last executing test programs:

2m3.56738675s ago: executing program 1 (id=13630):
r0 = syz_open_dev$media(&(0x7f00000012c0), 0x66, 0x180502)
ioctl$MEDIA_IOC_G_TOPOLOGY(r0, 0xc0487c04, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f00000003c0)=[{}, {0x0, <r1=>0x80000000}, {0x0, 0x80000000, 0x0, {<r2=>0x0}}, {}], 0x0, 0x0, 0x0})
ioctl$MEDIA_IOC_SETUP_LINK(r0, 0xc0347c03, &(0x7f0000000100)={{0x80000000, 0x0, 0x4, [0xffffffff, 0x7]}, {r1, r2, 0x6, [0xa, 0xf7]}, 0x4, [0x3, 0xffffb4b5]})

2m3.32155205s ago: executing program 1 (id=13634):
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000180)=@generic={0x0, r0}, 0x18)

2m3.111444258s ago: executing program 1 (id=13637):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x84, @loopback, 0x0, 0x0, 'wlc\x00', 0x0, 0x1}, 0x2c)
syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @dest_unreach={0x3, 0x4, 0x0, 0x0, 0x1, 0x4, {0x5, 0x4, 0x0, 0x8, 0x1, 0x64, 0x9, 0x81, 0x32, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast}}}}}}, 0x0)

