last executing test programs:

1m46.168039914s ago: executing program 32 (id=132):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
syz_usb_connect$uac1(0x0, 0xa5, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000106b1d010140000102030109029300030100000009040000000101"], 0x0)

1m27.675925481s ago: executing program 33 (id=438):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
pipe(&(0x7f0000000100))
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x48, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88adfda5}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x10, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x48}}, 0x0)

1m27.273310761s ago: executing program 5 (id=453):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @random="50a245d5cde0", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x32, 0x0, @empty, @broadcast}, @timestamp_reply={0x11, 0x0, 0x0, 0x0, 0xea}}}}}, 0x0)

1m27.213041385s ago: executing program 5 (id=459):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6968d12418a4d2a0d086d8438d415d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e23f992a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a9214a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a6683e941fdbdff03cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09b9c739ad64cfcfd2d498b0f11056f6c40874cb977c99b6bc1a8732198a17e610082b7ce0365f271b11d4b4a3d4c7d0bb273f406ecd4b26c93151c30f5a269991402d109becb1b9bafcb2b47e940000000000e540d8b0db3774effb7469a21f96e2594b2973ebf7a1bd9ace2ed4d6eb1735f85885be5be74dc2ea5d7d499bd28271b98f187f5879b16b409a04d78175cc8d0f707c822805d7011ed4b22419186dd2b22aadf15828db2ca19d79e1bf2f7989237ee5cb2e1eb7b2bfc92d3aa95a26f060935c4fee8b2d7d0bf3c6d82d04329164bd4ee0b8060183f36762b0440d9082d7c8b06e4c2024f77e1018758d28e7ee290f32a48bfc2aa10b3dba9bff00d2410f3477a8e0df689c880dc9a677cfaa16603527c06625a3363744cea5f2d350224cc0fea76c72ca08507235c67346722f20690fde0790f040f5fd3eff75f9b291cc5e9c686ebaadbe756c6fa039ff441e427ed12578d5cb041ebf729cfaa575cc852fbdb54e60435e6d62b9d270433b220ed9ff1ff042b8d3d866231c460765"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x1f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
unshare(0x60600)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x32, 0x0, 0x0)

1m27.137976781s ago: executing program 5 (id=462):
socket$igmp(0x2, 0x3, 0x2)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/raw\x00')
socket(0x840000000002, 0x3, 0xff)
socket$igmp(0x2, 0x3, 0x2)
pread64(r0, &(0x7f0000000040)=""/211, 0xd3, 0x76)

1m27.072144115s ago: executing program 5 (id=464):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000200)='./file2\x00', 0x1000410, &(0x7f0000000040)={[{@barrier_val={'barrier', 0x3d, 0x7}}, {@i_version}]}, 0x4, 0x504, &(0x7f0000019940)="$eJzs3c9vG1kdAPDvOHGTZt1NF/YACNiyLBRU6vzobrRaDnQvILRaCbFCQuLQDYk3imLXUZwsTcghPXJHohIn+BO4cUDqiQM3bnDjUg5IBSJQg8Rh0IyniZvEdWiTeGt/PtJ45r1x/H3PznvP8xznBTC0rkTETkRciIgPI2KyyE+KLW62t+x+j3a3F/Z2txeSSNMP/pHk57O86PiZzEvFY45HxPe/E/Hj5Gjc1ubWyny9Xlsr0lPrjdWp1ubW9eVSkTM7NzM3/faNt2ZPra6vNX7z8NvL7/3gd7/9woM/7nz9p1mxKj+7lJ/rrMdpale9HJWOvNGIeO8sgvXJaPH7w4sna22fiojX8/Y/GSP5qwkADLI0nYx0sjMNAAy67Pq/EkmpWswFVKJUqlbbc3ivxkSp3mytX5tsbtxejHwO63KUSx8t12vTxVzh5SgnWXomPz5Izx5K34iIVyLi52MX83R1oVlf7OcbHwAYYi8dGv//PdYe/wGAATfe7wIAAOfO+A8Aw8f4DwDD5/8Y/307EAAGhOt/ABg+xn8AGD49x/+751MOAOBcfO/997Mt3Sv+//Xix5sb36x8fH2x1lqpNjYWqgvNtdXqUrO5VK9VF9K01+PVm83VmTf3k63NrVuN5sbt9VvLjfml2q1a+YzrAwD09spr9/+cRMTOOxfzLTrWcjBWw2ArPZE6ZqEeYGCN9LsAQN/4Pg8MrxNc45sGgAHX68q/658I3bP4K7yorn7W/D8Mq1K/CwD0zbPN/3/r1MsBnD/z/zC80jSx5j8ADBlz/MCzfP7/wyg+/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAhVcm3pFTN1wLfyW5L1WrEpYi4HOXko+V6bToiXo6IP42Vx7L0TL8LDQA8p9LfkmL9r6uTb1QOn72Q/Gcs30fET375wS/uzK+vr81k+f/cz1+/V+TPXuhHBQCATjePZrXH6WLfcSH/aHd74fF2nkV8+G57cdEs7l6xtc+Mxmi+H49yREz8KynSbdn7lZFTiL9zNyI+c1D/Ox0RKvkcSHvl08Pxs9iXziD+wfOfRJqm6UH80hPxS3nZsn05fy4+fQplgWFz/912P5m1u4u721kTK9pfKa7k++Pb/3jeQz2/x/3f3pH+r7Tf/40ciZ/kbf7KfvrpJXn45u+/eyQznWyfuxvxudHj4if78ZMu/e8bJ6zjXz7/xde7nUt/FXE1jo/f1si72an1xupUa3Pr+nJjfqm2VLs9Ozs3Mzf99o23ZqfyOer27R+Oi/H3d6693C1+Vv+JLvHHe9T/Kyes/6//++GPvvSU+F/78vGv/6tPiZ+NiV89Yfz5iZvHLd+9H3+xS/17vf7XThj/wV+3Fk94VwDgHLQ2t1bm6/XaWo+D7L1mr/s4eDEPYifinIN+YzziE1F3B90O+t0zAWftoNH3uyQAAAAAAAAAAAAAAEA3rc2tlbE4268T9buOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADK7/BQAA//+TAtDE")
r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
write$binfmt_register(r0, &(0x7f0000000000)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x7, 0x3a, 'M', 0x3a, 'M', 0x3a, './file2', 0x3a, [0x46]}, 0x2a)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f0000000f80)=ANY=[], 0xb, 0x0, &(0x7f0000000000))

1m26.483665459s ago: executing program 5 (id=481):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0xc)
unshare(0x22020600)
r1 = syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/mnt\x00')
setns(r1, 0x0)

1m26.100176068s ago: executing program 5 (id=486):
r0 = add_key$user(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x2}, &(0x7f00000001c0)="8c", 0x1, 0xffffffffffffffff)
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x32)
setresuid(0x0, r2, 0x0)
keyctl$chown(0x4, r0, r2, 0xffffffffffffffff)

1m26.085981429s ago: executing program 34 (id=486):
r0 = add_key$user(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x2}, &(0x7f00000001c0)="8c", 0x1, 0xffffffffffffffff)
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x32)
setresuid(0x0, r2, 0x0)
keyctl$chown(0x4, r0, r2, 0xffffffffffffffff)

1m3.534297889s ago: executing program 6 (id=1111):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_clone(0x140011, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={0x0}, 0x18)
munlockall()

1m3.51027745s ago: executing program 6 (id=1112):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
mount_setattr(0xffffffffffffffff, &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f0000000240)={0x4, 0x80, 0x20000}, 0x20)

1m3.470714863s ago: executing program 6 (id=1116):
r0 = socket(0x10, 0x80803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000005e000102000000000000000000", @ANYRES64], 0x1c}}, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000040))
recvmmsg(r0, &(0x7f0000001bc0)=[{{0x0, 0x700, 0x0}}], 0x7, 0x0, 0x0)

1m3.410099918s ago: executing program 6 (id=1122):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000200), 0x3, 0x45c, &(0x7f0000000240)="$eJzs3MtvVFUYAPDv3j6wArYiKi8VX5H4aCmgsnChRhMXmJjoQpdNWwgyUENrIoRoMQZXxpi4Ny79F3SjG2NcGd3q3pAQwwZwNebOvZfOTGcGOp0yyPx+ye2ccx9zzjfnnplz75lpAANrb/YnidgSEX9GxHiebdxhb/5w9fK52WuXz80mUa2+/U9S2+/K5XOz5a7lcZuLzL40Iv0sid0tyl08c/bETKUyf7rITy2d/GBq8czZ546fnDk2f2z+1IHDhw8dnH7xhQPP9yTOrE5Xdn28sGfnG+999eaRLxrib4pj3XZsqn/qlp6sVntW3O1ga106Ge5jRViToYjImmuk1v/HYyhWGm88Xv+0r5UDNlS1Wq1uXr06Wc4fl6vAHSyJxrwuD4Oi/MDPrn/LpXkw8PIGj0H66dIr+QVQFvfVYsm3DEda7DPSdH3bS3sj4t3lf7/Jluj1fQgAgBZ+zMY/z7Ya/6XxQN1+9xRzQxMRcW9EbIuI+yJie0TcH1Hb98GI2LHG8psnSVaPf9KLXQV2k7Lx30vF3Fbj+K8c/Y1NDBW5rbX4R5Kjxyvz+4vXZF+MbMry0x3K+Om1P75st61+/JctWfnlWLCox8XhTY3HzM0szawr6DqXzkfsGm4Vf3J9JiCJiJ0RsavLMo4//d2edttuHH8HPZhnqn4b8VTe/svRFH8p6Tw/OXVXVOb3T5VnxWq//nbhrXblryv+Hsja/+6W5//1+CeS+vnaxbWXceGvz9te03R7/o8m79TSo8W6j2aWlk5PR4wmR/JK168/sHJsmS/3/+H3fH2r/r8tVl6J3RGRncQPRcTDEfFIUfdHI+KxiHi8Q/y/vPrE+93Hv7Gy9p9bU/uvJEajeU3rxNCJn79vKHRiVfzXOrf/oVpqX7HmZt7/bqZe3Z3NAAAA8P+TRsSWSNLJ6+k0nZzMvy+/PSKtLCwuPXN04cNTc/lvBCZiJC3vdI3X3Q+dLi7r8/z5iMi/WlBuP1jcN/56aKyWn5xdqMz1O3gYcJvb9P/M30P9rh2w4fxeCwaX/g+DS/+HwaX/w+Bq0f/H+lEP4NZr9fn/SR/qAdx6Tf3ftB8MENf/MLja9v87+T//ADU+/2EgLY7FjX8k3zFRPlOXh9+xiRi5Laqx/kQ1adm4kRaJ8xFxm1RVoneJ/r4vAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Mp/AQAA///6MN+p")
syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file2\x00', 0x880801, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x1ae)
fchmodat(r0, &(0x7f00000000c0)='./file1\x00', 0x0)

1m3.221482982s ago: executing program 6 (id=1126):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
io_setup(0x2007, &(0x7f0000000200)=<r0=>0x0)
r1 = eventfd2(0x0, 0x1)
r2 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
io_submit(r0, 0x1, &(0x7f0000000280)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x1, r1}])

1m3.055521084s ago: executing program 6 (id=1130):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000140)='cgroup.threads\x00', 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000040)=ANY=[@ANYBLOB='-4'], 0xc)

1m3.054903044s ago: executing program 35 (id=1130):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000140)='cgroup.threads\x00', 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000040)=ANY=[@ANYBLOB='-4'], 0xc)

51.130611102s ago: executing program 4 (id=1412):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x70}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
unshare(0x22020600)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r1, 0x2)

51.109783884s ago: executing program 4 (id=1414):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f0000000180)="02034effd3fc02000000ab5d71acedd7c9560385dcb1080084d7dc039806112405ce811cc352", 0xff88, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14)

51.089536176s ago: executing program 4 (id=1416):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000140)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000040)=ANY=[@ANYBLOB='-4'], 0xc)

51.069211937s ago: executing program 4 (id=1418):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x20044e, &(0x7f0000000340)={[{@minixdf}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@grpquota}, {@noblock_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==")
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

50.969861724s ago: executing program 4 (id=1422):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f00000002c0)={@multicast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f4adf7", 0x8, 0x2c, 0x0, @dev, @mcast2, {[], @echo_reply}}}}}, 0x0)

50.853507763s ago: executing program 4 (id=1423):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000006000000b703000000000083850000007d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000500)='mm_page_alloc\x00', r0}, 0x10)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

50.853326853s ago: executing program 36 (id=1423):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000006000000b703000000000083850000007d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000500)='mm_page_alloc\x00', r0}, 0x10)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

34.084458062s ago: executing program 3 (id=2003):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x5, &(0x7f0000000040)=0x6, 0x4)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
sendto$inet6(r0, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000080)='D', 0x1, 0x20000012, 0x0, 0x0)
sendto$inet6(r0, &(0x7f00000002c0)="1c0c10", 0x3, 0x0, 0x0, 0x0)

34.003758137s ago: executing program 3 (id=2006):
syz_mount_image$f2fs(&(0x7f00000004c0), &(0x7f0000000040)='./bus\x00', 0x2008410, &(0x7f0000000500)=ANY=[], 0x1, 0x553b, &(0x7f000000ac00)="$eJzs3EtvG1UUAOA7TtPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKI9WduKk/T5pfGbujM+cO7ISnRnLAXhiLaS//pyES+FsCGEuhHAhCfl6Uiy51RieCyFcDiGU/rIkxfifA6dDCOdCCJdGyWPOpNj1+dXhlZWf3vjlm+/OnDr/xdffz27WwKw9H0LobsX13W6MWSvGu8V4bdjOY/fGsIhxR/desZ3FuNvcyDPs1sbH1fJ4vRWPz7Z2+qO42anVR7HV3szHt3rxhP1ha5wnf8Pd2na+3Whu5LHdz/LY2o917e3Hv237/UHM0yjyfZinD4PBOMbx5l4zzmfrXh7rvUExHvNmjebeKA6LWJwu1LNOI69jY5Irfby92e7t7KXD5na/nfXSlUr1hUr1Zrm6nTWag+aNcq3buHkjXWx1RoeVB81ad7WVZa1Os1LPukvpYqteL1er6eKt5ka71kur1cr1yrXyylKxdjV99c67aaeRLo7iy+3ezul2p59uZttpfMdSuly5/uJSeqWavr22nq6/dfv22vo77996785La6+/Uhz0QFnp4vK15eVy9Vp5ubp0DOY/+r/7kPMfTDL/T4qiH2H+yWSXB/6bDxjAI3ug/w/6f+DwnfT+P0yz/x+1VPr//+9/S5P3/xP1v8e1/z/B84eJ6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5YP8x/+Vq+shC3zxfjF4uhZ4rtJIRQCiH8/g/mwukDOeeKPPP/cvz832r4Ngl5htE5zhTLuRDCarH89vRhXwUAAAB4fH310eXPYrceXxZmXRBHKd60KV34YEr5khDC/MKPU8pWGr08O6Vk+ef7VNibUrb8BtZTU0oWb7mdmla2hzI3Dh9fvD+YTyiJoXSk5QAAAEdi7kA42i4EAACAo/TprAtgNpIwfpQ5fhacf/P+/qPNswf2AQAAACdQMusCAAAAgEOX9/9+/w8AAAAeb/H3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4g537uU0ciOIA/GwwsP+0aLX3bWVvUEZKyDHHQAFpghJIC2mAGsgtJUQQYY+QHIEUiXGsoO+TPM7Y0W9mgMsbSwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJztZ4/3v97uDRnt79MntUAAAAAp2yr9bz+Y9r0f6Trv9KlP6lfREQZEadq90GMWpmDlFOd+f/q3RyeIuqEwxjjdHyPiP/peP3d9acAAAAA12uzXM2aar1ppn1PiM/UbNqUP28y5RURUU1fMqWVh+ZvprD69z2Mu0xp9QbWJFNYs+U2PH1vlGuQtkHrlFYyWdRfYt0ruxkXAADoU7sSOFOFAAAAcAVu+54A/SiOzfE547g5pQeC31o9AAAA4Asq+p4AAAAA0Lm6/vf+PwAAALhuzfv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NK2Ws83y9Xs3P3FB3N2+8vkWxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBv7844CIRAGYbB3fWcy9z+sNGhobFIFwsffGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzPSwqEQBBEwZzxv5O+/2ElQc8gQgQ0PKqoRQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzcP28cRRQA8Hd7t5c/gDAGuTCgIFFAQ+xLSEgJBcii4CMgWc45GC4EEhckskBuoEKu0yAoEUICmS7fIXUspQldChdGogbt3u5lkxhyiszuEv9+0uy8Pa9m3uydLD/P2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAafedeCkp4m52mBnH5Wu39jZWsn7ngT5zY+v2fNayuPOoib55++CTb7eXqycn5ionX9WfDAAAAIdDt6zvI+JOur2U9clMXv+n5TVZzf/9M+O4rOcfrPt39jaOFl+aL+v/3369+8JkopnxPNmgq2uj4eLDqfT+oyW23rOPvKKX3/n8dy/d/A1J3t98fjfN72fn25s33+3n4ZE6sgUAHsfJsi+C8uehrB80mRgAh0avUniX9X93ptmcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqwuxlPlXEnIuZ79+LMzt7Gyn79ja3b82U7e/36VnXMbIg0IlbXRsO0xrW03ZWr1z5ZHo2Gl+sPTkREc7MXwYdTXBPx79cUH89obhX/HHTakUajQVK8P23J5yCD8rN38CM39A0JAIAnVlq0rK6/k24vZa91ZiP++uH++v+1ShxT1v93Pzp7qzpXtf4f1LbC9ltYv/jZwpWr195Yu7h8YXhh+OmbpwZvDU6fO3Pm3EJ2rxYXViMZLjadJgAAAP9j/aJV6/9k9uH9/+OVOKas/z//bvBlda6u+n9f9zb9ms4EAADgMOpPoude+fOPzj5XdPr9+GJ5ff3yYHycnJ8aH2tN9zEdKVq1/u/ONp0VAAAAUIfdzc59+//nK3FMuf//9I8v/lwdsxsRxyIuRcTw5Mql0fn6ltNqdfyhcj5Rv+mVAgAA0JRjRavu/6f58//J5JGHJCJef3Ucl//rapr6v/ve1z9V56o+/3+6viW2UjI3vh95PxfRm2s6IwAAAJ5kR4uWFfu/p9tLH/9y/IO+5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6vZ3AAAA//+pzDYD")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x183341, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000003})
r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='.\x00', 0x0, 0x0)
r2 = getegid()
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000003600)=ANY=[@ANYBLOB="020000000100010000000000040001000000000008000100", @ANYRES32=r2, @ANYBLOB="10000700000000002000"], 0x2c, 0x0)

33.648163774s ago: executing program 3 (id=2012):
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file1\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c00a3a2a4e7417e941910c27d130b55ac2d5f7a61e59ec6d5de07239091924c32eeb367d16409d6d3ec1fb755f9a7989ebc4e96918e268f0b7acebf67c07bc4731250f87d27b5e9e61000e70f0c6a4e2432073d0d3e18f864e9ef64637d14e5485f36e53c821cb5898685c055a367ea51b653eff6581710f6c3824bc667bd24219163c60803099f985567be0d978e301b4f6603628606afadb04eee58f42f1853f2e8598a5e250e0f4c9a"], 0x1, 0x14fe, &(0x7f0000002ac0)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x145802, 0x0)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000200)='y', 0xf4240}], 0x1, 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000940)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad1f50ad32d3fd25dfd73a015e0ca6a0f68a7d007f15451dfb265a0e3ccae669e173a64bc1cfd5587d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661ca3dbe74bd09de8793dbcceef76b2e5feecf9c66c54c3b3ffe1b4ce25d7c983c044c06cd0a48dfe3e26e7a23129d6606fd28a69989d552af6d9a9df2c3af36e0360050011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a13ed38ae82f87925bfacba83109753f541cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b70a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a92895614cd50cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba73c31b05c00fba8a4aee676d7c45bb29671a68ee2e60da7b01a2e5785a238afa4aba70c07fcd95bf8b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf334178b04963d67dd5a5707e618a1ef9057fec00f9e930219fa8d30e716de8cde9c60f0000000c3b64d10f0939b42b788daa7075fa542242b00f6bf9b64ad460e386b6f388351fbdacb3ad074574ee9d450f9dcfaef1be95ff3c449e6482e4403174618c20e887d6f320616d31d78a0e5421d5742cc52509fd90cf2df6d1404f6b8f810d7b94d421971b77a3270153a0d57cccfe27872f3e8e44480f93c33421986a7737842627301fb2fee8cabab074adaa2024ff57e609ba2f4d83b3bbf52309484532416f48f43b31395c6f45fee8f1682a4e8d5e3b9ae634ed24fb0e8b5fadaf5cb7eea62b7bb4264e72950c9dc791d771acc24c08cdb6ef24c813d082a86d9b879bdf5aefdfd905a2bd4ea36b0b54915a68fe149db154a8340017e1855511e9c0fe62d0cf55"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
truncate(&(0x7f0000000040)='./file1\x00', 0x1bfc)

