last executing test programs:

48.001028567s ago: executing program 32 (id=441):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = openat$rtc(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH(r2, 0x7005, 0x0)
readv(r2, &(0x7f0000000000)=[{&(0x7f00000012c0)=""/191, 0x4}], 0x3)

43.141476476s ago: executing program 1 (id=544):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffff3e10}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xee8f010b3d1e850f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x0)

43.073452077s ago: executing program 1 (id=546):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x40}, {0x6}]}, 0x10)
r1 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0)

42.86048891s ago: executing program 1 (id=550):
syz_usb_connect$uac1(0x4, 0x92, &(0x7f0000000080)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x80, 0x3, 0x1, 0x8, 0x20, 0x8, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x0, 0xaa}, [@extension_unit={0xd, 0x24, 0x8, 0x5, 0x3, 0x4, "67c05dd06dce"}, @selector_unit={0x5, 0x24, 0x5, 0x3, 0xe}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@as_header={0x7, 0x24, 0x1, 0x4, 0xb, 0x1001}]}, {{0x9, 0x5, 0x1, 0x9, 0x40, 0xa, 0xb, 0x0, {0x7, 0x25, 0x1, 0x0, 0xc, 0x4}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x8, 0x24, 0x2, 0x1, 0x0, 0x2, 0x0, 0xff}]}, {{0x9, 0x5, 0x82, 0x9, 0x10, 0x6, 0x8, 0x0, {0x7, 0x25, 0x1, 0x1, 0x5, 0x5}}}}}}}]}}, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
r1 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x2, @dev={0xfe, 0x80, '\x00', 0x1d}, 0x9}, 0x1c)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000100)="88", 0xfdef}], 0x1)

41.999549155s ago: executing program 1 (id=570):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./file2\x00', 0x0, &(0x7f00000002c0)={[{@nouser_xattr}, {@four_active_logs}, {@four_active_logs}, {@nobarrier}, {@gc_merge}, {@fastboot}, {@prjjquota={'prjjquota', 0x3d, '-{'}}, {@jqfmt_vfsv1}, {@extent_cache}, {@fastboot}]}, 0x1, 0x54f9, &(0x7f000000ab40)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYogbSQBqiB3FJCBBEeB4WIRJE8thX0fZIZxoIfMwgO80YaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgS3fVenFz9fu6bc5u306e2QAAAADnbKv1on4yS/2vzf3vza2fTb+IiDIizq3dR/HpJHPU5FSvvL56MYbbiDrh8BmT5voSEX+a6+FH198CAAAAXK7NcjVPq/X0MBt6QPQpFW3Kb38z5RURUc3uM6WVh7xfmcLq3/c4/mdKqwtY00xhqeQ2zpX2LvXf/Vi1mz5ritSUb78/29wBAIAejU6aflchAAAA9Onf0ANgGEU8bWUetwInqWm29z6f9AAAAIAPqBh6AAAAAEDn6vW/8/8AAADgsqXz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjStlovNsvVvG3Obt9OntkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/szzsKhEAYhMHe9Z3J3P+w0qCpqUkVCB9/YzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLE/LykQAkEQBXPG/076/oeVBD2DCBHQ8KiiFg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABf9Ltf/k9MjTPJ3Glj6XgkWbtqbF019h40jh6Mt38DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLFzP69xVHEAwN/M7GxtVVyj7CEiCh70Yrfb2tqbeFCCB/8EIaTbGrv1R5uDLUXIxZvknIvoUURQ4i3/Q84J5BJvOewhgmdlZmeSyQ9w/dGZTfL5wJv33WGY932zEPKd9xIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNLo3YM4yQ6dcRwX5zb3Hi9k/daRPrO+sj2btSyO6kz6dHi5+iHqNpcIAAAA50dS1vchhJ10bS7r405e/6flNVnN/92z47is54/W/WVf1v5Z+/WX3Rf3B+qMx8luentxOLhyPJXWk5vldHvub69o5U8+f/eS5F9I/MHyC6M0f57RNxsb77Xz8EId2QIA/8blsi+C8vehrO83mRgA50arUniX9X/SaTYnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDqMlsPTZRyFEGZbB3Fma+/xwkn9+sr2bNlurK6uVO+Z3SINIdxeHA6u1DiXaffg4aO788Ph4H79wSshhKZGf6eY/t2PJrg4hEaej+B/CuLiy56WfE5H0OAPJQAAzqS0aFldv5OuzWXnopkQ/vz+cP3/eiUOE9b/ux/f2KyOVa3/+7XNcPr1lu593nvw8NGbi/fm7wzuDD5962r/7f61m9ev3+zl70p63pgAAADw37SLVq3/45nj6/+XKnGYsP7/4tv+V9WxEvX/iQ4W/ZrOBAAA4Hx7/tU/fo9OOB+12+HL+aWl+/3xcf/z1fGxgVT/sQtFq9b/yUzTWQEAAAB1GC1Hh9b/b1XiMOH6/zM/vPRT9Z5JCOFisf5/eeGz4a36pjPV6vhz4qbnCAAAQLMuFq26/p/m+//j/S0PcQjhjdfGcfFvACeq/5P3v/6xOlZ1//+1+qY4leLu+HnkfTeEVrfpjAAAADjLnipaVuz/lq7NffLzpQ/b9v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O2vAAAA//+END5e")
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x21c0, 0x103)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]})
setxattr$security_capability(&(0x7f0000000240)='./file0/file1\x00', &(0x7f0000000280), 0x0, 0x0, 0x0)

41.425911704s ago: executing program 1 (id=586):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xc, &(0x7f0000000040)=@framed={{0x18, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00'}, 0x90)

40.944976892s ago: executing program 1 (id=597):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x8, 0x2, 0x4, 0x5}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r3}, 0x10)
wait4(r0, 0x0, 0x8, 0x0)

40.925974282s ago: executing program 33 (id=597):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x8, 0x2, 0x4, 0x5}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r3}, 0x10)
wait4(r0, 0x0, 0x8, 0x0)

27.650528149s ago: executing program 3 (id=1045):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000040)={0x0, 0xea60}, 0x10)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000140)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x4e23, 0xa4e4, @remote, 0x3}, 0x1c)
write(r0, &(0x7f0000000500)="01a9c0", 0x3)

27.56255774s ago: executing program 3 (id=1052):
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r0 = gettid()
r1 = gettid()
tkill(r0, 0x12)
tkill(r0, 0x1)
tkill(r1, 0x14)

27.55072714s ago: executing program 3 (id=1053):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, &(0x7f0000000340), &(0x7f0000000380)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000280)='tlb_flush\x00', r1}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

27.467975492s ago: executing program 3 (id=1056):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00')

27.431528862s ago: executing program 3 (id=1058):
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='bridge0\x00', 0x10)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x48, 0x83, 0x0, 0x80000001}, {0x6, 0x5, 0x0, 0xfffffc}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x800, &(0x7f0000000100)={0x2, 0x4e23, @multicast2}, 0x10)

27.333182974s ago: executing program 3 (id=1059):
syz_open_dev$loop(&(0x7f0000000200), 0x7e, 0x18001)
mount(&(0x7f00000000c0)=@nullb, &(0x7f00000002c0)='./bus\x00', &(0x7f0000000300)='securityfs\x00', 0x10010, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext2\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000a40), 0x1, 0x4be, &(0x7f0000000540)="$eJzs3c9vU8kdAPDve/lJCCS0HNqqLZTS0gphJwYixIleWlUIqSrqqQdIExNFseModihJOYT/oVKRemr/hB4q9VCJU++97d72wh5WYnfRrshKe/DqPTshQBwChHgVfz7SxG/eOP7OxHozzjexJ4CedToi1iNiMCJuR8RY+3zSLnGtVbL7PXt6f2bj6f2ZJJrNm58leXt2LrZ9T+Zo+zGHI+L3v4n4U/Jq3Prq2sJ0pVJebteLjepSsb66dmG+Oj1XnisvlkpTk1MTVy5eLu3bWE9V//Xk1/PX//Df//zo8f/Xf/mXrFuj7bbt49hPraEPbMXJ9EfE9fcRrAv62uMZ7HZHeCtpRHwnIs7k1/9Y9OXPJgBwmDWbY9Ec214HAA67NM+BJWmhnQsYjTQtFFo5vJMxklZq9cb5O7WVxdlWrmw8BtI785XyRDtXOB4DSVafzI+f10sv1S9GxImI+OvQkbxemKlVZrv5wgcAetjRl9b/L4da6z8AcMgNd7sDAMCBs/4DQO+x/gNA77H+A0Dvsf4DQO95g/XfSwUAOCQs6gDQU35340ZWmhvtz7+evbu6slC7e2G2XF8oVFdmCjO15aXCXK02l39mT/V1j1ep1ZYmL8XKvWKjXG8U66trt6q1lcXGrfxzvW+VBw5kVADAbk6cevRhEhHrV4/kJbbt5WCthsMt7XYHgK7p63YHgK6x2xf0Lr/jAzts0fuCjv8i9HD/+wIcjHPfl/+HXiX/D71L/h96l/w/9K5mM7HnPwD0GDl+wN//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4M2N5iVJC+29wEcjTQuFiGMRMR4DyZ35SnkiIo5HxAdDA0NZfbLbnQYA3lH6SdLe/+vc2NnR5+eH8q+DyVf5wWBE/PnvN/92b7rRWJ7Mzn++db7xsH2+1K0xAAC72VynN9fxTc+e3p/ZLAfZnye/am0umsXdaJdWS3/057fDMRARI18k7XpL9nqlbx/irz+IiO/tNP4kz42Mt3c+fTl+FvvYgcZPX4if5m2t2+xn8d196Av0mkfZ/HNtp+svjdP57c7X/3A+Q727zflv45X5L92a//o6zH+n9xrj0v9+27HtQcQP+neKn2zFTzrEP7vH+B/98MdnOrU1/xFxLnaOvz1WsVFdKtZX1y7MV6fnynPlxVJpanJq4srFy6VinqMubmaqX/Xp1fPHdxv/SIf4w68Z/8/2OP5/fn37jz/ZJf4vfrrz839yl/jZmvjzPcafHvl3x+27s/izHcb/uuf//B7jP/54bXaPdwUADkB9dW1hulIpLztwcDAHG82W3e7TjIhvQVd7+aDbMxPwvj2/6LvdEwAAAAAAAAAAAAAAoJM3fGPQYLzF24m6PUYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOr28CAAD//xlX3DU=")
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
setgroups(0x400000000000026f, &(0x7f0000000080)=[0x0, 0xee00])
lseek(r0, 0x9, 0x0)

27.314455454s ago: executing program 34 (id=1059):
syz_open_dev$loop(&(0x7f0000000200), 0x7e, 0x18001)
mount(&(0x7f00000000c0)=@nullb, &(0x7f00000002c0)='./bus\x00', &(0x7f0000000300)='securityfs\x00', 0x10010, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext2\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000a40), 0x1, 0x4be, &(0x7f0000000540)="$eJzs3c9vU8kdAPDve/lJCCS0HNqqLZTS0gphJwYixIleWlUIqSrqqQdIExNFseModihJOYT/oVKRemr/hB4q9VCJU++97d72wh5WYnfRrshKe/DqPTshQBwChHgVfz7SxG/eOP7OxHozzjexJ4CedToi1iNiMCJuR8RY+3zSLnGtVbL7PXt6f2bj6f2ZJJrNm58leXt2LrZ9T+Zo+zGHI+L3v4n4U/Jq3Prq2sJ0pVJebteLjepSsb66dmG+Oj1XnisvlkpTk1MTVy5eLu3bWE9V//Xk1/PX//Df//zo8f/Xf/mXrFuj7bbt49hPraEPbMXJ9EfE9fcRrAv62uMZ7HZHeCtpRHwnIs7k1/9Y9OXPJgBwmDWbY9Ec214HAA67NM+BJWmhnQsYjTQtFFo5vJMxklZq9cb5O7WVxdlWrmw8BtI785XyRDtXOB4DSVafzI+f10sv1S9GxImI+OvQkbxemKlVZrv5wgcAetjRl9b/L4da6z8AcMgNd7sDAMCBs/4DQO+x/gNA77H+A0Dvsf4DQO95g/XfSwUAOCQs6gDQU35340ZWmhvtz7+evbu6slC7e2G2XF8oVFdmCjO15aXCXK02l39mT/V1j1ep1ZYmL8XKvWKjXG8U66trt6q1lcXGrfxzvW+VBw5kVADAbk6cevRhEhHrV4/kJbbt5WCthsMt7XYHgK7p63YHgK6x2xf0Lr/jAzts0fuCjv8i9HD/+wIcjHPfl/+HXiX/D71L/h96l/w/9K5mM7HnPwD0GDl+wN//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4M2N5iVJC+29wEcjTQuFiGMRMR4DyZ35SnkiIo5HxAdDA0NZfbLbnQYA3lH6SdLe/+vc2NnR5+eH8q+DyVf5wWBE/PnvN/92b7rRWJ7Mzn++db7xsH2+1K0xAAC72VynN9fxTc+e3p/ZLAfZnye/am0umsXdaJdWS3/057fDMRARI18k7XpL9nqlbx/irz+IiO/tNP4kz42Mt3c+fTl+FvvYgcZPX4if5m2t2+xn8d196Av0mkfZ/HNtp+svjdP57c7X/3A+Q727zflv45X5L92a//o6zH+n9xrj0v9+27HtQcQP+neKn2zFTzrEP7vH+B/98MdnOrU1/xFxLnaOvz1WsVFdKtZX1y7MV6fnynPlxVJpanJq4srFy6VinqMubmaqX/Xp1fPHdxv/SIf4w68Z/8/2OP5/fn37jz/ZJf4vfrrz839yl/jZmvjzPcafHvl3x+27s/izHcb/uuf//B7jP/54bXaPdwUADkB9dW1hulIpLztwcDAHG82W3e7TjIhvQVd7+aDbMxPwvj2/6LvdEwAAAAAAAAAAAAAAoJM3fGPQYLzF24m6PUYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOr28CAAD//xlX3DU=")
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
setgroups(0x400000000000026f, &(0x7f0000000080)=[0x0, 0xee00])
lseek(r0, 0x9, 0x0)

24.296744293s ago: executing program 6 (id=1130):
socket(0x10, 0x3, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000000)={0x3, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0x6, @ipv4={'\x00', '\xff\xff', @local}}}}, 0x108)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x11, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000140)={0x2, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0x2000, @loopback, 0x80000004}}}, 0x108)
getsockopt$inet6_buf(r0, 0x29, 0x30, &(0x7f0000000000)=""/40, &(0x7f0000001000)=0xf9)

24.295421263s ago: executing program 6 (id=1140):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/tcp\x00')
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4)
setsockopt$sock_int(r1, 0x1, 0x9, &(0x7f0000000400)=0x9, 0x4)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x58}}, 0x10)
pread64(r0, &(0x7f0000000200)=""/123, 0x9e, 0xc8)

24.259717824s ago: executing program 6 (id=1134):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'syz_tun\x00', <r2=>0x0})
setsockopt$inet6_mreq(r1, 0x29, 0x1c, &(0x7f00000001c0)={@remote, r2}, 0x14)

24.238503294s ago: executing program 6 (id=1146):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./file2\x00', 0x800010, &(0x7f00000004c0)=ANY=[@ANYBLOB="6e6f696e6c696e655f78617474722c6e6f696e6c696e655f64656e7472792c70726a6a71756f74613d6163746976655f6c6f67733d342c6a71666d743d76667376312c6e6f696e6c696e655f646174612c6e6f5f686561702c636865636b706f696e743d64697361626c652c66617374626f6f742c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c00ac19de274efe59cc5334a78992c33160f2bb29d00ec19e86b62e10e9d54427a6838f1aff0ce27327b707feafcce74234d4abe846a4a55fd26c5918e2ac7a6aa2fd027fd0b881927cefce65dd3d73b0b9185466a67b", @ANYRES32], 0x21, 0x552d, &(0x7f0000000a00)="$eJzs3EtvG1UUAODjpOmbEiEW7DqoQkqk2qrTh2BXoBUP0aoqsGAFju1abmxPFDtOyIoFS8SCf4JAYsWS38CCNTvEAsQOCeS5E2gKlZDixKT5Pml85t65c+beURTpzFgO4NhazH77pRIX4kxEzEfE+Yhiv1JuhZspvBARFyNi7pGtUvb/1XEyIs5GxIVJ8pSzUh764vL40vWf3/712+9PnTj35Tc/zG7VwKy9FBH99bS/1U8x76T4sOxvjLtF7F8blzEd6K+V7TzFrfZqkWGrsTuuUcSrnTQ+X98cTuKDXqM5iZ3ug6J/fZAuOBx3dvMUJzxsbBTtVnu1iN1hXsTOTprX9k7637YzHKU8rTLfx0X6GI12Y+pvb7fTetbXitgcjMr+lDdvtbcncVzG8nLRzHutYh6r+7nT/2svvtMdbG5n4/bGsJsPsuu1+su1+o1qfSNvtUfta9VGv3XjWrbU6U2GVUftRv9mJ887vXatmfeXs6VOs1mt17OlW+3VbmOQ1eu1q7Ur1evL5d7l7I2772e9VrY0ia91B5ujbm+YPcg3snTGcrZSu/rKcnapnr1751527/7t23fuvffhrQ/uvnrnrdfLQf+YVra0cmVlpVq/Ul2pL+/vBhyp9X9aTnqK64d9qcx6AgBHj/ofmIWDq/837kccfP0f6v+pOFL173Gv/w9g/bAv6n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGPrx4Wv3ix2FlP7XNn/TNn1XNmuRMRcRPzxL+bj5J6c82WehSeMX3hsDt9VosgwucapcjsbETfL7fdnD/ouAAAAwNPr608ufp6q9fSxOOsJcZjSQ5u58x9NKV8lIhYWf5pStrnJx/NTSlb8fZ+I7SllKx5gnZ5SsvTI7cS0sv0n83vC6UdCJYW5x8+Y2moBAICZ2VsJHG4VAgAAwGH67IlH1g51HhyySuy+ytx9F1x88/7vl31nUturPwAAADi6KrOeAAAAAHDgivrf7/8BAADA0y39/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH+ycy+5aQNxHID/NrjQl4qq7nuV7uAYPUKXXVYcoJfgCOQKuQBnILscIYIIj4NCRB7EY6xE3yfZgy3zmxkei5mRBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBLV9VydvHv5/+2OZttO3l6AwAAAByzrpaz+sUkXX9u7n9tbn1vrouIKCPi2Nh9EB8OMgdNTvXI89WDNlxG1Am7OkbN8SkifqVjG9+6/hQAAADgXRruTqv5YppG6+k06btVtHbCd5gmbcovvzNVXURENbnOlFbu8n5kCqt/38P4mymtnsAaZwpLU27DXGkvUv/d97N243tFkYry6fdn6zsAAHBGg4PivKMQAAAAzulP3w2gCx+ffaKIu6XM/VLgKBXjgwiLfQAAAPB2FX03AAAAAOhcPf4/Zf+/6Gf/v7ix/x8AAAC8Wtr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC6tq+VsNV9M2+Zstu3k6Q0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADALfvzjgIhEAZhsHd9ZzL3P6w0aGpqUgXCx98YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7M9LCoRAEETBnPG/k77/YSVBzyBCBDQ8qqhFAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7Ny/b9xUHADwZ/t8/QGII6AbghBIDLDQ67W0dEMMoIiBPwEpSq8l9MqPNgOtKqQsbChzFwQjQkigsPUfYOqG1EpdytbhhiKxsByyz845TSUuRLEvyecjPb/vOY7f99lSlK+fEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDR6bxon2aYzieNi373Ht1ay/v4TfebOxoPFrGVxVGfSB8Mr1Q9Rt7lEAAAAODqSsr4PITxMN5eyPu7k9X9aHpPV/N8/N4nLev7Jur/sy9o/a7/9+uilrYE6k3Gyk15aHQ5O70yltX+znG/P/+cRrfzK589ekvyGxB+uvzhK8+sZfXv37vvtPDxWR7YAwP9xquyLoPx9KOv7TSYGwJHRqhTeZf2fdJrNCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAOo/XwTBlHIYTF1jTO3H98a+Vp/Z2NB4tlO3/79kb1nNkp0hDCpdXh4HSNc5l312/cvLI8HA6u1R+8GkJoavR3i+lf+XiGg0No5PrsV/DPeDze1Xcdbz7nPQVxcbPnJZ+DETT4QwkAgEMpLVpW1z9MN5eyfdFCCOMfttf/b1TiMGP9/+iT8/eqY1Xr/35tM5x/vbWrX/Su37j51urV5cuDy4PP3j7Tf6d/9sK5cxd6+bOSnicmAAAA7E27aNX6P17Yuf5/shKHGev/L7/rfz0d6Y98q/7fabro13QmAAAAR9sLr/39V/SU/VG7Hb5aXlu71p9stz6fmWwbSHXXjhWtWv8nC01nBQAAANRhtB5tW/+/WInDjOv/z/748s/VcyYhhBPF+v+plc+HF+ubzlyr48+Jm54jAAAAzTpRtOr6f5q//x9vvfIQhxDefH0SF/8GcKb6P/ngm5+qYyWV9//P1jfFuRR3J9cj77shtLrbvvx7Y4kBAABwKB0vWlbs/5luLn36y8mP2t7/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKjbvwEAAP//E41CoA==")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x3)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x4008, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
setxattr$security_capability(&(0x7f0000000240)='./file0/file1\x00', &(0x7f0000000280), 0x0, 0x0, 0x0)

