    T6] rtc_cmos 00:00: Alarms can be up to one day in the future
[  712.427117][    T6] rtc_cmos 00:00: Alarms can be up to one day in the future
[  712.712576][    T6] rtc_cmos 00:00: Alarms can be up to one day in the future
[  712.720813][    T6] rtc_cmos 00:00: Alarms can be up to one day in the future
[  712.727959][    T6] rtc rtc0: __rtc_set_alarm: err=-22
[  712.813912][T15681] loop0: detected capacity change from 0 to 512
[  712.899092][T15681] EXT4-fs (loop0): Ignoring removed nobh option
[  712.906377][T15681] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  712.949362][T15681] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nobh,max_batch_time=0x00000000000003ff,nojournal_checksum,usrquota,dioread_nolock,nodiscard,. Quota mode: writeback.
[  712.983651][T15681] ext4 filesystem being mounted at /406/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  713.318196][T15636] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 224: padding at end of block bitmap is not set
[  713.333271][T15636] EXT4-fs (loop0): Remounting filesystem read-only
[  713.958850][T15699] loop5: detected capacity change from 0 to 1024
[  714.048704][T15699] EXT4-fs (loop5): Test dummy encryption mode enabled
[  714.055577][T15699] EXT4-fs (loop5): Test dummy encryption mode enabled
[  714.062301][T15699] EXT4-fs (loop5): Ignoring removed orlov option
[  714.070641][T15699] EXT4-fs (loop5): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000200005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  714.294115][T15706] fuse: Unknown parameter '0x0000000000000003'
[  714.300283][  T465] Bluetooth: hci0: command 0x1001 tx timeout
[  714.306823][  T552] Bluetooth: hci0: sending frame failed (-49)
[  714.396262][T15692] rtc_cmos 00:00: Alarms can be up to one day in the future
[  714.796857][    T6] rtc_cmos 00:00: Alarms can be up to one day in the future
[  714.807773][    T6] rtc_cmos 00:00: Alarms can be up to one day in the future
[  714.827366][    T6] rtc_cmos 00:00: Alarms can be up to one day in the future
[  714.848122][    T6] rtc_cmos 00:00: Alarms can be up to one day in the future
[  714.868562][    T6] rtc rtc0: __rtc_set_alarm: err=-22
[  714.967832][T15727] loop5: detected capacity change from 0 to 512
[  715.032478][T15727] EXT4-fs (loop5): Ignoring removed nobh option
[  715.042167][T15727] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  715.060228][T15727] EXT4-fs (loop5): mounted filesystem without journal. Opts: errors=remount-ro,nobh,max_batch_time=0x00000000000003ff,nojournal_checksum,usrquota,dioread_nolock,nodiscard,. Quota mode: writeback.
[  715.079750][T15727] ext4 filesystem being mounted at /228/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  715.382011][T15731] usb usb7: usbfs: process 15731 (syz.2.5312) did not claim interface 0 before use
[  715.493976][T15740] fuse: Unknown parameter '0x0000000000000003'
[  715.771744][T15747] loop1: detected capacity change from 0 to 512
[  716.167637][T15747] EXT4-fs (loop1): 1 orphan inode deleted
[  716.173897][T15747] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  716.194768][T15747] ext4 filesystem being mounted at /477/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  716.381644][ T6457] Bluetooth: hci0: command 0x1009 tx timeout
[  716.791108][T15760] loop0: detected capacity change from 0 to 128
[  716.839198][T15763] loop5: detected capacity change from 0 to 1024
[  716.862322][T15760] EXT4-fs (loop0): Test dummy encryption mode enabled
[  716.874475][T15760] EXT4-fs (loop0): mounted filesystem without journal. Opts: minixdf,test_dummy_encryption=v1,,errors=continue. Quota mode: none.
[  716.888694][T15760] ext4 filesystem being mounted at /411/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  716.908890][T15763] EXT4-fs (loop5): Test dummy encryption mode enabled
[  716.922237][T15763] EXT4-fs (loop5): Test dummy encryption mode enabled
[  716.999656][T15763] EXT4-fs (loop5): Ignoring removed orlov option
[  717.009313][T15763] EXT4-fs (loop5): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000200005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  717.150155][T15752] rtc_cmos 00:00: Alarms can be up to one day in the future
[  717.456463][   T30] kauditd_printk_skb: 48 callbacks suppressed
[  717.456488][   T30] audit: type=1107 audit(2000000516.030:5329): pid=15770 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='¯'
[  717.759504][   T30] audit: type=1326 audit(2000000516.340:5330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15772 comm="syz.1.5324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee5f25a759 code=0x7ffc0000
[  717.786063][   T30] audit: type=1326 audit(2000000516.340:5331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15772 comm="syz.1.5324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee5f25a759 code=0x7ffc0000
[  717.796762][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  717.817431][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  717.825162][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  717.832649][ T5713] rtc_cmos 00:00: Alarms can be up to one day in the future
[  717.840222][ T5713] rtc rtc0: __rtc_set_alarm: err=-22
[  718.015284][T15785] fuse: Unknown parameter '0x0000000000000003'
[  718.247214][T15789] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5328'.
[  718.269094][T15791] loop2: detected capacity change from 0 to 512
[  718.279719][T15791] EXT4-fs (loop2): Ignoring removed nobh option
[  718.285932][T15791] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  718.310198][T15791] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nobh,max_batch_time=0x00000000000003ff,nojournal_checksum,usrquota,dioread_nolock,nodiscard,. Quota mode: writeback.
[  718.329319][T15791] ext4 filesystem being mounted at /468/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  718.598793][T15798] device wg2 left promiscuous mode
[  718.606145][T15798] device wg2 entered promiscuous mode
[  718.635044][T15802] serio: Serial port ptm0
[  718.696982][   T30] audit: type=1107 audit(2000000517.270:5332): pid=15804 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='¯'
[  718.717447][T15807] loop0: detected capacity change from 0 to 128
[  718.768596][T15807] EXT4-fs (loop0): Test dummy encryption mode enabled
[  718.776419][T15807] EXT4-fs (loop0): mounted filesystem without journal. Opts: minixdf,test_dummy_encryption=v1,,errors=continue. Quota mode: none.
[  718.789790][T15807] ext4 filesystem being mounted at /417/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  718.898689][T15813] loop2: detected capacity change from 0 to 1024
[  718.983881][T15813] EXT4-fs (loop2): Test dummy encryption mode enabled
[  718.991674][T15813] EXT4-fs (loop2): Test dummy encryption mode enabled
[  719.000147][T15813] EXT4-fs (loop2): Ignoring removed orlov option
[  719.031343][T15813] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000200005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  719.663896][T15827] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5339'.
[  719.863640][   T30] audit: type=1326 audit(2000000518.440:5333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15828 comm="syz.0.5340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  719.889425][   T30] audit: type=1326 audit(2000000518.440:5334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15828 comm="syz.0.5340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  719.915685][   T30] audit: type=1326 audit(2000000518.490:5335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15832 comm="syz.5.5341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15181c7759 code=0x7ffc0000
[  719.939222][   T30] audit: type=1326 audit(2000000518.490:5336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15832 comm="syz.5.5341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15181c7759 code=0x7ffc0000
[  719.939497][T15834] loop5: detected capacity change from 0 to 512
[  719.963222][   T30] audit: type=1326 audit(2000000518.490:5337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15832 comm="syz.5.5341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f15181c7759 code=0x7ffc0000
[  719.992149][   T30] audit: type=1326 audit(2000000518.490:5338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15832 comm="syz.5.5341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f15181c7793 code=0x7ffc0000
[  720.054588][T15834] EXT4-fs (loop5): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback.