33.358108525s ago: executing program 3 (id=2014):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x4)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_CALL(r0, 0x4008af21, &(0x7f0000000300)={0x1, r1})
close(0x3)

33.321013118s ago: executing program 3 (id=2015):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000140), 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
open(&(0x7f0000000340)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000500)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0xa, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4117639c2eb4b78c66ee677df701905b9aafab4afaaf755a3f6a004", "cba3d625780820d1cbf7db71038259ca171ce1a311ef97e4298d1e14ef01060000e9009600fdff00000000000000000000000000000000000400", "9300e6d6a89ef30bea2a0092000010000000aff571ec3199bde400"})
mkdir(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x44)

33.138047612s ago: executing program 3 (id=2016):
r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r2, 0xfffffffffffffffd, 0x58)

18.135858709s ago: executing program 37 (id=2016):
r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r2, 0xfffffffffffffffd, 0x58)

10.791782496s ago: executing program 9 (id=2494):
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x2, 0x4, 0x1, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x48)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x3, 0x7, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018100000", @ANYRES32=r0, @ANYBLOB="000000000000000018100000", @ANYRES32=r1, @ANYBLOB="000000000000000095"], &(0x7f0000000a00)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xe0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffaf, 0x10, &(0x7f0000000180), &(0x7f0000000200), 0x8, 0x1000, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={r2, 0xe0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)

10.791612426s ago: executing program 9 (id=2495):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)

10.779497547s ago: executing program 9 (id=2496):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$tipc(r2, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10, &(0x7f0000004340)=[{&(0x7f0000000f00)="34cbf9c55466da0eadc249236ab3cbf316717306be4c08c8c7da1f1ee04ab4b4eac14995ebdf620ff778a4e3452587e42a3c6aa1bd35dfd99f23b525893bc3b5f9f3bed1986bf8d0dddd7c5cdada611f9bf641e421ed71a842d84fa289a542f941d6e06b2b14e2a706ce30acf7d82f224f3e30cadd9d15f3dddbb29dbeb9f68fb68bedb91e0b1ef48832778fe36699c7ebf101659a8f476c4a065eac71d6d1e7fafc6f25ec2c9a8f431fe347a2d30e912c5b2397613ce784637ec71e37566eb0548b461f71028459c6f137c18737d58b56949d022bf1eaf486692bb76836a233c7879d740ad0beaf5159d3380442824f536a41bb22d08fe53952b9c6fed2605d53311c71b455655f96ea6a87e41e9211e90170b0a2b1a2098175ebcd33d517085d224122264cddadd82a3d11bc4a33ce66108b22b1abc6243d306d8f6b8a2ddb5373c190d8f859a3174a200936b079f85edcac7fc03fb993ec0ff8b83f1fd3f1b888d192d99c7ede5d381784d25410cccf1b0bf26a54f065e1e3ec59cc5704fb658fc980a0ac4287ef884ee82007554be3f1e163c81468d0c26c95e3e12393776e32800bb4f086f19080c4fca3d72e8569a5627ce98f2ae0bdb3ec42c23847d47e10b1c58da7e9cea990da842d96e3a51ed7d892f7b28a10486424a69a9109ebd4d7d5a3768400ac000a6d7556ca192e5cd45efb82001ac7b53e03036b6019a07ffb545cd3853e077f08a015f6232488c1139a9409c95ed005261e36b307406ba5714ef395129345866109341feb6c7c458ce08c147a983b46375ddb3621cee0312ba1a434bcd6081e1a8ae8b6d518988b9965faf9aff86df8173b93342cceaec357a100e59b4d66553633626b0b12e9622b8f8fdfe26545b87c57f8ce8609fb8e19b0f6d1cd64e8de85c7327f543b2f38cf3086b57f85e1aaa4add723e4bc4e3ea2c27acec1e545ae3fc870bd42422f6eaf17a1f82699c9cadf224ea1e5d1705b49118d91cc3731aeed60e41bf15a9613aeda8e63a29bc7a95b2d993d23269a310b91f69d16a71243c0f4080d3359f5ddd63c7032bef14ab25eb7df4b28b2132bcbf94a281c8f5de79885a6d679f145fca292b599bb09a1864726d86b65d4781408320b968e2224c23ce7a56d8892970043737ae47f071aaeb219716bc21e3304e301eb5cd32aea951a70621eb870214a72e6c474c3a20f5bd8e089ba16326cc9a80a1a4f5f0e8f58629e20b1c73eb8af330744b187a5cfdb410466378313700ca44eb6dcbc8f3d70f58e134202546f0b1a3b61a298f2a1184b1533bdad308fa2f960087e0f239d2ccbaee3889ddc1a2bea2183b98854d255a6f708909134fab83f42f13e7604f602e264f4a3b2b2a08c673c7ce2813218159b472d3b20ecbf26dd2f7b3ba5298a4ff7444ea0936e098c126f590b05e7697ed8a3d52ba1abc7285de2f160b9b081cb775a5ab77aad1bb98d47e3da53fc4c11d4db47de1e4e6f56ad671f5d8389b33260cc546e4f0bf34fec9b2abd209e6b89e6e381367774676ed6e6eaffe42b07241c276f3c84f17a0762de83eb769bdf28991ddbc23758f01c9ecfba4ab2ca2118fcedd7adde9ff47f643c13e3ad2f13b576985128f233e329fe269d5745cd2b30e5762452a4ff58fdec30623175f8d575ced1c43411e2869aadbe6f1e79a010bca334cb08d545bc2808f359b7777d1bb5675ee210574b9f72cdeb071e07eeaa0988086213a37a972647cf21d3a3bcbd7359da327bacad41b93c5e0e494669109dddcec781774f248f5663e4fac187d42ffccf68335de2adac4f8d3e1bf04b95a9464960186ed019773ffeda18f9827a61edc5fc4088eb0965cb1bd8af1185aa3972b8f73839b4611e303bcbc1f84a330f60fa0a7795ea3cffe0e338406533e12c7deef0b5906c513eab4619a8f02fdd65dcfb7297ef971c4601ad079f7ad38278ae3ff455b37d5492af546975535450693fd4593c8157b3fdb16fd3a106d2f1509d1c06dabb8933269d790a1c5e5f7bdd4a57e1e670d7043cfed88c365b5f8eefe530ef7da5322df981723332c088fce89c2ceee23b420f64332243b9c606d67d538810a94e0ffbd37a119d8fc4d6caec0def40e62613873c74feabde63e12cb2016c1d35cf1bb95bf59e01a63be8825cb3118b74b106f21eef5ee2f41e5fb39fdde058050f780d98ced247c66fc3a03ba04edaf14d698859ba303d511cf0845dc5e269aef2287770a247fd5ae1299b45819ff41725f9da3e4dab7770eb83992b53ae9a9de69e764f6e3aee3e27cfb1bacf531a91605894ae209da6d25872fb54bf36b2ed450b51aa8ee4875b9bc7e55753f61e12a323d301faceb2ecff0686b1359343a94774a6a098dc2df440725cd8331f527d4e22f8090d8879ef4765849705b99465d7ebdf661b81c303d13b87270dc1f227d5954fcbc93bbce6fde2a1f8d573d9cd8130c173a14706f1e9dabc4d16a5b003dd3239faf91769e25cf007b0623141e4e57f11746cd62f20d73956fa84c6a12e1756b6671a64bd7a474ba425907e1a61ba6d2ffa1149165a713a141bfec0f1af51afebdb84d5f14eb51acc284403627d6ce48fd028dc04e00ed963de37f85d155c33e2b4ceb09044c4f1c7791348216b674a8831a232a638f8bfb396fabbe1f880944bc5dcac55df8abc78f804306c88617acfd4adfbb5a055d3d3e91abb763ad84e701cc5679498e04600570f4b2e57c70542043dc590ab363215e6ab3f0bd89383748783d01c9227229edac723d4e2eaa061a44f2630691f25ca6093775183fdf432e01322203dd654b336670116a6a52a27ff2032b1103a4e4be0cc2fb05b24352d72e374e90cc3db2a5a691c7f6b8d1058d7730433c742d8ce52074318b1bce9bb104cf90c8b7f65293c2b74434661444f38d94d977e03433440517f6155a3cad2621c5502dd6148b867a40e6a40be4c8265ec2164b5257f06da1784e98991f42003ced4ba67c23b8c654b542d2d31168fd853cf56cc2c464d7a8a9fbcd2715968788f8527c597ab5f917753c1f1708d2c19972373c5a22af71847de22b9f1e9d38a04ea4dd291da3099cb836a696350bf1263c3c275c27b8b82f604625451a24490b0b5367c2fd05e699546ddf17709d2e2c2710f4361d9dd6e2de2b4353b7f4f8141f6f989dc1a798a974565978e4f9ec0c59a7dbc04bcab072c8513b9ca782c22cdd31fb116c10081740fd8f7d0cbd5c54f1069297f20b45d79bb9ace8e851a655fedf47b2dc76fd30b9ba9f09c9b50d6910ffcdec7078c36fe1e9b19dbb110197496349560a43c0ab42b4ce286643e73a92246ecb71e95ce0d54114772f8477c7d5604c1a52d2f680c5868cf08a2688dd9fef492a01836112cec824483e77da93d104a9e18d06bddf9a4007740a0537ac1a5e09900acc65d52680212a15b68b0ef887228e06f533c1ca95b8f9d81b9fc6608cb5bacf4b867922999c69d46048ec3f408866789f49fcb176fc99ed9d3e6c357ed2e3ce2665925773e5d86c2ceaf8f18519a00d9d2e19e9a6b16af0a53fd7df6974f5db00494460e7f3de6ff6b642859335e020513bb525adddabf0d7d6ae85e7e56e32ca8acc07fe86b7b445358966ba3914c1dfa7b814d9e846ff02a6a8c8f5713a0f727024b5d1ea7e4ce7c64f9b24dd3337a3df33714c5404403b0304b25a66fe3ac85083965877117b3d721e7922f0ac7e278feeb8dc09f58cbcfbb81b11d4699737f37ac240a24b9c4b2b587e68974f7ca5561856f32e389d32056f7d58e4de24c11bd5c5afaa441120370d0c48341e1b8146a6bbca8c15f23c155d2533e97a8e6496bc00533ec83be8488d020708d97385a03bcbf57cadc2c1e575e1ac134cdb5047f3f88eae0230751626cea1c85da9b74ddace668afebb2dc66d302ddf3c5f8f21ac0c0535d00839457e7cac9282a8e49d018b077e38ea512cf28eacff5d98e880abfb5af2e7c039d2e1f1edaad2642963ef29d715f754e2715caa6af046a298b285e3582d903be726b608619332e1a82be48b0f5adf6838f41ff776e5290de8269794bce8fb971267d036bd6bd30e42df918125d573ced78263251bcae2b7b40f1ba855b4f2472312ea8752c4a0e09468bd25615a6c00a9b44c484c5507b8400537f20890e9499ec94ed2b6aeff21e57c6e8a93d80097f85ac9316b03a5f768721bf7d041bb9a6a03eabd615e3c4d74f56c429d53b8fec4b5e86c5b311a6cd4a86f03e04dab25ad65b68a8b8d9053993fd2440ff2b81768213084c831d31a0f8c646aff9090b5463cbee452abd6318340ec41b50f1deba7ffb60b326751de3f6dbf9b17714299233d5c43071367ece2e53212e7f4e084fea60850d4d16908d9bbbb531fbf72143fdb62d1b40afde3d0b2ac2c94c32e456bbef62f8d677e332aec8ccc8eedbac61e7b89b32d57157a39ad5c456258d9c36db0edc82c2baead990ee78007ed89c8f450e92d5e209cc25f7c13f5909ca404fddbdbeff89cc42350c91e9f1fdf9753c6e95f71257f8cbb97838684461cd1244c938b9939a4e9c7727902b6f1a5434e0a06d3fc221771dd87572ae801c5ce6886122f0c91dae57440ffc7ace4e8e0041a1d245103aaadbfc2ecff622228daed2b0cd30f7f59b2617f6f0571ee4403d84e652d78b8e64d5450b6483ef70582dcda9351f2dddd3a4ac84f514f708d3af6242501bd041beae78e6b29b517b534148ea91ef85653fec824d6ddb0c0fa2555ab2564ba29227b1046b48a11ee0e6aafda9d0b80b0f05a8d057cbeb16264cb579aea3ba2b2000052d03c77844ab7c81be3110a36a27aeffe0ad5a8a7385a1913a64fb2db630e8fc8017828cea60f327c3a510b441d94d32584e55f7c2320d89b2ba3d44d832b8e7c5f45442de9ef37d057e6d0c6664e8d74e23f18336d41a3e38c2cda49050cb32ca7040a388c75741ac07d3befc714df35dc92ff70ad041cf17b70a971c142bb89ecfe25290750e989c8666560a61b62fdc4fadef7f30b6269a669ef99be7e7ba7ddddf99949fedc0c331796988c6eedb5c66cbe2870a2affce0b550c3411a2aaf302481ee93398c0fbc0c815cfe1e78bf8fed7f19f2c2dae17a4533aa85f6b787f8072adda379118d76dbba3cebfc4c8aacbb1f79a28ec3a0ec99816e3c8721ddcde1ce73b0704063474", 0xe24}, {0x0, 0x4000}, {0x0}, {0x0}, {&(0x7f00000020c0), 0x500}], 0x5}, 0x0)

10.765158308s ago: executing program 9 (id=2497):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000b80)={[{@nombcache}, {@abort}, {@dioread_lock}, {@norecovery}, {@discard}, {@lazytime}, {@noload}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000ac0)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000140)={0x0, 0xff, 0x6})

10.560095763s ago: executing program 9 (id=2499):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000001280), 0x2, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000080)={{0x0, 0x0, 0x4, 0x10}, 'syz1\x00', 0x26})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_DEV_CREATE(r0, 0x5501)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x0, 0x0)
preadv(r1, &(0x7f0000002480)=[{&(0x7f0000000280)=""/4096, 0x1000}], 0x1, 0x0, 0x0)

10.381080107s ago: executing program 9 (id=2500):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = open_tree(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0)
symlinkat(&(0x7f0000000040)='./file0\x00', r1, &(0x7f0000000080)='./file0\x00')

10.357022549s ago: executing program 38 (id=2500):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = open_tree(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0)
symlinkat(&(0x7f0000000040)='./file0\x00', r1, &(0x7f0000000080)='./file0\x00')

3.951930516s ago: executing program 0 (id=2703):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r1}, 0x10)
rt_sigaction(0x19, 0x0, 0x0, 0x8, &(0x7f0000000440))

3.951799206s ago: executing program 0 (id=2704):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0xa, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)

3.919407408s ago: executing program 0 (id=2706):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
openat(0xffffffffffffff9c, &(0x7f0000000100)='./bus\x00', 0x42, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
utime(&(0x7f00000002c0)='./bus\x00', 0x0)

3.832691375s ago: executing program 0 (id=2711):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000600000000000000008500000007000000040000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
truncate(&(0x7f0000000040)='./file1\x00', 0x1bfc)
truncate(&(0x7f0000000000)='./file1\x00', 0x12f7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10)
r1 = socket$inet6(0x10, 0x3, 0x0)
write(r1, &(0x7f0000000040)="1b00000021002551241c0165ff00fc020200000000100f000ee100", 0x1b)

3.776132988s ago: executing program 0 (id=2713):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x81400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x79, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x7ff, 0x2, 0x0, 0x0, 0x6, 0x0, 0x7fffffffffffffe], 0x4, 0x8340})
ioctl$KVM_INTERRUPT(r2, 0x4004ae86, &(0x7f0000000080)=0x7)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3.743086371s ago: executing program 0 (id=2716):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000e09d7040460a2196324f01020301090224000100000000090400000206d3450009050102100000000009058b0240"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000b00)={0x2c, &(0x7f00000008c0)={0x40, 0xd, 0x6, "8e75bcb6ad45"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000700)={0x34, &(0x7f00000003c0)=ANY=[@ANYBLOB="20110200000001"], 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000900)={0x84, &(0x7f0000000400)={0x20, 0x13, 0x84, "499681bf82016e128d4dfa39d68ce5bb21b6a8fe5a0181d4c4767dbfbae8d2c6a46e3f7f1827d9fbdf28e6cd0d39db7558ff4d4a4159c56492b9d5b4bdf886c0d9eb985275dcb112ab52f34c27d852169de0c8d0640c78d28ecb93975df63be855c97783fe5779ad191d2f76c1db368129d18a52d3f0bb71f2ffa11c0bfa9ee1612a0935"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

3.327972942s ago: executing program 2 (id=2721):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000002880)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000001580)='.\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r1=>0x0}, 0x0)
setresuid(0x0, r1, 0x0)
read$FUSE(r0, &(0x7f0000000100)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000002200)={0x50, 0x0, r2, {0x7, 0x8, 0x2000000, 0x23a2169, 0x401, 0xa}}, 0x50)

2.503448663s ago: executing program 2 (id=2735):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = fsopen(&(0x7f0000000000)='pipefs\x00', 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r2, 0x400448e6, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

2.495529364s ago: executing program 1 (id=2736):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f00000002c0)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
set_robust_list(&(0x7f00000000c0)={0x0, 0xe, 0xfffffffffffffffc}, 0x18)

2.403581581s ago: executing program 2 (id=2738):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_read_part_table(0x5c2, &(0x7f0000000f00)="$eJzs2z9I42ccBvA3OcPB3XDLTTfdXeGGcssdN16GuyPJnVgIURe7KCgiZoogRBoq6KAZFDOIo4sIWaxOxgxOikLnIg4WwcGlRRfBxRTrWyjF/sGmpYXPB358eV+e9314h4wJ/K8lw4+tVisRQmjdvz0x+Qene+uZ7Ken+XeFnhASoRVCGP3ys5/vScTEL7c+j+ujuF5ZftCcPf+Yqh92X7zo36kmf9V2/T1cbfS25YH8o9bSu4+mpku5uXJ65CBXOZn57tsvvjnLFBpd1dp6Z+rDYMztxdkR51goh4kwGgZCMRTDUCi1qX+pfvzq6kmuvjn89jLbnN9+HXP5v/nOv9o//myhr1Z5/3Lj8eKb8tZ+4fTeTa74O78uAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+W9bSu4+mpku5uXJ65CCXPJkZDyGcZQqNrmptvTP1YTDm9uLsiHMslMNEGA0DoRgSYSiU2tJfOVmqH7+6epKrbw6/vcw257dfx1z+twc77lj4J/3jzxb6apX3LzceL74pb+0XTu/d5Ir329MHAAAAAAAAAAAAAAAAAAAAt8lkPz3Nvyv0fB3Xn//wVfJ6tuL/3RNx/3mcR3F/ZflBc/b8Y6p+2H3xon+n+n3cn4zfw9VG77/6EO7kpwAAAP//SueTAQ==")

2.403381051s ago: executing program 1 (id=2739):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000070000000300000048"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000700)={{r0}, &(0x7f0000000500), &(0x7f00000006c0)}, 0x20)
timer_create(0xfffffffd, 0x0, &(0x7f0000000040))
timer_delete(0x0)