23.90421892s ago: executing program 6 (id=1143):
r0 = memfd_create(&(0x7f00000008c0)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa', 0x0)
ftruncate(r0, 0x80079a0)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r0, 0x0)
lseek(r0, 0xb14d, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
sendfile(r0, r0, 0x0, 0x200001)

23.649045554s ago: executing program 6 (id=1154):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x5b, 0x0, 0x0)
ioctl$KVM_CAP_HYPERV_ENFORCE_CPUID(r2, 0x4068aea3, &(0x7f0000000540)={0xc7, 0x0, 0x2})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

23.648042844s ago: executing program 35 (id=1154):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x5b, 0x0, 0x0)
ioctl$KVM_CAP_HYPERV_ENFORCE_CPUID(r2, 0x4068aea3, &(0x7f0000000540)={0xc7, 0x0, 0x2})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

8.331419689s ago: executing program 8 (id=1552):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r2)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x2c, r3, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2004c890}, 0x2000c800)

8.27559264s ago: executing program 8 (id=1554):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, 0x0, 0x800, 0x70bd27, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x4000)
getsockname$packet(r0, &(0x7f0000000740)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newlink={0x38, 0x10, 0x401, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x1114}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x38}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newlink={0x34, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x100, 0xac}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x40001}, 0x20004090)

8.083588434s ago: executing program 8 (id=1557):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3000010, &(0x7f0000000000), 0x3e, 0x51b, &(0x7f0000001200)="$eJzs3c9vI1cdAPDvTOLd7G6KU0CoVKJUtGi3grU3DW0jhKBc4FQJKPclJE4UxY6j2CmbqKKp+A8QEkicOHFB4g9AQj3wB6BKleCCOCBAIARbOCABHTTjsZp17CTQrJ3Gn4/04vfm1/e9sfw8M36ZCWBqPRkRL0bETEQ8ExHVcnpaprt54bC33Nv3X13NUxJZ9vJfk0jKaf1t5eXZiLjRWyXmIuJrX474ZnI8bmf/YGul2WzsluV6t7VT7+wf3N5srWw0NhrbS0uLzy+/sPzc8p2s9J7audDP/PhLn//5p7/1u7t/vvXtvFqf+0hUYqAd56nX9EqxL/ryfbT7MIJNwEzZnsqkKwIAwJnkx/gfjIhPFMf/1ZgpjuYGzEyiZgAAAMB5yb4wH/9OIjIAAADg0kojYj6StFaOBZiPNL1SXhv4cFxPm+1O91Pr7b3ttXxexEJU0vXNZuNOOVZ4ISpJXl4sx9j2y88OlJci4tGI+F71WlGurbabaxO+9gEAAADT4sbA+f8/qmmRP92Q/xMAAAAALq6FkQUAAADgsnDKDwAAAJff4Pm/+/0DAADApfKVl17KU9Z//vXaK/t7W+1Xbq81Olu11t5qbbW9u1PbaLc3inv2tU7bXrPd3vlMbO/dq3cbnW69s39wt9Xe2+7e3XzgEdgAAADAGD368Td+nUTE4WevFSnK+wACPOAPk64AcJ4M9YPp5S7eML0qk64AMHHJKfMN3gEAgPe/mx89/vt///n/rg3A5WasDwBMH7//w/SqGAEIU2u2vAbwgV7x6qjlRv7+/8uzRsqyiDerR6e4vggAAOM1X6QkrZXnAfORprVaxCMR6UJUkvXNZuNOeX7wq2rlal5eLNZMTh0zDAAAAAAAAAAAAAAAAAAAAAAAAAD0ZFkSGQAAAHCpRaR/Soq7+UfcrD49P3h94Eryz2r8sSz88OXv31vpdncX8+l/K57ldSUiuj8opz878vFhAAAAwHlLDkfO6p2nl6+LY60VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFPg7fuvrvbTOOP+5YsRsTAs/mzMFa9zUYmI639PYvbIeklEzJxD/MPXI+KxYfGTeCfLXouyFsPiX3vI8ReKXTM8fhoRN84hPkyzN/L+58Vhn780nixeh3/+Zsv0Xo3u/9Iy8mNFPzes/3nk2NZaQ2M8/tZP671c5Xj81yMenx3e//T732RE/KeObe1fWZYdj/+Nrx8cjGp/9qOIm0O/f5IHYtW7rZ16Z//g9mZrZaOx0dheWlp8fvmF5eeW79TXN5uN8u/QGN/92M/eGRU/b//1IfF/+5te/3tS+58etdEB/3nr3v0P9bLH3oA8/q2nhn7/zsWI+Gn53ffJMp/Pv9nPH/byRz3xkzefOKn9ayP2/2nv/60ztv+Zr37n92dcFAAYg87+wdZKs9nYPSEzd4Zl3o+ZX8xdiGr8j5nstd47d1Hq8/9m8qPVd6f0W3UBKnYkk40l1tXieP6sa10ZU9sn2i0BAAAPwbsH/ZOuCQAAAAAAAAAAAAAAAAAAAEyvcdxKbTDm4WSaCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwov8GAAD//3QT3Gw=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.numa_stat\x00', 0x275a, 0x0)
getpgid(0x0)
readv(r0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/210, 0xd2}], 0x1)
fallocate(r0, 0x10, 0x17e, 0x1000f)
lseek(r0, 0x1, 0x3)

7.992966625s ago: executing program 8 (id=1559):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x10e, &(0x7f0000000340)={[{@nodiscard}, {@dioread_lock}, {@data_err_ignore}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10000}}, {@resuid}, {@norecovery}]}, 0x1, 0x458, &(0x7f0000000680)="$eJzs27tvHEUYAPBv9+yEvLAJ4ZEHYAiIiIcdOwFS0IBAogAJiSaUxnaikEuMYiORKAIHoVCiSPSIEom/gAoaBFRItNCjSBFKQ6A6tL7d3CN359fZC9zvJ609szPrmc+zcze7exfAwBrLfiQRuyPi14gYqWdbK4zVf926eXnmr5uXZ5Ko1d76I1mu9+fNyzNF1eK4XXnmSBqRfpLEwQ7tLly8dHa6Wp27kOcnFs+9N7Fw8dKzZ85Nn547PXd+6sSJ48cmX3h+6rm+xHlP1tcDH84f2v/a29femDl57Z0fv06K+Nvi6JOxXoVP1Gp9bq5ce5rSyVCJHWFNKhGRDdfw8vwfiUo0Bm8kXv241M4Bm6qW61K8VAP+x5IouwdAOYo3+uz6t9i2bvVRvhsv1S+Asrhv5Vu9ZCjSvM5w2/VtP41FxMmlv7/ItljxPoQLawBg477N1j/PdFr/pXF/U72782dDo/mzlL0RcW9E7IuI+yKW6z4QEQ+usf22hyTbI6Jt/ZNeX19kq5Ot/17Mn221rv+K1V+MVvLcnuX4h5NTZ6pzR/P/yZEY3p7lJ3u08d0rv3zWrax5/ZdtWfvFWjDvx/Wh7a3HzE4vTm8k5mY3rkQcGOoUf3J7tZlExP6IOLDONs489dWhbmUrx99DH5bDtS8jnqyP/1K0xV9Iej+fnLgrqnNHJ4qz4k4//Xz1zW7tbyj+PsjGf2fH8/92/KNJ8/PahbW3cfW3T7te04yv6/xv7NiW//5genHxwmTEtuT1eqeb9081ji3yRf0s/iOHO8//vdH4TxyMiOwkfigiHo6IR/KxezQiHouIwz3i/+Hlx9/tVvZvGP/ZtvEfba3SNv6NxLZo39M5UTn7/Tetf7GRXN3r3/HaSNPhvV7/ivNhNf1a39kMAAAA/z1pROyOJB2/nU7T8fH6Z/j3xc60Or+w+PSp+ffPz9a/IzAaw2lxp2uk6X7oZH5ZX+Sn2vLH8vvGn1d2LOfHZ+ars2UHDwNuV6f5X6mX/V4pu3fApvOxMhhc5j8MLvMfBpf5D4Orw/zfUUY/gK3X6f3/oxL6AWy9tvnvsR8MENf/MLjMfxhczfM/KbEfwJZa2BErf0leQuKORKQ961zZeBPFOboF4SSbPAt2b0qf8yncWpQs1Xev5Q/WOhSV9IIEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQZ/8EAAD//xL/3co=")
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f0000000680)='./file0/../file0/../file0/../file0\x00', 0x0, 0x1b73404, 0x0)
chroot(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='./file0/../file0/../file0/../file0\x00')

7.915090756s ago: executing program 8 (id=1561):
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x801}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x18)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f0000000180), 0x10)
sendmsg$can_bcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0500000000bbd10d0bc11fc00000000040000000aef028c89c34dcb05408427474e1cb5e689c593e7a16dd0af4f5be2f038bc9faf7"], 0x80}}, 0x0)

7.613029191s ago: executing program 8 (id=1566):
socket(0x21, 0x2, 0x10000000000002)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
ptrace(0x10, r0)
ptrace(0x420e, r0)

7.529435612s ago: executing program 36 (id=1566):
socket(0x21, 0x2, 0x10000000000002)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
ptrace(0x10, r0)
ptrace(0x420e, r0)

5.418310625s ago: executing program 9 (id=1664):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00'}, 0x94)
openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r0}, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
lseek(r1, 0x5, 0x4)

5.280834597s ago: executing program 9 (id=1669):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0x1, 0x1, 0x0, {0x0, 0x0, 0x0, 0x0, 0x420}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)

5.11837774s ago: executing program 9 (id=1679):
timer_create(0x3, &(0x7f0000533fa0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f00000001c0))
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000001140)={[0xfffffffffffffff5]}, 0x8, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000002c0)={0x10000005})
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
ppoll(&(0x7f0000001280)=[{r1, 0x184}], 0x1, &(0x7f0000001300), 0x0, 0x0)

5.11068963s ago: executing program 9 (id=1680):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f00000002c0)='./bus\x00', 0x4010, &(0x7f0000000a40)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES16], 0x1, 0x11ee, &(0x7f0000002480)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000e00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x31)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000000)='tlb_flush\x00', r0}, 0x10)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = open(&(0x7f00000003c0)='.\x00', 0x100, 0x97)
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)

5.070910621s ago: executing program 9 (id=1681):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r1}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

4.913951253s ago: executing program 9 (id=1682):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
close(r0)
socket(0x1e, 0x4, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mount$9p_fd(0x0, &(0x7f0000000100)='./file0/file0\x00', &(0x7f0000000080), 0x1004014, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

4.913553963s ago: executing program 37 (id=1682):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
close(r0)
socket(0x1e, 0x4, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mount$9p_fd(0x0, &(0x7f0000000100)='./file0/file0\x00', &(0x7f0000000080), 0x1004014, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

3.24807863s ago: executing program 7 (id=1751):
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sched_process_fork\x00', r0}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

3.19547224s ago: executing program 7 (id=1753):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

3.175511951s ago: executing program 7 (id=1754):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x18)
rename(0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
sync_file_range(0xffffffffffffffff, 0x9, 0x1, 0x1)

3.058254512s ago: executing program 7 (id=1756):
r0 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000640)=ANY=[@ANYBLOB="12010000090000402505a8a440000102030109021b00010100000009040000020701010009050102"], 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000000)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1}})
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0xc806, &(0x7f0000000040)={0x2, 0x4e21, @multicast2}, 0x10)
close(0x3)
syz_open_dev$char_usb(0xc, 0xb4, 0x2000000)
syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb2361000000010902"], 0x0)

1.160532482s ago: executing program 2 (id=1818):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x3014850, &(0x7f00000006c0)={[{@noquota}, {@barrier_val={'barrier', 0x3d, 0x1000}}, {@grpjquota}, {@noauto_da_alloc}, {@dioread_lock}]}, 0x3, 0x4c5, &(0x7f0000001cc0)="$eJzs3U1rW1caAOD3ynbiJM7YmZlFJjCZMJPBCTOR7HiSmFlkPFDaVaBpunddWzbGsmUsOYlNKA79AYXSL9pVV90Uui6Fkp9QCoF2X0ppCW2SLrpoqyL5qkld+YtYVmI9Dxzfcz+k9z0W90hH56IbQNs6EREjEdEREacjojfdnklLrKyW6nH37t4Yr5YkKpUr3yaRpNvqz5Wky0Ppw7oj4rlnIl5Mfh+3tLQ8M1Yo5BfS9Vx5dj5XWlo+Mz07NpWfys+NDA2eH74wfG54YMfaevGpr9545b2nL37872tfjH5z6qVqWj3pvofbsRUrWzxuteldtf9FXWdELGwn2GOsI21PV6sTAQBgS6qf8f8YEX+PiPtvtzobAAAAoBkq/+uJH5OICgAAALBnZWrXwCaZbHotQE9kMtns6jW8f46DmUKxVP7XZHFxbmL1Wtm+6MpMThfyA+m1wn3RlVTXB2v1B+tn16wPRcSRiHit90BtPTteLEy0+ssPAAAAaBOH1oz/v+9dHf8DAAAAe0xfqxMAAAAAms74HwAAAPa+dcf/SefuJgIAAAA0w7OXLlVLpX7/64mrS4szxatnJvKlmezs4nh2vLgwn50qFqdqv9k3u9nzFYrF+f/E3OL1XDlfKudKS8ujs8XFufJo7b7eo3n3iQYAAIDdd+Rvtz5PImLlvwdqpWpfum8LY/WR5mYHNFNme4cnzcoD2H0drU4AaBkX+EL7Mh8PbDKwf33N+ja/NgAAAB4H/X95pPl/84HwBDOQh/Zl/h/al/l/aF/m/6HN7d/8kO71dnyyw7kAAABN01MrSSabzgX2RCaTzUYcrt0WoCuZnC7kByLiDxHxWW/X/ur6YKuTBgAAAAAAAAAAAAAAAAAAAAAAAIAnTKWSRAUAAADY0yIyXyfpjfz7e0/2rP1+YF/yQ29tGRHX3rny5vWxcnlhsLr9u1+3l99Kt5+tbwEAAABaqT5Or4/jAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAn3bt7Y7xedjPunf9HRF+j+J3RXVt2f9gbEQfvJ9H50OOSiOjYgfgrNyPiaKP4STWt6EuzWBs/ExEHWhz/0A7Eh3Z2q9r/jFTPv641518mTtSWjc+/zrQ8qjsn1uv/MvX+r9bPNer/Dm/81N31yrHbH+TWjX8z4lhn4/6nHj95xP73heeXl9fbV3k3on+T959qrFx5dj5XWlo+Mz07NpWfys8NDQ2eH74wfG54IDc5XcinfxvGePWvH/28UfsPNoy/2v9u1P6TW2z/T7ev3/3TBvFP/aPx6390g/jV//0/0/eB6v7+en1ltf6w4+9/enyj9k+s0/7NXv9TW2z/6csvf7nFQwGAXVBaWp4ZKxTyCyoqKnuvcjk90bf98BZ3TAAAwI578KG/1ZkAAAAAAAAAAAAAAAAAAABA+2r6j5Dt/+0vC3S3rqkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABv6JQAA///dfdKW")
open(&(0x7f0000000000)='./file1\x00', 0x109042, 0x0)
r0 = socket(0x8000000010, 0x2, 0x0)
write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9463cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000000180)={{0x2, 0x0, @remote}, {0x20000010304, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x26}}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}})

1.158248452s ago: executing program 4 (id=1819):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
r2 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000000)=@usbdevfs_driver={0x80000001, 0x7, 0x0})
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)

1.144438263s ago: executing program 4 (id=1821):
unshare(0x22020600)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000080021850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
vmsplice(r2, 0x0, 0x0, 0x1)

1.127617812s ago: executing program 4 (id=1822):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x202, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

1.120396593s ago: executing program 2 (id=1824):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000880)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r2}, 0x10)
getitimer(0x0, &(0x7f0000000240))

1.111446363s ago: executing program 2 (id=1825):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00'}, 0x90)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x8912, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x1, 0x100008, 0x4, 0x8, 0x1, 0xffffffffffffffff, 0x400000}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240), &(0x7f0000001940), 0x2000cc0, r1}, 0x38)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x1b, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240), 0x0, 0x2, r1}, 0x38)

1.060064584s ago: executing program 0 (id=1826):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r2}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

1.046280374s ago: executing program 0 (id=1827):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000000)=0x8000, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f00000000c0)=0x8, 0x4)
recvmmsg(r0, &(0x7f0000003180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002400)=""/29, 0x1d}, 0x2c}], 0x1, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x24000000, &(0x7f0000000300)={0xa, 0x4e20, 0xfffffffe, @mcast1}, 0x1c)