[  720.071746][T15834] ext4 filesystem being mounted at /234/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  720.617142][T15858] 9pnet: Insufficient options for proto=fd
[  720.705821][T15863] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5352'.
[  721.970158][T15896] loop2: detected capacity change from 0 to 512
[  722.058786][T15896] EXT4-fs (loop2): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback.
[  722.098394][T15896] ext4 filesystem being mounted at /474/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  722.209728][T15900] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5364'.
[  722.736666][   T30] kauditd_printk_skb: 54 callbacks suppressed
[  722.736683][   T30] audit: type=1326 audit(2000000521.310:5393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15908 comm="syz.6.5368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  722.766411][   T30] audit: type=1326 audit(2000000521.310:5394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15908 comm="syz.6.5368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  722.796011][   T30] audit: type=1326 audit(2000000521.350:5395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15908 comm="syz.6.5368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  722.819943][   T30] audit: type=1326 audit(2000000521.350:5396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15908 comm="syz.6.5368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  722.844761][   T30] audit: type=1326 audit(2000000521.350:5397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15908 comm="syz.6.5368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  722.868508][   T30] audit: type=1326 audit(2000000521.370:5398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15908 comm="syz.6.5368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  722.892131][   T30] audit: type=1326 audit(2000000521.370:5399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15908 comm="syz.6.5368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  722.925672][   T30] audit: type=1326 audit(2000000521.370:5400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15908 comm="syz.6.5368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  723.506913][T15927] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5375'.
[  723.521659][T15929] device wg2 entered promiscuous mode
[  723.871400][   T30] audit: type=1326 audit(2000000522.450:5401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15939 comm="syz.6.5379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  723.895000][   T30] audit: type=1326 audit(2000000522.450:5402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15939 comm="syz.6.5379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  724.456626][T15955] 9pnet: Insufficient options for proto=fd
[  724.830102][T15963] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5388'.
[  727.739622][T16014] loop0: detected capacity change from 0 to 256
[  727.778793][T16014] exfat: Deprecated parameter 'namecase'
[  727.784345][T16014] exfat: Deprecated parameter 'namecase'
[  727.825239][T16014] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  727.837295][ T6880] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  727.875391][T16020] loop6: detected capacity change from 0 to 128
[  727.891021][T16020] EXT4-fs (loop6): Test dummy encryption mode enabled
[  727.904420][T16020] EXT4-fs (loop6): mounted filesystem without journal. Opts: minixdf,test_dummy_encryption=v1,,errors=continue. Quota mode: none.
[  727.905771][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  727.905787][   T30] audit: type=1107 audit(2000000526.480:5409): pid=16024 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='¯'
[  727.917980][T16020] ext4 filesystem being mounted at /288/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  728.015812][T16034] syz.1.5414[16034] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  728.015874][T16034] syz.1.5414[16034] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  728.098613][ T6880] usb 3-1: Using ep0 maxpacket: 16
[  728.458185][ T6880] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=d8.08
[  728.467093][ T6880] usb 3-1: New USB device strings: Mfr=40, Product=98, SerialNumber=3
[  728.475088][ T6880] usb 3-1: Product: syz
[  728.479215][ T6880] usb 3-1: Manufacturer: syz
[  728.483567][ T6880] usb 3-1: SerialNumber: syz
[  728.489220][ T6880] usb 3-1: config 0 descriptor??
[  728.539148][ T6880] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[  728.547147][ T6880] usb 3-1: Detected FT-X
[  728.768162][ T6880] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  728.895413][   T30] audit: type=1326 audit(2000000527.470:5410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16050 comm="syz.0.5421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  728.919001][   T30] audit: type=1326 audit(2000000527.470:5411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16050 comm="syz.0.5421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  728.943358][   T30] audit: type=1326 audit(2000000527.490:5412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16050 comm="syz.0.5421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  728.967240][   T30] audit: type=1326 audit(2000000527.490:5413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16050 comm="syz.0.5421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  728.990848][   T30] audit: type=1326 audit(2000000527.490:5414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16050 comm="syz.0.5421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  729.015207][   T30] audit: type=1326 audit(2000000527.490:5415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16050 comm="syz.0.5421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  729.018187][ T6880] ftdi_sio 3-1:0.0: GPIO initialisation failed: -71
[  729.039145][   T30] audit: type=1326 audit(2000000527.490:5416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16050 comm="syz.0.5421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  729.068639][ T6880] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  729.076826][   T30] audit: type=1326 audit(2000000527.490:5417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16050 comm="syz.0.5421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  729.082174][ T6880] usb 3-1: USB disconnect, device number 55
[  729.102771][   T30] audit: type=1326 audit(2000000527.490:5418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16050 comm="syz.0.5421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  729.130844][ T6880] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  729.141831][ T6880] ftdi_sio 3-1:0.0: device disconnected
[  729.185025][T16058] loop0: detected capacity change from 0 to 256
[  729.218201][  T465] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[  729.218727][T16058] exfat: Deprecated parameter 'namecase'
[  729.231160][T16058] exfat: Deprecated parameter 'namecase'
[  729.271000][T16058] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  730.148265][  T465] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  730.158760][  T465] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  730.248356][  T465] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  730.257334][  T465] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  730.265236][  T465] usb 2-1: SerialNumber: syz
[  730.399627][T16062] rtc_cmos 00:00: Alarms can be up to one day in the future
[  730.467421][T16078] 9pnet: Insufficient options for proto=fd
[  730.548957][  T465] usb 2-1: 0:2 : does not exist
[  730.553690][  T465] usb 2-1: unit 255 not found!
[  730.758181][  T465] usb 2-1: 5:0: cannot get min/max values for control 2 (id 5)
[  730.768423][  T465] usb 2-1: USB disconnect, device number 53
[  730.776744][ T3323] udevd[3323]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  730.795704][ T6880] rtc_cmos 00:00: Alarms can be up to one day in the future
[  730.803184][ T6880] rtc_cmos 00:00: Alarms can be up to one day in the future
[  730.810585][ T6880] rtc_cmos 00:00: Alarms can be up to one day in the future
[  730.817963][ T6880] rtc_cmos 00:00: Alarms can be up to one day in the future
[  730.825369][ T6880] rtc rtc0: __rtc_set_alarm: err=-22
[  730.858293][   T26] Bluetooth: hci0: command 0x1003 tx timeout
[  730.864568][  T774] Bluetooth: hci0: sending frame failed (-49)
[  731.030681][T16093] loop1: detected capacity change from 0 to 256
[  731.068783][T16093] exfat: Deprecated parameter 'namecase'
[  731.074521][T16093] exfat: Deprecated parameter 'namecase'
[  731.100987][T16093] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  731.555097][T16103] incfs: Options parsing error. -22
[  731.560401][T16103] incfs: mount failed -22
[  732.318674][T16101] rtc_cmos 00:00: Alarms can be up to one day in the future
[  732.648201][    T6] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[  732.795593][ T6880] rtc_cmos 00:00: Alarms can be up to one day in the future
[  732.803307][ T6880] rtc_cmos 00:00: Alarms can be up to one day in the future
[  732.810753][ T6880] rtc_cmos 00:00: Alarms can be up to one day in the future
[  732.818273][ T6880] rtc_cmos 00:00: Alarms can be up to one day in the future
[  732.825379][ T6880] rtc rtc0: __rtc_set_alarm: err=-22
[  732.938135][ T6880] Bluetooth: hci0: command 0x1001 tx timeout
[  732.946119][  T774] Bluetooth: hci0: sending frame failed (-49)
[  733.008162][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  733.018886][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  733.028699][    T6] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  733.037551][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  733.058360][    T6] usb 3-1: config 0 descriptor??