2.355690514s ago: executing program 1 (id=2740):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000240)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2be, &(0x7f0000000a80)="$eJzs3b9rM3UYAPDn0vzCd0gEJxE80MHp5e27uqRIC8VMSgZ10GJbkCYILRT8gbGTq4ujq4sguPlPuPgfCK6CmwULJ5e7a5IaY2JNq76fz5Knd8/zved7vbZ0yJN3nhudHKZxfPHxj9FuJ1HrRS8uk+hGLSqfxpze5wEA/JddZln8khXWqUsior25tgCADVr77/+3G28JANiw199489Wdfn/3tTRtx97os/NB/p99/lqc3zmO92IYR/EoOnEVkV0r4r0sy8b1NNeNF0fj80FeOXr7+3L9nZ8jJvXb0Ynu5NB8/X5/dzstzNSP8z6eKq/fy+sfRyeeWXD9/f7u4wX1MWjGSy/M9P8wOvHDu/F+DONw0kRRH7WIT7bT9JXsi18/eitvL69PxueD1iRvKtu6428NAAAAAAAAAAAAAAAAAAAAAAD/Yw/L2TmtmMzvyQ+V83e2rvIvGpFWuvPzeYr6pFroxnygcRZfVvN5HqVpmpWJ0/p6PFuP+v3sGgAAAAAAAAAAAAAAAAAAAP5dzj748ORgODw6vV1QL4JqGkD1tv6/u2Bv5sjzsTy5Nb1WrQyXrBxbVU4SsbSNfBMr9/xbOfbg+khznS0/XfbcyF9nT339zcq37qu/3nsZNFbIuWVQPV0nB8mDqq+5nFZUye3qIfludp1mrHitP73P2VqPX3Phqc7ae28+mATjJTmRzDWWlCM0yiMv/1TcrjI5ubmL5uSuLly5UQYz5fM57dWf5/wn5Q+S62kdyT/16wcAAAAAAAAAAAAAAAAAAJgxfdPvgpMXS0trWWtjbQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAnZp+/v8awbgsXiG5Gadn97xFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAngC/BwAA//9nK1oC")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)
r1 = openat(r0, &(0x7f0000000280)='.\x00', 0x0, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r1, 0x40047211, &(0x7f0000000080))

1.003761205s ago: executing program 2 (id=2742):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x2)
readv(r1, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0x940}], 0x1)

835.584648ms ago: executing program 1 (id=2743):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000079e02200850000006d00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$tipc(r2, &(0x7f0000000e40)={0x0, 0x0, 0x0}, 0x0)
sendmsg$inet(r2, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0xff0f}], 0x1}, 0x0)
recvmsg(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)

808.30659ms ago: executing program 2 (id=2745):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="09000000070000000300000048"], 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b00000007000000010001000800000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x18)
bpf$MAP_CREATE(0x2100000000000000, &(0x7f0000000840)=@base={0xa, 0x101, 0x7ffb, 0xcc, 0x8, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

744.147854ms ago: executing program 1 (id=2746):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
ioprio_set$pid(0x1, r2, 0x4000)

743.882564ms ago: executing program 7 (id=2747):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="0213f803030000002cbd7000fddbdf25010018"], 0x18}}, 0x2000)

736.568605ms ago: executing program 2 (id=2748):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0xf, {[@main=@item_4={0x3, 0x0, 0xb, "08405af3"}, @local=@item_4, @local=@item_4={0x3, 0x2, 0x0, "6fe695cd"}]}}, 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$HIDIOCGREPORT(r1, 0x400c4807, &(0x7f0000000040)={0x1, 0x100, 0x5})

731.589636ms ago: executing program 7 (id=2749):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e000000080000000000180003801400038010"], 0x44}}, 0x0)

672.10211ms ago: executing program 7 (id=2750):
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xa0242, 0x0)
pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x107842, 0x42)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendfile(r1, r1, 0x0, 0x80000000)

492.953133ms ago: executing program 7 (id=2751):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000040)={0x3, 0xeeee0000, 0x2, r2, 0x8})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000900)={0x0, 0x0, 0x1, r2, 0x1})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000080)={0x0, 0x0, 0x1, r2, 0x5})

408.039239ms ago: executing program 7 (id=2752):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000004c0)='kmem_cache_free\x00', r1}, 0x18)
socket$key(0xf, 0x3, 0x2)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001040)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in=@broadcast, @in6=@remote}, {@in=@multicast1, 0x0, 0x32}, @in6=@mcast1, {}, {}, {}, 0x0, 0x0, 0xa, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}, 0x1, 0xe}, 0x0)

352.061904ms ago: executing program 7 (id=2753):
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file1\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c00a3a2a4e7417e941910c27d130b55ac2d5f7a61e59ec6d5de07239091924c32eeb367d16409d6d3ec1fb755f9a7989ebc4e96918e268f0b7acebf67c07bc4731250f87d27b5e9e61000e70f0c6a4e2432073d0d3e18f864e9ef64637d14e5485f36e53c821cb5898685c055a367ea51b653eff6581710f6c3824bc667bd24219163c60803099f985567be0d978e301b4f6603628606afadb04eee58f42f1853f2e8598a5e250e0f4c9a"], 0x1, 0x14fe, &(0x7f0000002ac0)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000020000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000007290000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x2000011, 0xffffffffffffffff, 0x0)
syz_usb_connect(0x5, 0x3f, &(0x7f0000000000)=ANY=[@ANYBLOB="120110017a953210ac0504c777620102030109022d00"], 0x0)

248.175001ms ago: executing program 8 (id=2756):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="120000000800000004000000b47c000000000000", @ANYRES32, @ANYBLOB="0000000000000000070000000004000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000002"], 0x48)

247.948332ms ago: executing program 8 (id=2757):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, 0x0, 0x20)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="020900000700000000000000000000000500", @ANYRES32], 0x38}}, 0x0)

247.767441ms ago: executing program 8 (id=2758):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f00000001c0)='kfree\x00', r1}, 0x10)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r2, 0x405c5503, &(0x7f0000000180)={{}, 'syz1\x00', 0x14})
ioctl$UI_DEV_SETUP(r2, 0x5501, 0x0)

233.242892ms ago: executing program 8 (id=2759):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000b00)=ANY=[@ANYBLOB="18000000000000000000000000000010180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='mm_page_alloc\x00', r1}, 0x10)
write$FUSE_INIT(r0, &(0x7f0000000340)={0x50, 0x0, 0x0, {0x7, 0x28, 0x0, 0x0, 0xfffe, 0x0, 0x4}}, 0x50)
fcntl$setpipe(r0, 0x407, 0x2000000)

217.600854ms ago: executing program 8 (id=2760):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x654a, 0x4)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xc}}, 0x61)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$sock_int(r0, 0x1, 0xc, &(0x7f0000000000)=0x56, 0x4)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)

123.01595ms ago: executing program 8 (id=2761):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00001f0000), 0x1000002, 0x0)
r1 = open(&(0x7f0000000100)='./bus\x00', 0x40542, 0x0)
ftruncate(r1, 0xee72)
sendfile(r0, r1, 0x0, 0x8000fffffffe)
timer_create(0x0, &(0x7f0000000440)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

0s ago: executing program 1 (id=2762):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000240)={0x3, &(0x7f0000000400)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x28, 0x0, 0x0, 0x7ffff024}, {0x6}]}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)

kernel console output (not intermixed with test programs):