2m2.73006026s ago: executing program 1 (id=13642):
syz_mount_image$exfat(&(0x7f00000009c0), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000002f80)={[{@utf8}, {}, {@uid={'uid', 0x3d, 0xee01}}, {@iocharset={'iocharset', 0x3d, 'cp866'}}, {@errors_remount}, {@utf8}, {@errors_remount}, {@dmask={'dmask', 0x3d, 0x4}}, {@time_offset={'time_offset', 0x3d, 0x6}}, {@errors_remount}]}, 0x4, 0x153c, &(0x7f0000003080)="$eJzs3Am4TtX6APD3XWvt45D0dZLhsNZ6N18yLJIkQ5IMSZIkSaaEpJNcSUgcMiUdkpAMh2Q4hGQ4cdIxz/OQkCSdJAnJlKz/c8JV/7r3dkf3uef9Pc9+vvXutdfa7/7eb9uDh286D6nRqGbVBkQE/xS88JEIALEAMAAArgGAAADKxpWNy+zPLjHxn9sJ+9d6KOVKZ8CuJK5/1sb1z9q4/lkb1z9r4/pnbVz/rI3rn7Vx/RnLyjZNy38tL1l34ff/WRlf//+HZJQc88Waktd3AYj5o0O4/lkb1/9/VvBHNuL6Z21c/6wq9konwP4L8PmfFWT7iz1c/6yN689YVnal3z//+xf5V/shkhW+g79y/IwxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG2H/AaX+ZAoBL7SudF2OMMcYYY4wxxv51fLYrnQFjjDHGGGOMMcb+/RAESFAQQAxkg1jIDjlAAMDVkAuugQhcC3FwHeSG6yEP5IV8kB/ioQAUBA0GLBCEUAgKQxRugCJwIxSFYlAcSoCDklAKboLScDOUgVugLNwK5eA2KA8VoCJUgtuhMtwBVeBOqAp3QTWoDjWgJtwNteAeqA33Qh24D+rC/VAPHoD68CA0gIegITwMjeARaAyPQhNoCs2gObT4h8a/AN3hRegBPSERekFveAn6QF/oB/1hALwMA+EVGASvQhIMhiHwGgyF12EYvAHDYQSMhDdhFLwFo2EMjIVxkAzjYQK8DRPhHZgEk2EKTIUUmAbT4V2YATNhFrwHs+F9mANzYR7Mh1T4ABbAQkiDD2ERfATpsBiWwFJYBsthBayEVbAa1sBaWAfrYQNshE2wGbbAVtgG22EHfAw74RPYBbthz5/r9/eMP/WL8Z/CXuiCgIACBSpUGIMxGIuxmANzYE7MibkwF0YwgnEYh7kxN+bBPJgP82E8xmNBLIgGDRISFsJCGMUoFsEiWBSLYnEsjg4dlsJSWBpvxjJYBstiWSyH5bA8VsAKWAkrYWWsjFWwClbFqlgNq2ENrIF3493YC2tjbayDdbAu1r30egobYANsiA2xETbCxtgYm2ATbIbNsAW2wJbYElthK2yDbbAttsV22A4TMAHbY3vsgB2wI3bETtgJO2Nn7IJdsWvGC9kAX8QXsSdWE72wN/bGPpiUrR/2x/74Mg7EV/AVfBWTcDAOwdfwNXwdh+FJHI4jcCSOxMriLRyNY5DEOEzGZJyAE3AiTsRJOBkn41RMwWk4HafjDJyJM/E9nI3v4/s4F+fifEzFVFyACzEN03ARnsJ0XIxLcCkuw+W4DFfiKlyJa3AtrsH1uB434kbcjJtxK27F7bgdP0YFgJ/gbtyNSbgX9+I+3If7cT8ewAOYgRl4EA/iITyEh/EwHsEjeBSP4XE8hifwBJ7EU3gaT+NZPIvn8Ln4rxp+XGx1EohMSigRI2JErIgVOUQOkVPkFLlELhEREREn4kRukVvkEXlEPpFPxIt4UVAUFEYYQSKMAQARFVFRRBQRRUVRUVwUF044UUqUEqVFaVFGlBFlxa2inLhNlBcVRGtXSVQSlUUbV0XcKaqKqqKaqC5qiJqipqglaonaoraoI+qIuqKuqCceEPVFL+yHD4nMyjQSg7GxGIJNRFMhL54BLcUwbCVaizbiCTECh2M70dIliKdFezEaO4g/iTH4rOgkxmFn8bzoIrqKbuIF0V20cj1ETzEJe4neYir2EX1FP9FfzMDq4j2cnb2GeFUkicFiiHhNzMfXxTDxhhguRoiR4k0xSrwlRosxYqwYJ5LFeDFBvC0minfEJDFZTBFTRYqYJqaLd8UMMVPMEu+J2eJ9MUfMFfPEfJEqPhALxEKRJj4Ui8RHIl0sFkvEUrFMLBcrxEqxSqwWa8RasU6sFxvERrFJbBZbxFax7fR2sUN8LHaKT8QusVvsEZ+KveIzsU98LvaLL8QB8aXIEF+Jg+JrcUh8Iw6Lb8UR8Z04Ko6J4+J7cUL8IE6KU+K0OCPOih/FOfGTOC+8AIlSSCmVDGSMzCZjZXaZQ14lc8oAev387V4r4+R1Mre8XuaReWU+mV/GywKyoNTSSCtJhrKQLCyj8gZZRN4oi8pisrgsIZ0sKUvJm2RpebMsI2+RZeWtspy8TZaXFWRFWUneLivLOyRELlSwmqwua8ia8m6ZCPfI2vJeWUfeJ+vK+2U9+YCsLx+UDeRDsqF8WDaSj8jG8lHZRDaVzWRz2UI+JlvKx2Ur2Vq2kU/ItvJJ2U4+JRPk07K99Bd/Is/KTvI52Vk+L7vIrrKb/Emel172kD0l9ALZW74k+8i+sp/sLwfIl+VA+YocJF+VSXKwHCJfk0Pl63KYfEMOlyPkSPmmHCXfkqPlGDlWjpPJcrycIN+WE+U7cpKcLKfIqTJFTpP9Ls40S8q/Of7tX47PvPTKaXLQz3vfKDfJzXKL3Cq3ye1yh/xY7pQ75S65S+6Re+ReuVfuk/vkfrlfHpAHZIbMkAflQXlIHpKH5WF5RB6RR+UxeUZ+L0/IH+RJeUqekmfkWXlWnrv4HYBCJZRUSgUqRmVTsSq7yqGuUjnV1SqXukZF1LUqTl2ncqvrVR6VV+VT+VW8KqAKKq2MsopUqAqpwiqqbsCLp6Mqrkoop0qqUuqmv2e8KqJuVEVVsV+Nv5Rf4l/Ir4VqoVqqlqqVaqXaqDaqrWqr2ql2KkElqPaqveqgOqiOqqPqpDqpzqqz6qK6qG6qm+quuqseqodKVImqt3pJ9VF9VT/VXw1QL6uBaqAapAapJJWkhqghaqgaqoapYWq4Gq5GqpFqlBqlRqvRaqwaq5JVspqgJqiJaqKapCapKWqKSlEparqarmaoGWqWmqVmq9lqjpqj5ql5KlWlqgVqgUpTaWqRWqTS1WK1WC1VS9VytVytVCvVarVarVVr1Xq1XqWrTWqT2qK2qG1qm9qhdqidaqfapXapPWqP2qv2qn1qn9qv9qsD6oDKUBnqoDqoDqlD6rA6rI6oI+qoOqqOq+PqhDqhTqqT6rQ6rc6qs+qcOqfOq/MKAgEiEIEKVBATxASxQWyQI8gR5AxyBrmCXEEkiARxQVyQO7g+yBPkDfIF+YP4oEBQMNCBCWwgLhY9GtwQFAluDIoGxYLiQYnABSWDUsFNQeng5qBMcEtQNrg1KBfcFpQPKgQVg0rB7UHl4I6gSnBnUDW4K6gWVA9qBDWDu4NawT1B7eDeoE5wX1A3uD+oFzwQ1A8yf1oPBQ2Dh4NGwSNB4+DRoEnQNGgWNA9a/EvmfzBoEGTO7/3JvI+7HrqnTtS9dG/9ku6j++p+ur8eoF/WA/UrepB+VSfpwXqIfk0P1a/rYfoNPVyP0CP1m3qUfkuP1mP0WD1OJ+vxeoJ+W0