[  733.539753][    T6] pyra 0003:1E7D:2CF6.0053: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.2-1/input0
[  733.748192][    T6] pyra 0003:1E7D:2CF6.0053: couldn't init struct pyra_device
[  733.755544][    T6] pyra 0003:1E7D:2CF6.0053: couldn't install mouse
[  733.763745][    T6] pyra: probe of 0003:1E7D:2CF6.0053 failed with error -5
[  733.958460][   T26] usb 3-1: USB disconnect, device number 56
[  734.476043][T16138] incfs: Options parsing error. -22
[  734.481143][T16138] incfs: mount failed -22
[  734.496968][   T30] kauditd_printk_skb: 108 callbacks suppressed
[  734.496985][   T30] audit: type=1326 audit(2000000533.070:5527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16139 comm="syz.2.5451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d217ab759 code=0x7ffc0000
[  734.532130][   T30] audit: type=1326 audit(2000000533.100:5528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16139 comm="syz.2.5451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f3d217ab759 code=0x7ffc0000
[  734.565634][   T30] audit: type=1326 audit(2000000533.100:5529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16139 comm="syz.2.5451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d217ab759 code=0x7ffc0000
[  734.567402][T16144] loop5: detected capacity change from 0 to 256
[  734.598347][T16144] exfat: Deprecated parameter 'namecase'
[  734.603827][T16144] exfat: Unknown parameter 'uma­¨'
[  734.844935][T16149] netlink: 'syz.5.5453': attribute type 4 has an invalid length.
[  734.888301][    T6] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[  735.018117][ T5713] Bluetooth: hci0: command 0x1009 tx timeout
[  735.138116][    T6] usb 3-1: Using ep0 maxpacket: 16
[  735.538177][    T6] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=d8.08
[  735.557194][    T6] usb 3-1: New USB device strings: Mfr=40, Product=98, SerialNumber=3
[  735.565633][    T6] usb 3-1: Product: syz
[  735.569893][    T6] usb 3-1: Manufacturer: syz
[  735.574313][    T6] usb 3-1: SerialNumber: syz
[  735.592823][    T6] usb 3-1: config 0 descriptor??
[  735.628817][    T6] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[  735.639437][    T6] usb 3-1: Detected FT-X
[  735.838182][    T6] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  736.098269][    T6] ftdi_sio 3-1:0.0: GPIO initialisation failed: -71
[  736.107353][T16170] incfs: Options parsing error. -22
[  736.111678][    T6] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  736.120516][T16170] incfs: mount failed -22
[  736.129250][    T6] usb 3-1: USB disconnect, device number 57
[  736.140816][    T6] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  736.153038][    T6] ftdi_sio 3-1:0.0: device disconnected
[  736.609205][T16178] 9pnet: Insufficient options for proto=fd
[  736.645669][T16182] loop2: detected capacity change from 0 to 512
[  736.708540][T16182] EXT4-fs (loop2): Ignoring removed nobh option
[  736.714739][T16182] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  736.730311][T16182] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nobh,max_batch_time=0x00000000000003ff,nojournal_checksum,usrquota,dioread_nolock,nodiscard,. Quota mode: writeback.
[  736.749660][T16182] ext4 filesystem being mounted at /500/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  738.352110][   T30] audit: type=1400 audit(2000000536.930:5530): avc:  denied  { unmount } for  pid=9370 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  738.471634][T16212] 9pnet: Insufficient options for proto=fd
[  738.531796][T16218] loop2: detected capacity change from 0 to 512
[  738.588469][T16218] EXT4-fs (loop2): Ignoring removed nobh option
[  738.594617][T16218] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  738.609923][T16218] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nobh,max_batch_time=0x00000000000003ff,nojournal_checksum,usrquota,dioread_nolock,nodiscard,. Quota mode: writeback.
[  738.629138][T16218] ext4 filesystem being mounted at /508/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  738.948547][T16229] loop1: detected capacity change from 0 to 256
[  739.042505][T16229] exfat: Deprecated parameter 'namecase'
[  739.059907][T16229] exfat: Deprecated parameter 'namecase'
[  739.106185][T16229] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  739.394668][T16236] loop2: detected capacity change from 0 to 1024
[  739.478820][T16236] EXT4-fs (loop2): Ignoring removed orlov option
[  739.485111][T16236] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[  739.550863][T16247] 9pnet: Insufficient options for proto=fd
[  739.561931][T16237] loop6: detected capacity change from 0 to 2048
[  739.562298][T16236] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  739.635366][T16237] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  739.672846][T16254] loop5: detected capacity change from 0 to 256
[  739.708564][T16254] FAT-fs (loop5): Unrecognized mount option "nnonumtail=1" or missing value
[  739.801674][   T30] audit: type=1400 audit(2000000538.370:5531): avc:  denied  { accept } for  pid=16233 comm="syz.2.5484" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  739.825039][  T318] Bluetooth: hci0: Frame reassembly failed (-84)
[  739.879033][   T30] audit: type=1400 audit(2000000538.370:5532): avc:  denied  { mounton } for  pid=16233 comm="syz.2.5484" path="/509/file1/file0" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  740.090407][T16267] loop6: detected capacity change from 0 to 256
[  740.148740][T16267] exfat: Deprecated parameter 'namecase'
[  740.154355][T16267] exfat: Deprecated parameter 'namecase'
[  740.162821][T16267] exFAT-fs (loop6): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  740.518416][   T30] audit: type=1326 audit(2000000539.020:5533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16266 comm="syz.6.5495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  740.582162][   T30] audit: type=1326 audit(2000000539.020:5534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16266 comm="syz.6.5495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  740.606622][T16279] 9pnet: Insufficient options for proto=fd
[  740.609559][   T30] audit: type=1326 audit(2000000539.020:5535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16266 comm="syz.6.5495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  740.635635][   T30] audit: type=1326 audit(2000000539.020:5536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16266 comm="syz.6.5495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  740.655725][T16281] loop1: detected capacity change from 0 to 1024
[  740.659590][   T30] audit: type=1326 audit(2000000539.020:5537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16266 comm="syz.6.5495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  740.718893][T16281] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  740.728710][T16281] EXT4-fs error (device loop1): ext4_get_journal_inode:5150: inode #32: comm syz.1.5501: iget: special inode unallocated
[  740.741492][T16281] EXT4-fs (loop1): no journal found
[  740.746513][T16281] EXT4-fs (loop1): can't get journal size
[  740.753720][T16281] EXT4-fs (loop1): mounted filesystem without journal. Opts: norecovery,noblock_validity,sysvgroups,,errors=continue. Quota mode: none.
[  741.223510][   T30] audit: type=1326 audit(2000000539.800:5538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16294 comm="syz.6.5506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  741.248308][   T30] audit: type=1326 audit(2000000539.820:5539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16294 comm="syz.6.5506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  741.251815][T16297] loop6: detected capacity change from 0 to 512
[  741.288139][   T30] audit: type=1326 audit(2000000539.820:5540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16294 comm="syz.6.5506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  741.384777][T16297] EXT4-fs (loop6): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback.