0:1355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3230 comm="syz.1.1248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08531c2de9 code=0x7ffc0000
[   75.203131][   T60] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[   75.216160][   T60] asix: probe of 4-1:0.0 failed with error -71
[   75.223402][   T60] usb 4-1: USB disconnect, device number 6
[   75.583808][ T3241] loop1: detected capacity change from 0 to 131072
[   75.679644][ T3241] F2FS-fs (loop1): Found nat_bits in checkpoint
[   75.720027][ T3241] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   75.880371][ T3262] loop8: detected capacity change from 0 to 1024
[   75.917267][ T3265] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1261'.
[   75.932021][ T3262] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   75.973955][ T3262] EXT4-fs (loop8): shut down requested (0)
[   76.012922][ T3271] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1263'.
[   76.050867][ T3273] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[   76.106195][ T3277] loop3: detected capacity change from 0 to 16
[   76.127534][ T3279] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=on.
[   76.181119][ T3277] erofs: (device loop3): mounted with root inode @ nid 36.
[   76.264734][ T3300] loop8: detected capacity change from 0 to 1024
[   76.349090][ T3300] EXT4-fs (loop8): mounted filesystem without journal. Opts: stripe=0x0000000000000003,nodelalloc,jqfmt=vfsold,data_err=ignore,noauto_da_alloc,delalloc,resuid=0x0000000000000000,nodiscard,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[   76.430674][ T3319] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=3319 comm=syz.3.1284
[   76.443192][ T3319] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=3319 comm=syz.3.1284
[   76.509403][ T3312] loop4: detected capacity change from 0 to 40427
[   76.522070][ T3325] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.529183][ T3325] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.540347][ T3325] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.547409][ T3325] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.554569][ T3325] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.561420][ T3325] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.569868][ T3325] device bridge0 entered promiscuous mode
[   76.594903][ T3312] F2FS-fs (loop4): fault_injection options not supported
[   76.610534][ T3331] loop8: detected capacity change from 0 to 512
[   76.618426][ T3312] F2FS-fs (loop4): invalid crc value
[   76.625209][ T3312] F2FS-fs (loop4): Found nat_bits in checkpoint
[   76.670641][ T3312] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   76.701359][ T3312] attempt to access beyond end of device
[   76.701359][ T3312] loop4: rw=2049, want=45104, limit=40427
[   76.729014][ T3312] attempt to access beyond end of device
[   76.729014][ T3312] loop4: rw=0, want=45104, limit=40427
[   76.740702][ T3331] EXT4-fs (loop8): orphan cleanup on readonly fs
[   76.759079][ T3331] EXT4-fs warning (device loop8): ext4_enable_quotas:6423: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[   76.775346][  T291] attempt to access beyond end of device
[   76.775346][  T291] loop4: rw=2049, want=45112, limit=40427
[   76.786994][ T3331] EXT4-fs (loop8): Cannot turn on quotas: error -22
[   76.806900][ T3331] EXT4-fs error (device loop8): ext4_ext_check_inode:501: inode #13: comm syz.8.1289: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   76.833375][ T3331] EXT4-fs error (device loop8): ext4_orphan_get:1406: comm syz.8.1289: couldn't read orphan inode 13 (err -117)
[   76.845389][ T3331] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   76.869343][ T3331] EXT4-fs (loop8): warning: mounting fs with errors, running e2fsck is recommended
[   76.879033][ T3331] EXT4-fs warning (device loop8): read_mmp_block:115: Error -117 while reading MMP block 2
[   76.947430][ T3353] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   77.004495][ T3360] loop8: detected capacity change from 0 to 1024
[   77.025276][ T3358] device wireguard0 entered promiscuous mode
[   77.052259][ T3360] EXT4-fs (loop8): Test dummy encryption mode enabled
[   77.059047][ T3360] EXT4-fs (loop8): Ignoring removed orlov option
[   77.119397][ T3360] EXT4-fs (loop8): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[   77.162496][   T20] Bluetooth: hci0: command 0x1003 tx timeout
[   77.169677][   T47] Bluetooth: hci0: sending frame failed (-49)
[   77.243712][ T3375] loop1: detected capacity change from 0 to 512
[   77.290641][ T3375] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   77.303765][ T3375] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[   77.324693][ T3375] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended
[   77.337236][ T3375] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[   77.345311][ T3375] System zones: 0-2, 18-18, 34-34
[   77.351147][ T3375] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1054: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   77.366283][ T3375] EXT4-fs (loop1): 1 truncate cleaned up
[   77.371879][ T3375] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   77.387054][ T3375] EXT4-fs (loop1): re-mounted. Opts: (null). Quota mode: none.
[   77.402495][   T10] Bluetooth: hci1: Frame reassembly failed (-84)
[   77.459594][ T3387] cgroup: fork rejected by pids controller in /syz1
[   77.553428][  T288] syz-executor (288) used greatest stack depth: 19520 bytes left
[   77.613431][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   77.699074][ T3391] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.706208][ T3391] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.713902][ T3391] device bridge_slave_0 entered promiscuous mode
[   77.720964][ T3391] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.728028][ T3391] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.735512][ T3391] device bridge_slave_1 entered promiscuous mode
[   77.793964][ T3401] usb usb7: usbfs: process 3401 (syz.4.1315) did not claim interface 0 before use
[   77.852875][ T3391] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.859792][ T3391] bridge0: port 2(bridge_slave_1) entered forwarding state
[   77.866919][ T3391] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.873772][ T3391] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.905432][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   77.912917][  T323] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.920399][  T323] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.932604][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   77.941187][  T323] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.948048][  T323] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.957537][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   77.965821][  T323] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.972696][  T323] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.000313][  T404] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   78.013607][ T3407] syz.4.1318[3407] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   78.013664][ T3407] syz.4.1318[3407] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   78.023536][  T404] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   78.055681][  T404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   78.070165][ T3391] device veth0_vlan entered promiscuous mode
[   78.076635][  T404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   78.086423][  T404] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   78.093960][  T404] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   78.112892][  T404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   78.134676][ T3391] device veth1_macvtap entered promiscuous mode
[   78.154627][  T404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   78.176008][  T404] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   78.329794][ T2547] device bridge_slave_1 left promiscuous mode
[   78.336164][ T2547] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.366713][ T2547] device bridge_slave_0 left promiscuous mode
[   78.372716][ T2547] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.389033][ T2547] device veth1_macvtap left promiscuous mode
[   78.397321][ T2547] device veth0_vlan left promiscuous mode
[   78.609713][ T3456] loop3: detected capacity change from 0 to 512
[   78.693913][ T3456] EXT4-fs (loop3): orphan cleanup on readonly fs
[   78.700507][ T3456] EXT4-fs warning (device loop3): ext4_enable_quotas:6423: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[   78.721829][ T3456] EXT4-fs (loop3): Cannot turn on quotas: error -22
[   78.728730][ T3456] EXT4-fs error (device loop3): ext4_ext_check_inode:501: inode #13: comm syz.3.1338: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   78.747206][ T3456] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.1338: couldn't read orphan inode 13 (err -117)
[   78.759650][ T3456] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   78.787270][ T3456] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[   78.805204][ T3456] EXT4-fs warning (device loop3): read_mmp_block:115: Error -117 while reading MMP block 2
[   78.896082][ T3461] loop3: detected capacity change from 0 to 512
[   78.954783][ T3461] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[   78.984850][ T3461] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[   79.000820][ T3461] ext4 filesystem being mounted at /317/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.019188][ T3461] EXT4-fs error (device loop3): ext4_xattr_block_get:546: inode #15: comm syz.3.1341: corrupted xattr block 32
[   79.031084][ T3461] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[   79.156389][ T3479] SELinux:  policydb version -1659812245 does not match my version range 15-33
[   79.166147][ T3479] SELinux: failed to load policy
[   79.203094][   T20] Bluetooth: hci0: command 0x1001 tx timeout
[   79.209003][  T946] Bluetooth: hci0: sending frame failed (-49)
[   79.280086][ T3475] loop3: detected capacity change from 0 to 40427
[   79.329313][ T3475] F2FS-fs (loop3): fault_injection options not supported
[   79.340880][ T3475] F2FS-fs (loop3): invalid crc value
[   79.357511][ T3475] F2FS-fs (loop3): Found nat_bits in checkpoint
[   79.391107][ T3475] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   79.417149][ T3475] attempt to access beyond end of device
[   79.417149][ T3475] loop3: rw=2049, want=45104, limit=40427
[   79.442870][ T3475] attempt to access beyond end of device
[   79.442870][ T3475] loop3: rw=0, want=45104, limit=40427
[   79.443357][   T60] Bluetooth: hci1: command 0x1003 tx timeout
[   79.463487][   T30] kauditd_printk_skb: 80 callbacks suppressed
[   79.463503][   T30] audit: type=1400 audit(2000000013.010:1436): avc:  denied  { read } for  pid=83 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   79.483194][  T946] Bluetooth: hci1: sending frame failed (-49)
[   79.500131][   T30] audit: type=1400 audit(2000000013.010:1437): avc:  denied  { search } for  pid=83 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   79.528841][  T289] attempt to access beyond end of device
[   79.528841][  T289] loop3: rw=2049, want=45112, limit=40427
[   79.540400][   T30] audit: type=1400 audit(2000000013.010:1438): avc:  denied  { open } for  pid=83 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   79.604879][   T30] audit: type=1400 audit(2000000013.010:1439): avc:  denied  { getattr } for  pid=83 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   79.613128][   T60] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   79.634815][   T30] audit: type=1400 audit(2000000013.070:1440): avc:  denied  { unmount } for  pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   79.757353][ T3499] loop3: detected capacity change from 0 to 512
[   79.837127][ T3499] EXT4-fs (loop3): Invalid log block size: 3607101440
[   79.903065][   T60] usb 5-1: Using ep0 maxpacket: 8
[   79.938273][   T30] audit: type=1400 audit(2000000013.480:1441): avc:  denied  { read } for  pid=3501 comm="syz.3.1356" name="kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   79.962115][   T30] audit: type=1400 audit(2000000013.480:1442): avc:  denied  { open } for  pid=3501 comm="syz.3.1356" path="/dev/kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   79.989311][   T30] audit: type=1400 audit(2000000013.500:1443): avc:  denied  { ioctl } for  pid=3501 comm="syz.3.1356" path="/dev/kvm" dev="devtmpfs" ino=82 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   80.023161][   T60] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[   80.032450][   T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.054345][   T60] usb 5-1: config 0 descriptor??
[   80.121765][   T30] audit: type=1400 audit(2000000013.660:1444): avc:  denied  { confidentiality } for  pid=3506 comm="syz.3.1358" lockdown_reason="use of bpf to read kernel RAM" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1
[   80.148141][ T3507] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[   80.220474][   T30] audit: type=1400 audit(2000000013.760:1445): avc:  denied  { read write } for  pid=3512 comm="syz.3.1361" name="fuse" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   80.221498][  T316] kernel write not supported for file [eventfd] (pid: 316 comm: kworker/1:4)
[   80.304703][   T60] asix 5-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[   80.508461][ T3528] syz.3.1367[3528] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   80.508540][ T3528] syz.3.1367[3528] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   81.163171][   T60] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[   81.184160][   T60] asix: probe of 5-1:0.0 failed with error -71
[   81.191144][   T60] usb 5-1: USB disconnect, device number 4
[   81.293151][  T316] Bluetooth: hci0: command 0x1009 tx timeout
[   81.524546][   T60] Bluetooth: hci1: command 0x1001 tx timeout
[   81.531000][  T946] Bluetooth: hci1: sending frame failed (-49)
[   81.537920][ T3549] xt_hashlimit: max too large, truncated to 1048576
[   81.632241][ T3553] xt_CT: No such helper "pptp"
[   81.696513][ T3557] netlink: 'syz.4.1380': attribute type 4 has an invalid length.
[   81.705581][ T3557] netlink: 17 bytes leftover after parsing attributes in process `syz.4.1380'.
[   81.785367][ T3567] loop1: detected capacity change from 0 to 512
[   81.804652][ T3569] loop4: detected capacity change from 0 to 1024
[   81.848003][ T3567] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   81.864147][ T3555] loop3: detected capacity change from 0 to 40427
[   81.872594][ T3567] EXT4-fs (loop1): 1 truncate cleaned up
[   81.878241][ T3567] EXT4-fs (loop1): mounted filesystem without journal. Opts: init_itable,resuid=0x0000000000000000,stripe=0x0000000000000000,,errors=continue. Quota mode: none.
[   81.902183][ T3569] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   81.937320][ T3555] F2FS-fs (loop3): Found nat_bits in checkpoint
[   81.972725][  T291] EXT4-fs warning (device loop4): ext4_rmdir:3243: inode #11: comm syz-executor: empty directory 'lost+found' has too many links (0)
[   82.041906][ T3555] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   82.078695][ T3555] attempt to access beyond end of device
[   82.078695][ T3555] loop3: rw=2049, want=45104, limit=40427
[   82.096368][ T3590] loop4: detected capacity change from 0 to 512
[   82.133454][  T289] attempt to access beyond end of device
[   82.133454][  T289] loop3: rw=2049, want=45112, limit=40427
[   82.154008][ T3590] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[   82.161032][ T3590] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   82.186139][ T3590] EXT4-fs (loop4): 1 truncate cleaned up
[   82.191617][ T3590] EXT4-fs (loop4): mounted filesystem without journal. Opts: i_version,mblk_io_submit,debug_want_extra_isize=0x0000000000000068,lazytime,block_validity,data_err=abort,,errors=continue. Quota mode: none.
[   82.256289][ T3600] overlayfs: "xino" feature enabled using 2 upper inode bits.
[   82.470860][ T3625] loop3: detected capacity change from 0 to 512
[   82.533548][ T3625] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   82.544450][ T3625] EXT4-fs (loop3): 1 truncate cleaned up
[   82.549930][ T3625] EXT4-fs (loop3): mounted filesystem without journal. Opts: init_itable,resuid=0x0000000000000000,stripe=0x0000000000000000,,errors=continue. Quota mode: none.
[   82.593100][   T60] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[   82.833101][   T60] usb 2-1: Using ep0 maxpacket: 16
[   82.953156][   T60] usb 2-1: config 1 interface 0 altsetting 93 bulk endpoint 0x82 has invalid maxpacket 96
[   82.962993][   T60] usb 2-1: config 1 interface 0 altsetting 93 bulk endpoint 0x3 has invalid maxpacket 8
[   82.972591][   T60] usb 2-1: config 1 interface 0 altsetting 93 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   82.985509][   T60] usb 2-1: config 1 interface 0 has no altsetting 0
[   83.063201][   T60] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   83.072242][   T60] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   83.080022][   T60] usb 2-1: SerialNumber: syz
[   83.103161][ T3608] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[   83.110005][ T3608] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[   83.304918][ T3648] loop4: detected capacity change from 0 to 512
[   83.318686][ T3648] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   83.329312][ T3608] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[   83.337014][ T3648] EXT4-fs (loop4): 1 truncate cleaned up
[   83.342552][ T3648] EXT4-fs (loop4): mounted filesystem without journal. Opts: minixdf,max_dir_size_kb=0x00000000000001ff,grpquota,noblock_validity,debug_want_extra_isize=0x0000000000000008,,errors=continue. Quota mode: writeback.
[   83.342633][ T3608] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[   83.424707][  T323] tipc: Disabling bearer <udp:syz2>
[   83.429929][  T323] tipc: Left network mode
[   83.603117][  T312] Bluetooth: hci1: command 0x1009 tx timeout
[   83.624370][ T3667] overlayfs: failed to resolve './file1': -2
[   83.645104][ T3663] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.651996][ T3663] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.661419][ T3663] device bridge_slave_0 entered promiscuous mode
[   83.680710][ T3663] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.687904][ T3663] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.695658][ T3663] device bridge_slave_1 entered promiscuous mode
[   83.796904][ T3663] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.803783][ T3663] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.810899][ T3663] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.817688][ T3663] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.858819][   T60] cdc_ether 2-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.1-1, CDC Ethernet Device, 42:42:42:42:42:42
[   83.876291][ T2547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   83.892819][ T2547] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.902702][ T2547] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.912638][ T2547] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   83.924081][ T3687] loop3: detected capacity change from 0 to 256
[   83.930428][ T2547] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.937309][ T2547] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.950746][ T2547] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   83.958940][ T2547] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.965793][ T2547] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.978274][ T3687] FAT-fs (loop3): Directory bread(block 64) failed
[   83.989721][ T3687] FAT-fs (loop3): Directory bread(block 65) failed
[   83.997912][ T2547] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   84.003193][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[   84.006357][ T3687] FAT-fs (loop3): Directory bread(block 66) failed
[   84.024378][ T2547] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   84.032490][ T3687] FAT-fs (loop3): Directory bread(block 67) failed
[   84.039039][ T2547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   84.047120][ T3687] FAT-fs (loop3): Directory bread(block 68) failed
[   84.056669][ T2042] usb 2-1: USB disconnect, device number 9
[   84.062611][ T2042] cdc_ether 2-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.1-1, CDC Ethernet Device
[   84.074496][ T3687] FAT-fs (loop3): Directory bread(block 69) failed
[   84.080926][ T3687] FAT-fs (loop3): Directory bread(block 70) failed
[   84.086316][ T3663] device veth0_vlan entered promiscuous mode
[   84.093265][ T3687] FAT-fs (loop3): Directory bread(block 71) failed
[   84.101105][ T2547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   84.109228][ T2547] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   84.116398][ T3687] FAT-fs (loop3): Directory bread(block 72) failed
[   84.122762][ T3687] FAT-fs (loop3): Directory bread(block 73) failed
[   84.123464][ T2547] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   84.143965][  T323] device bridge_slave_1 left promiscuous mode
[   84.160220][  T323] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.169797][  T323] device bridge_slave_0 left promiscuous mode
[   84.178459][  T323] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.187084][  T323] device veth1_macvtap left promiscuous mode
[   84.192932][  T323] device veth0_vlan left promiscuous mode
[   84.210695][  T330] attempt to access beyond end of device
[   84.210695][  T330] loop3: rw=1, want=1236, limit=256
[   84.357725][ T3663] device veth1_macvtap entered promiscuous mode
[   84.369419][  T404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   84.389285][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   84.402390][ T3723] blk_update_request: I/O error, dev loop7, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 0
[   84.413650][ T3723] EXT4-fs (loop7): unable to read superblock
[   84.421548][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   84.492268][   T30] kauditd_printk_skb: 108 callbacks suppressed
[   84.492284][   T30] audit: type=1400 audit(2000000018.030:1554): avc:  denied  { relabelfrom } for  pid=3732 comm="syz.9.1443" name="" dev="pipefs" ino=31100 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[   84.559384][ T3737] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1445'.
[   84.611097][   T30] audit: type=1400 audit(2000000018.150:1555): avc:  denied  { execute } for  pid=3740 comm="syz.9.1447" path="/3/cpu.stat" dev="tmpfs" ino=33 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   84.815265][ T3735] loop3: detected capacity change from 0 to 40427
[   84.897674][ T3735] F2FS-fs (loop3): fault_injection options not supported
[   84.916220][ T3735] F2FS-fs (loop3): invalid crc value
[   84.938096][ T3735] F2FS-fs (loop3): Found nat_bits in checkpoint
[   84.990625][ T3735] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   85.076342][ T3735] attempt to access beyond end of device
[   85.076342][ T3735] loop3: rw=2049, want=77960, limit=40427
[   85.120514][  T289] attempt to access beyond end of device
[   85.120514][  T289] loop3: rw=2049, want=45104, limit=40427
[   85.319822][ T3769] loop7: detected capacity change from 0 to 512
[   85.371942][   T30] audit: type=1326 audit(2000000018.910:1556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3770 comm="syz.3.1457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20475ecde9 code=0x7ffc0000
[   85.423230][   T30] audit: type=1326 audit(2000000018.950:1557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3770 comm="syz.3.1457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20475ecde9 code=0x7ffc0000
[   85.451039][ T3774] loop3: detected capacity change from 0 to 512
[   85.477047][ T3767] loop1: detected capacity change from 0 to 40427
[   85.483801][   T30] audit: type=1326 audit(2000000018.950:1558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3770 comm="syz.3.1457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=218 compat=0 ip=0x7f20475ecde9 code=0x7ffc0000
[   85.507297][   T30] audit: type=1326 audit(2000000018.950:1559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3770 comm="syz.3.1457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20475ecde9 code=0x7ffc0000
[   85.530829][   T30] audit: type=1326 audit(2000000018.950:1560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3770 comm="syz.3.1457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20475ecde9 code=0x7ffc0000
[   85.532000][ T3769] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   85.569180][ T3774] EXT4-fs (loop3): Ignoring removed orlov option
[   85.575953][ T3767] F2FS-fs (loop1): fault_injection options not supported
[   85.583954][ T3767] F2FS-fs (loop1): invalid crc value