/U7+hJerKeoqfqFD1NT9fv6hl6pp6l39Oz9ft6jp6r5+n5OlV/oBfohTpNf6gX6Y90ul6sl+ileplerlfolXqVXq3X6LV6nV6vN+iNepPerLforXqb3q536I/1Tv2J3qV36z36U71Xf6b36c/1fv2FPqC/1Bn6K31Qf60P6W/0Yf2tPqK/00f1MX1cf69P6B/0SX1Kn9Zn9Fn9oz6nf9Lntc+8uc+8vBtllIkxMSbWxJocJofJaXKaXCaXiZiIiTNxJrfJbfKYPCafyWfiTbwpaAqaTGTIFDKFTNRETRFTxBQ1RU1xU9w440wpU8qUNqVNGVPGlDVlTTlTzpQ35U1FU9Hcbm43d5g7zJ3mTnOXuctUN9VNTVPT1DK1TG1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MM9PMtDAtTEvT0rQyrUwb08a0NW1NO9POJJgE0960Nx1MB9PRdDSdTCfT2XQ2XUwX0810M91Nd9PD9DCJJtH0Nr1NH9PH9DP9zAAzwAw0A80gM8gkmSQzxAwxQ81QM8wMM8PNCDMy80bVvGVGmzFmrBlnkk2ymWAmmIlmoplkJpkpZopJMSlmupluZpgZZpaZZWab2WaOmWPmmXkm1aSaBWaBSTNpZpFZZNJNullilphlZplZYVaYVWaVWWPWmHWwzmwwG8wms8lsMVvMNrPN7DA7zE6z0+wyu8wes8fsNXvNPrPP7Df7zQFzwGSYDHPQHDSHzCFz2Bw2R8wRc9QcNcfNcXPCnDAnDSiA0+asyXvxeulNrM1uc9irbE57tc1lr7H/P85n89t4W8AWtNrmsXl/FRtrbVFbzBa3JayzJW0pe9Nv4vK2gq1oK9nbbWV7h63ym7iWvcfWtvfaOvY+W9Pe/au4rr3f1rOP2PqIALapbWib20b2EdvYPmqb2Ka2mW1u29onbTv7lE2wT9v29pnfxAvsQrvKrrZr7Fq7y+62p+0Ze8h+Y8/aH20P29MOsC/bgfYVO8i+apPs4N/EI+2bdpR9y462Y+xYO+438RQ71abYaXa6fdfOsDN/E6faD+xsm2bn2Ll2np3/c5yZU5r90C6yH9l0G8ASu9Qus8vtCrvyz7kutevtBrvR7rSf2C12q91mt9sdl26E7W67x35q99rP7EH7td1vv7AH7GGbYb/6Oc48vsP2W3vEfmeP2mP2uP3enrA/qEujM4/9e/uTPW+9BUICkqQooBjKRrGUnXLQVZSTrqZcdA1F6FqKo+soN11PeSgv5aP8FE8FqCBpMmSJKKRCVJiidANdSq84lSBHJakU3USl6WYqQ7dQWbqVytFtVJ4qUEWqRLdTZbqDqtCdVJXuompUnWpQTbqbatE9VJvupTp0H9Wl+6kePUD16UFqQA9RQ3qYGtEj1JgepSbUlJpRc2pBj1FLepxaUWtqQ09QW3qS2tFTlEBPU3t6hjrQn6gjPUud6DnqTM9TF+pK3egF6k4vUg/qSYnUi3rTS9SH+lI/6k8D6GUaSK/QIHqVkmgwDaHXaCi9TsPoDRpOI2gkvUmj6C0aTWNoLI2jZBpPE+htmkjv0CSaTFNoKqXQNJpO79IMmkmz6D2aTe/THJpL82g+pdIHtIAWUhp9SIvoI0qnxbSEltIyWk4raCWtotW0htbSOlpPG2gjbaLNtIW20jbaTjvoY9pJn9Au2k176FPaS5/RPvqc9tMXdIC+pAz6ig7S13SIvqHD9K3vSd/RUTpGx+l7OkE/0Ek6RafpDJ2lH+kc/UTnyROEGIpQhioMwpgwWxgbZg9zhFeFOcOrw1zhNWEkvDaMC68Lc4fXh3nCvGG+MH8YHxYIC4Y6NKENKQzDQmHhMBreEBYJbwyLhsXC4mGJ0IUlw1LhTWHp8OawTHhLWDa8NSwX3haWDyuEj9xXKbw9rBzeEVYJ7wyrhneF1cLqYY2wZnh3WCu8J6wd3hvWCe8Ly4T3h/XCB8L64YNhg/ChsGH4cNgofCRsHD4aNgmbhs3C5mGL8LGwZfh42CpsHbYJnwjbhk+G7cKnwoTw6bB9+MzP/fcv/Mv9iWGvsHf4UvhS6P29cl50fjQ1+kF0QXRhNC36YXRR9KNoenRxdEl0aXRZdHl0RXRldFV0dXRNdG10XXR9dEN0Y9T7mtnAoRNOOuUCF+OyuViX3eVwV7mc7mqXy13jIu5aF+euc7nd9S6Py+vyufwu3hVwBZ12xllHLnSFXGEXdTe4Iu5GV9QVc8VdCedcSVfKNXctXAvX0j3uWrnWro17wj3hnnRPuqfcU+5p19494zq4P7mO7lnXyT3nnnPPuy6uq+vmXnDd3fhcF87JRNfb9XZ9XB/Xz/VzA9wAN9ANdIPcIJfkktwQN8QNdUPdMDfMDXfD3Ug30o1yo9xoN9qNdWNdskt2E9wEN9FNdJPcJDfFTXEpLsVNd9PdDDfDVZ55YS9z3Bw3z81zqS7VLXCZ94xpbpFb5NJdulvilrhlbplb4Va4VW6VW+PWuHVundvgNrhNbpPb4ra4bW6b2+F2uJ1up9vlr7kwqdvr9rl9br/b7w64L12G+8oddF+7Q+4bd9h9646479xRd8wdd9+7E+4Hd9KdcqfdGXfW/ejOuZ/ceeddcmR8ZELk7cjEyDuRSZHJkSmRqZGUyLTI9Mi7kRmRmZFZkfcisyPvR+ZE5kbmReZHUiMfRBZEFkbSIh9GFkU+iqRHFkeWRJZGlkWWR7wvsCX0hXxhH/U3+CL+Rl/UF/PFfQnvfElfyt/kS/ubfRl/iy/rb/Xl/G2+vK/gK/pHfRPf1DfzzX0L/5hv6R/3rXxr38Y/4dv6J307/5RP8E/79v4Z38H/yXf0z/pO/jnf2T/vu/iuvpt/wXf3L/oevqdP9L18b/+S7+P7+n6+vx/gX/YD/St+kH/VJ/nBfoh/zQ/1r/th/g0/3I/wI2Pe9KMuPSLDOJ/sx/sJ/m0/0b/jJ/nJfoqf6lP8ND/dv+tn+Jl+ln/Pz/bv+zl+rp/n5/tU/4Ff4Bf6NP+hX+Q/8ul+8aWXkn6FX+lX+dV+jV/r1/n1foPf6Df5zX6L3+q3+e1+h//Y7/Sf+F1+t9/jP/V7/Wd+n//c7/df+AP+S5/hv/IH/df+kP/GH/bf+iP+O3/UH/PH/ff+hP/Bn/Sn/Gl/xp/1P/pz/id/nv/NGmOMMcbYHzL+cvPSq9yYCx8XXuf3+p0x4hcb9waAq7fmz/hlf+Yd5bo8F9p9RXzbCAA83bPzQ5eWatUSExMvbpsuISg8F+DS3wT9OYGL8WJoA09CArSG0r+bf1/R9Sz9jfmjtwLk+MWYWLgcX57/cwBM/J35H3ti5IJy4em4vzL/XICihS+PyQ6X48XQ5uf3K62hzF/IP2/Lv5F/9i+SAVr9YkxOuBxfzr8UPA7PQMKvtvwr2v6xzRhjjDHGGGOM/W/oKyp2vPT8GVxc93vP5/Hq8phscDn+W8/njDHGGGOMMcYYu/Ke7drtqccSElp3/PsbVf6hUX+40Rh+rwvg37rTrNzwHuDSGgUA/+SEAJkN+Z88is3/kX0lXTx1/n/XsjM+gP+OUv7jjbF/XnOF/2BijDHGGGOM/ctdvvv/9Xp1pRJijDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcayoP/E/yt2pY+RMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYu9L+LwAA//8j8vzJ")
open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)