[  741.402295][T16297] ext4 filesystem being mounted at /294/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  741.898142][    T6] Bluetooth: hci0: command 0x1003 tx timeout
[  741.904016][T16288] Bluetooth: hci0: sending frame failed (-49)
[  741.978136][    T6] Bluetooth: hci1: command 0x1003 tx timeout
[  741.984013][T16288] Bluetooth: hci1: sending frame failed (-49)
[  742.938131][   T26] Bluetooth: hci2: command 0x1003 tx timeout
[  742.944011][T16288] Bluetooth: hci2: sending frame failed (-49)
[  742.990226][T16312] 9pnet: Insufficient options for proto=fd
[  743.978173][   T26] Bluetooth: hci0: command 0x1001 tx timeout
[  743.984054][T16288] Bluetooth: hci0: sending frame failed (-49)
[  744.058135][   T26] Bluetooth: hci1: command 0x1001 tx timeout
[  744.064211][T16288] Bluetooth: hci1: sending frame failed (-49)
[  744.980929][T16324] loop6: detected capacity change from 0 to 512
[  744.987929][   T30] kauditd_printk_skb: 18 callbacks suppressed
[  744.995904][   T30] audit: type=1400 audit(2000000543.490:5559): avc:  denied  { create } for  pid=16321 comm="syz.6.5514" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  745.021539][   T26] Bluetooth: hci2: command 0x1001 tx timeout
[  745.033677][T16288] Bluetooth: hci2: sending frame failed (-49)
[  745.098664][T16324] EXT4-fs (loop6): mounted filesystem without journal. Opts: nolazytime,bsddf,,errors=continue. Quota mode: writeback.
[  745.111541][T16324] ext4 filesystem being mounted at /301/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  745.810139][T16336] loop5: detected capacity change from 0 to 2048
[  745.859836][T16336] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  746.058178][   T26] Bluetooth: hci0: command 0x1009 tx timeout
[  746.138144][   T26] Bluetooth: hci1: command 0x1009 tx timeout
[  746.628647][T16348] loop5: detected capacity change from 0 to 256
[  746.678506][T16348] exfat: Deprecated parameter 'namecase'
[  746.684008][T16348] exfat: Deprecated parameter 'namecase'
[  746.720878][T16348] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  747.098138][   T26] Bluetooth: hci2: command 0x1009 tx timeout
[  747.898153][    T6] Bluetooth: hci3: command 0x1003 tx timeout
[  747.904071][T16343] Bluetooth: hci3: sending frame failed (-49)
[  748.406426][T16357] loop5: detected capacity change from 0 to 256
[  748.428686][T16357] exfat: Deprecated parameter 'namecase'
[  748.434189][T16357] exfat: Deprecated parameter 'namecase'
[  748.470874][T16357] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  749.978395][   T26] Bluetooth: hci3: command 0x1001 tx timeout
[  749.984508][T16363] Bluetooth: hci3: sending frame failed (-49)
[  750.956797][T16377] incfs: Options parsing error. -22
[  750.961950][T16377] incfs: mount failed -22
[  750.977272][T16379] loop0: detected capacity change from 0 to 256
[  751.028564][T16379] exfat: Deprecated parameter 'namecase'
[  751.034207][T16379] exfat: Deprecated parameter 'namecase'
[  751.127543][T16379] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  751.320539][   T30] audit: type=1326 audit(2000000549.890:5560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16378 comm="syz.0.5530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  751.389492][   T30] audit: type=1326 audit(2000000549.890:5561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16378 comm="syz.0.5530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  751.518929][ T5713] Bluetooth: hci4: command 0x1003 tx timeout
[  751.524786][  T552] Bluetooth: hci4: sending frame failed (-49)
[  751.524805][   T30] audit: type=1326 audit(2000000549.890:5562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16378 comm="syz.0.5530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  751.556691][T16389] 9pnet: Insufficient options for proto=fd
[  751.568297][   T30] audit: type=1326 audit(2000000549.900:5563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16378 comm="syz.0.5530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  751.611508][   T30] audit: type=1326 audit(2000000549.900:5564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16378 comm="syz.0.5530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  751.772443][T16394] loop1: detected capacity change from 0 to 256
[  751.858402][T16394] exfat: Deprecated parameter 'namecase'
[  751.863916][T16394] exfat: Deprecated parameter 'namecase'
[  751.878006][   T30] audit: type=1107 audit(2000000550.450:5565): pid=16395 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='¯'
[  751.894023][T16394] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  752.007202][T16403] 9pnet: Insufficient options for proto=fd
[  752.376950][ T5713] Bluetooth: hci3: command 0x1009 tx timeout
[  753.415402][   T30] audit: type=1326 audit(2000000551.990:5566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16419 comm="syz.2.5543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d217ab759 code=0x7ffc0000
[  753.438891][   T30] audit: type=1326 audit(2000000551.990:5567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16419 comm="syz.2.5543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d217ab759 code=0x7ffc0000
[  753.462542][   T30] audit: type=1326 audit(2000000552.000:5568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16419 comm="syz.2.5543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d217ab759 code=0x7ffc0000
[  753.486048][   T30] audit: type=1326 audit(2000000552.000:5569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16419 comm="syz.2.5543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d217ab759 code=0x7ffc0000
[  753.578276][   T26] Bluetooth: hci4: command 0x1001 tx timeout
[  753.584404][  T506] Bluetooth: hci4: sending frame failed (-49)
[  754.994317][   T26] Bluetooth: hci0: command 0x1003 tx timeout
[  755.000580][  T506] Bluetooth: hci0: sending frame failed (-49)
[  755.658139][ T5713] Bluetooth: hci4: command 0x1009 tx timeout
[  756.888393][   T30] kauditd_printk_skb: 44 callbacks suppressed
[  756.888412][   T30] audit: type=1107 audit(2000000555.470:5614): pid=16465 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='¯'
[  756.943938][T16468] loop6: detected capacity change from 0 to 512
[  757.018139][ T5713] Bluetooth: hci0: command 0x1001 tx timeout
[  757.024058][T16288] Bluetooth: hci0: sending frame failed (-49)
[  757.035708][T16468] EXT4-fs (loop6): Ignoring removed nomblk_io_submit option
[  757.044464][T16468] EXT4-fs (loop6): Ignoring removed mblk_io_submit option
[  757.063528][T16476] loop2: detected capacity change from 0 to 512
[  757.089864][T16468] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2
[  757.097808][T16468] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2
[  757.106976][T16468] EXT4-fs (loop6): 1 truncate cleaned up
[  757.114042][T16468] EXT4-fs (loop6): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback.
[  757.144799][   T30] audit: type=1400 audit(2000000555.720:5615): avc:  denied  { remount } for  pid=16467 comm="syz.6.5559" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  757.164591][T16468] EXT4-fs (loop6): re-mounted. Opts: . Quota mode: writeback.
[  757.187737][T16476] EXT4-fs (loop2): Unrecognized mount option "subj_type=bsddf" or missing value
[  757.204037][   T26] hid-generic 0000:3000000:0000.0054: unknown main item tag 0x4
[  757.212925][   T26] hid-generic 0000:3000000:0000.0054: unknown main item tag 0x2
[  757.220508][   T26] hid-generic 0000:3000000:0000.0054: unknown main item tag 0x3
[  757.276990][   T26] hid-generic 0000:3000000:0000.0054: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  757.398695][   T30] audit: type=1326 audit(2000000555.980:5616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16485 comm="syz.6.5566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  757.425870][T16494] loop6: detected capacity change from 0 to 512
[  757.432269][   T30] audit: type=1326 audit(2000000556.000:5617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16485 comm="syz.6.5566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  757.461289][   T30] audit: type=1326 audit(2000000556.000:5618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16485 comm="syz.6.5566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc6c527f793 code=0x7ffc0000
[  757.489174][   T30] audit: type=1326 audit(2000000556.000:5619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16485 comm="syz.6.5566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fc6c527e23f code=0x7ffc0000
[  757.516226][   T30] audit: type=1326 audit(2000000556.000:5620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16485 comm="syz.6.5566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fc6c527f7e7 code=0x7ffc0000
[  757.542239][T16494] EXT4-fs (loop6): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback.