1.012313074s ago: executing program 2 (id=1828):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20060, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text16={0x10, &(0x7f0000000000)="f3a6ea347ea000660fe2cae0e1883838b9040100c0670f01c4ea0040e80066b9800000c0326635000100004f30f4", 0x2e}], 0x1, 0x1, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

978.110755ms ago: executing program 0 (id=1829):
r0 = fsopen(&(0x7f0000000040)='fuseblk\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000140)='{:\'@-\x00', &(0x7f0000000180)='%\xea\xfbq', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='fuseblk\x00', &(0x7f0000000100)='fuseblk\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000540)='&+\x00', &(0x7f0000000740)="8f", 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000280)='\x1c@\\\x00', &(0x7f00000002c0)='\x00', 0x0)
close(r0)

917.221566ms ago: executing program 0 (id=1830):
syz_open_procfs(0x0, &(0x7f0000000000)='net/ip6_mr_cache\x00')
pipe(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00v\x00\t'], 0x24}, 0x1, 0x5502000000000000}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)

863.415467ms ago: executing program 2 (id=1831):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000180)=ANY=[@ANYBLOB="700000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r2, @ANYBLOB="08001f0005000000050011000100000008001f00080000000800"], 0x70}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r2, {0x1, 0x6}, {0x7}, {0x3}}}, 0x24}}, 0x0)

816.726697ms ago: executing program 7 (id=1832):
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000140), 0x12)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r0, &(0x7f0000000280), &(0x7f0000000000)=""/3, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r0, &(0x7f0000000140), &(0x7f0000000000)=""/6, 0x2}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc)

800.815948ms ago: executing program 7 (id=1833):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff}, 0x6)
setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, &(0x7f0000000040)={0xfffc, [0x7, 0xfa2d], 0x2000}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

732.598119ms ago: executing program 2 (id=1834):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x11}, 0x18)

214.383477ms ago: executing program 4 (id=1841):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r0 = gettid()
process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f0000000040)=""/248, 0xf8}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/228, 0xe4}], 0x1, 0x0)
syz_clone(0x62000000, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f000029e000/0x1000)=nil, 0x1000, 0x14)

178.722577ms ago: executing program 5 (id=1843):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1b, 0x2000000000000019, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x1d, &(0x7f00000001c0), 0x4)

167.747538ms ago: executing program 4 (id=1844):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0x3c, &(0x7f0000000080)=0x3, 0x4)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x3e, &(0x7f0000000040)=0x3, 0x4)
write$binfmt_misc(r0, &(0x7f0000000040), 0xfe46)
recvfrom$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

163.033548ms ago: executing program 4 (id=1845):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000481, &(0x7f0000000500)=ANY=[@ANYRES8=0x0, @ANYRES64, @ANYRES64, @ANYRES64=0x0], 0x0, 0x23e, &(0x7f0000000bc0)="$eJzs3c9qE1EUB+AzSdqmukgWrkRwQBeuStsnSJEKYldKFupCi21BklCwEGgVQ1c+gU/ic7jxDXwAoTtdFEYmSZsWUm0wf0r9vk0uzP3NOTe5Iau5eX2n1dja3ds5/PA9yuUkCrWoJUcR1ShEbiEAgOvmV5bFUdYzWrJUmFRPAMBkXfL3f3GKLQEAE/bs+Ysnaxsb60/TtBzR+tSuJ9F77V1f24m30YztWI5KHEdkp3rjR4831qOU5qpxv9Vp1/Nk69XX/v3XfkR08ytRierw/Eracybfadfn4ka/fi3Pr0Ylbg3Prw7JR30+Htw70/9SVOLbm9iNZmxFnh3kP66k6cPs88/3L/OO83zSadcXuvMGsuLUPxwAAAAAAAAAAAAAAAAAAAAAAK6tpTRN0yz7kmVZ1jl3/k7xuHt9KT1RPX8+Ty9/0flAnTPn6yznJZLe/EG+FLdLUZrl2gEAAAAAAAAAAAAAAAAAAOCq2Ns/aGw2m9vvxjo4eax//Hf+10EU+601k4gr0E93sJj3M51ad2PEWrURS0Rh/6Bxsrsam0n8JVWe0CbJhmy/4oWp+TFVn7853lUkETF3+mb+aXIh5sb8TQEAAAAAAAAAAAAAAAAAAKZs8NDvkIuHM2gIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGZg8P//Iww6/fAlUzNeIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+B3wEAAP//bkR7Lg==")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x0, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)

147.809928ms ago: executing program 5 (id=1846):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x2000000, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c}}]}, 0x4c}}, 0x0)

134.427958ms ago: executing program 5 (id=1847):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@ipv6_newrule={0x40, 0x20, 0x1, 0x70bd27, 0x0, {0xa, 0x0, 0x20, 0x40, 0x0, 0x0, 0x0, 0x7}, [@FRA_SRC={0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @FIB_RULE_POLICY=@FRA_SUPPRESS_IFGROUP={0x8, 0xd, 0x8}, @FIB_RULE_POLICY=@FRA_SUPPRESS_PREFIXLEN={0x8, 0xe, 0xfffffff8}]}, 0x40}, 0x1, 0x0, 0x0, 0x24048844}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00!'], 0x5c}}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)

72.981329ms ago: executing program 5 (id=1848):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x3}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

63.031429ms ago: executing program 0 (id=1849):
r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x5)
fchdir(r1)
r2 = open(&(0x7f00000000c0)='.\x00', 0x10000, 0x0)
getdents(r2, 0x0, 0x0)

18.38674ms ago: executing program 5 (id=1850):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./bus\x00', 0x2000414, &(0x7f0000000500)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRES64=0x0, @ANYRESHEX, @ANYRESHEX, @ANYRESDEC], 0x1, 0x2b8, &(0x7f0000000800)="$eJzs3NFLU38Yx/Hn5/y5OdEtiKCgeqibuhm6/oAaoRANCnNSXQTHPKux0ybnDGMRuZvotr9DuuwuqP4Bb6Kb7ruTIOjGi+gbnrPpmU6durml7xfIeXae74fzdZvybLCt3n/7rJj3UnmrIgMxlQGRmqyJJNeruv/qxwG/HpKwmlwd+fXt/L0HD29nstnJadWpzMy1tKqOXfz4/OW7S58rI7Pvxz5EZSX5aPVn+vvK0MrZ1T8zTwueFjwtlStq6Vy5XLHmHFvnC14xpXrXsS3P1kLJs92mft4pLyxU1SrNj8YXXNvz1CpVtWhXtVLWiltV64lVKGkqldLRuJxsg22syS1PT1uZHdsm0tEdoeuGW5103UytdTO3fAR7AgAAfWb3+T+Y9Xee/7OzwXE/8/+Zved/Eeb/Lqk13dpj/sex4LoZK17/+23G/A8AAAAAAAAAAAAAAAAAAAAAwL9gzZiEMSaxfqyf8m9HRSQmIqbe7/E20SXhx9+EfvZ4/K/3aLvosNAH92IizpvF3GIuOAb9TF4K4ogt45KQ3/7zoS6op25lJ8fVl5RPzlI9v7SYi0i0kW9ItspfODUR5LU5/7/Ew9dPS0JOt75+umV+SK5cDuVTkpAvj6Usjsz7z+vN/KsJ1Zt3slvyw/46AAAAAACOg5Ru2Pb63e/7C2KyvR/kQ+8PGGOWdnt/YMvr60E5185XVAIAAAAAgEPzqi+KluPY7gGKqIgcIt75whiR3m8jIv1xbzQXN0SkD7ZxVEVMRIIzepD4j414WynTxppBEen53bKPotf/mQAAAAB02ubQv4/Q19dd3BEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdPu98H1li/rdVo7BIPXS5y5L8gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Ef+BgAA//+4IRyf")
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bf"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000f80)='./bus/file0\x00', 0x810408, 0x0, 0xff, 0x0, &(0x7f00000007c0))
rename(&(0x7f0000000180)='./file0\x00', &(0x7f0000000140)='./bus/file0/file0\x00')

18.07176ms ago: executing program 0 (id=1852):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000000c0)={0x43, 0x3, 0x3}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r1, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, &(0x7f0000000340)=[{&(0x7f00000002c0)='/', 0x1}], 0x1, 0x0, 0x0, 0x40}, 0x0)

0s ago: executing program 5 (id=1853):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000880)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1ff8d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002706870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a83984e68a6d80a5f5222ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0007000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1f6428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e1700000000000000000a034000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1ebbb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa5210b16eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f086dd47e0ffff00122c00631177fbac141416e000030a44079f034d2f87e589ca6aab845013f2325f1a3911050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x7000002}, 0x2c)

kernel console output (not intermixed with test programs):