[   85.605422][ T3767] F2FS-fs (loop1): Found nat_bits in checkpoint
[   85.623186][ T3769] ext4 filesystem being mounted at /188/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.635386][ T3774] EXT4-fs (loop3): mounted filesystem without journal. Opts: nodelalloc,orlov,auto_da_alloc,,errors=continue. Quota mode: writeback.
[   85.663302][ T3774] ext4 filesystem being mounted at /374/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   85.725900][ T3767] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   85.750715][ T3769] Quota error (device loop7): write_blk: dquota write failed
[   85.758638][ T3769] Quota error (device loop7): qtree_write_dquot: Error -28 occurred while creating quota
[   85.786486][ T3769] EXT4-fs error (device loop7): ext4_acquire_dquot:6188: comm syz.7.1459: Failed to acquire dquot type 1
[   85.845885][ T3767] attempt to access beyond end of device
[   85.845885][ T3767] loop1: rw=2049, want=77960, limit=40427
[   85.846172][   T30] audit: type=1400 audit(2000000019.390:1561): avc:  denied  { mounton } for  pid=3784 comm="syz.3.1462" path="/376/file0" dev="tmpfs" ino=1981 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[   85.860122][ T3767] attempt to access beyond end of device
[   85.860122][ T3767] loop1: rw=0, want=77840, limit=40427
[   85.933482][ T3391] attempt to access beyond end of device
[   85.933482][ T3391] loop1: rw=2049, want=45104, limit=40427
[   85.970872][ T3791] loop7: detected capacity change from 0 to 256
[   86.029933][ T3791] FAT-fs (loop7): Directory bread(block 64) failed
[   86.043321][ T3791] FAT-fs (loop7): Directory bread(block 65) failed
[   86.053337][ T3791] FAT-fs (loop7): Directory bread(block 66) failed
[   86.059688][ T3791] FAT-fs (loop7): Directory bread(block 67) failed
[   86.073205][ T3791] FAT-fs (loop7): Directory bread(block 68) failed
[   86.079648][ T3791] FAT-fs (loop7): Directory bread(block 69) failed
[   86.088033][ T3791] FAT-fs (loop7): Directory bread(block 70) failed
[   86.094431][ T3791] FAT-fs (loop7): Directory bread(block 71) failed
[   86.100756][ T3791] FAT-fs (loop7): Directory bread(block 72) failed
[   86.153129][ T3791] FAT-fs (loop7): Directory bread(block 73) failed
[   86.249095][  T323] attempt to access beyond end of device
[   86.249095][  T323] loop7: rw=1, want=1236, limit=256
[   86.468230][ T3817] binder: 3816:3817 ioctl c0306201 400000000000 returned -14
[   86.480508][ T3821] loop1: detected capacity change from 0 to 256
[   86.566085][ T3821] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[   86.753129][  T315] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[   87.113182][  T315] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   87.124466][  T315] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   87.135179][  T315] usb 8-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[   87.144539][  T315] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   87.159960][  T315] usb 8-1: config 0 descriptor??
[   87.220309][ T3854] input: syz0 as /devices/virtual/input/input16
[   87.375576][ T3862] tmpfs: Unknown parameter 'usrquota·'
[   87.496455][ T3873] loop3: detected capacity change from 0 to 256
[   87.504574][ T3872] netlink: 'syz.1.1501': attribute type 3 has an invalid length.
[   87.644886][  T315] arvo 0003:1E7D:30D4.000B: unknown main item tag 0x1
[   87.663940][  T315] arvo 0003:1E7D:30D4.000B: item fetching failed at offset 5/7
[   87.683864][  T315] arvo 0003:1E7D:30D4.000B: parse failed
[   87.709567][  T315] arvo: probe of 0003:1E7D:30D4.000B failed with error -22
[   87.799053][ T3887] loop9: detected capacity change from 0 to 512
[   87.827657][ T3879] loop1: detected capacity change from 0 to 40427
[   87.839155][ T3887] EXT4-fs error (device loop9): ext4_expand_extra_isize_ea:2766: inode #11: comm syz.9.1509: corrupted xattr block 95
[   87.851566][   T60] usb 8-1: USB disconnect, device number 4
[   87.857621][ T3887] EXT4-fs error (device loop9): ext4_validate_block_bitmap:429: comm syz.9.1509: bg 0: block 7: invalid block bitmap
[   87.869998][ T3887] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6183: Corrupt filesystem
[   87.882281][ T3879] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[   87.890670][ T3879] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   87.909480][ T3887] EXT4-fs error (device loop9): ext4_xattr_delete_inode:2932: inode #11: comm syz.9.1509: corrupted xattr block 95
[   87.922325][ T3879] F2FS-fs (loop1): invalid crc value
[   87.922797][ T3887] EXT4-fs warning (device loop9): ext4_evict_inode:303: xattr delete (err -117)
[   87.937352][ T3887] EXT4-fs (loop9): 1 orphan inode deleted
[   87.943282][ T3887] EXT4-fs (loop9): mounted filesystem without journal. Opts: bsdgroups,bsddf,,errors=continue. Quota mode: none.
[   87.976652][ T3879] F2FS-fs (loop1): Found nat_bits in checkpoint
[   88.058855][ T3879] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   88.065817][ T3879] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   88.247135][ T3927] syz.8.1526[3927] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   88.247213][ T3927] syz.8.1526[3927] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   88.423987][ T3952] loop7: detected capacity change from 0 to 512
[   88.446046][ T3952] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[   88.457622][ T3952] EXT4-fs (loop7): 1 truncate cleaned up
[   88.466370][ T3952] EXT4-fs (loop7): mounted filesystem without journal. Opts: nogrpid,min_batch_time=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,nobarrier,nodiscard,quota,,errors=continue. Quota mode: writeback.
[   88.524114][ T3964] loop1: detected capacity change from 0 to 512
[   88.596815][ T3964] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   88.614676][ T3967] SELinux:  Context system_u:object_r:modem_device_t:s0 is not valid (left unmapped).
[   88.637241][ T3964] [EXT4 FS bs=4096, gc=1, bpg=3008, ipg=32, mo=8003e119, mo2=0000]
[   88.650515][ T3964] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 55 vs 41 free clusters
[   88.671488][ T3964] EXT4-fs error (device loop1): ext4_acquire_dquot:6188: comm syz.1.1540: Failed to acquire dquot type 0
[   88.717071][ T3964] EXT4-fs (loop1): 1 truncate cleaned up
[   88.722546][ T3964] EXT4-fs (loop1): mounted filesystem without journal. Opts: nobarrier,noblock_validity,nombcache,norecovery,barrier=0x000000000000000c,resgid=0x000000000000ee01,barrier=0x000000000000003a,noauto_da_alloc,resgid=0x00000000000000002,errors=continue. Quota mode: writeback.
[   89.197883][ T4039] loop3: detected capacity change from 0 to 512
[   89.232775][ T4045] loop8: detected capacity change from 0 to 16
[   89.248492][ T4039] EXT4-fs (loop3): orphan cleanup on readonly fs
[   89.249808][ T4045] erofs: (device loop8): mounted with root inode @ nid 36.
[   89.269306][ T4039] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1573: bg 0: block 248: padding at end of block bitmap is not set
[   89.287631][ T4039] EXT4-fs error (device loop3): ext4_acquire_dquot:6188: comm syz.3.1573: Failed to acquire dquot type 1
[   89.306339][ T4039] EXT4-fs (loop3): 1 truncate cleaned up
[   89.319263][ T4039] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   89.347599][   T39] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[   89.356108][   T39] hid-generic 0000:0000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   89.453614][   T39] kernel write not supported for file /vcs (pid: 39 comm: kworker/1:1)
[   89.483207][ T4072] loop3: detected capacity change from 0 to 2048
[   89.591632][ T4072] EXT4-fs (loop3): mounted filesystem without journal. Opts: commit=0x0000000000000005,,errors=continue. Quota mode: none.
[   89.619431][ T4084] loop7: detected capacity change from 0 to 8192
[   89.664192][ T4072] EXT4-fs error (device loop3): ext4_search_dir:1549: inode #2: block 16: comm syz.3.1586: bad entry in directory: inode out of bounds - offset=44, inode=185, rec_len=16, size=2048 fake=0
[   89.708259][   T30] kauditd_printk_skb: 132 callbacks suppressed
[   89.708297][   T30] audit: type=1400 audit(2000000023.250:1690): avc:  denied  { mounton } for  pid=4082 comm="syz.7.1592" path="/198/file0" dev="loop7" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1
[   89.739327][ T4084] incfs: ino conflict with backing FS 1
[   89.761436][   T30] audit: type=1400 audit(2000000023.300:1691): avc:  denied  { mounton } for  pid=4082 comm="syz.7.1592" path="/198/file0/bus" dev="incremental-fs" ino=1048685 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   89.806599][  T316] hid-generic 0000:0003:0000.000D: unknown main item tag 0x0
[   89.819143][  T316] hid-generic 0000:0003:0000.000D: unknown main item tag 0x0
[   89.824779][   T30] audit: type=1400 audit(2000000023.330:1692): avc:  denied  { remove_name } for  pid=4082 comm="syz.7.1592" name="file0" dev="incremental-fs" ino=1048686 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   89.836669][  T316] hid-generic 0000:0003:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   89.854453][   T30] audit: type=1400 audit(2000000023.330:1693): avc:  denied  { rename } for  pid=4082 comm="syz.7.1592" name="file0" dev="incremental-fs" ino=1048686 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   89.975709][   T30] audit: type=1400 audit(2000000023.330:1694): avc:  denied  { rmdir } for  pid=4082 comm="syz.7.1592" name="bus" dev="incremental-fs" ino=1048685 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   90.052060][   T30] audit: type=1326 audit(2000000023.590:1695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4113 comm="syz.3.1605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20475ecde9 code=0x7ffc0000
[   90.100937][   T30] audit: type=1326 audit(2000000023.590:1696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4113 comm="syz.3.1605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f20475ecde9 code=0x7ffc0000
[   90.126888][   T30] audit: type=1326 audit(2000000023.590:1697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4113 comm="syz.3.1605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20475ecde9 code=0x7ffc0000
[   90.183236][   T30] audit: type=1326 audit(2000000023.640:1698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4113 comm="syz.3.1605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20475ecde9 code=0x7ffc0000
[   90.321458][   T30] audit: type=1400 audit(2000000023.860:1699): avc:  denied  { ioctl } for  pid=4139 comm="syz.8.1615" path="socket:[30712]" dev="sockfs" ino=30712 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   90.535550][ T4161] netlink: 'syz.3.1623': attribute type 25 has an invalid length.
[   90.563111][ T4161] netlink: 'syz.3.1623': attribute type 7 has an invalid length.
[   90.700168][ T4169] tipc: Started in network mode
[   90.704982][ T4169] tipc: Node identity 7, cluster identity 4711
[   90.719381][ T4169] tipc: Node number set to 7
[   90.831649][ T4183] xt_hashlimit: max too large, truncated to 1048576
[   90.841124][ T4185] loop3: detected capacity change from 0 to 512
[   90.929097][ T4185] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   90.943391][ T4185] ext4 filesystem being mounted at /415/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   90.957049][ T4185] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #2: comm syz.3.1636: corrupted inode contents
[   90.969127][ T4185] EXT4-fs error (device loop3): ext4_dirty_inode:6041: inode #2: comm syz.3.1636: mark_inode_dirty error
[   90.982356][ T4185] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #2: comm syz.3.1636: corrupted inode contents
[   90.995963][ T4185] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #2: comm syz.3.1636: mark_inode_dirty error
[   91.180136][ T4219] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[   91.230550][ T4225] tmpfs: Unknown parameter 'nolazytime0'
[   91.342335][ T4239] loop9: detected capacity change from 0 to 512
[   91.350984][ T4237] SELinux: security_context_str_to_sid(user_u) failed for (dev ?, type ?) errno=-22
[   91.380321][ T4237] SELinux: security_context_str_to_sid(user_u) failed for (dev incremental-fs, type incremental-fs) errno=-22
[   91.447109][ T4239] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[   91.490635][ T4239] [EXT4 FS bs=4096, gc=1, bpg=3008, ipg=32, mo=8003e119, mo2=0000]
[   91.503787][ T4239] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 55 vs 41 free clusters
[   91.536476][ T4239] EXT4-fs error (device loop9): ext4_acquire_dquot:6188: comm syz.9.1659: Failed to acquire dquot type 0
[   91.577335][ T4227] loop1: detected capacity change from 0 to 40427
[   91.604575][ T4239] EXT4-fs (loop9): 1 truncate cleaned up
[   91.610206][ T4239] EXT4-fs (loop9): mounted filesystem without journal. Opts: nobarrier,noblock_validity,nombcache,norecovery,barrier=0x000000000000000c,resgid=0x000000000000ee01,barrier=0x000000000000003a,noauto_da_alloc,resgid=0x00000000000000002,errors=continue. Quota mode: writeback.
[   91.644394][ T4227] F2FS-fs (loop1): Fix alignment : done, start(4096) end(16896) block(12288)
[   91.655946][ T4227] F2FS-fs (loop1): Found nat_bits in checkpoint
[   91.700423][ T4227] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   91.736398][ T4235] loop3: detected capacity change from 0 to 40427
[   91.776955][ T3391] attempt to access beyond end of device
[   91.776955][ T3391] loop1: rw=2049, want=45104, limit=40427
[   91.789417][ T4255] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1662'.
[   91.880404][ T4235] F2FS-fs (loop3): Found nat_bits in checkpoint
[   92.002297][ T4235] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   92.109465][  T289] attempt to access beyond end of device
[   92.109465][  T289] loop3: rw=2049, want=45104, limit=40427
[   92.174120][ T4282] device veth1_to_team entered promiscuous mode
[   92.189442][ T4281] device veth1_to_team left promiscuous mode
[   92.337362][ T4296] loop8: detected capacity change from 0 to 1024
[   92.355776][ T4296] EXT4-fs (loop8): Ignoring removed nobh option
[   92.379383][ T4296] EXT4-fs (loop8): Ignoring removed bh option
[   92.390951][ T4296] EXT4-fs (loop8): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   92.445423][ T4296] EXT4-fs (loop8): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,resgid=0x0000000000000000,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[   92.858257][ T4354] loop3: detected capacity change from 0 to 16
[   92.924027][ T4354] erofs: (device loop3): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 16700)
[   93.057777][ T4377] loop1: detected capacity change from 0 to 512
[   93.154646][ T4377] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   93.175925][ T4377] ext4 filesystem being mounted at /109/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   93.210084][ T4377] EXT4-fs error (device loop1): ext4_do_update_inode:5205: inode #2: comm syz.1.1713: corrupted inode contents
[   93.223300][ T4377] EXT4-fs error (device loop1): ext4_dirty_inode:6041: inode #2: comm syz.1.1713: mark_inode_dirty error
[   93.243396][ T4377] EXT4-fs error (device loop1): ext4_do_update_inode:5205: inode #2: comm syz.1.1713: corrupted inode contents
[   93.273335][ T4377] EXT4-fs error (device loop1): __ext4_ext_dirty:183: inode #2: comm syz.1.1713: mark_inode_dirty error
[   93.383076][  T315] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[   93.445678][ T4375] loop9: detected capacity change from 0 to 40427
[   93.542794][ T4375] F2FS-fs (loop9): Found nat_bits in checkpoint
[   93.580453][ T4375] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[   93.613799][ T3663] attempt to access beyond end of device
[   93.613799][ T3663] loop9: rw=2049, want=45104, limit=40427
[   93.633256][  T315] usb 4-1: Using ep0 maxpacket: 8
[   93.673082][   T39] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[   93.763133][  T315] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[   93.775043][  T315] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.783918][  T315] usb 4-1: config 0 descriptor??
[   93.793242][  T316] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[   94.033200][  T316] usb 8-1: Using ep0 maxpacket: 16
[   94.033222][  T315] asix 4-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[   94.038291][   T39] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   94.089886][ T4421] binder: 4420:4421 ioctl c0306201 4000000003c0 returned -22
[   94.143254][   T39] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   94.152857][   T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   94.161128][   T39] usb 2-1: SerialNumber: syz
[   94.186383][  T316] usb 8-1: config 0 has an invalid interface number: 251 but max is 0
[   94.195682][  T316] usb 8-1: config 0 has no interface number 0
[   94.201636][  T316] usb 8-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[   94.211454][   T39] usb 2-1: can't set config #1, error -71
[   94.223301][  T316] usb 8-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[   94.233430][   T26] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[   94.240962][   T39] usb 2-1: USB disconnect, device number 10
[   94.253219][  T315] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[   94.264517][  T315] asix 4-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[   94.274717][  T315] asix: probe of 4-1:0.0 failed with error -71
[   94.281715][  T315] usb 4-1: USB disconnect, device number 7
[   94.288404][  T316] usb 8-1: string descriptor 0 read error: -71
[   94.295268][  T316] usb 8-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[   94.305415][  T316] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   94.314173][  T316] usb 8-1: config 0 descriptor??
[   94.333211][  T316] usb 8-1: can't set config #0, error -71
[   94.339447][  T316] usb 8-1: USB disconnect, device number 5
[   94.716435][   T30] kauditd_printk_skb: 67 callbacks suppressed
[   94.716450][   T30] audit: type=1400 audit(2000000028.260:1765): avc:  denied  { read write } for  pid=1474 comm="syz-executor" name="loop7" dev="devtmpfs" ino=119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[   94.757617][   T30] audit: type=1400 audit(2000000028.260:1766): avc:  denied  { read write } for  pid=3391 comm="syz-executor" name="loop1" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[   94.801802][   T30] audit: type=1400 audit(2000000028.270:1767): avc:  denied  { prog_load } for  pid=4435 comm="syz.1.1737" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   94.851167][   T30] audit: type=1400 audit(2000000028.280:1768): avc:  denied  { read write } for  pid=3391 comm="syz-executor" name="loop1" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[   94.905336][   T30] audit: type=1400 audit(2000000028.280:1769): avc:  denied  { mount } for  pid=4437 comm="syz.1.1738" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=0
[   94.940443][   T30] audit: type=1400 audit(2000000028.290:1770): avc:  denied  { read } for  pid=83 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
[   94.965190][   T30] audit: type=1400 audit(2000000028.290:1771): avc:  denied  { read } for  pid=83 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
[   94.993144][   T30] audit: type=1400 audit(2000000028.290:1772): avc:  denied  { read write } for  pid=3391 comm="syz-executor" name="loop1" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[   95.035187][ T3663] audit: audit_backlog=65 > audit_backlog_limit=64
[   95.041105][ T4482] audit: audit_backlog=65 > audit_backlog_limit=64
[   97.350019][  T330] Bluetooth: hci0: Frame reassembly failed (-84)
[   97.815419][ T4844] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4844 comm=syz.1.1928
[   98.086402][ T4881] loop8: detected capacity change from 0 to 128
[   98.333126][  T315] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[   98.406991][ T4915] netlink: 60 bytes leftover after parsing attributes in process `syz.7.1961'.
[   98.681052][ T4950] loop3: detected capacity change from 0 to 2048
[   98.691281][ T4950] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[   98.710726][ T4950] EXT4-fs (loop3): mounted filesystem without journal. Opts: lazytime,usrjquota=,errors=remount-ro,norecovery,auto_da_alloc,mblk_io_submit,grpquota,barrier=0x0000000000000000,grpjquota=,bsddf,bsddf,usrjquota=,. Quota mode: writeback.
[   98.733573][  T315] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   98.744749][  T315] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   98.754955][  T315] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[   98.767386][  T315] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.776342][  T315] usb 2-1: config 0 descriptor??
[   99.139064][ T4972] loop8: detected capacity change from 0 to 256
[   99.213541][ T4972] exFAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   99.224090][ T4972] exFAT-fs (loop8): Medium has reported failures. Some data may be lost.
[   99.234818][ T4972] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[   99.254227][  T315] cp2112 0003:10C4:EA90.000E: unknown main item tag 0x0
[   99.262958][  T315] cp2112 0003:10C4:EA90.000E: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.1-1/input0
[   99.363262][  T312] Bluetooth: hci0: command 0x1003 tx timeout
[   99.369342][  T947] Bluetooth: hci0: sending frame failed (-49)
[   99.473184][  T315] cp2112 0003:10C4:EA90.000E: Part Number: 0x82 Device Version: 0xFE
[   99.861077][   T30] kauditd_printk_skb: 803 callbacks suppressed
[   99.861113][   T30] audit: type=1400 audit(2000000033.400:2554): avc:  denied  { relabelfrom } for  pid=4988 comm="syz.3.1994" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   99.887837][   T30] audit: type=1400 audit(2000000033.400:2555): avc:  denied  { relabelto } for  pid=4988 comm="syz.3.1994" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   99.955522][   T30] audit: type=1400 audit(2000000033.500:2556): avc:  denied  { create } for  pid=4990 comm="syz.3.1995" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   99.975274][   T30] audit: type=1400 audit(2000000033.500:2557): avc:  denied  { setopt } for  pid=4990 comm="syz.3.1995" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  100.036256][   T30] audit: type=1400 audit(2000000033.580:2558): avc:  denied  { mount } for  pid=4996 comm="syz.3.1998" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  100.059235][   T30] audit: type=1400 audit(2000000033.600:2559): avc:  denied  { unmount } for  pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  100.133189][  T315] cp2112 0003:10C4:EA90.000E: error reading lock byte: -71
[  100.143491][   T30] audit: type=1400 audit(2000000033.690:2560): avc:  denied  { write } for  pid=83 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  100.144688][  T315] usb 2-1: USB disconnect, device number 11
[  100.186250][   T30] audit: type=1400 audit(2000000033.690:2561): avc:  denied  { remove_name } for  pid=83 comm="syslogd" name="messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  100.227089][   T30] audit: type=1400 audit(2000000033.690:2562): avc:  denied  { rename } for  pid=83 comm="syslogd" name="messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  100.250419][   T30] audit: type=1400 audit(2000000033.690:2563): avc:  denied  { add_name } for  pid=83 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  100.436886][ T5012] loop3: detected capacity change from 0 to 40427
[  100.539775][ T5012] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  100.548048][ T5012] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  100.565190][ T5012] F2FS-fs (loop3): Found nat_bits in checkpoint
[  100.606936][ T5012] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  100.614051][ T5012] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  100.711057][  T289] attempt to access beyond end of device
[  100.711057][  T289] loop3: rw=2049, want=40968, limit=40427
[  100.906581][ T5037] loop3: detected capacity change from 0 to 256
[  100.969805][ T5037] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  100.985568][ T5037] exFAT-fs (loop3): hint_cluster is invalid (17)
[  101.046488][ T5042] loop3: detected capacity change from 0 to 512
[  101.115033][ T5042] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  101.126007][ T5042] ext4 filesystem being mounted at /514/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  101.183114][ T5042] loop_set_status: loop3 () has still dirty pages (nrpages=2)
[  101.200059][  T289] EXT4-fs error (device loop3): ext4_readdir:260: inode #12: block 32: comm syz-executor: path /514/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  101.443084][  T316] Bluetooth: hci0: command 0x1001 tx timeout
[  101.449101][  T947] Bluetooth: hci0: sending frame failed (-49)
[  101.688105][ T5063] loop7: detected capacity change from 0 to 256
[  101.727633][ T5067] loop1: detected capacity change from 0 to 512
[  101.748996][ T5063] FAT-fs (loop7): bogus number of FAT sectors