[  757.559178][   T30] audit: type=1326 audit(2000000556.000:5621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16485 comm="syz.6.5566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc6c527e0f0 code=0x7ffc0000
[  757.583064][   T30] audit: type=1326 audit(2000000556.000:5622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16485 comm="syz.6.5566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc6c527f35b code=0x7ffc0000
[  757.606606][   T30] audit: type=1326 audit(2000000556.040:5623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16485 comm="syz.6.5566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fc6c527e3ea code=0x7ffc0000
[  757.618021][T16494] ext4 filesystem being mounted at /309/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  757.668097][   T26] usb 3-1: new high-speed USB device number 58 using dummy_hcd
[  758.028484][   T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  758.039594][   T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  758.058222][   T26] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  758.067211][   T26] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  758.077556][   T26] usb 3-1: config 0 descriptor??
[  758.498320][   T26] usbhid 3-1:0.0: can't add hid device: -71
[  758.504941][   T26] usbhid: probe of 3-1:0.0 failed with error -71
[  758.573400][   T26] usb 3-1: USB disconnect, device number 58
[  759.121920][T16519] loop2: detected capacity change from 0 to 512
[  759.128343][ T5713] Bluetooth: hci0: command 0x1009 tx timeout
[  759.423102][T16519] EXT4-fs (loop2): 1 orphan inode deleted
[  759.428774][T16519] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  759.450101][T16519] ext4 filesystem being mounted at /531/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  760.308247][T16542] loop1: detected capacity change from 0 to 512
[  760.390112][T16542] EXT4-fs (loop1): Unrecognized mount option "subj_type=bsddf" or missing value
[  760.490221][T16554] loop6: detected capacity change from 0 to 512
[  760.576254][T16554] EXT4-fs (loop6): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback.
[  760.625916][T16554] ext4 filesystem being mounted at /314/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  760.878093][ T5713] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[  761.238190][ T5713] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  761.254365][ T5713] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  761.273807][ T5713] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  761.292458][ T5713] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  761.313700][ T5713] usb 2-1: config 0 descriptor??
[  761.937256][ T5713] usbhid 2-1:0.0: can't add hid device: -71
[  761.943104][ T5713] usbhid: probe of 2-1:0.0 failed with error -71
[  761.950301][ T5713] usb 2-1: USB disconnect, device number 54
[  761.994895][   T30] kauditd_printk_skb: 66 callbacks suppressed
[  761.994913][   T30] audit: type=1326 audit(2000000560.570:5690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16580 comm="syz.5.5597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15181c7759 code=0x7ffc0000
[  762.024850][   T30] audit: type=1326 audit(2000000560.570:5691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16580 comm="syz.5.5597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15181c7759 code=0x7ffc0000
[  762.048842][   T30] audit: type=1326 audit(2000000560.570:5692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16580 comm="syz.5.5597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f15181c7759 code=0x7ffc0000
[  762.072590][   T30] audit: type=1326 audit(2000000560.570:5693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16580 comm="syz.5.5597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15181c7759 code=0x7ffc0000
[  762.101062][   T30] audit: type=1326 audit(2000000560.570:5694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16580 comm="syz.5.5597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15181c7759 code=0x7ffc0000
[  762.125715][   T30] audit: type=1326 audit(2000000560.570:5695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16580 comm="syz.5.5597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f15181c7759 code=0x7ffc0000
[  762.161484][   T30] audit: type=1326 audit(2000000560.570:5696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16580 comm="syz.5.5597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15181c7759 code=0x7ffc0000
[  762.190188][T16586] loop5: detected capacity change from 0 to 512
[  762.297870][   T30] audit: type=1326 audit(2000000560.570:5697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16580 comm="syz.5.5597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15181c7759 code=0x7ffc0000
[  762.412991][T16586] EXT4-fs (loop5): 1 orphan inode deleted
[  762.418662][T16586] EXT4-fs (loop5): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  762.439926][T16586] ext4 filesystem being mounted at /281/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  762.770031][   T30] audit: type=1326 audit(2000000560.570:5698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16580 comm="syz.5.5597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7f15181c7759 code=0x7ffc0000
[  762.912665][T16594] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only
[  762.957443][T16594] overlayfs: failed to resolve './file0': -2
[  763.008178][   T30] audit: type=1326 audit(2000000560.610:5699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16580 comm="syz.5.5597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15181c7759 code=0x7ffc0000
[  763.216797][T16615] loop1: detected capacity change from 0 to 1024
[  763.308369][T16620] loop5: detected capacity change from 0 to 256
[  763.320111][T16615] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  763.374608][T16620] exfat: Deprecated parameter 'namecase'
[  763.381398][T16620] exfat: Deprecated parameter 'namecase'
[  763.402332][T16620] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  763.608731][T16615] EXT4-fs (loop1): mounted filesystem without journal. Opts: user_xattr,noquota,barrier=0x0000000000000002,jqfmt=vfsv1,block_validity,dioread_nolock,noquota,min_batch_time=0x0000000000000008,delalloc,user_xattr,quota,,errors=continue. Quota mode: writeback.
[  764.188160][T16649] 9pnet: Could not find request transport: fd0x0000000000000005
[  765.018576][T16680] loop5: detected capacity change from 0 to 256
[  765.068520][T16680] exfat: Deprecated parameter 'namecase'
[  765.074123][T16680] exfat: Deprecated parameter 'namecase'
[  765.091814][T16680] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  765.160146][T16689] 9pnet: Could not find request transport: fd0x0000000000000004
[  765.275850][T16696] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only
[  765.285212][T16696] overlayfs: failed to resolve './file0': -2
[  765.739815][T16719] 9pnet: Could not find request transport: fd0x0000000000000005
[  766.470441][T16752] loop0: detected capacity change from 0 to 256
[  766.558595][T16752] exfat: Deprecated parameter 'namecase'
[  766.564164][T16752] exfat: Deprecated parameter 'namecase'
[  766.591583][T16752] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  766.810957][T16763] device wg2 left promiscuous mode
[  766.819894][T16763] device wg2 entered promiscuous mode
[  767.240615][   T30] kauditd_printk_skb: 78 callbacks suppressed
[  767.240633][   T30] audit: type=1326 audit(2000000565.820:5778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16780 comm="syz.6.5671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  767.271859][   T30] audit: type=1326 audit(2000000565.820:5779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16780 comm="syz.6.5671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  767.295455][   T30] audit: type=1326 audit(2000000565.820:5780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16780 comm="syz.6.5671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  767.322041][   T30] audit: type=1326 audit(2000000565.820:5781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16780 comm="syz.6.5671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  767.348008][   T30] audit: type=1326 audit(2000000565.820:5782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16780 comm="syz.6.5671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  767.371484][   T30] audit: type=1107 audit(2000000565.850:5783): pid=16782 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='¯'
[  767.384937][   T30] audit: type=1326 audit(2000000565.900:5784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16784 comm="syz.6.5673" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc6c527f759 code=0x0
[  767.824270][T16793] loop5: detected capacity change from 0 to 256
[  767.919465][T16793] exfat: Deprecated parameter 'namecase'
[  767.925329][T16793] exfat: Deprecated parameter 'namecase'
[  767.939794][T16793] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  768.917108][   T30] audit: type=1326 audit(2000000567.490:5785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16810 comm="syz.0.5682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  768.982578][   T30] audit: type=1326 audit(2000000567.530:5786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16810 comm="syz.0.5682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  769.006211][   T30] audit: type=1326 audit(2000000567.530:5787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16810 comm="syz.0.5682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f39f5b02759 code=0x7ffc0000
[  769.048485][T16819] loop0: detected capacity change from 0 to 256
[  769.126436][T16819] exfat: Deprecated parameter 'namecase'
[  769.140062][T16819] exfat: Deprecated parameter 'namecase'
[  769.185337][T16819] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  770.251399][T16853] serio: Serial port ptm1
[  771.166203][T16883] device wg2 left promiscuous mode
[  771.176084][T16883] device wg2 entered promiscuous mode
[  771.204731][T16889] loop2: detected capacity change from 0 to 1024
[  771.228776][T16893] serio: Serial port ptm1
[  771.243318][T16889] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  771.256265][T16889] EXT4-fs error (device loop2): ext4_get_journal_inode:5150: inode #32: comm syz.2.5711: iget: special inode unallocated
[  771.269149][T16889] EXT4-fs (loop2): no journal found
[  771.274276][T16889] EXT4-fs (loop2): can't get journal size
[  771.280916][T16889] EXT4-fs (loop2): mounted filesystem without journal. Opts: norecovery,noblock_validity,sysvgroups,,errors=continue. Quota mode: none.