t_r:user_tmpfs_t tclass=dir permissive=1
[   31.187611][  T887] IPv6: sit1: Disabled Multicast RS
[   31.199947][   T28] audit: type=1400 audit(1753325550.039:238): avc:  denied  { execute_no_trans } for  pid=882 comm="syz.0.239" path="/45/file1" dev="tmpfs" ino=250 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   31.274892][  T893] serio: Serial port ptm0
[   31.316029][   T28] audit: type=1400 audit(1753325550.249:239): avc:  denied  { read } for  pid=897 comm="syz.3.243" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   31.387185][  T911] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   31.400781][  T390] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[   31.416575][  T390] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   31.435977][  T390] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[   31.445762][  T390] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   31.454162][  T390] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   31.462904][  T390] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   31.473045][  T390] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   31.482064][  T390] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   31.563319][  T921] user requested TSC rate below hardware speed
[   31.571695][  T921] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2856151591 (22849212728 ns) > initial count (5743301600 ns). Using initial count to start timer.
[   31.639463][   T28] audit: type=1400 audit(1753325550.569:240): avc:  denied  { mount } for  pid=935 comm="syz.0.260" name="/" dev="configfs" ino=14590 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[   31.667787][   T28] audit: type=1400 audit(1753325550.569:241): avc:  denied  { search } for  pid=935 comm="syz.0.260" name="/" dev="configfs" ino=14590 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[   31.668480][  T283] EXT4-fs (loop1): unmounting filesystem.
[   31.691037][   T28] audit: type=1400 audit(1753325550.569:242): avc:  denied  { read } for  pid=935 comm="syz.0.260" name="/" dev="configfs" ino=14590 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[   32.030228][  T979] loop2: detected capacity change from 0 to 16
[   32.051086][   T60] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   32.059453][  T979] erofs: (device loop2): mounted with root inode @ nid 36.
[   32.090833][  T981] netlink: 'syz.4.282': attribute type 1 has an invalid length.
[   32.125050][  T983] netem: change failed
[   32.257709][   T60] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   32.273963][   T60] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   32.284600][   T60] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   32.293810][   T60] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   32.323823][   T60] usb 2-1: config 0 descriptor??
[   32.440998][  T677] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   32.631023][  T677] usb 3-1: Using ep0 maxpacket: 16
[   32.637339][  T677] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[   32.651036][  T677] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   32.661385][  T677] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[   32.675184][  T677] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   32.689388][  T677] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   32.702251][  T677] usb 3-1: Product: syz
[   32.706501][  T677] usb 3-1: Manufacturer: syz
[   32.711346][  T677] usb 3-1: SerialNumber: syz
[   32.739482][ T1061] netlink: 'syz.4.319': attribute type 4 has an invalid length.
[   32.752128][ T1061] netlink: 'syz.4.319': attribute type 4 has an invalid length.
[   32.774070][ T1063] syz.4.320[1063] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   32.774134][ T1063] syz.4.320[1063] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   32.949389][   T60] usb 2-1: string descriptor 0 read error: -22
[   32.984903][ T1071] loop4: detected capacity change from 0 to 40427
[   32.993282][ T1071] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   33.001240][ T1071] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   33.010386][ T1071] F2FS-fs (loop4): invalid crc value
[   33.017322][ T1071] F2FS-fs (loop4): Found nat_bits in checkpoint
[   33.047488][ T1071] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   33.054656][ T1071] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   33.124927][  T677] usb 3-1: 0:2 : does not exist
[   33.166362][ T1077] loop4: detected capacity change from 0 to 512
[   33.174876][ T1077] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   33.186588][ T1077] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2818: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   33.199808][ T1077] EXT4-fs (loop4): 1 truncate cleaned up
[   33.205676][ T1077] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   33.231506][  T287] EXT4-fs (loop4): unmounting filesystem.
[   33.275546][ T1084] Invalid ELF header len 8
[   33.350084][   T60] uclogic 0003:256C:006D.0001: interface is invalid, ignoring
[   33.369769][   T60] usb 2-1: USB disconnect, device number 3
[   33.422345][ T1096] syz.3.333[1096] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   33.422418][ T1096] syz.3.333[1096] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   33.529509][ T1110] capability: warning: `syz.0.340' uses deprecated v2 capabilities in a way that may be insecure
[   33.736779][  T677] usb 3-1: USB disconnect, device number 2
[   33.812663][ T1136] loop3: detected capacity change from 0 to 512
[   33.822456][ T1136] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   33.844279][ T1136] EXT4-fs (loop3): 1 truncate cleaned up
[   33.850032][ T1136] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   33.881152][ T1143] loop1: detected capacity change from 0 to 128
[   33.899028][  T284] EXT4-fs (loop3): unmounting filesystem.
[   33.960364][ T1154] netlink: 96 bytes leftover after parsing attributes in process `syz.3.359'.
[   34.022787][ T1165] loop1: detected capacity change from 0 to 2048
[   34.042288][ T1165] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   34.059521][  T283] EXT4-fs (loop1): unmounting filesystem.
[   34.194388][ T1185] syz.1.371 (1185) used greatest stack depth: 20192 bytes left
[   34.342613][ T1213] loop4: detected capacity change from 0 to 256
[   34.357220][ T1213] FAT-fs (loop4): bogus number of FAT sectors
[   34.370441][ T1213] FAT-fs (loop4): Can't find a valid FAT filesystem
[   34.472707][ T1232] netlink: 88 bytes leftover after parsing attributes in process `syz.3.395'.
[   34.481885][ T1232] netlink: 48 bytes leftover after parsing attributes in process `syz.3.395'.
[   34.561487][  T319] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   34.570282][ T1242] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   34.584881][ T1242] FAT-fs (loop3): unable to read boot sector
[   34.649856][ T1255] netlink: 4 bytes leftover after parsing attributes in process `syz.1.405'.
[   34.653716][ T1257] loop4: detected capacity change from 0 to 512
[   34.668004][ T1257] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   34.691855][ T1257] EXT4-fs (loop4): 1 truncate cleaned up
[   34.697681][ T1257] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   34.748778][  T287] EXT4-fs (loop4): unmounting filesystem.
[   34.772064][  T319] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   34.806544][  T319] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[   34.821031][  T319] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   34.830110][  T319] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   34.849017][  T319] usb 3-1: Product: syz
[   34.860679][  T319] usb 3-1: Manufacturer: syz
[   34.878361][  T319] usb 3-1: SerialNumber: syz
[   34.949844][ T1291] loop1: detected capacity change from 0 to 512
[   34.970738][ T1291] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   34.986969][ T1291] EXT4-fs (loop1): 1 truncate cleaned up
[   34.993483][ T1291] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   35.060403][  T283] EXT4-fs (loop1): unmounting filesystem.
[   35.089541][  T319] usb 3-1: cannot find UAC_HEADER
[   35.097440][  T319] snd-usb-audio: probe of 3-1:1.0 failed with error -22
[   35.106213][  T319] usb 3-1: USB disconnect, device number 3
[   35.113921][ T1094] udevd[1094]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   35.303259][ T1324] netlink: 'syz.0.437': attribute type 4 has an invalid length.
[   35.315764][ T1324] netlink: 'syz.0.437': attribute type 4 has an invalid length.
[   35.526881][ T1330] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.531661][ T1341] loop1: detected capacity change from 0 to 1024
[   35.534103][ T1330] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.548519][ T1330] device bridge_slave_0 entered promiscuous mode
[   35.555724][ T1330] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.562890][ T1330] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.570262][ T1330] device bridge_slave_1 entered promiscuous mode
[   35.572626][ T1341] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   35.585219][ T1341] ext4 filesystem being mounted at /84/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   35.629098][ T1341] EXT4-fs error (device loop1): ext4_map_blocks:745: inode #15: block 1: comm syz.1.446: lblock 1 mapped to illegal pblock 1 (length 3)
[   35.649392][ T1341] EXT4-fs error (device loop1): ext4_map_blocks:745: inode #15: block 3: comm syz.1.446: lblock 3 mapped to illegal pblock 3 (length 1)
[   35.664955][ T1341] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[   35.677513][ T1341] EXT4-fs (loop1): This should not happen!! Data will be lost
[   35.677513][ T1341] 
[   35.693397][ T1341] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #15: block 3: comm syz.1.446: lblock 3 mapped to illegal pblock 3 (length 1)
[   35.722909][  T393] EXT4-fs error (device loop1): ext4_map_blocks:745: inode #15: block 8: comm kworker/u4:5: lblock 8 mapped to illegal pblock 8 (length 8)
[   35.738169][  T393] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[   35.753520][  T393] EXT4-fs (loop1): This should not happen!! Data will be lost
[   35.753520][  T393] 
[   35.767191][ T1356] overlayfs: failed to resolve './file0': -2
[   35.774335][  T283] EXT4-fs (loop1): unmounting filesystem.
[   35.818800][   T28] kauditd_printk_skb: 63 callbacks suppressed
[   35.818815][   T28] audit: type=1400 audit(2000000001.998:306): avc:  denied  { mount } for  pid=1359 comm="syz.3.453" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[   35.885804][   T28] audit: type=1400 audit(2000000002.038:307): avc:  denied  { unmount } for  pid=284 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[   36.142393][   T43] device bridge_slave_1 left promiscuous mode
[   36.148546][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.191429][   T43] device bridge_slave_0 left promiscuous mode
[   36.197584][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.282020][   T43] device veth1_macvtap left promiscuous mode
[   36.288079][   T43] device veth0_vlan left promiscuous mode
[   37.262573][  T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   37.277354][  T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   37.316843][  T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   37.325615][  T393] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   37.334652][  T393] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.341727][  T393] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.350532][  T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   37.359264][  T393] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   37.369770][  T393] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.376850][  T393] bridge0: port 2(bridge_slave_1) entered forwarding state
[   37.392926][  T393] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   37.401884][  T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   37.410586][  T393] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   37.419444][  T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   37.429041][  T393] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   37.439443][ T1392] netlink: 'syz.1.466': attribute type 4 has an invalid length.
[   37.463974][  T390] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   37.472642][  T390] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   37.481488][ T1392] netlink: 'syz.1.466': attribute type 4 has an invalid length.
[   37.512698][  T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   37.520899][  T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   37.533715][ T1330] device veth0_vlan entered promiscuous mode
[   37.544553][   T28] audit: type=1400 audit(2000000003.728:308): avc:  denied  { read } for  pid=1398 comm="syz.3.468" name="ppp" dev="devtmpfs" ino=158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   37.567243][  T677] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   37.575454][   T28] audit: type=1400 audit(2000000003.728:309): avc:  denied  { open } for  pid=1398 comm="syz.3.468" path="/dev/ppp" dev="devtmpfs" ino=158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   37.577364][  T393] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   37.598826][   T28] audit: type=1400 audit(2000000003.728:310): avc:  denied  { ioctl } for  pid=1398 comm="syz.3.468" path="/dev/ppp" dev="devtmpfs" ino=158 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   37.632412][  T393] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   37.646660][ T1330] device veth1_macvtap entered promiscuous mode
[   37.659578][   T28] audit: type=1400 audit(2000000003.838:311): avc:  denied  { bind } for  pid=1401 comm="syz.1.471" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   37.679593][  T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   37.687979][   T28] audit: type=1400 audit(2000000003.838:312): avc:  denied  { name_bind } for  pid=1401 comm="syz.1.471" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[   37.688182][  T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   37.717677][  T393] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   37.741107][   T28] audit: type=1400 audit(2000000003.838:313): avc:  denied  { node_bind } for  pid=1401 comm="syz.1.471" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[   37.764363][   T28] audit: type=1326 audit(2000000003.908:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1404 comm="syz.1.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2cf18e9a9 code=0x7ffc0000
[   37.770159][  T393] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   37.788075][   T28] audit: type=1326 audit(2000000003.908:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1404 comm="syz.1.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fc2cf18e9a9 code=0x7ffc0000
[   37.823952][  T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   37.832498][  T393] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   37.840950][  T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   37.852136][  T677] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[   37.864061][  T677] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[   37.894968][  T677] usb 5-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[   37.926789][  T677] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   37.935376][ T1419] netlink: 20 bytes leftover after parsing attributes in process `syz.1.477'.
[   37.947268][  T677] usb 5-1: Product: syz
[   37.953580][  T677] usb 5-1: Manufacturer: syz
[   37.958261][  T677] usb 5-1: SerialNumber: syz
[   37.996369][  T677] usb 5-1: config 0 descriptor??
[   38.031544][ T1380] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[   38.036786][ T1425] loop1: detected capacity change from 0 to 512
[   38.055462][ T1380] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[   38.062794][ T1425] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   38.089758][ T1438] capability: warning: `syz.5.486' uses 32-bit capabilities (legacy support in use)
[   38.117011][ T1425] EXT4-fs (loop1): 1 truncate cleaned up
[   38.126514][ T1425] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   38.148647][ T1441] tmpfs: Unknown parameter '9'
[   38.159292][  T283] EXT4-fs (loop1): unmounting filesystem.
[   38.222314][ T1453] loop1: detected capacity change from 0 to 8192
[   38.241227][ T1453] FAT-fs (loop1): bogus number of directory entries (9)
[   38.252171][ T1453] FAT-fs (loop1): Can't find a valid FAT filesystem
[   38.286863][ T1380] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[   38.298507][ T1380] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[   38.332813][ T1456] loop3: detected capacity change from 0 to 40427
[   38.359642][ T1456] F2FS-fs (loop3): Found nat_bits in checkpoint
[   38.396494][ T1456] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   38.467784][  T284] syz-executor: attempt to access beyond end of device
[   38.467784][  T284] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   38.619619][ T1475] netlink: 16 bytes leftover after parsing attributes in process `syz.3.500'.
[   38.654376][ T1479] loop3: detected capacity change from 0 to 512
[   38.662414][ T1479] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   38.662518][  T319] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   38.680725][ T1479] EXT4-fs (loop3): 1 truncate cleaned up
[   38.686586][ T1479] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   38.706716][  T284] EXT4-fs (loop3): unmounting filesystem.
[   38.851113][  T319] usb 2-1: Using ep0 maxpacket: 32
[   38.857669][  T319] usb 2-1: New USB device found, idVendor=056a, idProduct=0026, bcdDevice= 0.00
[   38.867060][  T319] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   38.884247][  T319] usb 2-1: config 0 descriptor??
[   38.932455][ T1503] loop3: detected capacity change from 0 to 512
[   38.940237][ T1503] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   38.957712][ T1503] EXT4-fs (loop3): 1 truncate cleaned up
[   38.965736][ T1506] loop2: detected capacity change from 0 to 256
[   38.975716][ T1506] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   38.978568][ T1503] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   39.026695][ T1509] loop5: detected capacity change from 0 to 256
[   39.045345][ T1510] loop2: detected capacity change from 0 to 512
[   39.054107][ T1510] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   39.054759][ T1509] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   39.075248][ T1509] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[   39.076746][ T1510] EXT4-fs (loop2): 1 truncate cleaned up
[   39.089958][ T1510] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   39.090417][  T284] EXT4-fs (loop3): unmounting filesystem.
[   39.109921][ T1509] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[   39.158973][  T286] EXT4-fs (loop2): unmounting filesystem.
[   39.175002][ T1509] exFAT-fs (loop5): hint_cluster is invalid (17)
[   39.182664][ T1515] netlink: 104 bytes leftover after parsing attributes in process `syz.3.518'.
[   39.187823][ T1509] exFAT-fs (loop5): error, invalid access to FAT (entry 0xffffffff)
[   39.200141][ T1515] Zero length message leads to an empty skb
[   39.202832][ T1509] exFAT-fs (loop5): Filesystem has been set read-only
[   39.226486][ T1517] loop2: detected capacity change from 0 to 4096
[   39.272783][ T1517] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   39.301527][  T319] wacom 0003:056A:0026.0002: unknown main item tag 0x0
[   39.308479][  T319] wacom 0003:056A:0026.0002: unknown main item tag 0x0
[   39.315854][  T319] wacom 0003:056A:0026.0002: unknown main item tag 0x0
[   39.323163][  T319] wacom 0003:056A:0026.0002: Unknown device_type for 'HID 056a:0026'. Assuming pen.
[   39.332979][  T677] dm9601 5-1:0.0 (unnamed net_device) (uninitialized): MDIO read error: -71
[   39.335179][  T319] wacom 0003:056A:0026.0002: hidraw0: USB HID v0.08 Device [HID 056a:0026] on usb-dummy_hcd.1-1/input0
[   39.363182][  T319] input: Wacom Intuos5 touch S Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:0026.0002/input/input4
[   39.372722][  T677] dm9601 5-1:0.0 eth1: register 'dm9601' at usb-dummy_hcd.4-1, Davicom DM96xx USB 10/100 Ethernet, 6e:f1:98:9e:dd:08
[   39.407004][  T286] EXT4-fs (loop2): unmounting filesystem.
[   39.433330][  T677] usb 5-1: USB disconnect, device number 2
[   39.476186][  T677] dm9601 5-1:0.0 eth1: unregister 'dm9601' usb-dummy_hcd.4-1, Davicom DM96xx USB 10/100 Ethernet
[   39.600134][  T319] usb 2-1: USB disconnect, device number 4
[   39.837001][ T1565] xt_hashlimit: size too large, truncated to 1048576
[   40.008045][ T1579] netlink: 20 bytes leftover after parsing attributes in process `syz.4.536'.
[   40.153720][ T1559] loop2: detected capacity change from 0 to 40427
[   40.160924][ T1559] F2FS-fs (loop2): fault_injection options not supported
[   40.189562][ T1559] F2FS-fs (loop2): fault_type options not supported
[   40.202704][ T1559] F2FS-fs (loop2): invalid crc value
[   40.229941][ T1591] loop5: detected capacity change from 0 to 512
[   40.248104][ T1559] F2FS-fs (loop2): Found nat_bits in checkpoint
[   40.301414][ T1591] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   40.368767][ T1330] EXT4-fs (loop5): unmounting filesystem.
[   40.374639][ T1559] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   40.468242][  T286] syz-executor: attempt to access beyond end of device
[   40.468242][  T286] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   40.520731][ T1617] netlink: 84 bytes leftover after parsing attributes in process `syz.5.549'.
[   40.572601][ T1619] xt_hashlimit: size too large, truncated to 1048576
[   40.634178][ T1625] tmpfs: Unknown parameter '9'
[   40.667746][ T1630] netlink: 96 bytes leftover after parsing attributes in process `syz.5.555'.
[   40.736692][ T1636] netlink: 96 bytes leftover after parsing attributes in process `syz.2.548'.
[   40.911406][ T1638] loop2: detected capacity change from 0 to 40427
[   40.923500][ T1638] F2FS-fs (loop2): fault_injection options not supported
[   40.930862][ T1638] F2FS-fs (loop2): Image doesn't support compression
[   40.938049][ T1638] F2FS-fs (loop2): Image doesn't support compression
[   40.960539][ T1638] F2FS-fs (loop2): invalid crc value
[   40.967265][ T1638] F2FS-fs (loop2): Found nat_bits in checkpoint
[   41.021815][ T1638] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   41.081632][   T28] kauditd_printk_skb: 99 callbacks suppressed
[   41.081665][   T28] audit: type=1400 audit(2000000007.268:415): avc:  denied  { setattr } for  pid=1637 comm="syz.2.558" name="file0" dev="loop2" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   41.110405][  T286] syz-executor: attempt to access beyond end of device
[   41.110405][  T286] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   41.150549][ T1656] Invalid ELF header magic: != ELF
[   41.156027][   T28] audit: type=1400 audit(2000000007.308:416): avc:  denied  { module_load } for  pid=1655 comm="syz.3.564" path="/sys/kernel/kheaders.tar.xz" dev="sysfs" ino=7878 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[   41.267215][ T1663] loop2: detected capacity change from 0 to 1024
[   41.282519][ T1663] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   41.293074][ T1663] EXT4-fs error (device loop2): ext4_generic_delete_entry:2729: inode #2: block 16: comm syz.2.565: bad entry in directory: inode out of bounds - offset=12, inode=1282, rec_len=12, size=1024 fake=1
[   41.312713][ T1663] EXT4-fs error (device loop2) in ext4_delete_entry:2800: Corrupt filesystem
[   41.321870][ T1663] EXT4-fs warning (device loop2): ext4_rename_delete:3778: inode #2: comm syz.2.565: Deleting old file: nlink 4, error=-117
[   41.339252][  T286] EXT4-fs (loop2): unmounting filesystem.
[   41.608119][ T1694] loop5: detected capacity change from 0 to 128
[   41.758855][ T1674] loop1: detected capacity change from 0 to 40427
[   41.799714][ T1674] F2FS-fs (loop1): Found nat_bits in checkpoint
[   41.871103][ T1674] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   41.901709][ T1690] loop2: detected capacity change from 0 to 40427
[   41.937015][   T28] audit: type=1400 audit(2000000008.118:417): avc:  denied  { create } for  pid=1673 comm="syz.1.570" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[   41.972410][ T1690] F2FS-fs (loop2): Found nat_bits in checkpoint