[  101.754995][ T5063] FAT-fs (loop7): Can't find a valid FAT filesystem
[  101.790014][ T5067] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #15: comm syz.1.2026: casefold flag without casefold feature
[  101.814798][ T5067] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.2026: couldn't read orphan inode 15 (err -117)
[  101.826779][ T5067] EXT4-fs (loop1): mounted filesystem without journal. Opts: nobarrier,,errors=continue. Quota mode: writeback.
[  102.098055][ T5087] loop8: detected capacity change from 0 to 128
[  102.148989][ T5087] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  102.180012][ T5087] ext4 filesystem being mounted at /158/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  102.548871][ T5101] loop7: detected capacity change from 0 to 40427
[  102.643408][ T5101] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[  102.654661][ T5101] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  102.663235][  T312] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  102.682719][ T5101] F2FS-fs (loop7): invalid crc value
[  102.725543][ T5101] F2FS-fs (loop7): Found nat_bits in checkpoint
[  102.818843][ T5101] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  102.827974][ T5101] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  102.913070][  T312] usb 2-1: Using ep0 maxpacket: 8
[  102.940805][  T404] F2FS-fs (loop7): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  102.963504][  T404] F2FS-fs (loop7): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  103.043713][  T312] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  103.064680][  T312] usb 2-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  103.103854][  T312] usb 2-1: config 0 interface 0 has no altsetting 0
[  103.117200][  T312] usb 2-1: New USB device found, idVendor=05ac, idProduct=025a, bcdDevice= 0.00
[  103.126408][  T312] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.139476][  T312] usb 2-1: config 0 descriptor??
[  103.421188][ T5124] loop7: detected capacity change from 0 to 8192
[  103.429804][ T5126] netlink: 'syz.8.2050': attribute type 3 has an invalid length.
[  103.498281][ T5124] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  103.523062][   T26] Bluetooth: hci0: command 0x1009 tx timeout
[  103.566019][ T5124] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  103.575182][ T5124] FAT-fs (loop7): Filesystem has been set read-only
[  103.581863][ T5124] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  103.620667][ T1474] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  103.644523][  T312] apple 0003:05AC:025A.000F: unexpected long global item
[  103.651574][  T312] apple 0003:05AC:025A.000F: parse failed
[  103.673093][  T312] apple: probe of 0003:05AC:025A.000F failed with error -22
[  103.846729][  T312] usb 2-1: USB disconnect, device number 12
[  104.332339][ T5147] loop8: detected capacity change from 0 to 128
[  104.404331][ T5147] EXT4-fs (loop8): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none.
[  104.423393][ T5147] ext4 filesystem being mounted at /167/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  104.562446][ T5160] loop8: detected capacity change from 0 to 256
[  104.600059][ T5160] exFAT-fs (loop8): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  104.630732][ T5160] exFAT-fs (loop8): hint_cluster is invalid (17)
[  104.898470][   T30] kauditd_printk_skb: 72 callbacks suppressed
[  104.898487][   T30] audit: type=1400 audit(2000000038.440:2636): avc:  denied  { create } for  pid=5169 comm="syz.7.2067" dev="anon_inodefs" ino=36054 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  104.927546][   T30] audit: type=1400 audit(2000000038.470:2637): avc:  denied  { ioctl } for  pid=5169 comm="syz.7.2067" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=36054 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  104.996242][   T30] audit: type=1400 audit(2000000038.540:2638): avc:  denied  { mount } for  pid=5171 comm="syz.7.2068" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  105.018319][   T30] audit: type=1400 audit(2000000038.550:2639): avc:  denied  { unmount } for  pid=1474 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  105.049353][ T5174] netlink: 96 bytes leftover after parsing attributes in process `syz.7.2069'.
[  105.103104][  T312] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  105.353110][  T312] usb 9-1: Using ep0 maxpacket: 16
[  105.473118][  T312] usb 9-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  105.485000][  T312] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  105.495374][  T312] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[  105.571577][   T30] audit: type=1400 audit(2000000039.110:2640): avc:  denied  { create } for  pid=5194 comm="syz.1.2078" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  105.593436][   T30] audit: type=1400 audit(2000000039.140:2641): avc:  denied  { write } for  pid=5194 comm="syz.1.2078" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  105.646374][   T30] audit: type=1326 audit(2000000039.190:2642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5197 comm="syz.1.2079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba9ee03de9 code=0x7ffc0000
[  105.670381][   T30] audit: type=1326 audit(2000000039.190:2643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5197 comm="syz.1.2079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba9ee03de9 code=0x7ffc0000
[  105.694201][   T30] audit: type=1326 audit(2000000039.210:2644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5197 comm="syz.1.2079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7fba9ee03de9 code=0x7ffc0000
[  105.718020][  T312] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  105.727196][  T312] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.736802][  T312] usb 9-1: Product: syz
[  105.740853][  T312] usb 9-1: Manufacturer: syz
[  105.745622][  T312] usb 9-1: SerialNumber: syz
[  105.789070][   T30] audit: type=1326 audit(2000000039.330:2645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5197 comm="syz.1.2079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fba9ed9ffb9 code=0x7ffc0000
[  106.094267][ T5214] netem: change failed
[  106.164267][ T5221] loop7: detected capacity change from 0 to 512
[  106.214999][ T5221] EXT4-fs (loop7): mounted filesystem without journal. Opts: delalloc,bsddf,grpid,,errors=continue. Quota mode: writeback.
[  106.227841][ T5221] ext4 filesystem being mounted at /324/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  106.233258][  T312] usb 9-1: 0:2 : does not exist
[  106.345620][ T5237] EXT4-fs (loop7): re-mounted. Opts: . Quota mode: writeback.
[  106.554573][ T5247] netlink: 88 bytes leftover after parsing attributes in process `syz.7.2098'.
[  106.570768][ T5247] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2098'.
[  106.723778][ T5261] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22
[  106.733414][ T5261] incfs: Backing dir is not set, filesystem can't be mounted.
[  106.740736][ T5261] incfs: mount failed -2
[  107.073068][  T315] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  107.138973][ T5280] loop1: detected capacity change from 0 to 40427
[  107.234520][ T5280] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  107.242194][ T5280] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  107.251872][ T5280] F2FS-fs (loop1): invalid crc value
[  107.259017][ T5280] F2FS-fs (loop1): Found nat_bits in checkpoint
[  107.303361][ T5280] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  107.310417][ T5280] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  107.325840][  T312] usb 9-1: USB disconnect, device number 2
[  107.376477][  T404] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  107.398536][  T404] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  107.443124][  T315] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  107.463058][  T315] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  107.481473][  T315] usb 8-1: New USB device found, idVendor=05ac, idProduct=027c, bcdDevice= 0.00
[  107.502537][  T315] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.529957][  T315] usb 8-1: config 0 descriptor??
[  107.653747][ T5299] loop8: detected capacity change from 0 to 512
[  107.666168][ T5299] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  107.691988][ T5299] EXT4-fs (loop8): 1 truncate cleaned up
[  107.697870][ T5299] EXT4-fs (loop8): mounted filesystem without journal. Opts: resuid=0x0000000000000000,max_dir_size_kb=0x00000000000001ff,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[  107.991922][ T5326] device batadv_slave_1 entered promiscuous mode
[  107.999448][ T5325] device batadv_slave_1 left promiscuous mode
[  108.024376][  T315] hid-generic 0003:05AC:027C.0010: unknown main item tag 0x3
[  108.032862][  T315] hid-generic 0003:05AC:027C.0010: unknown main item tag 0x0
[  108.043677][  T315] hid-generic 0003:05AC:027C.0010: hidraw0: USB HID v0.00 Device [HID 05ac:027c] on usb-dummy_hcd.7-1/input0
[  108.123097][  T312] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  108.225246][  T315] usb 8-1: USB disconnect, device number 6
[  108.363088][  T312] usb 10-1: Using ep0 maxpacket: 16
[  108.483199][  T312] usb 10-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  108.491998][  T312] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  108.502493][  T312] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[  108.673215][  T312] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  108.682464][  T312] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  108.690963][  T312] usb 10-1: Product: syz
[  108.695978][  T312] usb 10-1: Manufacturer: syz
[  108.700593][  T312] usb 10-1: SerialNumber: syz
[  108.854793][ T5343] serio: Serial port ptm0
[  108.981329][ T5354] incfs: Error accessing: ./file0.
[  108.999815][ T5354] incfs: mount failed -20
[  109.178198][  T312] usb 10-1: 0:2 : does not exist
[  109.698555][ T5407] loop8: detected capacity change from 0 to 40427
[  109.773891][ T5407] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12
[  109.781771][ T5407] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  109.791476][ T5407] F2FS-fs (loop8): invalid crc value
[  109.804288][ T5407] F2FS-fs (loop8): Found nat_bits in checkpoint
[  109.863333][ T5407] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  109.870444][ T5407] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  110.075182][   T30] kauditd_printk_skb: 101 callbacks suppressed
[  110.075200][   T30] audit: type=1326 audit(2000000043.620:2747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5415 comm="syz.8.2170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ca27b7de9 code=0x7ffc0000
[  110.133084][   T30] audit: type=1326 audit(2000000043.620:2748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5415 comm="syz.8.2170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ca27b7de9 code=0x7ffc0000
[  110.183064][   T30] audit: type=1326 audit(2000000043.650:2749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5415 comm="syz.8.2170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=84 compat=0 ip=0x7f6ca27b7de9 code=0x7ffc0000
[  110.233075][   T30] audit: type=1326 audit(2000000043.650:2750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5415 comm="syz.8.2170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ca27b7de9 code=0x7ffc0000
[  110.282733][   T30] audit: type=1326 audit(2000000043.650:2751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5415 comm="syz.8.2170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ca27b7de9 code=0x7ffc0000
[  110.345749][  T312] usb 10-1: USB disconnect, device number 3
[  110.373123][   T39] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  110.400252][   T30] audit: type=1400 audit(2000000043.940:2752): avc:  denied  { write } for  pid=5430 comm="syz.9.2177" name="001" dev="devtmpfs" ino=159 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  110.426471][ T5431] hub 2-0:1.0: USB hub found
[  110.431025][ T5431] hub 2-0:1.0: 1 port detected
[  110.490336][ T5435] loop9: detected capacity change from 0 to 2048
[  110.555580][   T30] audit: type=1400 audit(2000000044.100:2753): avc:  denied  { mounton } for  pid=5436 comm="syz.1.2180" path="/225/file0" dev="tmpfs" ino=1190 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  110.583698][ T5435] EXT4-fs (loop9): Ignoring removed mblk_io_submit option
[  110.607302][   T30] audit: type=1400 audit(2000000044.120:2754): avc:  denied  { remount } for  pid=5436 comm="syz.1.2180" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  110.627281][   T39] usb 8-1: Using ep0 maxpacket: 16
[  110.639188][ T5435] EXT4-fs (loop9): mounted filesystem without journal. Opts: debug_want_extra_isize=0x0000000000000004,usrjquota=,errors=remount-ro,dioread_lock,max_batch_time=0x0000000000000005,mblk_io_submit,minixdf,barrier=0x0000000000000000,nombcache,bsddf,. Quota mode: none.
[  110.697114][ T5446] loop1: detected capacity change from 0 to 1024
[  110.704187][   T30] audit: type=1400 audit(2000000044.250:2755): avc:  denied  { append } for  pid=5434 comm="syz.9.2179" path="/89/file1/blkio.bfq.avg_queue_size" dev="loop9" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  110.763174][   T39] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  110.779396][   T39] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  110.789929][   T30] audit: type=1400 audit(2000000044.330:2756): avc:  denied  { map } for  pid=5434 comm="syz.9.2179" path="/89/file1/blkio.bfq.avg_queue_size" dev="loop9" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  110.815053][ T5446] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  110.822616][   T39] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  110.832169][   T39] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.847747][ T5450] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.2179: bg 0: block 234: padding at end of block bitmap is not set
[  110.863448][ T5446] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,noquota,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  110.886210][   T39] usb 8-1: config 0 descriptor??
[  110.891331][ T5450] EXT4-fs (loop9): Remounting filesystem read-only
[  111.046114][ T5458] netlink: 96 bytes leftover after parsing attributes in process `syz.9.2186'.
[  111.364082][   T39] savu 0003:1E7D:2D5A.0011: unknown main item tag 0x0
[  111.364218][ T5486] loop8: detected capacity change from 0 to 128
[  111.370801][   T39] savu 0003:1E7D:2D5A.0011: unknown main item tag 0x0
[  111.370828][   T39] savu 0003:1E7D:2D5A.0011: unknown main item tag 0x0
[  111.428432][   T39] savu 0003:1E7D:2D5A.0011: unknown main item tag 0x0
[  111.440412][   T39] savu 0003:1E7D:2D5A.0011: unknown main item tag 0x0
[  111.455450][   T39] savu 0003:1E7D:2D5A.0011: hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.7-1/input0
[  111.469972][ T5488] loop9: detected capacity change from 0 to 256
[  111.565981][  T312] usb 8-1: USB disconnect, device number 7
[  111.635659][ T5501] loop9: detected capacity change from 0 to 512
[  111.647630][ T5503] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22
[  111.657889][ T5503] SELinux: security_context_str_to_sid(system_u) failed for (dev fuse, type fuse) errno=-22
[  111.742772][ T5501] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  111.754059][ T5501] ext4 filesystem being mounted at /96/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  111.843721][ T5514] input: syz0 as /devices/virtual/input/input19
[  112.023088][  T316] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  112.054337][ T5525] netlink: 32 bytes leftover after parsing attributes in process `syz.9.2215'.
[  112.063288][ T5525] netem: unknown loss type 13
[  112.067824][ T5525] netem: change failed
[  112.173149][ T5535] loop7: detected capacity change from 0 to 512
[  112.205048][ T5535] EXT4-fs (loop7): Ignoring removed nomblk_io_submit option
[  112.214656][ T5535] EXT4-fs (loop7): journaled quota format not specified
[  112.276463][  T316] usb 9-1: Using ep0 maxpacket: 8
[  112.391239][ T5548] loop9: detected capacity change from 0 to 8192
[  112.413731][  T316] usb 9-1: config 0 has an invalid interface number: 0 but max is -1
[  112.429880][  T316] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 0
[  112.439023][  T316] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  112.451631][  T316] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  112.461795][  T316] usb 9-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00
[  112.501472][  T316] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.523911][  T316] usb 9-1: config 0 descriptor??
[  112.620940][ T5571] loop7: detected capacity change from 0 to 16
[  112.664271][ T5578] input: syz0 as /devices/virtual/input/input20
[  112.681615][ T5571] erofs: (device loop7): mounted with root inode @ nid 36.
[  112.704736][ T5571] overlayfs: failed to set xattr on upper
[  112.758819][ T5586] loop1: detected capacity change from 0 to 128
[  112.765989][ T5512] UDC core: couldn't find an available UDC or it's busy: -16
[  112.773906][ T5512] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  112.913608][ T5600] loop7: detected capacity change from 0 to 256
[  112.944421][ T5600] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  113.044103][  T316] hid-picolcd 0003:04D8:F002.0012: item fetching failed at offset 3/5
[  113.055700][  T316] hid-picolcd 0003:04D8:F002.0012: device report parse failed
[  113.064159][  T316] hid-picolcd: probe of 0003:04D8:F002.0012 failed with error -22
[  113.120552][ T5611] xt_bpf: check failed: parse error
[  113.152605][ T5615] loop9: detected capacity change from 0 to 512
[  113.244285][   T20] usb 9-1: USB disconnect, device number 3
[  113.268707][ T5615] EXT4-fs error (device loop9): ext4_acquire_dquot:6188: comm syz.9.2257: Failed to acquire dquot type 1
[  113.282494][ T5615] EXT4-fs (loop9): 1 truncate cleaned up
[  113.288376][ T5615] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  113.309392][ T5615] ext4 filesystem being mounted at /115/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.385655][ T5621] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2260'.
[  113.796420][ T5657] loop8: detected capacity change from 0 to 2048
[  113.838864][ T5657] Alternate GPT is invalid, using primary GPT.
[  113.846117][ T5660] syz.1.2275[5660] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  113.846204][ T5660] syz.1.2275[5660] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  113.857851][ T5657]  loop8: p1 p2 p3
[  113.893082][ T2042] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  113.917033][ T5662] syz.1.2276[5662] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  113.917118][ T5662] syz.1.2276[5662] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  113.992142][ T1136] udevd[1136]: inotify_add_watch(7, /dev/loop8p2, 10) failed: No such file or directory
[  113.995782][ T1119] udevd[1119]: inotify_add_watch(7, /dev/loop8p1, 10) failed: No such file or directory
[  114.005456][ T1209] udevd[1209]: inotify_add_watch(7, /dev/loop8p3, 10) failed: No such file or directory
[  114.137188][ T5678] input: syz0 as /devices/virtual/input/input21
[  114.263164][ T2042] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  114.274504][ T2042] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  114.285867][ T2042] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  114.298907][ T2042] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  114.308044][ T2042] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.316926][ T2042] usb 10-1: config 0 descriptor??
[  114.333141][ T5648] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  114.544450][ T5700] netlink: 76 bytes leftover after parsing attributes in process `syz.7.2293'.
[  114.572145][ T5702] syz.7.2294[5702] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  114.572237][ T5702] syz.7.2294[5702] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  114.645976][ T5707] loop7: detected capacity change from 0 to 256
[  114.726478][ T5707] exFAT-fs (loop7): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  114.794098][ T2042] plantronics 0003:047F:FFFF.0013: unknown main item tag 0xd
[  114.802392][ T2042] plantronics 0003:047F:FFFF.0013: No inputs registered, leaving
[  114.812293][ T2042] plantronics 0003:047F:FFFF.0013: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.9-1/input0
[  115.063813][ T2042] usb 10-1: USB disconnect, device number 4
[  115.192141][ T5715] loop7: detected capacity change from 0 to 40427
[  115.220670][ T5715] F2FS-fs (loop7): invalid crc value
[  115.264085][ T5715] F2FS-fs (loop7): Found nat_bits in checkpoint
[  115.353191][ T5715] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  115.404940][ T5715] attempt to access beyond end of device
[  115.404940][ T5715] loop7: rw=2049, want=45224, limit=40427
[  115.447711][ T1474] attempt to access beyond end of device
[  115.447711][ T1474] loop7: rw=2049, want=45232, limit=40427
[  115.623401][ T5726] syz.9.2303[5726] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  115.623484][ T5726] syz.9.2303[5726] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  115.733962][ T5734] serio: Serial port ptm0
[  115.873354][ T5747] cgroup: Unknown subsys name 'hugetlb'
[  115.893523][ T5749] netem: change failed
[  115.993215][   T30] kauditd_printk_skb: 77 callbacks suppressed
[  115.993231][   T30] audit: type=1326 audit(2000000049.540:2832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5758 comm="syz.8.2317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ca27b7de9 code=0x7ffc0000
[  116.049834][ T5761] xt_hashlimit: size too large, truncated to 1048576
[  116.083130][   T30] audit: type=1326 audit(2000000049.540:2833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5758 comm="syz.8.2317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ca27b7de9 code=0x7ffc0000
[  116.163116][   T30] audit: type=1326 audit(2000000049.560:2834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5758 comm="syz.8.2317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f6ca27b7de9 code=0x7ffc0000
[  116.237131][   T30] audit: type=1326 audit(2000000049.560:2835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5758 comm="syz.8.2317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ca27b7de9 code=0x7ffc0000
[  116.290993][   T30] audit: type=1326 audit(2000000049.560:2836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5758 comm="syz.8.2317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ca27b7de9 code=0x7ffc0000
[  116.354459][   T30] audit: type=1326 audit(2000000049.570:2837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5758 comm="syz.8.2317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7f6ca27b7de9 code=0x7ffc0000
[  116.406764][ T5757] loop9: detected capacity change from 0 to 40427
[  116.415017][   T30] audit: type=1326 audit(2000000049.570:2838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5758 comm="syz.8.2317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ca27b7de9 code=0x7ffc0000
[  116.438864][   T30] audit: type=1326 audit(2000000049.570:2839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5758 comm="syz.8.2317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ca27b7de9 code=0x7ffc0000
[  116.462764][   T30] audit: type=1400 audit(2000000049.920:2840): avc:  denied  { mounton } for  pid=5772 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  116.552692][ T5757] F2FS-fs (loop9): Invalid log_blocksize (268), supports only 12
[  116.572229][ T5757] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  116.583350][ T5772] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.593046][ T5772] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.605010][ T5772] device bridge_slave_0 entered promiscuous mode
[  116.612089][ T5772] bridge0: port 2(bridge_slave_1) entered blocking state
[  116.631417][ T5757] F2FS-fs (loop9): Found nat_bits in checkpoint
[  116.653968][ T5772] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.661494][ T5772] device bridge_slave_1 entered promiscuous mode
[  116.694176][ T5757] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[  116.701047][ T5757] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  116.787543][ T5772] bridge0: port 2(bridge_slave_1) entered blocking state
[  116.794439][ T5772] bridge0: port 2(bridge_slave_1) entered forwarding state
[  116.801569][ T5772] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.808537][ T5772] bridge0: port 1(bridge_slave_0) entered forwarding state
[  116.895066][  T404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  116.912915][  T404] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.933726][  T404] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.956059][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  116.973391][  T323] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.980294][  T323] bridge0: port 1(bridge_slave_0) entered forwarding state