[  771.347530][T16899] 9pnet: Insufficient options for proto=fd
[  771.448729][T16913] device wg2 left promiscuous mode
[  771.458953][T16913] device wg2 entered promiscuous mode
[  772.384214][   T30] kauditd_printk_skb: 33 callbacks suppressed
[  772.384231][   T30] audit: type=1326 audit(2000000570.960:5821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16923 comm="syz.6.5727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  772.434999][   T30] audit: type=1326 audit(2000000571.000:5822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16923 comm="syz.6.5727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  772.446951][T16926] serio: Serial port ptm1
[  772.465709][T16928] 9pnet: Insufficient options for proto=fd
[  772.478532][   T30] audit: type=1326 audit(2000000571.000:5823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16923 comm="syz.6.5727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  772.526947][   T30] audit: type=1326 audit(2000000571.000:5824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16923 comm="syz.6.5727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  772.572446][   T30] audit: type=1326 audit(2000000571.000:5825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16923 comm="syz.6.5727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  772.601090][T16941] device wg2 left promiscuous mode
[  772.609595][T16944] overlayfs: failed to resolve './file1': -2
[  772.615799][   T30] audit: type=1326 audit(2000000571.000:5826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16923 comm="syz.6.5727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  772.623595][T16945] loop1: detected capacity change from 0 to 1024
[  772.653051][   T30] audit: type=1326 audit(2000000571.000:5827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16923 comm="syz.6.5727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  772.677687][   T30] audit: type=1326 audit(2000000571.000:5828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16923 comm="syz.6.5727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  772.701417][   T30] audit: type=1326 audit(2000000571.000:5829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16923 comm="syz.6.5727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  772.706385][T16947] loop2: detected capacity change from 0 to 512
[  772.735970][T16941] device wg2 entered promiscuous mode
[  772.741568][   T30] audit: type=1326 audit(2000000571.000:5830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16923 comm="syz.6.5727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  772.765428][T16945] EXT4-fs (loop1): Test dummy encryption mode enabled
[  772.772289][T16945] EXT4-fs (loop1): Test dummy encryption mode enabled
[  772.785287][T16945] EXT4-fs (loop1): Ignoring removed orlov option
[  772.804778][T16945] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000200005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  772.870772][T16947] EXT4-fs (loop2): Ignoring removed nobh option
[  772.877424][T16947] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  772.905167][T16947] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nobh,max_batch_time=0x00000000000003ff,nojournal_checksum,usrquota,dioread_nolock,nodiscard,. Quota mode: writeback.
[  772.924581][T16947] ext4 filesystem being mounted at /579/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  773.947562][T16977] serio: Serial port ptm0
[  774.026215][T16988] loop1: detected capacity change from 0 to 1024
[  774.042960][T16988] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  774.055931][T16988] EXT4-fs error (device loop1): ext4_get_journal_inode:5150: inode #32: comm syz.1.5749: iget: special inode unallocated
[  774.068943][T16988] EXT4-fs (loop1): no journal found
[  774.074028][T16988] EXT4-fs (loop1): can't get journal size
[  774.080596][T16988] EXT4-fs (loop1): mounted filesystem without journal. Opts: norecovery,noblock_validity,sysvgroups,,errors=continue. Quota mode: none.
[  774.684910][T17001] loop6: detected capacity change from 0 to 1024
[  774.758689][T17001] EXT4-fs (loop6): Test dummy encryption mode enabled
[  774.765525][T17001] EXT4-fs (loop6): Test dummy encryption mode enabled
[  774.772237][T17001] EXT4-fs (loop6): Ignoring removed orlov option
[  774.780402][T17001] EXT4-fs (loop6): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000200005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  775.661591][T17020] serio: Serial port ptm0
[  776.186309][T17040] loop1: detected capacity change from 0 to 1024
[  776.229153][T17040] EXT4-fs (loop1): Test dummy encryption mode enabled
[  776.235950][T17040] EXT4-fs (loop1): Test dummy encryption mode enabled
[  776.242640][T17040] EXT4-fs (loop1): Ignoring removed orlov option
[  776.250897][T17040] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000200005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  776.696967][ T9370] ------------[ cut here ]------------
[  776.702981][ T9370] WARNING: CPU: 0 PID: 9370 at fs/inode.c:307 drop_nlink+0xc1/0x110
[  776.711424][ T9370] Modules linked in:
[  776.715216][ T9370] CPU: 0 PID: 9370 Comm: syz-executor Tainted: G        W         5.15.167-syzkaller-00348-g2e66050fb753 #0
[  776.726733][ T9370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  776.737027][ T9370] RIP: 0010:drop_nlink+0xc1/0x110
[  776.741982][ T9370] Code: 1e 48 8d bb b8 04 00 00 be 08 00 00 00 e8 e7 f4 f0 ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 df 99 ae ff <0f> 0b eb 88 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 62 ff ff ff 4c
[  776.761550][ T9370] RSP: 0018:ffffc90000b27b08 EFLAGS: 00010293
[  776.767481][ T9370] RAX: ffffffff81c1bd81 RBX: 0000000000000000 RCX: ffff8881161b93c0
[  776.775472][ T9370] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  776.783330][ T9370] RBP: ffffc90000b27b30 R08: ffffffff81c1bd04 R09: 0000000000000003
[  776.791214][ T9370] R10: fffff52000164f50 R11: dffffc0000000001 R12: dffffc0000000000
[  776.799166][ T9370] R13: 1ffff110250ac55f R14: ffff888128562ab0 R15: ffff888128562af8