[   41.992396][  T283] syz-executor: attempt to access beyond end of device
[   41.992396][  T283] loop1: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[   42.011150][   T28] audit: type=1400 audit(2000000008.138:418): avc:  denied  { mounton } for  pid=1673 comm="syz.1.570" path="/103/file2/file0" dev="loop1" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   42.021088][  T283] syz-executor: attempt to access beyond end of device
[   42.021088][  T283] loop1: rw=0, sector=45064, nr_sectors = 8 limit=40427
[   42.060271][ T1716] netlink: 104 bytes leftover after parsing attributes in process `syz.3.588'.
[   42.064932][   T28] audit: type=1400 audit(2000000008.148:419): avc:  denied  { write } for  pid=1673 comm="syz.1.570" name="bus" dev="loop1" ino=17 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   42.091235][   T28] audit: type=1400 audit(2000000008.148:420): avc:  denied  { add_name } for  pid=1673 comm="syz.1.570" name="work" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   42.111906][   T28] audit: type=1400 audit(2000000008.148:421): avc:  denied  { remove_name } for  pid=1673 comm="syz.1.570" name="#e" dev="loop1" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   42.112101][ T1690] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   42.134538][   T28] audit: type=1400 audit(2000000008.148:422): avc:  denied  { rename } for  pid=1673 comm="syz.1.570" name="#e" dev="loop1" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   42.146263][   T43] kworker/u4:2: attempt to access beyond end of device
[   42.146263][   T43] loop1: rw=2049, sector=40960, nr_sectors = 96 limit=40427
[   42.163475][   T28] audit: type=1400 audit(2000000008.148:423): avc:  denied  { unlink } for  pid=1673 comm="syz.1.570" name="#e" dev="loop1" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[   42.221925][   T28] audit: type=1400 audit(2000000008.148:424): avc:  denied  { unlink } for  pid=1673 comm="syz.1.570" name="#f" dev="loop1" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   42.319930][  T286] syz-executor: attempt to access beyond end of device
[   42.319930][  T286] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   42.668180][ T1743] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.675468][ T1743] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.683220][ T1743] device bridge_slave_0 entered promiscuous mode
[   42.690347][ T1743] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.698058][ T1743] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.705744][ T1743] device bridge_slave_1 entered promiscuous mode
[   42.779927][ T1743] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.787026][ T1743] bridge0: port 2(bridge_slave_1) entered forwarding state
[   42.794330][ T1743] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.801372][ T1743] bridge0: port 1(bridge_slave_0) entered forwarding state
[   42.835849][  T320] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.844356][  T320] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.858554][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   42.873024][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   42.891606][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   42.899879][  T320] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.906919][  T320] bridge0: port 1(bridge_slave_0) entered forwarding state
[   42.914421][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   42.922786][  T320] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.929847][  T320] bridge0: port 2(bridge_slave_1) entered forwarding state
[   42.945056][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   42.954763][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   42.967172][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   42.983164][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   42.991827][  T677] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[   42.993086][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   43.006941][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   43.017401][ T1743] device veth0_vlan entered promiscuous mode
[   43.027777][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   43.036910][ T1743] device veth1_macvtap entered promiscuous mode
[   43.046568][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   43.058963][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   43.085061][ T1765] netlink: 12 bytes leftover after parsing attributes in process `syz.6.598'.
[   43.095096][ T1765] device vlan2 entered promiscuous mode
[   43.100735][ T1765] device gretap0 entered promiscuous mode
[   43.151077][ T1415] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   43.177754][ T1767] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   43.186017][  T677] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[   43.197337][  T677] usb 4-1: New USB device found, idVendor=06cb, idProduct=2968, bcdDevice= 0.00
[   43.206615][  T677] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   43.215103][  T390] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   43.223660][  T677] usb 4-1: config 0 descriptor??
[   43.229526][ T1752] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[   43.229730][  T390] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   43.252648][  T390] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   43.266186][  T390] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   43.351036][ T1415] usb 6-1: Using ep0 maxpacket: 8
[   43.357259][ T1415] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   43.370472][ T1415] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 32
[   43.380719][  T393] device bridge_slave_1 left promiscuous mode
[   43.382007][ T1415] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   43.387396][  T393] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.395979][ T1415] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   43.411156][ T1415] usb 6-1: Product: syz
[   43.411300][  T393] device bridge_slave_0 left promiscuous mode
[   43.415347][ T1415] usb 6-1: Manufacturer: syz
[   43.415361][ T1415] usb 6-1: SerialNumber: syz
[   43.431292][  T393] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.439635][  T393] device veth1_macvtap left promiscuous mode
[   43.445873][  T393] device veth0_vlan left promiscuous mode
[   43.639926][ T1760] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[   43.654281][  T677] itetech 0003:06CB:2968.0003: unknown main item tag 0x0
[   43.661969][  T677] itetech 0003:06CB:2968.0003: hidraw0: USB HID v1.01 Device [HID 06cb:2968] on usb-dummy_hcd.3-1/input0
[   43.683407][ T1798] syz.4.622[1798] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   43.683480][ T1798] syz.4.622[1798] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   43.696887][ T1798] syz.4.622[1798] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   43.708667][ T1798] syz.4.622[1798] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   43.855691][  T677] usb 4-1: USB disconnect, device number 2
[   44.008756][ T1834] device wg2 entered promiscuous mode
[   44.182456][ T1846] input: syz1 as /devices/virtual/input/input7
[   44.248901][ T1760] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[   44.434934][ T1866] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   44.457462][ T1415] cdc_ncm 6-1:1.0: MAC-Address: 42:42:42:42:42:42
[   44.465216][ T1415] cdc_ncm 6-1:1.0: dwNtbInMaxSize=8 is too small. Using 2048
[   44.481405][ T1415] cdc_ncm 6-1:1.0: setting rx_max = 2048
[   44.515565][ T1868] netlink: 28 bytes leftover after parsing attributes in process `syz.6.653'.
[   44.534843][ T1868] netem: change failed
[   44.573236][ T1874] netlink: 4 bytes leftover after parsing attributes in process `syz.2.656'.
[   44.591997][ T1876] netlink: 96 bytes leftover after parsing attributes in process `syz.3.657'.
[   44.657924][ T1415] cdc_ncm 6-1:1.0: setting tx_max = 184
[   44.665035][ T1415] cdc_ncm 6-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.5-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[   44.678554][ T1415] usb 6-1: USB disconnect, device number 2
[   44.686088][ T1415] cdc_ncm 6-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.5-1, CDC NCM (NO ZLP)
[   45.007121][ T1925] 9pnet: p9_errstr2errno: server reported unknown error �@íÎÇpî‘AçÁ›
¬ž;
KZì44§/@®qæžkøp
[   45.007121][ T1925] éC<+¨
[   45.053008][ T1934] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check.
[   45.161516][  T291] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   45.250637][ T1960] loop5: detected capacity change from 0 to 1024
[   45.258550][ T1960] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   45.292556][ T1960] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   45.307642][ T1960] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[   45.330106][ T1960] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   45.343554][  T291] usb 3-1: Using ep0 maxpacket: 32
[   45.349511][ T1960] EXT4-fs (loop5): This should not happen!! Data will be lost
[   45.349511][ T1960] 
[   45.359783][ T1960] EXT4-fs (loop5): Total free blocks count 0
[   45.366555][  T291] usb 3-1: New USB device found, idVendor=056a, idProduct=0026, bcdDevice= 0.00
[   45.372572][ T1960] EXT4-fs (loop5): Free/Dirty block details
[   45.380843][  T291] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   45.391348][ T1960] EXT4-fs (loop5): free_blocks=20480
[   45.393749][  T291] usb 3-1: config 0 descriptor??
[   45.399140][ T1960] EXT4-fs (loop5): dirty_blocks=16
[   45.407529][ T1960] EXT4-fs (loop5): Block reservation details
[   45.420503][ T1960] EXT4-fs (loop5): i_reserved_data_blocks=1
[   45.461667][ T1330] EXT4-fs (loop5): unmounting filesystem.
[   45.644419][ T2013] netlink: 8 bytes leftover after parsing attributes in process `syz.3.716'.
[   45.659326][ T2013] netlink: 24 bytes leftover after parsing attributes in process `syz.3.716'.
[   45.661379][ T2015] loop6: detected capacity change from 0 to 256
[   45.688086][ T2015] exFAT-fs (loop6): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[   45.778954][ T2030] loop5: detected capacity change from 0 to 512
[   45.786073][ T2030] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   45.800413][ T2030] EXT4-fs error (device loop5): ext4_orphan_get:1400: inode #15: comm syz.5.725: casefold flag without casefold feature
[   45.811958][  T291] wacom 0003:056A:0026.0004: unknown main item tag 0x0
[   45.826296][  T291] wacom 0003:056A:0026.0004: unknown main item tag 0x0
[   45.827715][ T2030] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.725: couldn't read orphan inode 15 (err -117)
[   45.833560][  T291] wacom 0003:056A:0026.0004: unknown main item tag 0x0
[   45.852549][  T291] wacom 0003:056A:0026.0004: Unknown device_type for 'HID 056a:0026'. Assuming pen.
[   45.856637][ T2030] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   45.874692][  T291] wacom 0003:056A:0026.0004: hidraw0: USB HID v0.08 Device [HID 056a:0026] on usb-dummy_hcd.2-1/input0
[   45.887254][  T291] input: Wacom Intuos5 touch S Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:056A:0026.0004/input/input8
[   45.891929][ T1330] EXT4-fs (loop5): unmounting filesystem.
[   46.057448][  T319] usb 3-1: USB disconnect, device number 4
[   46.137990][ T2046] loop6: detected capacity change from 0 to 40427
[   46.147539][ T2046] F2FS-fs (loop6): invalid crc value
[   46.154445][ T2046] F2FS-fs (loop6): Found nat_bits in checkpoint
[   46.171047][  T291] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   46.188001][ T2046] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4
[   46.202379][ T2046] syz.6.731: attempt to access beyond end of device
[   46.202379][ T2046] loop6: rw=2049, sector=53248, nr_sectors = 96 limit=40427
[   46.217015][ T2046] syz.6.731: attempt to access beyond end of device
[   46.217015][ T2046] loop6: rw=2049, sector=53344, nr_sectors = 40 limit=40427
[   46.231286][ T2046] syz.6.731: attempt to access beyond end of device
[   46.231286][ T2046] loop6: rw=2049, sector=53248, nr_sectors = 88 limit=40427
[   46.248947][ T1743] syz-executor: attempt to access beyond end of device
[   46.248947][ T1743] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   46.371019][  T291] usb 4-1: Using ep0 maxpacket: 16
[   46.377446][  T291] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[   46.388685][  T291] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[   46.400131][  T291] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   46.412898][  T291] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   46.422356][  T291] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   46.430617][  T291] usb 4-1: Product: syz
[   46.435058][  T291] usb 4-1: Manufacturer: syz
[   46.439897][  T291] usb 4-1: SerialNumber: syz
[   46.689783][ T2063] kvm [2061]: vcpu10, guest rIP: 0x9121 disabled perfctr wrmsr: 0xc1 data 0x1000005d8
[   46.718799][ T2063] kvm [2061]: vcpu10, guest rIP: 0x9134 disabled perfctr wrmsr: 0xc1 data 0x100
[   46.742166][ T2063] kvm [2061]: vcpu10, guest rIP: 0x9121 disabled perfctr wrmsr: 0xc2 data 0x104
[   46.766822][ T2063] kvm [2061]: vcpu10, guest rIP: 0x9134 disabled perfctr wrmsr: 0xc2 data 0x100
[   46.800736][ T2063] kvm [2061]: vcpu10, guest rIP: 0x9121 disabled perfctr wrmsr: 0xc1 data 0x1000005d8
[   46.830743][ T2063] kvm [2061]: vcpu10, guest rIP: 0x9134 disabled perfctr wrmsr: 0xc1 data 0x100
[   46.840143][ T2063] kvm [2061]: vcpu10, guest rIP: 0x9121 disabled perfctr wrmsr: 0xc2 data 0x104
[   46.859457][ T2063] kvm [2061]: vcpu10, guest rIP: 0x9134 disabled perfctr wrmsr: 0xc2 data 0x100
[   46.865411][  T291] usb 4-1: 2:1 : format type 0 is detected, processed as PCM
[   46.885458][ T2063] kvm [2061]: vcpu10, guest rIP: 0x9121 disabled perfctr wrmsr: 0xc1 data 0x1000005d8
[   46.909450][ T2067] loop4: detected capacity change from 0 to 40427
[   46.915516][ T2063] kvm [2061]: vcpu10, guest rIP: 0x9134 disabled perfctr wrmsr: 0xc1 data 0x100
[   46.925966][ T2067] F2FS-fs (loop4): Wrong SIT boundary, start(1536) end(2560) blocks(3072)
[   46.945760][ T2067] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   46.962164][ T2067] F2FS-fs (loop4): quotafile must be on filesystem root
[   46.969276][ T2071] device wg2 entered promiscuous mode
[   47.158799][ T2081] netlink: 51 bytes leftover after parsing attributes in process `syz.5.744'.
[   47.225457][ T2085] netlink: 12 bytes leftover after parsing attributes in process `syz.5.746'.
[   47.258357][ T2085] device vlan2 entered promiscuous mode
[   47.268354][ T2085] device gretap0 entered promiscuous mode
[   47.276266][   T28] kauditd_printk_skb: 26 callbacks suppressed
[   47.276280][   T28] audit: type=1400 audit(2000000013.458:451): avc:  denied  { compute_member } for  pid=2086 comm="syz.4.747" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   47.394770][   T28] audit: type=1400 audit(2000000013.578:452): avc:  denied  { mounton } for  pid=2098 comm="syz.6.753" path="/38/file0" dev="tmpfs" ino=214 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   47.394797][ T2099] tmpfs: Unknown parameter ''
[   47.427527][ T2102] syz.5.754[2102] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   47.427598][ T2102] syz.5.754[2102] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   47.513251][   T28] audit: type=1400 audit(2000000013.698:453): avc:  denied  { execute } for  pid=2112 comm="syz.4.759" name="file1" dev="tmpfs" ino=859 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   47.547296][   T28] audit: type=1400 audit(2000000013.708:454): avc:  denied  { execute_no_trans } for  pid=2112 comm="syz.4.759" path="/162/file1" dev="tmpfs" ino=859 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   47.669940][   T28] audit: type=1400 audit(2000000013.848:455): avc:  denied  { read } for  pid=2126 comm="syz.4.765" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   47.670133][  T291] usb 4-1: 2:1: cannot get freq at ep 0x82
[   47.741288][ T2136] device bridge2 entered promiscuous mode
[   47.761432][  T291] usb 4-1: USB disconnect, device number 3
[   48.014053][ T2169] loop5: detected capacity change from 0 to 512
[   48.031496][ T2169] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   48.044828][   T28] audit: type=1400 audit(2000000014.228:456): avc:  denied  { unmount } for  pid=287 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[   48.064759][   T28] audit: type=1400 audit(2000000014.228:457): avc:  denied  { mounton } for  pid=2168 comm="syz.5.784" path="/55/file0/file0" dev="loop5" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   48.088645][   T28] audit: type=1400 audit(2000000014.228:458): avc:  denied  { remount } for  pid=2168 comm="syz.5.784" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   48.108079][   T28] audit: type=1400 audit(2000000014.228:459): avc:  denied  { read } for  pid=2168 comm="syz.5.784" name="file0" dev="overlay" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   48.130214][   T28] audit: type=1400 audit(2000000014.228:460): avc:  denied  { ioctl } for  pid=2168 comm="syz.5.784" path="/55/file0/file0/file0" dev="overlay" ino=13 ioctlcmd=0x660b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   48.131361][ T1330] EXT4-fs (loop5): unmounting filesystem.
[   48.155226][  T319] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[   48.257358][ T2190] loop5: detected capacity change from 0 to 128
[   48.267674][ T2190] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   48.276455][ T2190] ext4 filesystem being mounted at /57/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   48.298492][ T1330] EXT4-fs (loop5): unmounting filesystem.
[   48.327396][ T2195] loop5: detected capacity change from 0 to 1024
[   48.334745][ T2195] EXT4-fs: Ignoring removed bh option
[   48.352692][ T2195] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   48.356232][  T319] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   48.373280][  T319] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[   48.384338][ T2195] EXT4-fs error (device loop5): ext4_check_all_de:666: inode #12: block 7: comm syz.5.793: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[   48.404428][ T2195] EXT4-fs (loop5): Remounting filesystem read-only
[   48.424488][ T2201] SELinux: security policydb version 18 (MLS) not backwards compatible
[   48.433281][  T319] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   48.443146][ T2201] SELinux: failed to load policy
[   48.445892][  T319] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   48.457671][  T319] usb 3-1: Product: syz
[   48.461905][  T319] usb 3-1: Manufacturer: syz
[   48.466557][  T319] usb 3-1: SerialNumber: syz
[   48.487160][ T1330] EXT4-fs (loop5): unmounting filesystem.
[   48.683638][  T319] usb 3-1: 0:2 : does not exist
[   48.694682][  T319] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[   48.717749][  T319] usb 3-1: USB disconnect, device number 5
[   48.766705][ T2249] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   48.827920][ T2260] loop3: detected capacity change from 0 to 2048
[   48.847209][ T2263] tmpfs: Unknown parameter 'roo'
[   48.865324][ T2260] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   48.885408][  T284] EXT4-fs (loop3): unmounting filesystem.
[   48.937795][ T2274] netlink: 4 bytes leftover after parsing attributes in process `syz.5.827'.
[   48.984247][ T2280] netlink: 96 bytes leftover after parsing attributes in process `syz.4.829'.
[   49.135145][ T2299] syz.3.838 (2299) used greatest stack depth: 20128 bytes left
[   49.377731][   T43] Bluetooth: hci0: Frame reassembly failed (-84)
[   49.381018][  T291] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   49.541039][ T1415] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   49.571140][  T291] usb 5-1: Using ep0 maxpacket: 32
[   49.577628][  T291] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[   49.586241][  T291] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   49.595185][  T291] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[   49.604264][  T291] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   49.613908][  T291] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   49.623641][  T291] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[   49.633478][  T291] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[   49.643222][  T291] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   49.656204][  T291] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   49.665284][  T291] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   49.673910][  T291] usb 5-1: config 0 descriptor??
[   49.711805][ T2336] device syz_tun entered promiscuous mode
[   49.717674][ T2336] device macsec1 entered promiscuous mode
[   49.724289][ T2336] device syz_tun left promiscuous mode
[   49.741054][ T1415] usb 4-1: Using ep0 maxpacket: 16
[   49.747409][ T1415] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   49.758532][ T1415] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   49.768346][ T1415] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   49.781173][ T1415] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   49.790198][ T1415] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   49.798786][ T1415] usb 4-1: config 0 descriptor??
[   49.821035][ T2338] xt_CT: You must specify a L4 protocol and not use inversions on it
[   49.880655][  T291] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 3 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   50.091139][ T1299] usb 5-1: USB disconnect, device number 3
[   50.097678][ T1299] usblp0: removed
[   50.207578][ T1415] HID 045e:07da: Invalid code 65791 type 1
[   50.215414][ T1415] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0005/input/input11
[   50.227707][ T1415] microsoft 0003:045E:07DA.0005: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[   50.418508][ T1415] usb 4-1: USB disconnect, device number 4
[   50.654453][ T2357] loop5: detected capacity change from 0 to 256
[   50.663327][ T2357] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[   50.743790][ T2363] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   51.072178][ T2410] netlink: 'syz.2.889': attribute type 49 has an invalid length.
[   51.080075][ T2410] netlink: 'syz.2.889': attribute type 49 has an invalid length.
[   51.089243][ T2410] netlink: 'syz.2.889': attribute type 49 has an invalid length.
[   51.331499][ T2436] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=2436 comm=syz.4.899
[   51.364778][ T2443] loop5: detected capacity change from 0 to 1024
[   51.371849][ T2443] EXT4-fs: Ignoring removed orlov option
[   51.401444][ T2443] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   51.422824][ T2450] bridge0: port 3(vlan2) entered blocking state
[   51.429196][ T2450] bridge0: port 3(vlan2) entered disabled state
[   51.441122][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   51.491011][ T1415] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   51.503998][ T2456] 9pnet: p9_errstr2errno: server reported unknown error �@íÎÇpî‘AçÁ›
¬ž;
KZì44§/@®qæžkøp
[   51.503998][ T2456] é
[   51.649644][ T2644] device syz_tun entered promiscuous mode
[   51.666569][ T2644] device macsec1 entered promiscuous mode
[   51.679648][ T2644] device syz_tun left promiscuous mode
[   51.692684][ T1415] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[   51.710341][ T1415] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1
[   51.721720][ T1415] usb 3-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   51.740251][ T1415] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.99
[   51.749464][ T1415] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   51.773947][ T2422] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   51.788848][ T1415] usb 3-1: invalid MIDI in EP 0
[   51.806148][ T1415] snd-usb-audio: probe of 3-1:27.0 failed with error -22
[   51.831589][ T2657] incfs: Options parsing error. -22
[   51.836987][ T2657] incfs: mount failed -22
[   51.909305][ T1330] EXT4-fs (loop5): unmounting filesystem.
[   51.980508][ T2674] overlayfs: failed to set xattr on upper
[   51.989415][ T1415] usb 3-1: USB disconnect, device number 6
[   52.001537][ T2674] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[   52.001873][ T2672] netlink: 44 bytes leftover after parsing attributes in process `syz.5.918'.
[   52.145996][ T2807] netlink: 96 bytes leftover after parsing attributes in process `syz.5.924'.