2m2.120172855s ago: executing program 1 (id=13650):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000400)={'bond0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0305000000000000140012800c0001006d6163766c616e000400028008000500", @ANYRES32=r1, @ANYBLOB="0a000100aa"], 0x48}}, 0x0)

2m1.515072914s ago: executing program 1 (id=13661):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x70bd2c, 0x0, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x2}, @NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8}}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x55ebfcb85e78e904}, 0x4)

2m0.992813758s ago: executing program 32 (id=13661):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x70bd2c, 0x0, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x2}, @NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8}}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x55ebfcb85e78e904}, 0x4)

46.388005931s ago: executing program 6 (id=14403):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net\x00')
fcntl$notify(r0, 0x402, 0x1)
readv(r0, 0x0, 0x0)

46.196769741s ago: executing program 6 (id=14405):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000002200)={0x0, 0x0, &(0x7f00000021c0)={&(0x7f0000002140)=ANY=[@ANYBLOB="1c000000010401040000e26624ea00000a0000040500010001"], 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x20000004)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x24, 0x1, 0x4, 0x5, 0x0, 0x0, {0x1, 0x0, 0x4}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}, @NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x4050)

46.0307948s ago: executing program 6 (id=14409):
setreuid(0x0, 0xee00)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$ARPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x63, 0x0, &(0x7f0000000640))

45.794858758s ago: executing program 6 (id=14413):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000580)={[{@nomblk_io_submit}, {@journal_dev={'journal_dev', 0x3d, 0x3f2}}, {@noload}]}, 0x3, 0x482, &(0x7f0000001240)="$eJzs3M9rHFUcAPDvTLJpY6qJtf5q/RGtYhFNmrZqDx5UFDxUEBTU45LEUptWaSLYEjD1UE8ignfx6L/gSS8ingSvepdCkV5sPa3Mzkyym2w22XQ3W93PB7b9vvmR974783bfzNvdAAbWZPZPErEvIn6PiPG82LzBZP7fjevLszevL88mUau99VdS3+7v68uz5ablfmONhUjiUIt6Fy9eOltdWJi/UJSnl859NL148dKzZ85VT8+fnj9/7OTJE8dnXnj+2HNdyXMs0iJ6/b2v3jj1RVP+6/Loksl2K5+s1bpcXX/d2RAP97EddGaoOF6Vev8fj6GGozcer322Wvi0Tw0EeqZWq9XGNl+9UgP+x5JoLuvyMCjKN/ry+rfVdfBLPRt99N+1l/MLoCzvG8UjXzO8esegsu76tpsmI+LdlX++yR7Rm/sQAABNfsjGP89ko53l2WzssTb+SOO+hu3uKuaGJiLi7ojYHxH3xPk4EBH3RtS3vT8iHuiw/oZJkvowc+P4J7264+S2IRv/vVjMbTWP/8rRX0wM1UsX80JUkvfPLMwfLZ6TI1HZk5Vn2tTx46u/fbnZusbxX/bI6i/HgkU7rg7vad5nrrpU3XnGza5djjg43Cr/ZHUmIImIByPiYKs/kG5dx5mnv3tos3Vb599GFyaaat9GPJUf/5VYl38paT8/Ob03FuaPTpdnxUa//Hrlzc3qX5f/3ugk/y7Ijv8dLc//1fwnksb52sXO67jyx+ebXtNMVoqgg/N/pbpUHUnerscjxbJPqktLF2YiRpJTeaMblx9b27csl9tn+R853Lr/74+1Z+JQRGQn8cMR8UhEPFocu8ci4vGIONwm/59feeKD9ctGy/xv5fzvgiz/uY6O/1owEs1L0hbbZMHQ2Z++b6p0Yi0s8r/Z/vXvRD06UizZzuvfxla0Dm71+QMAAID/gjQi9kWSTq3GaTo1lX+G/0A+9Z35+Pxc/h2Biaik5Z2u8Yb7oTPFZX1evhwR+UcLyvXHI63fN/56aLRenpr9cGGur5kDY5v0/8yfQ/1uHdBzvrAFg0v/h8HVtv9Xdq8dwO7b0P/b9vk9PW0LsLtavP+P9qMdwO5rNf73ez8wGNb1f9N+MEDc/4fBpf/D4NL/YSAtjsbWX5JvG5R/aYe7bxWMR+y8hRGx0uX2bDuISh8q3cUg0p5XMdLbU6tnQbKzNidxOzS+oe9s4Z02PxwOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwu/g3AAD//0C6yvY=")
syz_mount_image$fuse(0x0, &(0x7f0000000080)='./bus\x00', 0x10040d0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0xc08, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

45.034140165s ago: executing program 6 (id=14422):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0xa000, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'dvmrp1\x00', 0x2})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x300)

44.35112947s ago: executing program 6 (id=14431):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000040)=ANY=[@ANYBLOB="0300000003"], 0xa)

43.767800728s ago: executing program 33 (id=14431):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000040)=ANY=[@ANYBLOB="0300000003"], 0xa)

32.951012623s ago: executing program 5 (id=14513):
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000400)='.\x00', 0x4000423)
inotify_add_watch(r0, &(0x7f0000000200)='.\x00', 0x4000423)

32.710916226s ago: executing program 5 (id=14516):
r0 = socket(0x2b, 0x80801, 0x1)
connect$l2tp6(r0, &(0x7f0000000080)={0xa, 0x0, 0x292, @ipv4={'\x00', '\xff\xff', @local}, 0x0, 0x2}, 0x20)
bind$l2tp6(r0, &(0x7f0000000040)={0xa, 0x0, 0x7fffffff, @empty, 0x3ff, 0x3}, 0x20)

32.506900368s ago: executing program 5 (id=14518):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
getsockopt$bt_hci(r0, 0x0, 0x9489f75be15f844e, 0x0, &(0x7f0000000100))