[  776.807018][ T9370] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  776.816309][ T9370] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  776.822824][ T9370] CR2: 0000000000000900 CR3: 00000001147c4000 CR4: 00000000003506b0
[  776.830562][ T9370] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  776.838557][ T9370] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  776.846355][ T9370] Call Trace:
[  776.855107][ T9370]  <TASK>
[  776.860553][ T9370]  ? show_regs+0x58/0x60
[  776.874442][ T9370]  ? __warn+0x160/0x2f0
[  776.881799][ T9370]  ? drop_nlink+0xc1/0x110
[  776.889559][ T9370]  ? report_bug+0x3d9/0x5b0
[  776.899541][ T9370]  ? drop_nlink+0xc1/0x110
[  776.907086][ T9370]  ? handle_bug+0x41/0x70
[  776.916820][ T9370]  ? exc_invalid_op+0x1b/0x50
[  776.924756][ T9370]  ? asm_exc_invalid_op+0x1b/0x20
[  776.934029][ T9370]  ? drop_nlink+0x44/0x110
[  776.941775][ T9370]  ? drop_nlink+0xc1/0x110
[  776.950435][ T9370]  ? drop_nlink+0xc1/0x110
[  776.956897][ T9370]  ? drop_nlink+0xc1/0x110
[  776.964628][ T9370]  shmem_rmdir+0x59/0x90
[  776.971639][ T9370]  vfs_rmdir+0x324/0x470
[  776.979022][ T9370]  incfs_kill_sb+0x113/0x230
[  776.991550][ T9370]  deactivate_locked_super+0xad/0x110
[  777.003850][ T9370]  deactivate_super+0xbe/0xf0
[  777.012027][ T9370]  cleanup_mnt+0x45c/0x510
[  777.016369][ T9370]  __cleanup_mnt+0x19/0x20
[  777.038103][ T9370]  task_work_run+0x129/0x190
[  777.042618][ T9370]  do_exit+0xc48/0x2ca0
[  777.046609][ T9370]  ? __kasan_check_read+0x11/0x20
[  777.051743][ T9370]  ? put_task_struct+0x80/0x80
[  777.056495][ T9370]  ? ksys_write+0x24f/0x2c0
[  777.072227][ T9370]  ? exc_page_fault+0x47a/0x7f0
[  777.084098][ T9370]  do_group_exit+0x141/0x310
[  777.090832][T17065] loop1: detected capacity change from 0 to 256
[  777.148437][T17065] exfat: Deprecated parameter 'namecase'
[  777.154251][T17065] exfat: Unknown parameter 'uma­¨'
[  777.160766][T17068] loop6: detected capacity change from 0 to 512
[  777.188095][ T9370]  __x64_sys_exit_group+0x3f/0x40
[  777.193037][ T9370]  x64_sys_call+0x610/0x9a0
[  777.197482][ T9370]  do_syscall_64+0x3b/0xb0
[  777.270830][ T9370]  ? clear_bhb_loop+0x35/0x90
[  777.275896][ T9370]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  777.281946][ T9370] RIP: 0033:0x7f3d217ab759
[  777.286191][ T9370] Code: Unable to access opcode bytes at RIP 0x7f3d217ab72f.
[  777.302832][ T9370] RSP: 002b:00007fffd031f808 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  777.311293][ T9370] RAX: ffffffffffffffda RBX: 00007f3d2181e66e RCX: 00007f3d217ab759
[  777.319447][ T9370] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  777.349372][T17068] EXT4-fs (loop6): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback.
[  777.371357][T17068] ext4 filesystem being mounted at /375/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  777.398098][ T9370] RBP: 0000000000000016 R08: 00007fffd031d5a6 R09: 00007fffd0320ac0
[  777.401509][T17082] netlink: 'syz.1.5776': attribute type 4 has an invalid length.
[  777.406076][ T9370] R10: 000000000000000a R11: 0000000000000246 R12: 00007fffd0320ac0
[  777.421443][ T9370] R13: 00007f3d2181e5fc R14: 000055558eaca4a8 R15: 00007fffd0322c70
[  777.428891][   T30] kauditd_printk_skb: 69 callbacks suppressed
[  777.428908][   T30] audit: type=1326 audit(2000000576.010:5900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17061 comm="syz.6.5775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  777.429283][ T9370]  </TASK>
[  777.437935][   T30] audit: type=1326 audit(2000000576.010:5901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17061 comm="syz.6.5775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  777.458574][ T9370] ---[ end trace 9b85607dcf4a8bfa ]---
[  777.522143][ T9370] ==================================================================
[  777.525781][   T30] audit: type=1326 audit(2000000576.010:5902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17061 comm="syz.6.5775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c527f759 code=0x7ffc0000
[  777.530033][ T9370] BUG: KASAN: null-ptr-deref in ihold+0x20/0x60
[  777.530061][ T9370] Write of size 4 at addr 0000000000000170 by task syz-executor/9370
[  777.530078][ T9370] 
[  777.530086][ T9370] CPU: 1 PID: 9370 Comm: syz-executor Tainted: G        W         5.15.167-syzkaller-00348-g2e66050fb753 #0
[  777.580730][ T9370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  777.590620][ T9370] Call Trace:
[  777.593745][ T9370]  <TASK>
[  777.596522][ T9370]  dump_stack_lvl+0x151/0x1c0
[  777.601033][ T9370]  ? io_uring_drop_tctx_refs+0x190/0x190
[  777.606501][ T9370]  ? _raw_spin_lock+0xa4/0x1b0
[  777.611100][ T9370]  ? _raw_spin_trylock_bh+0x190/0x190
[  777.616310][ T9370]  kasan_report+0x16f/0x1c0
[  777.620652][ T9370]  ? ihold+0x20/0x60
[  777.624408][ T9370]  ? ihold+0x20/0x60
[  777.628114][ T9370]  kasan_check_range+0x293/0x2a0
[  777.632891][ T9370]  __kasan_check_write+0x14/0x20
[  777.637663][ T9370]  ihold+0x20/0x60
[  777.641304][ T9370]  vfs_rmdir+0x201/0x470
[  777.645388][ T9370]  incfs_kill_sb+0x113/0x230
[  777.649838][ T9370]  deactivate_locked_super+0xad/0x110
[  777.655020][ T9370]  deactivate_super+0xbe/0xf0
[  777.659531][ T9370]  cleanup_mnt+0x45c/0x510
[  777.663791][ T9370]  __cleanup_mnt+0x19/0x20
[  777.668043][ T9370]  task_work_run+0x129/0x190
[  777.672463][ T9370]  do_exit+0xc48/0x2ca0
[  777.676457][ T9370]  ? __kasan_check_read+0x11/0x20
[  777.681318][ T9370]  ? put_task_struct+0x80/0x80
[  777.685925][ T9370]  ? ksys_write+0x24f/0x2c0
[  777.690260][ T9370]  ? exc_page_fault+0x47a/0x7f0
[  777.694948][ T9370]  do_group_exit+0x141/0x310
[  777.699371][ T9370]  __x64_sys_exit_group+0x3f/0x40
[  777.704233][ T9370]  x64_sys_call+0x610/0x9a0
[  777.708570][ T9370]  do_syscall_64+0x3b/0xb0
[  777.712821][ T9370]  ? clear_bhb_loop+0x35/0x90
[  777.717336][ T9370]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  777.723151][ T9370] RIP: 0033:0x7f3d217ab759
[  777.727407][ T9370] Code: Unable to access opcode bytes at RIP 0x7f3d217ab72f.