[   52.582516][ T2867] netlink: 176 bytes leftover after parsing attributes in process `syz.4.948'.
[   52.596758][ T1299] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[   52.604445][ T2869] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[   52.606087][ T2870] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   52.801025][  T319] usb 3-1: new full-speed USB device number 7 using dummy_hcd
[   52.994478][  T319] usb 3-1: config 1 has an invalid descriptor of length 116, skipping remainder of the config
[   53.004787][  T319] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[   53.015655][  T319] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   53.024771][  T319] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   53.032871][  T319] usb 3-1: Product: syz
[   53.037025][  T319] usb 3-1: Manufacturer: syz
[   53.041708][  T319] usb 3-1: SerialNumber: syz
[   53.248362][  T319] usb 3-1: 0:2 : does not exist
[   53.255410][  T319] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[   53.265374][  T319] usb 3-1: USB disconnect, device number 7
[   53.421832][   T28] kauditd_printk_skb: 33 callbacks suppressed
[   53.421848][   T28] audit: type=1400 audit(2000000532.603:494): avc:  denied  { read } for  pid=2882 comm="syz.3.958" name="usbmon7" dev="devtmpfs" ino=180 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   53.457539][   T28] audit: type=1400 audit(2000000532.633:495): avc:  denied  { open } for  pid=2882 comm="syz.3.958" path="/dev/usbmon7" dev="devtmpfs" ino=180 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   53.493015][ T2890] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.500228][ T2890] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.504912][   T28] audit: type=1400 audit(2000000532.673:496): avc:  denied  { mount } for  pid=2887 comm="syz.4.960" name="/" dev="ramfs" ino=26158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   53.550029][ T2896] device bridge_slave_1 left promiscuous mode
[   53.566702][ T2896] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.580192][   T28] audit: type=1400 audit(2000000532.673:497): avc:  denied  { remount } for  pid=2887 comm="syz.4.960" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   53.607631][   T28] audit: type=1400 audit(2000000532.713:498): avc:  denied  { unmount } for  pid=287 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   53.607892][ T2896] device bridge_slave_0 left promiscuous mode
[   53.634165][ T2896] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.780037][ T2910] loop3: detected capacity change from 0 to 512
[   53.786895][   T28] audit: type=1400 audit(2000000532.963:499): avc:  denied  { read } for  pid=2909 comm="syz.2.971" name="ashmem" dev="devtmpfs" ino=269 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   53.813450][ T2910] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   53.841028][   T28] audit: type=1400 audit(2000000532.963:500): avc:  denied  { open } for  pid=2909 comm="syz.2.971" path="/dev/ashmem" dev="devtmpfs" ino=269 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   53.888883][ T2910] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   53.895799][   T28] audit: type=1400 audit(2000000532.993:501): avc:  denied  { ioctl } for  pid=2909 comm="syz.2.971" path="/dev/ashmem" dev="devtmpfs" ino=269 ioctlcmd=0x7703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   53.906699][ T2910] ext4 filesystem being mounted at /217/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   53.944511][   T28] audit: type=1400 audit(2000000532.993:502): avc:  denied  { map } for  pid=2909 comm="syz.2.971" path="/dev/ashmem" dev="devtmpfs" ino=269 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   53.991771][ T2910] EXT4-fs (loop3): re-mounted. Quota mode: writeback.
[   54.014269][  T284] EXT4-fs (loop3): unmounting filesystem.
[   54.051528][ T2934] netlink: 'syz.2.982': attribute type 4 has an invalid length.
[   54.066757][ T2934] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.982'.
[   54.156082][   T28] audit: type=1400 audit(2000000533.333:503): avc:  denied  { map } for  pid=2947 comm="syz.4.986" path="socket:[26247]" dev="sockfs" ino=26247 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   54.236947][ T2924] loop5: detected capacity change from 0 to 40427
[   54.249520][ T2924] F2FS-fs (loop5): Wrong SIT boundary, start(1536) end(2560) blocks(3072)
[   54.258290][ T2924] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[   54.272911][ T2924] F2FS-fs (loop5): quotafile must be on filesystem root
[   54.311355][ T2960] loop4: detected capacity change from 0 to 512
[   54.331851][ T2960] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[   54.447655][ T2972] syz.2.996 uses obsolete (PF_INET,SOCK_PACKET)
[   54.472116][ T2974] loop3: detected capacity change from 0 to 1024
[   54.481933][ T2974] EXT4-fs: Ignoring removed orlov option
[   54.504657][  T319] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured!
[   54.513284][ T2974] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   54.523848][ T2976] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured!
[   54.567306][  T284] EXT4-fs (loop3): unmounting filesystem.
[   54.858999][ T3015] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1017'.
[   54.877172][ T3015] device veth1_macvtap left promiscuous mode
[   55.295630][ T3053] incfs: Options parsing error. -22
[   55.300912][ T3053] incfs: mount failed -22
[   55.354599][ T3055] loop2: detected capacity change from 0 to 256
[   55.382350][ T3055] exfat: Deprecated parameter 'utf8'
[   55.387686][ T3055] exfat: Deprecated parameter 'utf8'
[   55.411053][ T3055] exfat: Deprecated parameter 'utf8'
[   55.423385][ T3055] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[   55.483455][ T3057] loop3: detected capacity change from 0 to 16
[   55.495376][ T3057] erofs: (device loop3): mounted with root inode @ nid 36.
[   55.502742][ T1300] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[   55.523448][ T3057] syz.3.1037: attempt to access beyond end of device
[   55.523448][ T3057] loop3: rw=0, sector=14546590680, nr_sectors = 16 limit=16
[   55.702062][ T1300] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   55.715908][ T1300] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[   55.734899][ T1300] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   55.752694][ T1300] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   55.769106][ T1300] usb 6-1: Product: syz
[   55.777809][ T1300] usb 6-1: Manufacturer: syz
[   55.784379][ T1300] usb 6-1: SerialNumber: syz
[   55.999307][ T1300] usb 6-1: 0:2 : does not exist
[   56.011638][ T1300] usb 6-1: 5:0: failed to get current value for ch 0 (-22)
[   56.034553][ T1300] usb 6-1: USB disconnect, device number 3
[   56.120240][ T3106] SELinux:  Context Ü is not valid (left unmapped).
[   56.195810][ T3111] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.202974][ T3111] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.210278][ T3111] device bridge_slave_0 entered promiscuous mode
[   56.218413][ T3111] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.225477][ T3111] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.232821][ T3111] device bridge_slave_1 entered promiscuous mode
[   56.292494][ T3111] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.299580][ T3111] bridge0: port 2(bridge_slave_1) entered forwarding state
[   56.306894][ T3111] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.313946][ T3111] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.345346][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   56.354095][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.356129][ T3125] loop6: detected capacity change from 0 to 4096
[   56.367645][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.374978][ T3125] EXT4-fs (loop6): Test dummy encryption mode enabled
[   56.383836][ T3125] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[   56.392121][ T3125] System zones: 0-5
[   56.397425][ T3125] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   56.397501][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   56.406398][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[   56.416144][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.422035][ T1299] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   56.428861][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.449438][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   56.455695][ T3129] input: syz0 as /devices/virtual/input/input12
[   56.457785][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.464161][ T3125] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[   56.470872][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[   56.506943][ T3125] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[   56.507078][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   56.536398][ T1743] EXT4-fs (loop6): unmounting filesystem.
[   56.543888][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   56.552312][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   56.574726][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   56.589305][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   56.596885][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   56.605466][ T3111] device veth0_vlan entered promiscuous mode
[   56.611917][ T1299] usb 5-1: Using ep0 maxpacket: 16
[   56.618148][ T1299] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   56.628316][ T1299] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[   56.640663][ T3111] device veth1_macvtap entered promiscuous mode
[   56.647679][ T1299] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   56.648089][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   56.663913][ T1299] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   56.670094][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   56.680901][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   56.686842][ T1299] usb 5-1: Product: syz
[   56.693155][ T1299] usb 5-1: Manufacturer: syz
[   56.698804][ T2482] device veth1_macvtap left promiscuous mode
[   56.705039][ T2482] device veth0_vlan left promiscuous mode
[   56.705526][ T1299] usb 5-1: SerialNumber: syz
[   56.817253][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   56.830453][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   56.847740][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   56.868125][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   57.123656][ T1299] usb 5-1: 0:2 : does not exist
[   57.378795][ T3175] loop5: detected capacity change from 0 to 40427
[   57.386127][ T3175] F2FS-fs (loop5): Image doesn't support compression
[   57.405056][ T3175] F2FS-fs (loop5): invalid crc value
[   57.428660][ T3175] F2FS-fs (loop5): Found nat_bits in checkpoint
[   57.469332][ T3175] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   57.664462][ T3189] loop5: detected capacity change from 0 to 256
[   57.671462][ T3189] exfat: Deprecated parameter 'utf8'
[   57.676829][ T3189] exfat: Deprecated parameter 'utf8'
[   57.685590][ T3189] exfat: Deprecated parameter 'utf8'
[   57.700900][ T3189] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[   57.731002][ T1415] usb 5-1: USB disconnect, device number 4
[   57.886559][ T3208] bpf setsockopt: ignoring program buffer with optlen=65520 (max_optlen=4096)
[   57.979116][ T3214] loop7: detected capacity change from 0 to 512
[   57.987278][ T3214] EXT4-fs (loop7): orphan cleanup on readonly fs
[   57.994317][ T3214] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.1107: bg 0: block 248: padding at end of block bitmap is not set
[   58.009989][ T3214] EXT4-fs error (device loop7): ext4_acquire_dquot:6801: comm syz.7.1107: Failed to acquire dquot type 1
[   58.022369][ T3214] EXT4-fs (loop7): 1 truncate cleaned up
[   58.028237][ T3214] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[   58.038791][ T3214] EXT4-fs (loop7): warning: mounting fs with errors, running e2fsck is recommended
[   58.051404][ T3214] EXT4-fs (loop7): re-mounted. Quota mode: writeback.
[   58.065168][ T3111] EXT4-fs (loop7): unmounting filesystem.
[   58.341027][ T1415] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   58.521001][ T1415] usb 8-1: Using ep0 maxpacket: 16
[   58.527346][ T1415] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[   58.538250][ T1415] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[   58.547950][ T1415] usb 8-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   58.561992][ T1415] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   58.562697][ T3229] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1112'.
[   58.571185][ T1415] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   58.588077][ T1415] usb 8-1: Product: syz
[   58.592329][ T1415] usb 8-1: Manufacturer: syz
[   58.596941][ T1415] usb 8-1: SerialNumber: syz
[   58.662299][   T28] kauditd_printk_skb: 33 callbacks suppressed
[   58.662315][   T28] audit: type=1400 audit(2000000537.843:535): avc:  denied  { mount } for  pid=3236 comm="syz.6.1116" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[   58.690348][   T28] audit: type=1400 audit(2000000537.843:536): avc:  denied  { unmount } for  pid=3236 comm="syz.6.1116" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[   58.801048][    C1] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured!
[   58.840098][ T3243] netlink: 96 bytes leftover after parsing attributes in process `syz.6.1119'.
[   59.010799][ T1415] usb 8-1: 2:1 : format type 0 is detected, processed as PCM
[   59.082272][   T28] audit: type=1400 audit(2000000538.263:537): avc:  denied  { write } for  pid=3259 comm="syz.4.1128" name="tcp" dev="proc" ino=4026532663 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   59.351335][ T3278] loop6: detected capacity change from 0 to 40427
[   59.358498][ T3278] F2FS-fs (loop6): Insane cp_payload (553648128 >= 504)
[   59.365582][ T3278] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[   59.374125][ T3278] F2FS-fs (loop6): heap/no_heap options were deprecated
[   59.381989][ T3278] F2FS-fs (loop6): invalid crc value
[   59.388514][ T3278] F2FS-fs (loop6): Found nat_bits in checkpoint
[   59.425686][ T3278] F2FS-fs (loop6): Start checkpoint disabled!
[   59.452328][ T3278] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[   59.459413][ T3278] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[   59.513846][ T1743] syz-executor: attempt to access beyond end of device
[   59.513846][ T1743] loop6: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[   59.528301][ T1743] syz-executor: attempt to access beyond end of device
[   59.528301][ T1743] loop6: rw=0, sector=45064, nr_sectors = 8 limit=40427
[   59.569180][   T10] kworker/u4:1: attempt to access beyond end of device
[   59.569180][   T10] loop6: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[   59.686932][ T3310] loop5: detected capacity change from 0 to 16
[   59.711610][ T3310] erofs: (device loop5): mounted with root inode @ nid 36.
[   59.780635][ T2482] Bluetooth: hci0: Frame reassembly failed (-84)
[   59.836219][ T1415] usb 8-1: 2:1: cannot get freq at ep 0x82
[   59.845936][ T1415] usb 8-1: USB disconnect, device number 2
[   59.862556][ T3325] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.869583][ T3325] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.876976][ T3325] device bridge_slave_0 entered promiscuous mode
[   59.884085][ T3325] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.891137][ T3325] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.898607][ T3325] device bridge_slave_1 entered promiscuous mode
[   59.938678][ T3325] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.945787][ T3325] bridge0: port 2(bridge_slave_1) entered forwarding state
[   59.953097][ T3325] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.960127][ T3325] bridge0: port 1(bridge_slave_0) entered forwarding state
[   59.978336][ T2482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   59.986021][ T2482] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.991056][ T1299] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   60.000667][ T2482] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.009974][ T2482] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   60.018342][ T2482] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.025406][ T2482] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.033931][ T2482] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   60.042162][ T2482] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.049170][ T2482] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.062169][ T2482] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   60.071492][ T2482] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   60.085267][ T2482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   60.096507][ T2482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   60.104569][ T2482] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   60.111999][ T2482] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   60.120238][ T3325] device veth0_vlan entered promiscuous mode
[   60.130373][ T2482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   60.139760][ T3325] device veth1_macvtap entered promiscuous mode
[   60.149156][ T2482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   60.160524][ T2482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   60.181261][ T1299] usb 5-1: Using ep0 maxpacket: 16
[   60.187746][ T1299] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   60.198732][ T1299] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   60.208557][ T1299] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   60.221492][ T1299] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   60.230537][ T1299] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   60.239197][ T1299] usb 5-1: config 0 descriptor??
[   60.443800][   T28] audit: type=1400 audit(2000000539.623:538): avc:  denied  { mounton } for  pid=3359 comm="syz.2.1172" path="/201/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[   60.443972][ T3360] overlayfs: "xino" feature enabled using 3 upper inode bits.
[   60.503001][ T3361] xt_CT: You must specify a L4 protocol and not use inversions on it
[   60.572128][ T3364] loop8: detected capacity change from 0 to 4096
[   60.600094][ T3364] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[   60.638600][ T3325] EXT4-fs (loop8): unmounting filesystem.
[   60.681912][ T1299] microsoft 0003:045E:07DA.0006: unknown main item tag 0x2
[   60.690867][ T1299] microsoft 0003:045E:07DA.0006: unknown main item tag 0x0
[   60.706802][ T1299] microsoft 0003:045E:07DA.0006: unknown main item tag 0x0
[   60.717604][ T1299] microsoft 0003:045E:07DA.0006: unknown main item tag 0x0
[   60.729748][ T1299] microsoft 0003:045E:07DA.0006: unknown main item tag 0x0
[   60.737510][ T1299] microsoft 0003:045E:07DA.0006: unknown main item tag 0x0
[   60.747599][ T1299] microsoft 0003:045E:07DA.0006: unknown main item tag 0x0
[   60.765502][ T1299] microsoft 0003:045E:07DA.0006: unknown main item tag 0x0
[   60.785570][ T1299] microsoft 0003:045E:07DA.0006: unknown main item tag 0x0
[   60.796249][ T1299] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0006/input/input13
[   60.819606][ T1299] microsoft 0003:045E:07DA.0006: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[   60.909420][  T291] usb 5-1: USB disconnect, device number 5
[   61.096127][ T3412] serio: Serial port ptm1
[   61.516039][ T3431] netlink: 'syz.4.1193': attribute type 6 has an invalid length.
[   61.597728][ T3440] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1196'.
[   61.612928][ T3440] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1196'.
[   61.634569][ T3444] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   61.841369][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[   61.847421][ T2326] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   61.908846][ T3455] loop4: detected capacity change from 0 to 40427
[   61.927096][ T3455] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   61.943033][ T3455] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   61.997067][ T3455] F2FS-fs (loop4): Found nat_bits in checkpoint
[   62.094302][ T3455] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   62.108738][ T3455] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   62.271064][  T677] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[   62.299122][ T3492] xt_CT: You must specify a L4 protocol and not use inversions on it
[   62.462678][  T677] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   62.492877][  T677] usb 9-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[   62.510554][ T3508] netlink: 'syz.7.1227': attribute type 3 has an invalid length.
[   62.524052][ T3508] netlink: 'syz.7.1227': attribute type 3 has an invalid length.
[   62.533529][  T677] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   62.562717][  T677] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   62.583524][  T677] usb 9-1: config 0 descriptor??
[   62.592537][  T677] usbhid 9-1:0.0: couldn't find an input interrupt endpoint
[   62.798837][  T291] usb 9-1: USB disconnect, device number 2
[   62.945530][ T3533] syz.2.1236[3533] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   62.945604][ T3533] syz.2.1236[3533] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   62.954291][ T3527] loop5: detected capacity change from 0 to 32768
[   62.984704][   T28] audit: type=1400 audit(2000000542.163:539): avc:  denied  { unmount } for  pid=286 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[   63.021793][ T3527]  loop5: p1 p3 < >
[   63.041026][  T677] usb 8-1: new full-speed USB device number 3 using dummy_hcd
[   63.207732][ T3546] tipc: Started in network mode
[   63.213487][ T3546] tipc: Node identity 48, cluster identity 117
[   63.219707][ T3546] tipc: Node number set to 72
[   63.232331][  T677] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   63.247013][  T677] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[   63.258370][  T677] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 1024, setting to 64
[   63.269623][  T677] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 512, setting to 64
[   63.281472][ T2494] Bluetooth: hci0: Frame reassembly failed (-84)
[   63.292107][  T677] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   63.301198][  T677] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   63.319222][  T677] usb 8-1: Product: syz
[   63.323762][  T677] usb 8-1: Manufacturer: syz
[   63.328378][  T677] usb 8-1: SerialNumber: syz
[   63.341068][ T3520] raw-gadget.1 gadget.7: fail, usb_ep_enable returned -22
[   63.398291][   T28] audit: type=1326 audit(2000000542.573:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3551 comm="syz.8.1245" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa88a98e9a9 code=0x0
[   63.505293][ T3563] syz.4.1250[3563] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   63.505370][ T3563] syz.4.1250[3563] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   63.552233][ T3520] raw-gadget.1 gadget.7: fail, usb_ep_enable returned -22
[   63.571002][ T3520] raw-gadget.1 gadget.7: fail, usb_ep_enable returned -22
[   63.777897][ T3568] netlink: 'syz.4.1253': attribute type 2 has an invalid length.
[   63.780674][ T3570] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1252'.
[   63.806003][ T3570] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1252'.
[   63.854472][ T3574] loop5: detected capacity change from 0 to 4096
[   63.863050][ T3574] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   63.878847][ T1330] EXT4-fs (loop5): unmounting filesystem.
[   64.001038][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[   64.016621][ T3583] loop4: detected capacity change from 0 to 40427
[   64.023682][ T3583] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   64.031458][ T3583] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   64.041886][ T3583] F2FS-fs (loop4): Found nat_bits in checkpoint
[   64.064975][ T3583] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   64.072159][ T3583] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   64.099195][   T28] audit: type=1400 audit(2000000543.273:541): avc:  denied  { link } for  pid=3582 comm="syz.4.1258" name="file1" dev="loop4" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   64.180780][ T3520] raw-gadget.1 gadget.7: fail, usb_ep_enable returned -22