[  116.990514][   T30] audit: type=1400 audit(2000000050.530:2841): avc:  denied  { connect } for  pid=5796 comm="syz.8.2332" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  117.029073][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  117.044068][  T323] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.051079][  T323] bridge0: port 2(bridge_slave_1) entered forwarding state
[  117.081698][ T5801] netem: change failed
[  117.088743][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  117.113323][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  117.119841][ T5794] loop7: detected capacity change from 0 to 40427
[  117.132556][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  117.141465][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  117.150541][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  117.158476][ T5794] F2FS-fs (loop7): fault_injection options not supported
[  117.159299][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  117.174329][ T5794] F2FS-fs (loop7): invalid crc value
[  117.188060][ T5772] device veth0_vlan entered promiscuous mode
[  117.197724][   T10] device bridge_slave_1 left promiscuous mode
[  117.205331][ T5794] F2FS-fs (loop7): Found nat_bits in checkpoint
[  117.213530][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.233551][   T10] device bridge_slave_0 left promiscuous mode
[  117.241201][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.249833][   T10] device veth1_macvtap left promiscuous mode
[  117.255856][   T10] device veth0_vlan left promiscuous mode
[  117.280477][ T5794] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  117.309516][ T5794] attempt to access beyond end of device
[  117.309516][ T5794] loop7: rw=2049, want=77960, limit=40427
[  117.348061][ T1474] attempt to access beyond end of device
[  117.348061][ T1474] loop7: rw=2049, want=45104, limit=40427
[  117.394049][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  117.417576][ T5772] device veth1_macvtap entered promiscuous mode
[  117.437803][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  117.490561][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  117.513791][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  117.761423][ T5855] loop0: detected capacity change from 0 to 8192
[  117.963084][  T316] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  118.113088][   T20] usb 1-1: new low-speed USB device number 2 using dummy_hcd
[  118.278038][ T5863] loop8: detected capacity change from 0 to 131072
[  118.323431][  T316] usb 8-1: New USB device found, idVendor=1b96, idProduct=0003, bcdDevice= 0.00
[  118.333204][ T5863] F2FS-fs (loop8): Invalid log_blocksize (32), supports only 12
[  118.336671][  T316] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.340969][ T5863] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  118.353697][  T316] usb 8-1: config 0 descriptor??
[  118.363953][ T5863] F2FS-fs (loop8): Found nat_bits in checkpoint
[  118.408704][ T5863] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  118.416028][ T5863] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  118.446882][ T5871] loop9: detected capacity change from 0 to 256
[  118.496220][ T5871] exFAT-fs (loop9): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  118.543294][   T20] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  118.554199][   T20] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 32, setting to 8
[  118.564720][   T20] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  118.577371][   T20] usb 1-1: New USB device found, idVendor=056a, idProduct=0326, bcdDevice= 0.00
[  118.587532][   T20] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.596915][   T20] usb 1-1: config 0 descriptor??
[  118.614983][ T5857] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[  118.680971][ T5879] loop9: detected capacity change from 0 to 2048
[  118.752109][ T5879] EXT4-fs (loop9): mounted filesystem without journal. Opts: dioread_lock,usrjquota=,errors=remount-ro,norecovery,auto_da_alloc,noquota,grpquota,barrier=0x0000000000000000,grpjquota=,jqfmt=vfsold,. Quota mode: writeback.
[  118.834165][  T316] ntrig 0003:1B96:0003.0014: unknown main item tag 0x0
[  118.835797][ T5879] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.2366: bg 0: block 234: padding at end of block bitmap is not set
[  118.841421][  T316] ntrig 0003:1B96:0003.0014: unknown main item tag 0x0
[  118.862243][ T5879] EXT4-fs (loop9): Remounting filesystem read-only
[  118.880413][  T316] ntrig 0003:1B96:0003.0014: unknown main item tag 0x0
[  118.891466][  T316] ntrig 0003:1B96:0003.0014: unknown main item tag 0x0
[  118.908514][  T316] ntrig 0003:1B96:0003.0014: unknown main item tag 0x0
[  118.920927][  T316] ntrig 0003:1B96:0003.0014: hidraw0: USB HID v1.01 Device [HID 1b96:0003] on usb-dummy_hcd.7-1/input0
[  119.031780][ T5888] loop8: detected capacity change from 0 to 40427
[  119.074331][   T20] wacom 0003:056A:0326.0015: unbalanced collection at end of report description
[  119.083550][   T20] wacom 0003:056A:0326.0015: parse failed
[  119.089131][   T20] wacom: probe of 0003:056A:0326.0015 failed with error -22
[  119.093377][ T5888] F2FS-fs (loop8): invalid crc value
[  119.119513][ T5888] F2FS-fs (loop8): Found nat_bits in checkpoint
[  119.172469][ T5888] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  119.187765][ T5888] xt_hashlimit: max too large, truncated to 1048576
[  119.260517][   T39] usb 8-1: USB disconnect, device number 8
[  119.277461][   T20] usb 1-1: USB disconnect, device number 2
[  119.456762][ T5907] syz.9.2375[5907] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  119.456823][ T5907] syz.9.2375[5907] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  119.470818][ T5907] loop9: detected capacity change from 0 to 256
[  119.563405][ T5907] FAT-fs (loop9): bogus number of FAT sectors
[  119.569601][ T5907] FAT-fs (loop9): Can't find a valid FAT filesystem
[  119.815190][ T5918] loop9: detected capacity change from 0 to 512
[  119.930244][ T5918] EXT4-fs (loop9): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[  119.948341][ T5918] ext4 filesystem being mounted at /150/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  120.048285][ T5939] loop9: detected capacity change from 0 to 512
[  120.110978][ T5943] loop7: detected capacity change from 0 to 128
[  120.125041][ T5939] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  120.136612][ T5939] ext4 filesystem being mounted at /151/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  120.166343][ T5943] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  120.179386][ T5943] ext4 filesystem being mounted at /392/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  120.259425][ T5956] loop7: detected capacity change from 0 to 256
[  120.499716][ T5979] loop6: detected capacity change from 0 to 8
[  120.810610][ T6015] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 0
[  120.896437][ T6023] raw_sendmsg: syz.0.2423 forgot to set AF_INET. Fix it!
[  120.990943][ T6035] loop0: detected capacity change from 0 to 512
[  121.074464][ T6035] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  121.085715][ T6035] ext4 filesystem being mounted at /19/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  121.114230][ T6037] loop8: detected capacity change from 0 to 40427
[  121.124066][   T30] kauditd_printk_skb: 60 callbacks suppressed
[  121.124081][   T30] audit: type=1400 audit(2000000054.670:2902): avc:  denied  { execute } for  pid=6034 comm="syz.0.2430" name="file2" dev="loop0" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  121.192486][ T6037] F2FS-fs (loop8): fault_injection options not supported
[  121.214726][   T30] audit: type=1326 audit(2000000054.730:2903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6040 comm="syz.9.2432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f024e928de9 code=0x7ffc0000
[  121.257166][ T6037] F2FS-fs (loop8): invalid crc value
[  121.263048][ T6049] loop9: detected capacity change from 0 to 512
[  121.281147][ T6037] F2FS-fs (loop8): Found nat_bits in checkpoint
[  121.297762][   T30] audit: type=1326 audit(2000000054.730:2904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6040 comm="syz.9.2432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=268 compat=0 ip=0x7f024e928de9 code=0x7ffc0000
[  121.321696][   T30] audit: type=1326 audit(2000000054.730:2905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6040 comm="syz.9.2432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f024e928de9 code=0x7ffc0000
[  121.351924][ T6049] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  121.378013][ T6037] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  121.425052][ T6061] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2439'.
[  121.435752][ T6063] input: syz0 as /devices/virtual/input/input23
[  121.441071][ T6049] ext4 filesystem being mounted at /158/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  121.454171][   T60] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  121.488498][ T2964] attempt to access beyond end of device
[  121.488498][ T2964] loop8: rw=2049, want=40976, limit=40427
[  121.528085][   T30] audit: type=1400 audit(2000000055.070:2906): avc:  denied  { ioctl } for  pid=6068 comm="syz.7.2447" path="socket:[39670]" dev="sockfs" ino=39670 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  121.565844][ T6073] syz.1.2446[6073] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  121.565931][ T6073] syz.1.2446[6073] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  121.611772][ T6075] loop9: detected capacity change from 0 to 256
[  121.634055][   T30] audit: type=1326 audit(2000000055.180:2907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6070 comm="syz.1.2446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba9ee03de9 code=0x7ffc0000
[  121.658641][   T30] audit: type=1326 audit(2000000055.180:2908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6070 comm="syz.1.2446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba9ee03de9 code=0x7ffc0000
[  121.706855][ T6075] exFAT-fs (loop9): failed to load upcase table (idx : 0x000104d0, chksum : 0x3eebdab2, utbl_chksum : 0xe619d30d)
[  121.753084][   T30] audit: type=1326 audit(2000000055.200:2909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6070 comm="syz.1.2446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fba9ee03de9 code=0x7ffc0000
[  121.797257][ T6084] loop1: detected capacity change from 0 to 2048
[  121.803607][   T30] audit: type=1326 audit(2000000055.200:2910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6070 comm="syz.1.2446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba9ee03de9 code=0x7ffc0000
[  121.815090][ T6075] exFAT-fs (loop9): hint_cluster is invalid (521)
[  121.834327][   T30] audit: type=1326 audit(2000000055.200:2911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6070 comm="syz.1.2446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba9ee03de9 code=0x7ffc0000
[  121.835859][ T6075] exFAT-fs (loop9): error, invalid access to FAT (entry 0x00000208)
[  121.865755][   T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  121.877388][   T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 17957, setting to 1024
[  121.883989][ T6075] exFAT-fs (loop9): Filesystem has been set read-only
[  121.896236][ T6075] exFAT-fs (loop9): error, failed to bmap (inode : ffff8881282ee350 iblock : 9, err : -5)
[  121.906311][   T60] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  121.919923][ T6075] exFAT-fs (loop9): error, invalid access to FAT (entry 0x00000208)
[  121.928157][ T6075] attempt to access beyond end of device
[  121.928157][ T6075] loop9: rw=2049, want=4282, limit=256
[  121.939460][ T6075] Buffer I/O error on dev loop9, logical block 4281, lost async page write
[  121.946077][   T60] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  121.948556][ T6075] attempt to access beyond end of device
[  121.948556][ T6075] loop9: rw=2049, want=4283, limit=256
[  121.969553][ T6084] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  121.980149][ T6084] ext4 filesystem being mounted at /274/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  121.985162][   T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.990871][ T6075] Buffer I/O error on dev loop9, logical block 4282, lost async page write
[  122.003454][   T60] usb 1-1: config 0 descriptor??
[  122.010873][ T6084] fs-verity: sha512 using implementation "sha512-avx2"
[  122.019679][ T6075] attempt to access beyond end of device
[  122.019679][ T6075] loop9: rw=2049, want=4284, limit=256
[  122.030763][ T6075] Buffer I/O error on dev loop9, logical block 4283, lost async page write
[  122.039564][ T6075] attempt to access beyond end of device
[  122.039564][ T6075] loop9: rw=2049, want=4285, limit=256
[  122.050644][ T6075] Buffer I/O error on dev loop9, logical block 4284, lost async page write
[  122.059176][ T6075] attempt to access beyond end of device
[  122.059176][ T6075] loop9: rw=2049, want=4286, limit=256
[  122.059544][ T6043] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  122.070190][ T6075] Buffer I/O error on dev loop9, logical block 4285, lost async page write
[  122.085895][ T6075] attempt to access beyond end of device
[  122.085895][ T6075] loop9: rw=2049, want=4287, limit=256
[  122.097010][ T6075] Buffer I/O error on dev loop9, logical block 4286, lost async page write
[  122.105826][ T6075] attempt to access beyond end of device
[  122.105826][ T6075] loop9: rw=2049, want=4288, limit=256
[  122.116931][ T6075] Buffer I/O error on dev loop9, logical block 4287, lost async page write
[  122.176499][ T6102] xt_hashlimit: size too large, truncated to 1048576
[  122.216924][ T6107] device pim6reg1 entered promiscuous mode
[  122.309805][ T6117] loop7: detected capacity change from 0 to 512
[  122.318054][   T20] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  122.379939][ T6117] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  122.551642][ T6135] input: syz1 as /devices/virtual/input/input24
[  122.564128][   T60] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  122.565991][ T6138] loop9: detected capacity change from 0 to 128
[  122.572459][   T60] plantronics 0003:047F:FFFF.0016: No inputs registered, leaving
[  122.592600][   T60] plantronics 0003:047F:FFFF.0016: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  122.624160][ T6138] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  122.684379][ T6138] ext4 filesystem being mounted at /163/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  122.719614][ T6138] EXT4-fs error (device loop9): dx_make_map:1328: inode #2: block 63: comm syz.9.2474: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1
[  122.740750][   T20] usb 9-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  122.751810][   T20] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.760600][   T20] usb 9-1: config 0 descriptor??
[  122.766055][ T6138] EXT4-fs error (device loop9) in do_split:2095: Corrupt filesystem
[  122.774756][ T6154] EXT4-fs error (device loop9): dx_make_map:1328: inode #2: block 63: comm syz.9.2474: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1
[  122.793882][ T6154] EXT4-fs error (device loop9) in do_split:2095: Corrupt filesystem
[  122.943057][  T316] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  122.950919][ T6157] loop9: detected capacity change from 0 to 40427
[  123.049032][ T6157] F2FS-fs (loop9): Found nat_bits in checkpoint
[  123.081684][ T6157] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  123.103409][ T3663] attempt to access beyond end of device
[  123.103409][ T3663] loop9: rw=2049, want=45112, limit=40427
[  123.183088][  T316] usb 8-1: Using ep0 maxpacket: 16
[  123.227362][ T6164] loop9: detected capacity change from 0 to 2048
[  123.233720][   T20] usb 9-1: Cannot set MAC address
[  123.238623][   T20] MOSCHIP usb-ethernet driver: probe of 9-1:0.0 failed with error -71
[  123.248407][   T20] usb 9-1: USB disconnect, device number 4
[  123.264799][ T6164] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  123.275418][ T6164] ext4 filesystem being mounted at /165/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.299336][ T3663] EXT4-fs error (device loop9): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /165/file0: bad entry in directory: rec_len is smaller than minimal - offset=108, inode=646161, rec_len=0, size=4096 fake=0
[  123.320743][  T316] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  123.331043][  T316] usb 8-1: config 0 has no interfaces?
[  123.338612][  T316] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  123.348107][  T316] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.357106][  T316] usb 8-1: config 0 descriptor??
[  123.595974][   T60] usb 8-1: USB disconnect, device number 9
[  123.610632][ T6195] loop9: detected capacity change from 0 to 1024
[  123.714446][ T6195] EXT4-fs (loop9): mounted filesystem without journal. Opts: nombcache,abort,dioread_lock,norecovery,discard,lazytime,noload,usrquota,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  123.755534][ T3663] EXT4-fs error (device loop9): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[  123.766737][ T3663] EXT4-fs error (device loop9): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[  123.778110][ T3663] EXT4-fs error (device loop9): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[  123.789086][ T3663] EXT4-fs error (device loop9): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[  123.799826][ T3663] EXT4-fs error (device loop9): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[  123.810713][ T3663] EXT4-fs error (device loop9): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[  123.822147][ T3663] EXT4-fs error (device loop9): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[  123.832959][ T3663] EXT4-fs error (device loop9): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[  123.844356][ T3663] EXT4-fs error (device loop9): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[  123.855071][ T3663] EXT4-fs error (device loop9): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[  124.074391][ T6202] bridge0: port 1(bridge_slave_0) entered blocking state
[  124.081266][ T6202] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.088947][ T6202] device bridge_slave_0 entered promiscuous mode
[  124.095947][ T6202] bridge0: port 2(bridge_slave_1) entered blocking state
[  124.102978][ T6202] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.110437][ T6202] device bridge_slave_1 entered promiscuous mode
[  124.177402][ T6202] bridge0: port 2(bridge_slave_1) entered blocking state
[  124.184290][ T6202] bridge0: port 2(bridge_slave_1) entered forwarding state
[  124.191376][ T6202] bridge0: port 1(bridge_slave_0) entered blocking state
[  124.198181][ T6202] bridge0: port 1(bridge_slave_0) entered forwarding state
[  124.221218][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  124.228929][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.236427][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.247818][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  124.256227][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[  124.263180][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[  124.272616][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  124.280828][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[  124.287691][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[  124.302957][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  124.322568][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  124.378176][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  124.403406][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  124.413386][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  124.429313][ T6216] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2506'.
[  124.429497][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  124.463943][ T6202] device veth0_vlan entered promiscuous mode
[  124.502734][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  124.520962][ T6202] device veth1_macvtap entered promiscuous mode
[  124.535337][  T330] device bridge_slave_1 left promiscuous mode
[  124.541336][  T330] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.553800][ T6225] loop7: detected capacity change from 0 to 256
[  124.560174][  T330] device bridge_slave_0 left promiscuous mode
[  124.568424][  T330] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.577204][  T330] device veth1_macvtap left promiscuous mode
[  124.583147][  T330] device veth0_vlan left promiscuous mode
[  124.626637][ T6231] loop0: detected capacity change from 0 to 1024
[  124.653485][  T316] usb 1-1: USB disconnect, device number 3
[  124.676136][ T6231] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  124.809378][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  124.825465][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  124.886567][ T6254] loop0: detected capacity change from 0 to 128
[  125.006374][ T6264] loop0: detected capacity change from 0 to 256
[  125.038525][ T6268] loop2: detected capacity change from 0 to 256
[  125.049691][ T6264] FAT-fs (loop0): Directory bread(block 64) failed
[  125.056721][ T6264] FAT-fs (loop0): Directory bread(block 65) failed
[  125.063352][ T6264] FAT-fs (loop0): Directory bread(block 66) failed
[  125.072535][ T6268] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  125.084601][ T6264] FAT-fs (loop0): Directory bread(block 67) failed
[  125.100416][ T6264] FAT-fs (loop0): Directory bread(block 68) failed
[  125.107817][ T6264] FAT-fs (loop0): Directory bread(block 69) failed
[  125.116433][ T6264] FAT-fs (loop0): Directory bread(block 70) failed
[  125.122793][ T6264] FAT-fs (loop0): Directory bread(block 71) failed
[  125.129823][ T6264] FAT-fs (loop0): Directory bread(block 72) failed
[  125.136359][ T6264] FAT-fs (loop0): Directory bread(block 73) failed
[  125.189327][  T323] attempt to access beyond end of device
[  125.189327][  T323] loop0: rw=1, want=1228, limit=256
[  125.230788][ T6282] loop7: detected capacity change from 0 to 2048
[  125.308666][ T6282] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  125.477704][ T6310] loop7: detected capacity change from 0 to 2048
[  125.490643][ T6310] EXT4-fs (loop7): Ignoring removed mblk_io_submit option
[  125.541071][ T6310] EXT4-fs (loop7): mounted filesystem without journal. Opts: lazytime,usrjquota=,errors=remount-ro,norecovery,auto_da_alloc,mblk_io_submit,grpquota,barrier=0x0000000000000000,grpjquota=,bsddf,bsddf,usrjquota=,. Quota mode: writeback.
[  125.726607][ T6319] blk_update_request: I/O error, dev loop17, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  125.745301][ T6319] FAT-fs (loop17): unable to read boot sector
[  126.000289][ T6344] loop7: detected capacity change from 0 to 512
[  126.032360][ T6344] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  126.064403][ T6344] EXT4-fs error (device loop7): ext4_orphan_get:1401: inode #17: comm syz.7.2561: iget: bad i_size value: -6917529027641081756
[  126.092467][ T6344] EXT4-fs error (device loop7): ext4_orphan_get:1406: comm syz.7.2561: couldn't read orphan inode 17 (err -117)
[  126.113266][ T6344] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  126.152312][   T30] kauditd_printk_skb: 174 callbacks suppressed
[  126.152329][   T30] audit: type=1400 audit(2000000059.690:3086): avc:  denied  { watch watch_reads } for  pid=6343 comm="syz.7.2561" path="/433/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0" dev="loop7" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  126.191731][ T6344] EXT4-fs error (device loop7): ext4_readdir:260: inode #12: block 13: comm syz.7.2561: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=12, rec_len=0, size=4096 fake=0
[  126.296621][   T30] audit: type=1400 audit(2000000059.840:3087): avc:  denied  { append } for  pid=6360 comm="syz.7.2565" name="001" dev="devtmpfs" ino=174 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  126.421522][   T30] audit: type=1400 audit(2000000059.960:3088): avc:  denied  { module_request } for  pid=6356 comm="syz.8.2566" kmod="arptable_" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  126.559578][   T30] audit: type=1400 audit(2000000060.100:3089): avc:  denied  { execmem } for  pid=6374 comm="syz.0.2573" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  126.648835][   T30] audit: type=1400 audit(2000000060.190:3090): avc:  denied  { create } for  pid=6378 comm="syz.8.2575" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  126.775087][   T30] audit: type=1400 audit(2000000060.320:3091): avc:  denied  { name_bind } for  pid=6383 comm="syz.0.2576" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  126.813532][ T6308] loop2: detected capacity change from 0 to 262144