[  777.734609][ T9370] RSP: 002b:00007fffd031f808 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  777.742854][ T9370] RAX: ffffffffffffffda RBX: 00007f3d2181e66e RCX: 00007f3d217ab759
[  777.751042][ T9370] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  777.758831][ T9370] RBP: 0000000000000016 R08: 00007fffd031d5a6 R09: 00007fffd0320ac0
[  777.766632][ T9370] R10: 000000000000000a R11: 0000000000000246 R12: 00007fffd0320ac0
[  777.774446][ T9370] R13: 00007f3d2181e5fc R14: 000055558eaca4a8 R15: 00007fffd0322c70
[  777.782349][ T9370]  </TASK>
[  777.785205][ T9370] ==================================================================
[  777.793109][ T9370] Disabling lock debugging due to kernel taint
[  777.878114][ T9370] BUG: kernel NULL pointer dereference, address: 0000000000000170
[  777.885758][ T9370] #PF: supervisor write access in kernel mode
[  777.891659][ T9370] #PF: error_code(0x0002) - not-present page
[  777.897477][ T9370] PGD 1180bb067 P4D 1180bb067 PUD 1141ff067 PMD 0 
[  777.903815][ T9370] Oops: 0002 [#1] PREEMPT SMP KASAN
[  777.908933][ T9370] CPU: 0 PID: 9370 Comm: syz-executor Tainted: G    B   W         5.15.167-syzkaller-00348-g2e66050fb753 #0
[  777.920211][ T9370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  777.930110][ T9370] RIP: 0010:ihold+0x25/0x60
[  777.934447][ T9370] Code: 00 00 00 00 00 55 48 89 e5 41 56 53 49 89 fe e8 f1 91 ae ff 49 8d be 70 01 00 00 be 04 00 00 00 e8 d0 ec f0 ff bb 01 00 00 00 <f0> 41 0f c1 9e 70 01 00 00 ff c3 bf 02 00 00 00 89 de e8 74 95 ae
[  777.954162][ T9370] RSP: 0018:ffffc90000b27b48 EFLAGS: 00010246
[  777.960067][ T9370] RAX: ffff8881161b9300 RBX: 0000000000000001 RCX: ffff8881161b93c0
[  777.967872][ T9370] RDX: 0000000000000000 RSI: 0000000000000282 RDI: 00000000ffffffff
[  777.975685][ T9370] RBP: ffffc90000b27b58 R08: ffffffff8141991b R09: 0000000000000003
[  777.983493][ T9370] R10: fffffbfff0e9a64c R11: dffffc0000000001 R12: dffffc0000000000
[  777.991310][ T9370] R13: ffff888111636440 R14: 0000000000000000 R15: 1ffff110222c6c8e
[  777.999116][ T9370] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  778.007981][ T9370] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  778.014404][ T9370] CR2: 0000000000000170 CR3: 000000011865c000 CR4: 00000000003506b0
[  778.022303][ T9370] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  778.030113][ T9370] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  778.037924][ T9370] Call Trace:
[  778.041049][ T9370]  <TASK>
[  778.043830][ T9370]  ? __die_body+0x62/0xb0
[  778.047990][ T9370]  ? __die+0x7e/0x90
[  778.051724][ T9370]  ? page_fault_oops+0x7f9/0xa90
[  778.056498][ T9370]  ? _raw_spin_unlock+0x4d/0x70
[  778.061196][ T9370]  ? kernelmode_fixup_or_oops+0xd0/0xd0
[  778.066567][ T9370]  ? __schedule+0xcd4/0x1590
[  778.070998][ T9370]  ? exc_page_fault+0x510/0x7f0
[  778.075689][ T9370]  ? asm_exc_page_fault+0x27/0x30
[  778.080541][ T9370]  ? check_panic_on_warn+0x5b/0xb0
[  778.085489][ T9370]  ? ihold+0x25/0x60
[  778.089221][ T9370]  ? ihold+0x20/0x60
[  778.092952][ T9370]  vfs_rmdir+0x201/0x470
[  778.097035][ T9370]  incfs_kill_sb+0x113/0x230
[  778.101458][ T9370]  deactivate_locked_super+0xad/0x110
[  778.106667][ T9370]  deactivate_super+0xbe/0xf0
[  778.111178][ T9370]  cleanup_mnt+0x45c/0x510
[  778.115435][ T9370]  __cleanup_mnt+0x19/0x20
[  778.119683][ T9370]  task_work_run+0x129/0x190
[  778.124113][ T9370]  do_exit+0xc48/0x2ca0
[  778.128106][ T9370]  ? __kasan_check_read+0x11/0x20
[  778.132964][ T9370]  ? put_task_struct+0x80/0x80
[  778.137565][ T9370]  ? ksys_write+0x24f/0x2c0
[  778.141903][ T9370]  ? exc_page_fault+0x47a/0x7f0
[  778.146594][ T9370]  do_group_exit+0x141/0x310
[  778.151016][ T9370]  __x64_sys_exit_group+0x3f/0x40
[  778.155874][ T9370]  x64_sys_call+0x610/0x9a0
[  778.160223][ T9370]  do_syscall_64+0x3b/0xb0
[  778.164464][ T9370]  ? clear_bhb_loop+0x35/0x90
[  778.168984][ T9370]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  778.174708][ T9370] RIP: 0033:0x7f3d217ab759
[  778.178962][ T9370] Code: Unable to access opcode bytes at RIP 0x7f3d217ab72f.
[  778.186161][ T9370] RSP: 002b:00007fffd031f808 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  778.194410][ T9370] RAX: ffffffffffffffda RBX: 00007f3d2181e66e RCX: 00007f3d217ab759
[  778.202221][ T9370] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  778.210033][ T9370] RBP: 0000000000000016 R08: 00007fffd031d5a6 R09: 00007fffd0320ac0
[  778.217853][ T9370] R10: 000000000000000a R11: 0000000000000246 R12: 00007fffd0320ac0
[  778.225657][ T9370] R13: 00007f3d2181e5fc R14: 000055558eaca4a8 R15: 00007fffd0322c70
[  778.233471][ T9370]  </TASK>
[  778.236329][ T9370] Modules linked in:
[  778.240080][ T9370] CR2: 0000000000000170
[  778.244120][ T9370] ---[ end trace 9b85607dcf4a8bfb ]---
[  778.249348][ T9370] RIP: 0010:ihold+0x25/0x60
[  778.253697][ T9370] Code: 00 00 00 00 00 55 48 89 e5 41 56 53 49 89 fe e8 f1 91 ae ff 49 8d be 70 01 00 00 be 04 00 00 00 e8 d0 ec f0 ff bb 01 00 00 00 <f0> 41 0f c1 9e 70 01 00 00 ff c3 bf 02 00 00 00 89 de e8 74 95 ae
[  778.273131][ T9370] RSP: 0018:ffffc90000b27b48 EFLAGS: 00010246
[  778.279028][ T9370] RAX: ffff8881161b9300 RBX: 0000000000000001 RCX: ffff8881161b93c0
[  778.286840][ T9370] RDX: 0000000000000000 RSI: 0000000000000282 RDI: 00000000ffffffff
[  778.294655][ T9370] RBP: ffffc90000b27b58 R08: ffffffff8141991b R09: 0000000000000003
[  778.302465][ T9370] R10: fffffbfff0e9a64c R11: dffffc0000000001 R12: dffffc0000000000
[  778.310276][ T9370] R13: ffff888111636440 R14: 0000000000000000 R15: 1ffff110222c6c8e
[  778.318089][ T9370] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  778.326852][ T9370] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  778.333277][ T9370] CR2: 0000000000000170 CR3: 000000011865c000 CR4: 00000000003506b0
[  778.341091][ T9370] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  778.348898][ T9370] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  778.356718][ T9370] Kernel panic - not syncing: Fatal exception
[  778.362942][ T9370] Kernel Offset: disabled
[  778.367067][ T9370] Rebooting in 86400 seconds..