32.344559413s ago: executing program 5 (id=14519):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000580)={[{@nomblk_io_submit}, {@journal_dev={'journal_dev', 0x3d, 0x3f2}}, {@noload}]}, 0x3, 0x482, &(0x7f0000001240)="$eJzs3M9rHFUcAPDvTLJpY6qJtf5q/RGtYhFNmrZqDx5UFDxUEBTU45LEUptWaSLYEjD1UE8ignfx6L/gSS8ingSvepdCkV5sPa3Mzkyym2w22XQ3W93PB7b9vvmR974783bfzNvdAAbWZPZPErEvIn6PiPG82LzBZP7fjevLszevL88mUau99VdS3+7v68uz5ablfmONhUjiUIt6Fy9eOltdWJi/UJSnl859NL148dKzZ85VT8+fnj9/7OTJE8dnXnj+2HNdyXMs0iJ6/b2v3jj1RVP+6/Loksl2K5+s1bpcXX/d2RAP97EddGaoOF6Vev8fj6GGozcer322Wvi0Tw0EeqZWq9XGNl+9UgP+x5JoLuvyMCjKN/ry+rfVdfBLPRt99N+1l/MLoCzvG8UjXzO8esegsu76tpsmI+LdlX++yR7Rm/sQAABNfsjGP89ko53l2WzssTb+SOO+hu3uKuaGJiLi7ojYHxH3xPk4EBH3RtS3vT8iHuiw/oZJkvowc+P4J7264+S2IRv/vVjMbTWP/8rRX0wM1UsX80JUkvfPLMwfLZ6TI1HZk5Vn2tTx46u/fbnZusbxX/bI6i/HgkU7rg7vad5nrrpU3XnGza5djjg43Cr/ZHUmIImIByPiYKs/kG5dx5mnv3tos3Vb599GFyaaat9GPJUf/5VYl38paT8/Ob03FuaPTpdnxUa//Hrlzc3qX5f/3ugk/y7Ijv8dLc//1fwnksb52sXO67jyx+ebXtNMVoqgg/N/pbpUHUnerscjxbJPqktLF2YiRpJTeaMblx9b27csl9tn+R853Lr/74+1Z+JQRGQn8cMR8UhEPFocu8ci4vGIONwm/59feeKD9ctGy/xv5fzvgiz/uY6O/1owEs1L0hbbZMHQ2Z++b6p0Yi0s8r/Z/vXvRD06UizZzuvfxla0Dm71+QMAAID/gjQi9kWSTq3GaTo1lX+G/0A+9Z35+Pxc/h2Biaik5Z2u8Yb7oTPFZX1evhwR+UcLyvXHI63fN/56aLRenpr9cGGur5kDY5v0/8yfQ/1uHdBzvrAFg0v/h8HVtv9Xdq8dwO7b0P/b9vk9PW0LsLtavP+P9qMdwO5rNf73ez8wGNb1f9N+MEDc/4fBpf/D4NL/YSAtjsbWX5JvG5R/aYe7bxWMR+y8hRGx0uX2bDuISh8q3cUg0p5XMdLbU6tnQbKzNidxOzS+oe9s4Z02PxwOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwu/g3AAD//0C6yvY=")
syz_mount_image$fuse(0x0, &(0x7f0000000700)='./file2\x00', 0x102a, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})

32.022330227s ago: executing program 5 (id=14520):
r0 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000400)="8907040400", 0x5)
sendmmsg$inet(r0, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x68000, 0x0)

31.087510996s ago: executing program 5 (id=14531):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x48d, 0x8595, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xf8, 0xb, "", [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x7ffd, 0x0, 0x1, {0x22, 0x1e3}}, {{{0x9, 0x5, 0x81, 0x3, 0x38d707d343173689, 0x5, 0xa, 0x70}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000040)={0x24, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x371, {0x9}}}, &(0x7f0000000080)={0xffffffffffffffeb, 0x0, 0x0, 0x0, 0x0, 0x0})

30.255653647s ago: executing program 34 (id=14531):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x48d, 0x8595, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xf8, 0xb, "", [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x7ffd, 0x0, 0x1, {0x22, 0x1e3}}, {{{0x9, 0x5, 0x81, 0x3, 0x38d707d343173689, 0x5, 0xa, 0x70}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000040)={0x24, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x371, {0x9}}}, &(0x7f0000000080)={0xffffffffffffffeb, 0x0, 0x0, 0x0, 0x0, 0x0})

4.158072281s ago: executing program 0 (id=14805):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r0, &(0x7f0000000580)=ANY=[@ANYBLOB="4600010002"], 0x8)

3.837912799s ago: executing program 0 (id=14810):
r0 = socket$inet6(0xa, 0x805, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x8402, 0x0, 0x0, 0x0, 0x0)
getsockopt$bt_hci(r0, 0x84, 0x81, &(0x7f0000000080)=""/4060, &(0x7f00000010c0)=0xfdc)

3.625106925s ago: executing program 0 (id=14814):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000002b40)={0xe, {"a2e3ad099b0d09f91b5f2f0987f70e06d038e7ff7fc6e5539b0d3d0e8b089b3f323063090810e0879b0f0a75e70a9b334d959b669a240d5b0af3988f7ef31952010afde8d178708c523c921b1b5b07070d075b0936cd3b78130daa61d8e81a3f00005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397273ce1766769f0c91c00305d3f46635eb016d5b1dda98e2d739be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b7638354a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc3609aa24b7d520c829d095083bba2987a67399eac430d145d546a40b9f6ff14ac488ec130bb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b2860d1b3cff57d8b6d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a4f0492d48604675fde2b34cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827955e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb9754fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94e7475cb74642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd72ea4998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5ff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c58b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b50517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864af090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d885b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1a85ae7e69fd1a47a284f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cef8473b53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b344340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cccf8a97406bb5a68a1f0c4549820a73c8859dde0712ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcb7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c2e14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ec00000000000000b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a52830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec685f068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000e00f96f06817fb903729a7fb6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x942}}, 0x1006)

2.982857461s ago: executing program 3 (id=14823):
setreuid(0x0, 0xee01)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x3000002, 0x6031, 0xffffffffffffffff, 0x0)
mincore(&(0x7f0000cbe000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/106)

2.94139461s ago: executing program 0 (id=14825):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @tproxy={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_TPROXY_REG_PORT={0x8, 0x3, 0x1, 0x0, 0x11}, @NFTA_TPROXY_FAMILY={0x8, 0x1, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x7c}}, 0x40880)

2.704455308s ago: executing program 4 (id=14828):
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
open$dir(&(0x7f0000000180)='./file0\x00', 0x7e, 0x0)
open(&(0x7f00000000c0)='./file0\x00', 0x1c7100, 0x0)

2.598278687s ago: executing program 0 (id=14829):
r0 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f00000001c0)={0x3, {{0xa, 0x4e24, 0x2, @mcast1, 0xff7ffffd}}, {{0xa, 0x4e08, 0x4a3, @local, 0x4f1}}}, 0x108)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000001a00)=ANY=[@ANYBLOB="03000000000000000a004e2300000010ff010000000000000000000000000001f8ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b0000000a004e2000000008fe8000000000000000000000000000aa05000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000010000000c0000000000000000000000000000000104000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ad94e2100000073fe8000000000000000000000000000aa0900"], 0x610)

2.469694847s ago: executing program 4 (id=14832):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000200)={[{@dioread_nolock}, {@data_err_abort}, {@inlinecrypt}, {@noauto_da_alloc}, {@data_err_ignore}, {@nojournal_checksum}, {@errors_remount}, {@grpquota}, {@noblock_validity}, {@user_xattr}, {@noauto_da_alloc}, {@errors_remount}]}, 0x11, 0x553, &(0x7f0000000440)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x22)
lseek(r0, 0x101, 0x4)