[   64.188006][ T3520] raw-gadget.1 gadget.7: fail, usb_ep_enable returned -22
[   64.201027][  T291] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   64.342898][   T28] audit: type=1400 audit(2000000543.523:542): avc:  denied  { read write } for  pid=3601 comm="syz.4.1264" name="binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   64.366746][   T28] audit: type=1400 audit(2000000543.523:543): avc:  denied  { open } for  pid=3601 comm="syz.4.1264" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   64.391161][   T28] audit: type=1400 audit(2000000543.523:544): avc:  denied  { map } for  pid=3601 comm="syz.4.1264" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   64.415616][  T677] cdc_ncm 8-1:1.0: MAC-Address: 42:42:42:42:42:42
[   64.424223][ T3603] xt_CT: You must specify a L4 protocol and not use inversions on it
[   64.432516][  T291] usb 6-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b
[   64.441640][  T677] cdc_ncm 8-1:1.0: dwNtbInMaxSize=8 is too small. Using 2048
[   64.449115][  T291] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   64.468398][  T677] cdc_ncm 8-1:1.0: setting rx_max = 2048
[   64.477426][ T3605] loop4: detected capacity change from 0 to 512
[   64.484507][  T291] usb 6-1: config 0 descriptor??
[   64.490863][ T3605] EXT4-fs: Ignoring removed bh option
[   64.497076][ T3605] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   64.507218][ T3605] EXT4-fs (loop4): 1 truncate cleaned up
[   64.513144][ T3605] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   64.526799][ T3605] overlayfs: upper fs needs to support d_type.
[   64.544080][  T287] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294901760 (level 0)
[   64.558451][  T287] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294967295 (level 1)
[   64.573316][  T287] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 65535 (level 2)
[   64.590081][  T287] EXT4-fs (loop4): unmounting filesystem.
[   64.616257][  T677] cdc_ncm 8-1:1.0: setting tx_max = 16384
[   64.624990][  T677] cdc_ncm 8-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.7-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[   64.637088][  T677] usb 8-1: USB disconnect, device number 3
[   64.643464][  T677] cdc_ncm 8-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.7-1, CDC NCM (NO ZLP)
[   64.667037][ T3623] loop8: detected capacity change from 0 to 512
[   64.674064][ T3623] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[   64.674409][ T3625] device gretap0 entered promiscuous mode
[   64.684977][ T3623] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[   64.697879][ T3623] System zones: 1-12
[   64.703078][ T3625] device gretap0 left promiscuous mode
[   64.709175][ T3623] EXT4-fs (loop8): 1 truncate cleaned up
[   64.715205][ T3623] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[   64.768882][ T3325] EXT4-fs (loop8): unmounting filesystem.
[   64.798382][ T3632] loop8: detected capacity change from 0 to 256
[   64.816157][ T3630] xt_CT: You must specify a L4 protocol and not use inversions on it
[   64.853775][ T3632] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1277'.
[   64.863697][ T3632] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1277'.
[   64.901448][ T3639] netlink: 96 bytes leftover after parsing attributes in process `syz.8.1280'.
[   65.080339][ T3643] loop8: detected capacity change from 0 to 40427
[   65.087251][ T3643] F2FS-fs (loop8): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[   65.094924][ T3643] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[   65.103332][ T3643] F2FS-fs (loop8): fault_injection options not supported
[   65.111062][ T3643] F2FS-fs (loop8): invalid crc value
[   65.117379][ T3643] F2FS-fs (loop8): Found nat_bits in checkpoint
[   65.145064][ T3643] F2FS-fs (loop8): Start checkpoint disabled!
[   65.151881][  T291] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[   65.162539][  T291] asix: probe of 6-1:0.0 failed with error -71
[   65.169735][  T291] usb 6-1: USB disconnect, device number 4
[   65.174666][ T3643] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[   65.182658][ T3643] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[   65.264151][ T3660] syz.8.1282: attempt to access beyond end of device
[   65.264151][ T3660] loop8: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[   65.273363][ T3662] loop7: detected capacity change from 0 to 128
[   65.301711][ T2735] kworker/u4:253: attempt to access beyond end of device
[   65.301711][ T2735] loop8: rw=1, sector=53248, nr_sectors = 8 limit=40427
[   65.302114][   T28] audit: type=1400 audit(2000000544.483:545): avc:  denied  { mount } for  pid=3661 comm="syz.7.1290" name="/" dev="loop7" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   65.316003][ T2735] kworker/u4:253: attempt to access beyond end of device
[   65.316003][ T2735] loop8: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[   65.340141][ T3662] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[   65.359691][ T3662] FAT-fs (loop7): Filesystem has been set read-only
[   65.361092][ T2326] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   65.366448][ T2325] Bluetooth: hci0: command 0x1003 tx timeout
[   65.392432][ T3662] syz.7.1290: attempt to access beyond end of device
[   65.392432][ T3662] loop7: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   65.419577][ T3662] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[   65.435844][ T3662] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[   65.448973][   T28] audit: type=1400 audit(2000000544.623:546): avc:  denied  { remount } for  pid=3661 comm="syz.7.1290" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   65.469870][ T3666] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[   65.477941][ T3666] syz.7.1290: attempt to access beyond end of device
[   65.477941][ T3666] loop7: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   65.492344][ T3666] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[   65.500312][ T3666] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[   65.508421][ T3662] syz.7.1290: attempt to access beyond end of device
[   65.508421][ T3662] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[   65.522114][ T3666] syz.7.1290: attempt to access beyond end of device
[   65.522114][ T3666] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[   65.535575][ T3662] syz.7.1290: attempt to access beyond end of device
[   65.535575][ T3662] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[   65.549082][ T3666] syz.7.1290: attempt to access beyond end of device
[   65.549082][ T3666] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[   65.562740][ T3662] syz.7.1290: attempt to access beyond end of device
[   65.562740][ T3662] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[   65.588408][   T28] audit: type=1400 audit(2000000544.763:547): avc:  denied  { read } for  pid=3671 comm="syz.2.1294" path="socket:[28829]" dev="sockfs" ino=28829 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   65.690350][ T3676] loop5: detected capacity change from 0 to 2048
[   65.731086][ T1299] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[   65.809206][ T3678] loop4: detected capacity change from 0 to 512
[   65.832462][ T3678] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   65.850588][ T3678] ext4 filesystem being mounted at /289/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.889943][  T287] EXT4-fs (loop4): unmounting filesystem.
[   65.930990][ T1299] usb 9-1: Using ep0 maxpacket: 16
[   65.937317][ T1299] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   65.957362][ T1299] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[   65.973197][ T1299] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   65.991002][ T1299] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   66.010943][ T1299] usb 9-1: Product: syz
[   66.021652][ T1299] usb 9-1: Manufacturer: syz
[   66.032779][ T1299] usb 9-1: SerialNumber: syz
[   66.043463][ T3698] loop5: detected capacity change from 0 to 512
[   66.070273][ T3698] EXT4-fs: Ignoring removed mblk_io_submit option
[   66.077127][ T3698] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   66.100985][ T3698] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   66.132451][ T3698] EXT4-fs (loop5): 1 truncate cleaned up
[   66.138126][ T3698] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   66.154740][   T28] audit: type=1400 audit(2000000545.333:548): avc:  denied  { unmount } for  pid=3111 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   66.197872][ T1330] EXT4-fs (loop5): unmounting filesystem.
[   66.439469][   T28] audit: type=1326 audit(2000000545.613:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3748 comm="syz.7.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac01d8e9a9 code=0x7ffc0000
[   66.471502][ T1299] usb 9-1: 0:2 : does not exist
[   66.499858][   T28] audit: type=1326 audit(2000000545.613:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3748 comm="syz.7.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fac01d2ab89 code=0x7ffc0000
[   66.725139][ T3774] loop4: detected capacity change from 0 to 512
[   66.763115][ T3774] ext4: Unknown parameter 'fsname'
[   66.813170][ T3774] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1338'.
[   66.953640][ T3766] loop5: detected capacity change from 0 to 40427
[   66.980237][ T3766] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[   66.998426][ T3766] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[   67.047389][ T3766] F2FS-fs (loop5): Found nat_bits in checkpoint
[   67.080520][ T1299] usb 9-1: USB disconnect, device number 3
[   67.144877][ T3766] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[   67.158137][ T3766] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   67.201071][    C1] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured!
[   67.333453][ T2494] Bluetooth: hci0: Frame reassembly failed (-84)
[   67.730477][ T3827] loop8: detected capacity change from 0 to 40427
[   67.737405][ T3827] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12
[   67.745157][ T3827] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[   67.755385][ T3827] F2FS-fs (loop8): Found nat_bits in checkpoint
[   67.777801][ T3827] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[   67.784897][ T3827] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[   67.862352][ T3833] input: syz0 as /devices/virtual/input/input14
[   68.029947][ T3852] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1369'.
[   68.082311][ T3864] TCP: TCP_TX_DELAY enabled
[   68.083785][ T3863] loop8: detected capacity change from 0 to 512
[   68.103136][ T3863] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[   68.112140][ T3863] ext4 filesystem being mounted at /44/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.126550][ T3863] EXT4-fs (loop8): shut down requested (2)
[   68.136728][ T3325] EXT4-fs (loop8): unmounting filesystem.
[   68.152702][ T3874] loop4: detected capacity change from 0 to 128
[   68.160636][ T3874] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   68.169459][ T3874] ext4 filesystem being mounted at /308/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   68.215914][  T287] EXT4-fs (loop4): unmounting filesystem.
[   68.327695][ T2735] Bluetooth: hci1: Frame reassembly failed (-84)
[   68.400539][ T3919] loop5: detected capacity change from 0 to 512
[   68.408538][ T3919] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   68.418923][ T3919] EXT4-fs warning (device loop5): dx_probe:869: inode #2: comm syz.5.1399: Unimplemented hash flags: 0x0001
[   68.430846][ T3919] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.1399: Corrupt directory, running e2fsck is recommended
[   68.444200][ T3919] EXT4-fs error (device loop5): ext4_readdir:263: inode #2: block 3: comm syz.5.1399: path /172/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=4294967295, rec_len=7, size=1024 fake=0
[   68.483554][ T1330] EXT4-fs (loop5): unmounting filesystem.
[   68.613041][ T3938] SELinux: failed to load policy
[   68.722290][ T3940] loop5: detected capacity change from 0 to 40427
[   68.729324][ T3940] F2FS-fs (loop5): heap/no_heap options were deprecated
[   68.736376][ T3940] F2FS-fs (loop5): fault_injection options not supported
[   68.743520][ T3940] F2FS-fs (loop5): fault_type options not supported
[   68.750777][ T3940] F2FS-fs (loop5): invalid crc value
[   68.757403][ T3940] F2FS-fs (loop5): Found nat_bits in checkpoint
[   68.778781][ T3940] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   69.173013][   T28] kauditd_printk_skb: 3038 callbacks suppressed
[   69.173025][   T28] audit: type=1400 audit(2000000001.090:3589): avc:  denied  { bind } for  pid=3951 comm="syz.5.1421" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   69.187130][ T3954] syz.5.1413[3954] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   69.198984][ T3954] syz.5.1413[3954] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   69.361018][ T2326] Bluetooth: hci0: command 0x1003 tx timeout
[   69.378340][ T3663] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   70.401336][   T45] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   70.401374][ T3955] Bluetooth: hci1: command 0x1003 tx timeout
[   72.131289][ T3980] SELinux:  policydb version 1738335632 does not match my version range 15-33
[   72.142457][ T3980] SELinux: failed to load policy
[   72.246029][   T28] audit: type=1400 audit(2000000004.160:3590): avc:  denied  { create } for  pid=3995 comm="syz.7.1434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   72.267939][   T28] audit: type=1400 audit(2000000004.190:3591): avc:  denied  { bind } for  pid=3995 comm="syz.7.1434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   72.288355][   T28] audit: type=1400 audit(2000000004.200:3592): avc:  denied  { listen } for  pid=3995 comm="syz.7.1434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   72.427185][  T677] kernel write not supported for file /405/clear_refs (pid: 677 comm: kworker/0:3)
[   72.461800][ T4027] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1447'.
[   72.471189][ T4027] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1447'.
[   72.480489][ T4027] netlink: 38 bytes leftover after parsing attributes in process `syz.2.1447'.
[   72.497692][ T4032] netlink: 20 bytes leftover after parsing attributes in process `syz.8.1449'.
[   72.506976][ T4032] netlink: 20 bytes leftover after parsing attributes in process `syz.8.1449'.
[   72.745110][   T28] audit: type=1326 audit(2000000260.660:3593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4064 comm="syz.5.1463" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f01ed98e9a9 code=0x0
[   72.805557][ T4071] netlink: 'syz.8.1465': attribute type 15 has an invalid length.
[   72.908383][ T4081] sch_tbf: burst 0 is lower than device lo mtu (11337746) !
[   73.111103][  T677] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[   73.161824][ T4104] netlink: 'syz.2.1479': attribute type 15 has an invalid length.
[   73.219912][   T28] audit: type=1326 audit(2000000261.130:3594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4111 comm="syz.7.1483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac01d8e9a9 code=0x7ffc0000
[   73.244779][ T4115] audit: audit_backlog=65 > audit_backlog_limit=64
[   73.251429][ T4115] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[   73.259239][ T4115] audit: backlog limit exceeded
[   73.265061][   T28] audit: type=1326 audit(2000000261.130:3595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4111 comm="syz.7.1483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fac01d2ab89 code=0x7ffc0000
[   73.322054][  T677] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   73.336361][  T677] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   73.346283][  T677] usb 9-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[   73.358403][  T677] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   73.367356][  T677] usb 9-1: config 0 descriptor??
[   73.486615][ T4135] loop4: detected capacity change from 0 to 1024
[   73.509916][ T4135] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   73.544934][ T4135] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   73.561835][ T4135] ext4 filesystem being mounted at /325/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   73.622836][ T4135] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[   73.661461][ T4135] EXT4-fs (loop4): Remounting filesystem read-only
[   73.699070][ T4158] overlayfs: failed to clone upperpath
[   73.714015][  T287] EXT4-fs (loop4): unmounting filesystem.
[   73.747412][ T4163] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   73.787006][ T2763] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[   73.789201][  T677] hid-steam 0003:28DE:1142.0007: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.8-1/input0
[   73.807860][  T677] hid-steam 0003:28DE:1142.0008: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.8-1/input0
[   73.811746][ T2763] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   73.845090][ T2763] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[   73.853629][ T2763] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   73.862672][ T2763] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   73.873510][ T2763] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   73.882000][  T677] hid-steam 0003:28DE:1142.0007: Steam wireless receiver connected
[   73.894830][ T2763] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   73.903733][ T2763] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   73.912462][ T2763] IPv6: ADDRCONF(NETDEV_CHANGE): veth3: link becomes ready
[   73.920013][ T2763] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[   73.928035][ T2763] IPv6: ADDRCONF(NETDEV_CHANGE): veth5: link becomes ready
[   73.937374][ T2763] IPv6: ADDRCONF(NETDEV_CHANGE): veth4: link becomes ready
[   74.047357][ T4191] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   74.086487][ T4194] SELinux:  policydb version 1738335632 does not match my version range 15-33
[   74.108696][ T4194] SELinux: failed to load policy
[   74.182910][   T28] kauditd_printk_skb: 319 callbacks suppressed
[   74.182923][   T28] audit: type=1400 audit(2000000262.100:3915): avc:  denied  { wake_alarm } for  pid=4203 comm="syz.2.1522" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   74.291963][   T28] audit: type=1400 audit(2000000262.210:3916): avc:  denied  { setopt } for  pid=4217 comm="syz.2.1526" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   74.375578][ T1299] usb 9-1: USB disconnect, device number 4
[   74.386242][ T1299] hid-steam 0003:28DE:1142.0007: Steam wireless receiver disconnected
[   74.472919][ T4243] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1536'.
[   74.474861][ T4245] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4245 comm=syz.7.1537
[   74.938945][   T28] audit: type=1400 audit(2000000262.850:3917): avc:  denied  { sqpoll } for  pid=4250 comm="syz.4.1540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   75.005235][   T28] audit: type=1400 audit(2000000262.880:3918): avc:  denied  { read write } for  pid=3111 comm="syz-executor" name="loop7" dev="devtmpfs" ino=125 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   75.061371][   T28] audit: type=1400 audit(2000000262.880:3919): avc:  denied  { open } for  pid=3111 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=125 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   75.088601][   T28] audit: type=1400 audit(2000000262.880:3920): avc:  denied  { ioctl } for  pid=3111 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=125 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   75.119527][   T28] audit: type=1400 audit(2000000262.920:3921): avc:  denied  { bpf } for  pid=4268 comm="syz.8.1549" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   75.145102][   T28] audit: type=1400 audit(2000000262.920:3922): avc:  denied  { prog_load } for  pid=4268 comm="syz.8.1549" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   75.155582][ T4278] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1553'.
[   75.165363][   T28] audit: type=1400 audit(2000000262.920:3923): avc:  denied  { perfmon } for  pid=4268 comm="syz.8.1549" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   75.195536][   T28] audit: type=1400 audit(2000000262.950:3924): avc:  denied  { map_create } for  pid=4271 comm="syz.8.1550" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   75.201365][ T4279] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4279 comm=syz.8.1554
[   75.356496][ T4287] loop8: detected capacity change from 0 to 512
[   75.376604][ T4287] EXT4-fs error (device loop8): ext4_do_update_inode:5255: inode #16: comm syz.8.1557: corrupted inode contents
[   75.376819][ T4287] EXT4-fs error (device loop8): ext4_dirty_inode:6120: inode #16: comm syz.8.1557: mark_inode_dirty error
[   75.376980][ T4287] EXT4-fs error (device loop8): ext4_do_update_inode:5255: inode #16: comm syz.8.1557: corrupted inode contents
[   75.377117][ T4287] EXT4-fs error (device loop8): __ext4_ext_dirty:202: inode #16: comm syz.8.1557: mark_inode_dirty error
[   75.377305][ T4287] EXT4-fs error (device loop8): ext4_do_update_inode:5255: inode #16: comm syz.8.1557: corrupted inode contents
[   75.377439][ T4287] EXT4-fs error (device loop8) in ext4_orphan_del:305: Corrupt filesystem
[   75.377585][ T4287] EXT4-fs error (device loop8): ext4_do_update_inode:5255: inode #16: comm syz.8.1557: corrupted inode contents
[   75.377719][ T4287] EXT4-fs error (device loop8): ext4_truncate:4314: inode #16: comm syz.8.1557: mark_inode_dirty error
[   75.377849][ T4287] EXT4-fs error (device loop8) in ext4_process_orphan:347: Corrupt filesystem
[   75.378209][ T4287] EXT4-fs (loop8): 1 truncate cleaned up
[   75.378230][ T4287] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[   75.378527][ T4287] ext4 filesystem being mounted at /75/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   75.423545][ T3325] EXT4-fs (loop8): unmounting filesystem.
[   75.447617][ T4293] loop8: detected capacity change from 0 to 512
[   75.449603][ T4293] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[   75.479432][ T4293] EXT4-fs error (device loop8): ext4_find_inline_data_nolock:164: inode #17: comm syz.8.1559: inline data xattr refers to an external xattr inode
[   75.479851][ T4293] EXT4-fs error (device loop8): ext4_orphan_get:1405: comm syz.8.1559: couldn't read orphan inode 17 (err -117)
[   75.480010][ T4293] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[   75.493664][ T3325] VFS: Lookup of '.' in ext4 loop8 would have caused loop
[   75.691471][ T3325] VFS: Lookup of '.' in ext4 loop8 would have caused loop
[   75.755506][ T3325] EXT4-fs (loop8): unmounting filesystem.
[   75.900559][ T4318] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1569'.
[   75.903762][ T4318] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1569'.
[   75.903922][ T4318] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1569'.
[   76.210330][ T4340] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.224015][ T4340] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.232352][ T4340] device bridge_slave_0 entered promiscuous mode
[   76.241511][ T4340] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.248616][ T4340] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.256384][ T4340] device bridge_slave_1 entered promiscuous mode
[   76.289268][ T2715] device bridge_slave_1 left promiscuous mode
[   76.299086][ T2715] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.318861][ T2715] device bridge_slave_0 left promiscuous mode
[   76.361654][ T2715] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.370233][ T2715] device veth1_macvtap left promiscuous mode
[   76.388033][ T2715] device veth0_vlan left promiscuous mode
[   76.547446][ T4370] loop4: detected capacity change from 0 to 40427
[   76.566889][ T4370] F2FS-fs (loop4): invalid crc value
[   76.579840][ T4370] F2FS-fs (loop4): Found nat_bits in checkpoint
[   76.623205][ T4370] F2FS-fs (loop4): Start checkpoint disabled!