[  126.853054][ T6308] F2FS-fs (loop2): Found nat_bits in checkpoint
[  126.931763][ T6308] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  126.960494][   T30] audit: type=1400 audit(2000000060.500:3092): avc:  denied  { setattr } for  pid=6307 comm="syz.2.2547" name="file0" dev="loop2" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  127.013446][ T6408] loop7: detected capacity change from 0 to 1024
[  127.023199][   T30] audit: type=1326 audit(2000000060.560:3093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6409 comm="syz.0.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44eca53de9 code=0x7ffc0000
[  127.073381][   T30] audit: type=1326 audit(2000000060.570:3094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6409 comm="syz.0.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f44eca53de9 code=0x7ffc0000
[  127.114885][ T6408] EXT4-fs (loop7): mounted filesystem without journal. Opts: noblock_validity,,errors=continue. Quota mode: none.
[  127.118689][   T30] audit: type=1326 audit(2000000060.570:3095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6409 comm="syz.0.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44eca53de9 code=0x7ffc0000
[  127.174256][ T6416] loop0: detected capacity change from 0 to 256
[  127.612420][ T6446] loop2: detected capacity change from 0 to 2048
[  127.658932][ T6446]  loop2: p2 p3 p7
[  127.777202][ T1136] udevd[1136]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  127.777361][ T1209] udevd[1209]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory
[  127.803446][ T1119] udevd[1119]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  127.989077][ T6476] loop2: detected capacity change from 0 to 512
[  128.017734][ T6476] EXT4-fs (loop2): 1 orphan inode deleted
[  128.023627][ T6476] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  128.035397][ T6476] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  128.103826][ T6491] incfs: Options parsing error. -22
[  128.108987][ T6491] incfs: mount failed -22
[  128.350387][ T6514] netlink: 120 bytes leftover after parsing attributes in process `syz.0.2634'.
[  128.360896][ T6514] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.369801][ T6514] b: renamed from bridge_slave_0
[  128.376341][ T6514] bridge0: port 1(b) entered blocking state
[  128.382143][ T6514] bridge0: port 1(b) entered forwarding state
[  128.443209][   T20] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  128.473995][ T6521] loop0: detected capacity change from 0 to 256
[  128.606025][ T6525] loop0: detected capacity change from 0 to 1024
[  128.624565][ T6525] EXT4-fs (loop0): Ignoring removed oldalloc option
[  128.631136][ T6525] EXT4-fs (loop0): Ignoring removed orlov option
[  128.638323][ T6525] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[  128.645640][ T6525] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  128.664275][ T6525] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a843c018, mo2=0002]
[  128.672372][ T6525] System zones: 0-1, 3-12
[  128.678044][ T6525] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_nolock,max_dir_size_kb=0x0000000000000009,sysvgroups,oldalloc,dioread_nolock,orlov,debug,noauto_da_alloc,nomblk_io_submit,dioread_nolock,,errors=continue. Quota mode: none.
[  128.701150][   T20] usb 3-1: Using ep0 maxpacket: 16
[  128.845222][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  128.857022][   T20] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  128.866209][   T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.879385][   T20] usb 3-1: config 0 descriptor??
[  128.947711][ T6538] loop1: detected capacity change from 0 to 128
[  128.989513][ T6538] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none.
[  129.003804][ T6538] ext4 filesystem being mounted at /293/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  129.216411][ T6557] device pim6reg1 entered promiscuous mode
[  129.364297][ T6496] UDC core: couldn't find an available UDC or it's busy: -16
[  129.371782][ T6496] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  129.394292][   T20] hid (null): unknown global tag 0xc
[  129.400650][   T20] hid-generic 0003:0158:0100.0017: unknown main item tag 0x1
[  129.408258][   T20] hid-generic 0003:0158:0100.0017: unexpected long global item
[  129.424370][   T20] hid-generic: probe of 0003:0158:0100.0017 failed with error -22
[  129.433433][ T6575] loop0: detected capacity change from 0 to 2048
[  129.513556][ T6575] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a802e02c, mo2=0002]
[  129.521694][ T6575] System zones: 0-7
[  129.542645][ T6575] EXT4-fs (loop0): mounted filesystem without journal. Opts: lazytime,usrjquota=,errors=remount-ro,bsdgroups,auto_da_alloc,jqfmt=vfsv1,nouid32,journal_dev=0x0000000000000007,debug,bsddf,. Quota mode: none.
[  129.610178][   T60] usb 3-1: USB disconnect, device number 2
[  129.636546][ T6586] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.2661: bg 0: block 234: padding at end of block bitmap is not set
[  129.651231][ T6586] EXT4-fs (loop0): Remounting filesystem read-only
[  129.976343][ T6635] loop8: detected capacity change from 0 to 256
[  130.043308][ T6635] exfat: Deprecated parameter 'utf8'
[  130.048650][ T6635] exfat: Deprecated parameter 'namecase'
[  130.061133][ T6635] exfat: Deprecated parameter 'utf8'
[  130.076390][ T6650] loop0: detected capacity change from 0 to 256
[  130.091603][ T6653] loop7: detected capacity change from 0 to 1024
[  130.104067][ T6635] exFAT-fs (loop8): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d)
[  130.124176][ T6650] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  130.144085][ T6653] EXT4-fs (loop7): Test dummy encryption mode enabled
[  130.151014][ T6650] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  130.161362][ T6653] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  130.176150][ T6650] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  130.195084][ T6653] EXT4-fs (loop7): mounted filesystem without journal. Opts: grpquota,data_err=ignore,noquota,grpjquota=,dioread_nolock,bsddf,delalloc,test_dummy_encryption,,errors=continue. Quota mode: writeback.
[  130.258302][ T6663] xt_hashlimit: size too large, truncated to 1048576
[  130.851532][ T6714] loop8: detected capacity change from 0 to 512
[  130.883083][   T60] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  130.955336][ T6714] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  130.966357][ T6714] ext4 filesystem being mounted at /315/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  131.293116][   T60] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  131.302980][   T60] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  131.366062][   T30] kauditd_printk_skb: 210 callbacks suppressed
[  131.366079][   T30] audit: type=1400 audit(2000000064.910:3306): avc:  denied  { read write } for  pid=6724 comm="syz.1.2722" name="loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  131.397239][   T30] audit: type=1400 audit(2000000064.910:3307): avc:  denied  { open } for  pid=6724 comm="syz.1.2722" path="/dev/loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  131.422504][   T30] audit: type=1400 audit(2000000064.920:3308): avc:  denied  { ioctl } for  pid=6724 comm="syz.1.2722" path="/dev/loop-control" dev="devtmpfs" ino=111 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  131.460920][   T30] audit: type=1400 audit(2000000065.000:3309): avc:  denied  { read } for  pid=6726 comm="syz.7.2723" name="binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  131.486813][ T6729] loop1: detected capacity change from 0 to 1024
[  131.503364][   T30] audit: type=1400 audit(2000000065.000:3310): avc:  denied  { open } for  pid=6726 comm="syz.7.2723" path="/dev/binderfs/binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  131.528048][   T30] audit: type=1400 audit(2000000065.030:3311): avc:  denied  { ioctl } for  pid=6726 comm="syz.7.2723" path="/dev/binderfs/binder0" dev="binder" ino=16 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  131.554452][   T60] usb 1-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  131.563823][   T60] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  131.572014][   T60] usb 1-1: Product: syz
[  131.576300][   T60] usb 1-1: Manufacturer: syz
[  131.594330][ T6729] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,barrier=0x00000000000003ff,stripe=0x0000000000000007,discard,data=ordered,debug_want_extra_isize=0x0000000000000084,max_batch_time=0x0000000000000000,barrier=0x0000000000000002,,errors=continue. Quota mode: writeback.
[  131.604245][   T30] audit: type=1400 audit(2000000065.110:3312): avc:  denied  { write } for  pid=6730 comm="syz.7.2725" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  131.621552][   T60] usb 1-1: SerialNumber: syz
[  131.656305][   T60] usb 1-1: config 0 descriptor??
[  131.673153][ T6705] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  131.688075][ T6705] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  131.705286][ T6738] loop8: detected capacity change from 0 to 128
[  131.776759][ T6745] netem: change failed
[  131.822441][ T6750] loop7: detected capacity change from 0 to 512
[  131.868399][   T30] audit: type=1400 audit(2000000065.410:3313): avc:  denied  { ioctl } for  pid=6754 comm="syz.2.2735" path="socket:[43145]" dev="sockfs" ino=43145 ioctlcmd=0x48e6 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  131.900036][ T6750] EXT4-fs (loop7): Ignoring removed oldalloc option
[  131.924347][ T6705] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  131.931232][ T6705] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  131.939023][ T6750] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  131.961819][ T6761] loop2: detected capacity change from 0 to 2048
[  131.969659][ T6750] EXT4-fs (loop7): warning: checktime reached, running e2fsck is recommended
[  131.989374][ T6750] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=b846c01c, mo2=0002]
[  132.014147][ T6761] Alternate GPT is invalid, using primary GPT.
[  132.020212][ T6761]  loop2: p1 p2 p3
[  132.037485][ T6750] System zones: 0-2, 18-18, 34-34
[  132.674107][ T6750] EXT4-fs (loop7): Cannot turn on journaled quota: type 0: error -117
[  133.196020][ T6767] loop1: detected capacity change from 0 to 256
[  133.207496][ T6750] EXT4-fs error (device loop7): ext4_orphan_get:1427: comm syz.7.2730: bad orphan inode 15
[  133.218108][ T6750] ext4_test_bit(bit=14, block=18) = 1
[  133.223333][ T6750] is_bad_inode(inode)=0
[  133.227299][ T6750] NEXT_ORPHAN(inode)=2264924160
[  133.232364][ T6750] max_ino=32
[  133.235483][ T6750] i_nlink=0
[  133.238378][ T6750] EXT4-fs warning (device loop7): ext4_update_dynamic_rev:1054: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  133.253799][ T6750] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.2730: bg 0: block 80: padding at end of block bitmap is not set
[  133.274316][   T30] audit: type=1400 audit(2000000066.820:3314): avc:  denied  { mounton } for  pid=6770 comm="syz.8.2741" path="/proc/689/task" dev="proc" ino=42606 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  133.298338][ T6750] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6183: Corrupt filesystem
[  133.301706][   T30] audit: type=1400 audit(2000000066.840:3315): avc:  denied  { mount } for  pid=6770 comm="syz.8.2741" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  133.310216][ T6750] EXT4-fs (loop7): mounted filesystem without journal. Opts: abort,usrjquota=.,init_itable,init_itable,inode_readahead_blks=0x0000000000800000,data_err=abort,oldalloc,jqfmt=vfsv0,min_batch_time=0x0000000000000003,acl,,errors=continue. Quota mode: writeback.
[  133.385915][ T6774] serio: Serial port ptm0
[  133.385910][ T6767] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001)
[  133.385932][ T6767] FAT-fs (loop1): Filesystem has been set read-only
[  133.419592][ T1207] udevd[1207]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  133.431128][ T1209] udevd[1209]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  133.442878][ T1119] udevd[1119]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  133.660548][ T6792] loop7: detected capacity change from 0 to 4096
[  133.759519][ T6792] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  133.913045][  T312] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  133.970007][ T6800] loop7: detected capacity change from 0 to 256
[  134.016167][ T6800] exFAT-fs (loop7): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  134.048581][ T6804] bridge0: port 1(bridge_slave_0) entered blocking state
[  134.055574][ T6804] bridge0: port 1(bridge_slave_0) entered forwarding state
[  134.109272][ T6810] input: syz1 as /devices/virtual/input/input25
[  134.254640][   T60] dm9601 1-1:0.0 (unnamed net_device) (uninitialized): MDIO read error: -71
[  134.265052][   T60] dm9601 1-1:0.0 eth1: register 'dm9601' at usb-dummy_hcd.0-1, Davicom DM96xx USB 10/100 Ethernet, 8e:75:bc:b6:ad:45
[  134.279555][   T60] usb 1-1: USB disconnect, device number 4
[  134.285677][   T60] dm9601 1-1:0.0 eth1: unregister 'dm9601' usb-dummy_hcd.0-1, Davicom DM96xx USB 10/100 Ethernet
[  134.303111][  T312] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  134.313900][    T6] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  134.335601][  T312] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  134.353075][  T312] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  134.383088][  T312] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  134.391968][  T312] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.417182][  T312] usb 3-1: config 0 descriptor??
[  134.423396][  T315] ==================================================================
[  134.431290][  T315] BUG: KASAN: use-after-free in worker_thread+0xaaa/0x12a0
[  134.438315][  T315] Read of size 8 at addr ffff88810d998c60 by task kworker/0:4/315
[  134.445952][  T315] 
[  134.448138][  T315] CPU: 0 PID: 315 Comm: kworker/0:4 Not tainted 5.15.178-syzkaller-00193-g058abb720bd1 #0
[  134.457844][  T315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  134.467745][  T315] Workqueue:  0x0 (wg-crypt-wg0)
[  134.472527][  T315] Call Trace:
[  134.475631][  T315]  <TASK>
[  134.478407][  T315]  dump_stack_lvl+0x151/0x1c0
[  134.482927][  T315]  ? io_uring_drop_tctx_refs+0x190/0x190
[  134.488395][  T315]  ? panic+0x760/0x760
[  134.492381][  T315]  ? __schedule+0xcd4/0x1590
[  134.496811][  T315]  print_address_description+0x87/0x3b0
[  134.502207][  T315]  kasan_report+0x179/0x1c0
[  134.506528][  T315]  ? _raw_spin_lock_irqsave+0x210/0x210
[  134.511920][  T315]  ? worker_thread+0xaaa/0x12a0
[  134.516610][  T315]  ? worker_thread+0xaaa/0x12a0
[  134.521288][  T315]  __asan_report_load8_noabort+0x14/0x20
[  134.526755][  T315]  worker_thread+0xaaa/0x12a0
[  134.531272][  T315]  ? _raw_spin_lock+0x1b0/0x1b0
[  134.535960][  T315]  kthread+0x421/0x510
[  134.539862][  T315]  ? worker_clr_flags+0x180/0x180
[  134.544873][  T315]  ? kthread_blkcg+0xd0/0xd0
[  134.549291][  T315]  ret_from_fork+0x1f/0x30
[  134.553559][  T315]  </TASK>
[  134.556489][  T315] 
[  134.558669][  T315] Allocated by task 60:
[  134.563183][  T315]  ____kasan_kmalloc+0xdb/0x110
[  134.567940][  T315]  __kasan_kmalloc+0x9/0x10
[  134.572286][  T315]  __kmalloc+0x13f/0x2c0
[  134.576389][  T315]  kvmalloc_node+0x1f0/0x4d0
[  134.580776][  T315]  alloc_netdev_mqs+0x8c/0xc90
[  134.585378][  T315]  alloc_etherdev_mqs+0x33/0x40
[  134.590100][  T315]  usbnet_probe+0x1fa/0x2860
[  134.594496][  T315]  usb_probe_interface+0x5b6/0xa90
[  134.599455][  T315]  really_probe+0x28d/0x970
[  134.603863][  T315]  __driver_probe_device+0x1a0/0x310
[  134.608993][  T315]  driver_probe_device+0x54/0x3d0
[  134.613846][  T315]  __device_attach_driver+0x2c5/0x470
[  134.619080][  T315]  bus_for_each_drv+0x183/0x200
[  134.623746][  T315]  __device_attach+0x312/0x510
[  134.628347][  T315]  device_initial_probe+0x1a/0x20
[  134.633289][  T315]  bus_probe_device+0xbe/0x1e0
[  134.637931][  T315]  device_add+0xb60/0xf10
[  134.642056][  T315]  usb_set_configuration+0x190f/0x1e80
[  134.647452][  T315]  usb_generic_driver_probe+0x8b/0x150
[  134.652740][  T315]  usb_probe_device+0x144/0x260
[  134.657419][  T315]  really_probe+0x28d/0x970
[  134.661764][  T315]  __driver_probe_device+0x1a0/0x310
[  134.666881][  T315]  driver_probe_device+0x54/0x3d0
[  134.671745][  T315]  __device_attach_driver+0x2c5/0x470
[  134.676944][  T315]  bus_for_each_drv+0x183/0x200
[  134.681632][  T315]  __device_attach+0x312/0x510
[  134.686240][  T315]  device_initial_probe+0x1a/0x20
[  134.691097][  T315]  bus_probe_device+0xbe/0x1e0
[  134.695692][  T315]  device_add+0xb60/0xf10
[  134.699909][  T315]  usb_new_device+0x1038/0x1c10
[  134.704549][  T315]  hub_event+0x2def/0x4770
[  134.708886][  T315]  process_one_work+0x6bb/0xc10
[  134.713573][  T315]  worker_thread+0xad5/0x12a0
[  134.718087][  T315]  kthread+0x421/0x510
[  134.721999][  T315]  ret_from_fork+0x1f/0x30
[  134.726641][  T315] 
[  134.728810][  T315] Freed by task 60:
[  134.732450][  T315]  kasan_set_track+0x4b/0x70
[  134.736878][  T315]  kasan_set_free_info+0x23/0x40
[  134.741792][  T315]  ____kasan_slab_free+0x126/0x160
[  134.747053][  T315]  __kasan_slab_free+0x11/0x20
[  134.752336][  T315]  slab_free_freelist_hook+0xbd/0x190
[  134.757542][  T315]  kfree+0xcc/0x270
[  134.761182][  T315]  kvfree+0x35/0x40
[  134.764824][  T315]  netdev_freemem+0x3f/0x60
[  134.769167][  T315]  netdev_release+0x7f/0xb0
[  134.773509][  T315]  device_release+0x95/0x1c0
[  134.777935][  T315]  kobject_put+0x178/0x260
[  134.782281][  T315]  put_device+0x1f/0x30
[  134.786271][  T315]  free_netdev+0x34f/0x440
[  134.790522][  T315]  usbnet_disconnect+0x25f/0x3b0
[  134.795326][  T315]  usb_unbind_interface+0x1fa/0x8c0
[  134.800341][  T315]  device_release_driver_internal+0x50b/0x7d0
[  134.806236][  T315]  device_release_driver+0x19/0x20
[  134.811186][  T315]  bus_remove_device+0x2f8/0x360
[  134.815951][  T315]  device_del+0x663/0xe90
[  134.820128][  T315]  usb_disable_device+0x380/0x720
[  134.824980][  T315]  usb_disconnect+0x32a/0x890
[  134.829535][  T315]  hub_event+0x1d42/0x4770
[  134.833750][  T315]  process_one_work+0x6bb/0xc10
[  134.838435][  T315]  worker_thread+0xe02/0x12a0
[  134.843036][  T315]  kthread+0x421/0x510
[  134.846947][  T315]  ret_from_fork+0x1f/0x30
[  134.851195][  T315] 
[  134.853391][  T315] Last potentially related work creation:
[  134.858920][  T315]  kasan_save_stack+0x3b/0x60
[  134.863483][  T315]  __kasan_record_aux_stack+0xd3/0xf0
[  134.868748][  T315]  kasan_record_aux_stack_noalloc+0xb/0x10
[  134.874406][  T315]  insert_work+0x56/0x320
[  134.878660][  T315]  __queue_work+0x92a/0xcd0
[  134.882988][  T315]  queue_work_on+0x105/0x170
[  134.887501][  T315]  usbnet_link_change+0x182/0x1a0
[  134.892361][  T315]  usbnet_probe+0x1dad/0x2860
[  134.896871][  T315]  usb_probe_interface+0x5b6/0xa90
[  134.901818][  T315]  really_probe+0x28d/0x970
[  134.906160][  T315]  __driver_probe_device+0x1a0/0x310
[  134.911287][  T315]  driver_probe_device+0x54/0x3d0
[  134.916141][  T315]  __device_attach_driver+0x2c5/0x470
[  134.921463][  T315]  bus_for_each_drv+0x183/0x200
[  134.926142][  T315]  __device_attach+0x312/0x510
[  134.930739][  T315]  device_initial_probe+0x1a/0x20
[  134.935600][  T315]  bus_probe_device+0xbe/0x1e0
[  134.940202][  T315]  device_add+0xb60/0xf10
[  134.944375][  T315]  usb_set_configuration+0x190f/0x1e80
[  134.949661][  T315]  usb_generic_driver_probe+0x8b/0x150
[  134.954955][  T315]  usb_probe_device+0x144/0x260
[  134.959644][  T315]  really_probe+0x28d/0x970
[  134.963990][  T315]  __driver_probe_device+0x1a0/0x310
[  134.969106][  T315]  driver_probe_device+0x54/0x3d0
[  134.973976][  T315]  __device_attach_driver+0x2c5/0x470
[  134.979180][  T315]  bus_for_each_drv+0x183/0x200
[  134.983861][  T315]  __device_attach+0x312/0x510
[  134.988564][  T315]  device_initial_probe+0x1a/0x20
[  134.993413][  T315]  bus_probe_device+0xbe/0x1e0
[  134.998005][  T315]  device_add+0xb60/0xf10
[  135.002176][  T315]  usb_new_device+0x1038/0x1c10
[  135.006858][  T315]  hub_event+0x2def/0x4770
[  135.011161][  T315]  process_one_work+0x6bb/0xc10
[  135.015798][  T315]  worker_thread+0xad5/0x12a0
[  135.020319][  T315]  kthread+0x421/0x510
[  135.024242][  T315]  ret_from_fork+0x1f/0x30
[  135.028469][  T315] 
[  135.030649][  T315] The buggy address belongs to the object at ffff88810d998000
[  135.030649][  T315]  which belongs to the cache kmalloc-4k of size 4096
[  135.044528][  T315] The buggy address is located 3168 bytes inside of
[  135.044528][  T315]  4096-byte region [ffff88810d998000, ffff88810d999000)
[  135.058067][  T315] The buggy address belongs to the page:
[  135.063555][  T315] page:ffffea0004366600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10d998
[  135.073609][  T315] head:ffffea0004366600 order:3 compound_mapcount:0 compound_pincount:0
[  135.081765][  T315] flags: 0x4000000000010200(slab|head|zone=1)
[  135.087675][  T315] raw: 4000000000010200 dead000000000100 dead000000000122 ffff888100043380
[  135.096094][  T315] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000
[  135.104524][  T315] page dumped because: kasan: bad access detected
[  135.110774][  T315] page_owner tracks the page as allocated
[  135.116311][  T315] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd60c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_RETRY_MAYFAIL|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 289, ts 21357574623, free_ts 21352247962
[  135.136883][  T315]  post_alloc_hook+0x1a3/0x1b0
[  135.141501][  T315]  prep_new_page+0x1b/0x110
[  135.145851][  T315]  get_page_from_freelist+0x3550/0x35d0
[  135.151225][  T315]  __alloc_pages+0x27e/0x8f0
[  135.155628][  T315]  new_slab+0x9a/0x4e0
[  135.159534][  T315]  ___slab_alloc+0x39e/0x830
[  135.163965][  T315]  __slab_alloc+0x4a/0x90
[  135.168121][  T315]  __kmalloc+0x172/0x2c0
[  135.172206][  T315]  kvmalloc_node+0x1f0/0x4d0
[  135.176628][  T315]  alloc_netdev_mqs+0x8c/0xc90
[  135.181232][  T315]  rtnl_create_link+0x2e1/0x9d0
[  135.185916][  T315]  rtnl_newlink+0x13dc/0x2050
[  135.190606][  T315]  rtnetlink_rcv_msg+0x951/0xc40
[  135.195597][  T315]  netlink_rcv_skb+0x1cf/0x410
[  135.200132][  T315]  rtnetlink_rcv+0x1c/0x20
[  135.204385][  T315]  netlink_unicast+0x8df/0xac0
[  135.208989][  T315] page last free stack trace:
[  135.213491][  T315]  free_unref_page_prepare+0x7c8/0x7d0
[  135.218817][  T315]  free_unref_page+0xe8/0x750
[  135.223306][  T315]  __free_pages+0x61/0xf0
[  135.227463][  T315]  __free_slab+0xec/0x1d0
[  135.231630][  T315]  __unfreeze_partials+0x165/0x1a0
[  135.236694][  T315]  put_cpu_partial+0xc4/0x120
[  135.241429][  T315]  __slab_free+0x1c8/0x290
[  135.245690][  T315]  ___cache_free+0x109/0x120
[  135.250255][  T315]  qlink_free+0x4d/0x90
[  135.254244][  T315]  qlist_free_all+0x44/0xb0
[  135.258578][  T315]  kasan_quarantine_reduce+0x15a/0x180
[  135.263869][  T315]  __kasan_slab_alloc+0x2f/0xe0
[  135.268557][  T315]  slab_post_alloc_hook+0x53/0x2c0
[  135.273538][  T315]  __kmalloc_track_caller+0x11d/0x2c0
[  135.278711][  T315]  kvasprintf+0xd6/0x180
[  135.282828][  T315]  kvasprintf_const+0x5e/0x190
[  135.287395][  T315] 
[  135.289561][  T315] Memory state around the buggy address:
[  135.295046][  T315]  ffff88810d998b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  135.303020][  T315]  ffff88810d998b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  135.310917][  T315] >ffff88810d998c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  135.318849][  T315]                                                        ^
[  135.325869][  T315]  ffff88810d998c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  135.334142][  T315]  ffff88810d998d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  135.341988][  T315] ==================================================================
[  135.350059][  T315] Disabling lock debugging due to kernel taint
[  135.473092][    T6] usb 8-1: Using ep0 maxpacket: 16
[  135.593156][    T6] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  135.603124][    T6] usb 8-1: config 0 has no interfaces?
[  135.793203][    T6] usb 8-1: New USB device found, idVendor=05ac, idProduct=c704, bcdDevice=62.77
[  135.802211][    T6] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.810673][    T6] usb 8-1: Product: syz
[  135.814728][    T6] usb 8-1: Manufacturer: syz
[  135.819246][    T6] usb 8-1: SerialNumber: syz
[  135.824412][    T6] usb 8-1: config 0 descriptor??
[  135.874240][  T312] plantronics 0003:047F:FFFF.0018: No inputs registered, leaving
[  135.884218][  T312] plantronics 0003:047F:FFFF.0018: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  136.074420][  T316] usb 8-1: USB disconnect, device number 10
[  136.143929][  T312] usb 3-1: USB disconnect, device number 3