2.294167792s ago: executing program 0 (id=14834):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000001380)='./file1\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="636865636b706f696e743d64697361626c652c6261636b67726f756e645f67633d73796e632c61636c2c616c6c6f635f6d6f64653d72657573652c696e6c696e655f78617474722c6e6f666c7573685f6d657267652c6d6f64653d6c66732c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c6167655f657874656e745f63616368652c646973636172642c6e6f696e6c696e655f64656e7472792c008bfb3c1e4b1b12ae77c937da8858"], 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = open(&(0x7f0000000200)='./file1\x00', 0x4a07e, 0xdc)
fallocate(r0, 0x0, 0x0, 0x8800000)

1.844588885s ago: executing program 4 (id=14839):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r0, 0x6, 0x24, &(0x7f0000000000)=0x1, 0x4)
recvmmsg(r0, &(0x7f0000001140)=[{{0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x64}, 0xffffffff}, {{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000000c0)=""/177, 0xb1}, {&(0x7f0000000200)=""/165, 0xa5}, {&(0x7f00000002c0)=""/175, 0xaf}, {&(0x7f0000000380)=""/157, 0x9d}, {&(0x7f0000000940)=""/205, 0xcd}, {&(0x7f00000006c0)=""/207, 0xcf}, {&(0x7f0000000040)=""/53, 0x35}, {&(0x7f00000007c0)=""/190, 0xbe}], 0x8}, 0x2}], 0x2, 0x40000101, 0x0)

1.728174972s ago: executing program 3 (id=14840):
r0 = socket$packet(0x11, 0x2, 0x300)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x2000011, r0, 0x2000)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'syz_tun\x00', &(0x7f0000002fc0)=@ethtool_coalesce={0x33, 0xfffff3db, 0x0, 0x7f11b2d5, 0x8, 0x2, 0xd2d6, 0x1, 0x6, 0x0, 0x91, 0xdfffffff, 0xb83, 0x0, 0x0, 0x8000, 0x0, 0x0, 0xffffffff, 0x0, 0x8, 0xc}})

1.675653016s ago: executing program 8 (id=14841):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x170, 0xffffffff, 0xffffffff, 0x170, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0x0, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528)
syz_emit_ethernet(0x4e, &(0x7f0000000ec0)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x18, 0x3a, 0xff, @remote, @private1={0xfc, 0x1, '\x00', 0xfe}, {[], @ndisc_na={0x88, 0x0, 0x0, 0x0, '\x00', @local}}}}}}, 0x0)

1.535062994s ago: executing program 7 (id=14842):
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0x4000, &(0x7f0000000080)={[{@gid}, {@file_umask={'file_umask', 0x3d, 0x3}}, {@part={'part', 0x3d, 0x4}}, {@iocharset={'iocharset', 0x3d, 'cp437'}}]}, 0x1, 0x344, &(0x7f0000000980)="$eJzs3U9r1EwcB/DvJLvb7LOlT2wrBU9SLXgqbT0oHrRI8eIb8CDF2m6hNFbQCloQq2cRb4Lg0Ztn0begF/ENKB4Kiie9FA9GZjLJJutMNk233db9fsDd7Gb+/CaZSWZaakBEfevi3KeXp7fkP1EF4AI4BzgAPKAC4CjGvDtr6x0LcpMtgSin+CvN4lrTlNWDzqH58lMFg+nvaG+EYRh+tu/+cl69/di/gKgnRHoEpzjAABw1EtV+b98j2xubsl39JnWGxTa2cRdDvQyHiIh6T9//HX2XGNTzd8cBJvQ8/LDf/zPzm+3exXEgJPd/J/ocCnl8/le75HpvZT1oLkVLOHn2nXiVaCrL2CdCFzW9qd4dwG2kplypWsxULE59eSVoTm6qAh7hgpZKNqpelxA3RCaFLVod0bhhbZojr+35GqoNVdmGGUv8I3k1GhfAb7/hmbm6+fcFYhLvxAcxL3w8x1Iy/6uEQh4cdXz8tqESxT9lL1G10o9SZVrZCv+IquRYfAbevGq1sm47rh5cGYuJLEW0z9/9OM6nNXsuDCP7Y4WoddP21qlcI0BF6M7VyjWTJPplzDXaXld9uRo0JxdvBrZO313GFZ14Iq6IcXzHa8yl5v+OTD0B+8jMjHKhUuqekdueikppOY8ZagDfKD4yq4VT/usuGU90m6/Zj49xHWcxdPvexupCEDRv9X4jHiolsx/vcjxRR9TdUX4j31Np4MkN2Qm7VunvMAyNuyooWI4cpKXDiAbUmRetJm+sLgh9zdtdA+WVs23XrD0xgFkA+pv4ilCm9gdJrgFdoF8w+095ttU35g4ZR7UPAySuKrPLxUChkVIvUenl+6sLQemrER0irZOOsavJBFnijwb7hJx3iWj9l1qvTKmrjnzxc9Y/YafCUyVOW1ZAw+r1v2QFp3RYczXsK7hGvNFhzXXiFHCylq3RQVzjw/ZifR0nDuJvJXf+qwwxh4+4xkFORERERERERERERERERERERERERHTY7PSvEcr8OUG2xq0+/I83iIiIiIiIiIiIiIiIiIiIiIiIiIiIiIh2p/X83+T5LjXT83/zntSkuNETYrxuPP/XLfD8X7FZrIFEZPUnAAD//2/CX5Q=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000001280)=""/4089, 0xff9)

1.481437965s ago: executing program 2 (id=14843):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="380000001a00010026bd7000000100000280"], 0x38}, 0x1, 0x0, 0x0, 0x20040050}, 0x0)

1.387083631s ago: executing program 3 (id=14844):
r0 = syz_open_procfs(0x0, &(0x7f0000000200)='task\x00')
lseek(r0, 0x1, 0x1)
getdents64(r0, 0xffffffffffffffff, 0x43)

1.305492658s ago: executing program 4 (id=14845):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000002c0), 0x42000, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSNPMODE(r0, 0x4008744b, &(0x7f0000000000)={0x21, 0x1})