[   76.638261][ T4340] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.645360][ T4340] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.652687][ T4340] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.659729][ T4340] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.671183][ T4370] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[   76.735951][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   76.744308][ T2792] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.765803][ T2792] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.794277][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   76.814019][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   76.822376][ T2792] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.829455][ T2792] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.857477][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   76.866347][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   76.869332][ T4312] bio_check_eod: 31763 callbacks suppressed
[   76.869348][ T4312] kworker/u4:360: attempt to access beyond end of device
[   76.869348][ T4312] loop4: rw=1, sector=77824, nr_sectors = 2192 limit=40427
[   76.876582][ T2792] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.884921][ T4312] kworker/u4:360: attempt to access beyond end of device
[   76.884921][ T4312] loop4: rw=1, sector=80016, nr_sectors = 1904 limit=40427
[   76.894425][ T2792] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.914310][ T4340] device veth0_vlan entered promiscuous mode
[   76.934544][ T4312] kworker/u4:360: attempt to access beyond end of device
[   76.934544][ T4312] loop4: rw=1, sector=49152, nr_sectors = 2912 limit=40427
[   76.953036][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   76.955224][ T4312] kworker/u4:360: attempt to access beyond end of device
[   76.955224][ T4312] loop4: rw=1, sector=52064, nr_sectors = 1184 limit=40427
[   76.962630][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   76.986531][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   76.987343][ T4312] kworker/u4:360: attempt to access beyond end of device
[   76.987343][ T4312] loop4: rw=1, sector=57344, nr_sectors = 2048 limit=40427
[   76.994805][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   77.011736][ T4312] kworker/u4:360: attempt to access beyond end of device
[   77.011736][ T4312] loop4: rw=1, sector=59392, nr_sectors = 1240 limit=40427
[   77.017187][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   77.039174][ T4312] kworker/u4:360: attempt to access beyond end of device
[   77.039174][ T4312] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[   77.045922][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   77.061890][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   77.069923][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   77.078289][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   77.085841][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   77.100749][ T4340] device veth1_macvtap entered promiscuous mode
[   77.163759][ T4416] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.170991][ T4416] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.235359][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   77.256669][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   77.288308][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   77.342928][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   77.358408][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   77.368884][ T4436] loop7: detected capacity change from 0 to 512
[   77.377429][ T4436] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #11: comm syz.7.1619: invalid indirect mapped block 256 (level 2)
[   77.379729][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   77.391721][ T4436] EXT4-fs (loop7): 2 truncates cleaned up
[   77.405245][ T4436] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[   77.436399][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   77.445391][ T3111] EXT4-fs (loop7): unmounting filesystem.
[   77.453844][ T4426] kernel write not supported for file bpf-prog (pid: 4426 comm: kworker/0:8)
[   77.535413][ T4464] loop7: detected capacity change from 0 to 256
[   77.548621][ T4464] FAT-fs (loop7): Directory bread(block 1285) failed
[   77.559371][ T4464] FAT-fs (loop7): Directory bread(block 1285) failed
[   77.566560][ T4464] FAT-fs (loop7): Directory bread(block 1285) failed
[   77.573518][ T4464] FAT-fs (loop7): Directory bread(block 1285) failed
[   77.592543][ T4464] FAT-fs (loop7): Directory bread(block 1285) failed
[   77.599818][ T4464] FAT-fs (loop7): Directory bread(block 1285) failed
[   77.602335][ T4475] loop4: detected capacity change from 0 to 256
[   77.607264][ T4464] FAT-fs (loop7): FAT read failed (blocknr 1281)
[   77.613293][ T4475] exfat: Deprecated parameter 'utf8'
[   77.627572][ T4464] FAT-fs (loop7): Directory bread(block 1285) failed
[   77.628017][ T4475] exfat: Unknown parameter 'gi'
[   77.634841][ T4464] FAT-fs (loop7): FAT read failed (blocknr 1281)
[   77.649803][ T4464] FAT-fs (loop7): Directory bread(block 1285) failed
[   77.709785][ T4480] syz.7.1636[4480] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   77.709859][ T4480] syz.7.1636[4480] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   77.759620][ T4487] __nla_validate_parse: 5 callbacks suppressed
[   77.759640][ T4487] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1639'.
[   77.792765][ T4480] SELinux: failed to load policy
[   77.866254][ T4499] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1644'.
[   77.914171][ T4514] netlink: 24 bytes leftover after parsing attributes in process `syz.9.1652'.
[   78.081026][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[   78.097317][ T4545] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1666'.
[   78.143725][ T4543] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1666'.
[   78.157209][ T4426] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[   78.208610][ T4555] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.215867][ T4555] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.327220][ T4576] loop9: detected capacity change from 0 to 8192
[   78.351042][ T4426] usb 8-1: Using ep0 maxpacket: 32
[   78.357268][ T4426] usb 8-1: config index 0 descriptor too short (expected 156, got 27)
[   78.365501][ T4426] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[   78.376531][ T4426] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[   78.387694][ T4426] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[   78.400991][ T4426] usb 8-1: config 0 interface 0 has no altsetting 0
[   78.409004][ T4426] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[   78.418114][ T4426] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[   78.426588][ T4426] usb 8-1: Product: syz
[   78.430776][ T4426] usb 8-1: Manufacturer: syz
[   78.435424][ T4426] usb 8-1: SerialNumber: syz
[   78.441146][ T4426] usb 8-1: config 0 descriptor??
[   78.586270][ T4586] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.593349][ T4586] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.600653][ T4586] device bridge_slave_0 entered promiscuous mode
[   78.607868][ T4586] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.614997][ T4586] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.622524][ T4586] device bridge_slave_1 entered promiscuous mode
[   78.673193][ T4586] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.680257][ T4586] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.687562][ T4586] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.694652][ T4586] bridge0: port 1(bridge_slave_0) entered forwarding state
[   78.723270][ T2731] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   78.732401][ T2731] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.735535][  T677] usb 8-1: USB disconnect, device number 4
[   78.745421][ T2731] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.760485][ T2731] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   78.768796][ T2731] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.775924][ T2731] bridge0: port 1(bridge_slave_0) entered forwarding state
[   78.783530][ T2731] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   78.791811][ T2731] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.798873][ T2731] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.816632][ T2731] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   78.824974][ T2731] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   78.840811][ T2731] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   78.849873][ T2731] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   78.858283][ T2731] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   78.867940][ T2731] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   78.876222][ T2731] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   78.883892][ T2731] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   78.894333][ T4586] device veth0_vlan entered promiscuous mode
[   78.906415][ T2731] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   78.914764][ T2731] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   78.923917][ T4586] device veth1_macvtap entered promiscuous mode
[   78.933411][ T2731] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   78.941987][ T2731] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   78.950249][ T2731] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   78.961799][ T2731] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   78.970151][ T2731] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   79.072690][ T4626] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1702'.
[   79.255113][   T28] kauditd_printk_skb: 99 callbacks suppressed
[   79.255129][   T28] audit: type=1326 audit(2000000267.167:4024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4653 comm="syz.0.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818a38e9a9 code=0x7ffc0000
[   79.301425][   T28] audit: type=1326 audit(2000000267.167:4025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4653 comm="syz.0.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818a38e9a9 code=0x7ffc0000
[   79.325079][   T28] audit: type=1326 audit(2000000267.167:4026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4653 comm="syz.0.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f818a38e9a9 code=0x7ffc0000
[   79.356457][   T28] audit: type=1326 audit(2000000267.167:4027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4653 comm="syz.0.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818a38e9a9 code=0x7ffc0000
[   79.385976][   T28] audit: type=1326 audit(2000000267.167:4028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4653 comm="syz.0.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818a38e9a9 code=0x7ffc0000
[   79.420233][ T4670] loop7: detected capacity change from 0 to 1024
[   79.427423][   T28] audit: type=1400 audit(2000000267.204:4029): avc:  denied  { create } for  pid=4656 comm="syz.7.1715" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   79.448822][   T28] audit: type=1400 audit(2000000267.251:4030): avc:  denied  { mounton } for  pid=4656 comm="syz.7.1715" path="/104/file0" dev="tmpfs" ino=557 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   79.472020][ T2715] device bridge_slave_1 left promiscuous mode
[   79.472181][   T28] audit: type=1400 audit(2000000267.251:4031): avc:  denied  { execute } for  pid=4660 comm="syz.0.1717" name="file0" dev="tmpfs" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   79.480440][ T2715] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.508163][ T4670] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[   79.516966][ T4670] ext4 filesystem being mounted at /105/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.532705][ T4670] EXT4-fs error (device loop7): ext4_map_blocks:745: inode #15: block 1: comm syz.7.1719: lblock 1 mapped to illegal pblock 1 (length 1)
[   79.553531][   T28] audit: type=1400 audit(2000000267.251:4032): avc:  denied  { execute_no_trans } for  pid=4660 comm="syz.0.1717" path="/7/file0" dev="tmpfs" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   79.576915][ T2715] device bridge_slave_0 left promiscuous mode
[   79.576957][ T4670] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 1 with error 117
[   79.595592][ T4670] EXT4-fs (loop7): This should not happen!! Data will be lost
[   79.595592][ T4670] 
[   79.596305][ T2715] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.612570][   T28] audit: type=1400 audit(2000000267.326:4033): avc:  denied  { getopt } for  pid=4663 comm="syz.2.1718" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   79.619766][ T4678] EXT4-fs error (device loop7): ext4_map_blocks:745: inode #15: block 3: comm syz.7.1719: lblock 3 mapped to illegal pblock 3 (length 5)
[   79.669194][ T4678] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 5 with error 117
[   79.681592][ T4678] EXT4-fs (loop7): This should not happen!! Data will be lost
[   79.681592][ T4678] 
[   79.719049][ T3111] EXT4-fs (loop7): unmounting filesystem.
[   80.013191][  T677] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   80.070560][ T4730] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1745'.
[   80.209729][  T677] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   80.231483][  T677] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   80.251777][ T4750] syz.7.1754[4750] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   80.251850][ T4750] syz.7.1754[4750] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   80.259778][  T677] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   80.305226][  T677] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.323906][  T677] usb 5-1: config 0 descriptor??
[   80.622512][ T1415] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[   80.816050][ T1415] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   80.836357][ T1415] usb 8-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   80.846081][ T1415] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   80.869877][ T1415] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[   80.878956][ T1415] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   80.887022][ T1415] usb 8-1: Product: syz
[   80.891228][ T1415] usb 8-1: Manufacturer: syz
[   80.895847][ T1415] usb 8-1: SerialNumber: syz
[   80.906842][ T1415] hub 8-1:1.0: bad descriptor, ignoring hub
[   80.913154][ T1415] hub: probe of 8-1:1.0 failed with error -5
[   80.979229][  T677] usb 5-1: language id specifier not provided by device, defaulting to English
[   81.122113][ T1415] usblp 8-1:1.0: usblp0: USB Unidirectional printer dev 5 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[   81.409229][  T677] input: HID 256c:006d as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.0009/input/input15
[   81.433028][  T677] input: HID 256c:006d as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.0009/input/input16
[   81.449046][  T677] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.0009/input/input17
[   81.477470][  T677] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.0009/input/input18
[   81.501076][  T677] uclogic 0003:256C:006D.0009: input,hiddev96,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.4-1/input0
[   81.573461][ T4814] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1782'.
[   81.591659][ T4814] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1782'.
[   81.627486][  T677] usb 5-1: USB disconnect, device number 6
[   81.648857][ T1299] usb 8-1: reset high-speed USB device number 5 using dummy_hcd
[   81.855807][ T4853] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1798'.
[   82.007705][ T4867] SELinux: failed to load policy
[   82.183458][ T1299] usb 8-1: USB disconnect, device number 5
[   82.190697][ T1299] usblp0: removed
[   82.275251][ T4896] netlink: 'syz.2.1818': attribute type 12 has an invalid length.
[   82.624301][ T4312] Bluetooth: hci0: Frame reassembly failed (-84)
[   83.167507][ T4944] incfs: Options parsing error. -22
[   83.172833][ T4944] incfs: mount failed -22
[   83.275667][ T4957] loop4: detected capacity change from 0 to 256
[   83.282861][ T4957] FAT-fs (loop4): bogus number of FAT sectors
[   83.286306][ T4961] __nla_validate_parse: 7 callbacks suppressed
[   83.286325][ T4961] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1847'.
[   83.289247][ T4957] FAT-fs (loop4): Can't find a valid FAT filesystem
[   83.422893][ T4972] general protection fault, probably for non-canonical address 0xdffffc000000005b: 0000 [#1] PREEMPT SMP KASAN
[   83.434653][ T4972] KASAN: null-ptr-deref in range [0x00000000000002d8-0x00000000000002df]
[   83.443069][ T4972] CPU: 0 PID: 4972 Comm: syz.5.1853 Not tainted 6.1.141-syzkaller-00042-g96160a0e0aa1 #0
[   83.452880][ T4972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   83.462953][ T4972] RIP: 0010:find_match+0xb7/0xf20
[   83.468003][ T4972] Code: 7c 05 00 00 74 08 48 89 df e8 65 67 63 fd 48 89 d8 bb d8 02 00 00 48 03 18 48 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 df e8 3b 67 63 fd 48 8b 1b 48 85 db 0f 84
[   83.487637][ T4972] RSP: 0018:ffffc90001346940 EFLAGS: 00010202
[   83.493712][ T4972] RAX: 000000000000005b RBX: 00000000000002d8 RCX: dffffc0000000000
[   83.501687][ T4972] RDX: ffff8881252fd100 RSI: 0000000000000000 RDI: 0000000000000000
[   83.509668][ T4972] RBP: ffffc900013469f8 R08: ffffc90001346d20 R09: ffffc90001346d30
[   83.517656][ T4972] R10: 0000000000000000 R11: 1ffff92000268dc6 R12: 0000000000000201
[   83.525638][ T4972] R13: 1ffff110237c6e64 R14: 0000000000000000 R15: 0000000000000002
[   83.533620][ T4972] FS:  00007f01ed7ff6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   83.542561][ T4972] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   83.549133][ T4972] CR2: 0000200000001000 CR3: 000000010c441000 CR4: 00000000003506b0
[   83.557094][ T4972] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   83.565047][ T4972] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   83.573010][ T4972] Call Trace:
[   83.576296][ T4972]  <TASK>
[   83.579222][ T4972]  ? __bpf_get_stack+0x3b0/0x4f0
[   83.584157][ T4972]  ? __kernel_text_address+0xd/0x30
[   83.589361][ T4972]  rt6_nh_find_match+0xd9/0x140
[   83.594214][ T4972]  nexthop_for_each_fib6_nh+0x107/0x200
[   83.599747][ T4972]  ? __cfi_rt6_nh_find_match+0x10/0x10
[   83.605217][ T4972]  __find_rr_leaf+0x50f/0x900
[   83.609912][ T4972]  ? rt6_remove_exception+0x330/0x330
[   83.615287][ T4972]  ? unwind_get_return_address+0x4d/0x90
[   83.620925][ T4972]  fib6_table_lookup+0x2c1/0x9a0
[   83.625859][ T4972]  ? __cfi_fib6_table_lookup+0x10/0x10
[   83.631307][ T4972]  ? 0xffffffffa0000660
[   83.635462][ T4972]  ip6_pol_route+0x14c/0x1110
[   83.640143][ T4972]  ? __cfi_ip6_pol_route+0x10/0x10
[   83.645258][ T4972]  ? 0xffffffffa0000660
[   83.649398][ T4972]  ? is_bpf_text_address+0x177/0x190
[   83.654680][ T4972]  ip6_pol_route_output+0x51/0x80
[   83.659699][ T4972]  ? __cfi_ip6_pol_route_output+0x10/0x10
[   83.665413][ T4972]  fib6_rule_action+0x1d5/0x720
[   83.670358][ T4972]  fib_rules_lookup+0x4ae/0x900
[   83.675292][ T4972]  ? __cfi_fib_rules_lookup+0x10/0x10
[   83.680665][ T4972]  fib6_rule_lookup+0x179/0x580
[   83.685512][ T4972]  ? __cfi_ip6_pol_route_output+0x10/0x10
[   83.691243][ T4972]  ? __cfi_fib6_rule_lookup+0x10/0x10
[   83.696618][ T4972]  ? __cfi_ip6_pol_route_output+0x10/0x10
[   83.702336][ T4972]  ? memcpy+0x56/0x70
[   83.706319][ T4972]  ip6_route_output_flags_noref+0x283/0x340
[   83.712290][ T4972]  ip6_route_output_flags+0x3c/0x200
[   83.717568][ T4972]  vti6_tnl_xmit+0x6e2/0x1980
[   83.722239][ T4972]  ? __kasan_check_write+0x14/0x20
[   83.727345][ T4972]  ? skb_network_protocol+0x505/0x750
[   83.732713][ T4972]  ? __cfi_vti6_tnl_xmit+0x10/0x10
[   83.737819][ T4972]  dev_hard_start_xmit+0x20b/0x750
[   83.743013][ T4972]  __dev_queue_xmit+0x18d9/0x3420
[   83.748042][ T4972]  ? __dev_queue_xmit+0x250/0x3420
[   83.753149][ T4972]  ? __cfi___dev_queue_xmit+0x10/0x10
[   83.758519][ T4972]  ? __kasan_check_write+0x14/0x20
[   83.763629][ T4972]  ? skb_release_data+0x1d2/0x890
[   83.768654][ T4972]  ? skb_ensure_writable+0x2f8/0x470
[   83.773934][ T4972]  ? __kasan_check_write+0x14/0x20
[   83.779039][ T4972]  ? pskb_expand_head+0xc4a/0x1210
[   83.784140][ T4972]  __bpf_redirect+0x8db/0x1130
[   83.788911][ T4972]  bpf_clone_redirect+0x26a/0x3c0
[   83.793941][ T4972]  bpf_prog_6893982b85ceadf7+0x56/0x5b
[   83.799390][ T4972]  ? kasan_set_track+0x60/0x70
[   83.804190][ T4972]  ? kasan_set_track+0x4b/0x70
[   83.809286][ T4972]  ? kasan_save_alloc_info+0x25/0x30
[   83.814565][ T4972]  ? __kasan_slab_alloc+0x72/0x80
[   83.819591][ T4972]  ? slab_post_alloc_hook+0x4f/0x2d0
[   83.824867][ T4972]  ? kmem_cache_alloc+0x16e/0x330
[   83.829877][ T4972]  ? build_skb+0x2a/0x220
[   83.834201][ T4972]  ? bpf_prog_test_run_skb+0x39f/0x1290
[   83.839737][ T4972]  ? bpf_prog_test_run+0x3e3/0x630
[   83.844833][ T4972]  ? __sys_bpf+0x56d/0x780
[   83.849246][ T4972]  ? __x64_sys_bpf+0x7c/0x90
[   83.853830][ T4972]  ? x64_sys_call+0x488/0x9a0
[   83.858497][ T4972]  ? do_syscall_64+0x4c/0xa0
[   83.863071][ T4972]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   83.869138][ T4972]  ? ktime_get+0x141/0x170
[   83.873557][ T4972]  bpf_test_run+0x349/0x8d0
[   83.878052][ T4972]  ? __kasan_slab_alloc+0x72/0x80
[   83.883066][ T4972]  ? convert___skb_to_skb+0x5b0/0x5b0
[   83.888431][ T4972]  ? __cfi_eth_type_trans+0x10/0x10
[   83.893621][ T4972]  ? convert___skb_to_skb+0x40/0x5b0
[   83.898898][ T4972]  bpf_prog_test_run_skb+0xaec/0x1290
[   83.904269][ T4972]  ? __cfi_bpf_prog_test_run_skb+0x10/0x10
[   83.910064][ T4972]  bpf_prog_test_run+0x3e3/0x630
[   83.915005][ T4972]  ? bpf_prog_query+0x270/0x270
[   83.919860][ T4972]  ? selinux_bpf+0xce/0xf0
[   83.924283][ T4972]  ? security_bpf+0x93/0xb0
[   83.928790][ T4972]  __sys_bpf+0x56d/0x780
[   83.933042][ T4972]  ? bpf_link_show_fdinfo+0x320/0x320
[   83.938424][ T4972]  ? fpregs_restore_userregs+0x128/0x260
[   83.944053][ T4972]  __x64_sys_bpf+0x7c/0x90
[   83.948481][ T4972]  x64_sys_call+0x488/0x9a0
[   83.952997][ T4972]  do_syscall_64+0x4c/0xa0
[   83.957415][ T4972]  ? clear_bhb_loop+0x30/0x80
[   83.962081][ T4972]  ? clear_bhb_loop+0x30/0x80
[   83.966770][ T4972]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   83.972671][ T4972] RIP: 0033:0x7f01ed98e9a9
[   83.977088][ T4972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.996691][ T4972] RSP: 002b:00007f01ed7ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   84.005125][ T4972] RAX: ffffffffffffffda RBX: 00007f01edbb5fa0 RCX: 00007f01ed98e9a9
[   84.013100][ T4972] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a
[   84.021065][ T4972] RBP: 00007f01eda10d69 R08: 0000000000000000 R09: 0000000000000000
[   84.029028][ T4972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   84.037007][ T4972] R13: 0000000000000000 R14: 00007f01edbb5fa0 R15: 00007ffe1b842288
[   84.044995][ T4972]  </TASK>
[   84.048019][ T4972] Modules linked in:
[   84.051981][ T4972] ---[ end trace 0000000000000000 ]---
[   84.057456][ T4972] RIP: 0010:find_match+0xb7/0xf20
[   84.062513][ T4972] Code: 7c 05 00 00 74 08 48 89 df e8 65 67 63 fd 48 89 d8 bb d8 02 00 00 48 03 18 48 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 df e8 3b 67 63 fd 48 8b 1b 48 85 db 0f 84
[   84.082170][ T4972] RSP: 0018:ffffc90001346940 EFLAGS: 00010202
[   84.088305][ T4972] RAX: 000000000000005b RBX: 00000000000002d8 RCX: dffffc0000000000
[   84.096297][ T4972] RDX: ffff8881252fd100 RSI: 0000000000000000 RDI: 0000000000000000
[   84.104324][ T4972] RBP: ffffc900013469f8 R08: ffffc90001346d20 R09: ffffc90001346d30
[   84.104364][ T4976] xt_hashlimit: size too large, truncated to 1048576
[   84.112341][ T4972] R10: 0000000000000000 R11: 1ffff92000268dc6 R12: 0000000000000201
[   84.112363][ T4972] R13: 1ffff110237c6e64 R14: 0000000000000000 R15: 0000000000000002
[   84.112374][ T4972] FS:  00007f01ed7ff6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   84.112389][ T4972] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   84.112400][ T4972] CR2: 0000200000001000 CR3: 000000010c441000 CR4: 00000000003506b0
[   84.112416][ T4972] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   84.112427][ T4972] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   84.112438][ T4972] Kernel panic - not syncing: Fatal exception in interrupt
[   84.112672][ T4972] Kernel Offset: disabled
[   84.185974][ T4972] Rebooting in 86400 seconds..