1.26891839s ago: executing program 8 (id=14846):
r0 = socket$inet6(0xa, 0x80001, 0x0)
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x2008802, &(0x7f0000000800)={[{@errors_remount}, {@errors_continue}, {@errors_remount}, {@allow_utime={'allow_utime', 0x3d, 0xc23f}}, {@discard}, {@dmask={'dmask', 0x3d, 0x3}}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@utf8}, {@discard}, {@errors_continue}, {@uid={'uid', 0x3d, 0xee00}}, {@keep_last_dots}, {@errors_continue}], [{@mask={'mask', 0x3d, '^MAY_APPEND'}}, {@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@smackfsdef={'smackfsdef', 0x3d, 'g\xe2\x9fN\x93\x86\x0f\x1e\xceK\xb1?\x8e\x92\xc6!-+\x04\n\xf2\xfe|\xce\x0e\xcc@g\x03\xa4\xee\xc6</\x8c*\xf8\xad\xbb\x81_uP\xef\xf6%\x1d\xbd\xf8}1\x99\xf7\xe4\xbc\xbcW\x01\x9f\xd3\xe3Jy\x8f\xba\xdd\x1b\xefD\xeeN\x97\xbe\xeb\'\xd8\x16\xf3\xa8\x0eh3M\xbd\xfc\x9c\x8b(\x0e#\x9b}7\xc9N\xe8\xc8e0o\xd0_\x16\xa9i\xd2\t\xee\x1d\x18&\x8d$\x83\x1a\xe3Y\xb9\xc6H\x8b0$\x1d?\xf08\xb8\nh\x98U\xb3\b\x81;[5\xd3\xc5\xc3\x7fT\x8b\xbdSF\xf7\x1c\xbc\x0f[>SO\xac\r&}\x1d8$T\x83v\x1c\xfc'}}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}, {@smackfsroot={'smackfsroot', 0x3d, '.!-\x8f,+'}}, {@smackfsroot={'smackfsroot', 0x3d, 'dmask'}}, {@obj_type={'obj_type', 0x3d, '\xf1!$!]):\'$'}}, {@obj_role={'obj_role', 0x3d, '/dev/iommu\x00'}}]}, 0x1, 0x152f, &(0x7f00000037c0)="$eJzs3AucTVX7OPDnWWvtMSSdJrkMa61nc5LLIklySZJLkiRJkltC0iSvJCSG3JKGJCSXIbkMIblMTBr3+/2SkCRNkoTklqz/Z8r81Vvv/33f39svv/9vnu/nsz+znrP2s/ba85yzz977nJlvug6r1aR29UZEBP8R/OVHIgDEAsAgALgGAAIAKB9XPi6zP6fExP9sI+zP9VDKlZ4Bu5K4/tkb1z974/pnb1z/7I3rn71x/bM3rn/2xvVnLDvbMqPgtbxk34Xv/2dn/P7/v0hG6XFfrCt9fTeAmH81hev//z/8D3K5/v9rBf/KSlz/7I3rn13FXukJsP8B+PWfHeT4hz1c/+yN689Ydvbre8GxcOXvR//VC0Sy92cgV/r5xxhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGMsezjrL1MAkNW+0vNijDHGGGOMMcbYn8fnuNIzYIwxxhhjjDHG2H8/BAESFAQQAzkgFnJCLhAAMVn910IcXAd54XrIB/mhABSEeCgEhUGDAQsEIRSBohCFG6AY3AjFoQSUhFLgoDSUgZugLNwM5eAWKA+3QgW4DSpCJagMVeB2qAp3QDW4E6rDXVADakItqA13Qx24B+rCvVAP7oP6cD80gAegITwIjeAhaAwPQxN4BJrCo9AMmkMLaAmt/kv5L0BPeBF6QW9IhD7QF16CftAfBsBAGAQvw2B4BYbAq5AEQ2EYvAbD4XUYAW/ASBgFo+FNGANvwVgYB+NhAiTDRJgEb8NkeAemwFSYBtMhBWbATHgXZsFsmAPvwVx4H+bBfFgACyEVPoBFsBjS4ENYAh9BOiyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBR/DbvgE9sBe2Aefwn747N/MP/N3+d0QEFCgQIUKYzAGYzEWc2EuzI25MQ/mwQhGMA7jMC/mxXyYDwtgAYzHeCyMhdGgQULCIlgEoxjFYlgMi2NxLIkl0aHDMlgGy+LNWA7LYXksjxWwAlbESlgJq2AVrIpVsRpWw+pYHWtgDayFtfBuvBv7YF2si/WwHtbH+lm3p7ARNsLG2BibYBNsik2xGTbDFtgCW2ErbI2tsQ22wXbYDttje+yAHTABE7AjdsRO2Ak7Y2fsgl2wK3bFbtgdu2e8kAPwRXwRe2MN0Qf7Yl/sh0k5BuBAHIgv42B8BV/BVzEJh+IwfA1fw9dxBJ7GkTgKR+NorCrewrE4DklMwGRMxkk4CSfjZJyCU3EqTscUnIEzcSbOwtk4G9/Dufg+vo/zcT4uxFRMxUW4GNMwDZfgGUzHpbgMl+MKXIkrcDWuwdW4DtfjOtyIG3EzbsatuBW343bciTvxY1QA+Anuxb2YhPtxPx7AA3gQD+IhPIQZmIGH8TAewSN4FI/iMTyGx/EEnsQTeApP4Wk8g2fxLJ7H83gBn4v/qvHHJdYmgcikhBIxIkbEiliRS+QSuUVukUfkEREREXEiTuQVeUU+kU8UEAVEvIgXhUVhYYQRJMLMI4WIiqgoJoqJ4qK4KClKCiecKCPKiLKirCgnyony4lZRQdwmKopKoq2rIqqIqqKdqybuFNVFdVFD1BS1RG1RW9QRdURdUVfUE/VEfVFfNBAPiIaiDw7Ah0RmZZqIodhUDMNmormQl45QrcUIbCPainbiCTEKR2IH0doliKdFRzEWO4m/iXH4rOgiJmBX8bzoJrqLHuIF0VO0cb1EbzEF+4i+Yjr2E/3FADFQzMKa4j2cm7OWeFUkiaFimHhNLMTXxQjxhhgpRonR4k0xRrwlxopxYryYIJLFRDFJvC0mi3fEFDFVTBPTRYqYIWaKd8UsMVvMEe+JueJ9MU/MFwvEQpEqPhCLxGKRJj4US8RHIl0sFcvEcrFCrBSrxGqxRqwV68R6sUFsFJvEZrFFbBXbxHaxQ+wUu8THYrf4ROwRe8U+8anYLz4TB8Tn4qD4QhwSX4oM8ZU4LL4WR8Q34qj4VhwT34nj4oQ4Kb4Xp8QP4rQ4I86Kc+K8+FFcED+Ji8ILkCiFlFLJQMbIHDJW5pS55FUytwyyjv8yTl4n88rrZT6ZXxaQBWW8LCQLSy2NtJJkKIvIojIqb5DF5I2yuCwhS8pS0snSsoy8SZaVN8ty8hZZXt4qK8jbZEVZSVaWVeTtsqq8Q0Lkl23UkDVlLVlb3i0T4R5ZV94r68n7ZH15v2wgH5AN5YOykXxINpYPyybyEdlUPiqbyeayhWwpW8nHZGv5uGwj28p28gnZXj4pO8inZIJ8WnaU/tJT5FnZRT4nu8rnZTfZXfaQP8mL0stesreEPiD7ypdkP9lfDpAD5SD5shwsX5FD5KsySQ6Vw+Rrcrh8XY6Qb8iRcpQcLd+UY+RbcqwcJ8fLCTJZTpST5NtysnxHTpFT5TQ5XabIGXLApZHmSPlP89/+g/whP299s9wit8ptcrvcIXfKXfJjuVvulnvkHrlP7pP75X55QB6QB+VBeUgekhkyQx6Wh+UReUQelUflMXlMHpcn5Dn5vTwlf5Cn5Rl5Rp6T5+V5eeHS7wAUKqGkUipQMSqHilU5VS51lcqtrlZ51DUqoq5Vceo6lVddr/Kp/KqAKqjiVSFVWGlllFWkQlVEFVVRdQNeesKokqqUcqq0KqNu+nfyVTF1oyquSvwmP2t+if9gfq1UK9VatVZtVBvVTrVT7VV71UF1UAkqQXVUHVUn1Ul1Vp1VF9VFdVVdVTfVTfVQPVRP1VP1Ur1UokpUfdVLqp/qrwaogWqQellk7sMQNUQlqSQ1TA1Tw9VwNUKNUCPVSDVajVZj1Bg1Vo1V49V4layS1SQ1SU1Wk9UUNUVNU9NUikpRM9VMNUvNUnPUHDVXzVXz1Dy1QC1QqSpVLVKLVJpKU0vUEpWulqqlarlarlaqlWq1Wq3WqrVqvVqvNqqNKl1tUVvUNrVN7VA71C61S+1Wu9UetUftU/vUfrVfHVAH1EF1UB1Sh1SGylCH1WF1RB1RR9VRdUwdU8fVcXVSnVSn1Cl1Wp1WZ9VZdV6dVxfUBXVRXcw87QtEIAIVqCAmiAlig9ggV5AryB3kDvIEeYJIEAnigrggb3B9kC/IHxQICgbxQaGgcKADE9hAXCp6NLghKBbcGBQPSgQlg1KBC0oHZYKbgrLBzUG54JagfHBrUCG4LagYVAoqB1WC24OqwR1BteDOoHpwV1AjqBnUCmoHdwd1gnuCusG9Qb3gvqB+cH/QIHggaBg8GDQKHgoaBw8HTYJHgqbBo0GzoHnQImgZtPpTx/f+dP7HXS/dWyfqPrqvfkn30/31AD1QD9Iv68H6FT1Ev6qT9FA9TL+mh+vX9Qj9hh6pR+nR+k09Rr+lx+pxeryeoJP1RD1Jv60n63f0FD1VT9PTdYqeoWfqd/UsPVvP0e/pufp9PU/P1wv0Qp2qP9CL9GKdpj/US/RHOl0v1cv0cr1Cr9Sr9Gq9Rq/V6/R6vUFv1Jv0Zr1Fb9Xb9Ha9Q+/Uu/THerf+RO/Re/U+/anerz/TB/Tn+qD+Qh/SX+oM/ZU+rL/WR/Q3+qj+Vh/T3+nj+oQ+qb/Xp/QP+rQ+o8/qc/q8/lFf0D/pi9pnntxnvr0bZZSJMTEm1sSaXCaXyW1ymzwmj4mYiIkzcSavyWvymXymgClg4k28KWwKm0xkyBQxRUzURE0xU8wUN8VNSVPSOONMGVPGlDVlTTlTzpQ35U0FU8FUNBVNZVPZ3G5uN3eYO8yd5k5zl7nL1DQ1TW1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MU9PUNDPNTAvTwrQyrUxr09q0MW1MO9POtDftTQfTwSSYBNPRdDSdTCfT2XQ2XUwX09V0Nd1MN9PD9DA9TU/Ty/QyiSbR9DV9TT/TzwwwA8wgM8gMNoPNEDPEJJkkM8wMM8PNcDPCjDAjzSgzOvNE1bxlxppxZryZYJJNsplkJpnJZrKZYqaYaWaaSTEpZqaZaWaZWWaOmWPmmrlmnplnFpgFJtWkmkVmkUkzaWaJWWLSTbpZZpaZFWaFWWVWmTVmjVln1pkNsMFsMpvMFrPFbDPbzA6zw+wyu8xus9vsMXvMPrPP7Df7zQFzwBw0B80hc8hkmAxz2Bw2R8wRc9QcNcfMMXPcHDcnzUlzypwyp81pc9acNedN/kvvl97E2pw2l73K5rZX2zz2Gvv3cQFb0MbbQraw1Tafzf+b2Fhri9sStqQtZZ0tbcvYm34XV7SVbGVbxd5uq9o7bLXfxXXsPbauvdfWs/fZ2vbu38T17f22gX3ENkQEsM1tY9vSNrGP2Kb2UdvMNrctbEvb3j5pO9inbIJ92na0z/wuXmQX2zV2rV1n19s9dq89a8/ZI/Ybe97+aHvZ3naQfdkOtq/YIfZVm2SH/i4ebd+0Y+xbdqwdZ8fbCb+Lp9npNsXOsDPtu3aWnf27ONV+YOfaNDvPzrcL7MKf48w5pdkP7RL7kU23ASyzy+0Ku9Kusqv/71yX2412k91sd9tP7Da73e6wO+2urBNhu9fus5/a/fYze9h+bQ/aL+whe9Rm2K9+jjP376j91h6z39nj9oQ9ab+3p+wPKis7c9+/tz/Zi9ZbICQgSYoCiqEcFEs5KRddRbnpaspD11CErqU4uo7y0vWUj/JTASpI8VSICpMmQ5aIQipCRSlKN1DW9EpSKXJUmsrQTVSWbqZydAuVp1upAt1GFakSVaYqdDtVpTuoGt1J1ekuqkE1qRbVprupDt1Ddeleqkf3UX26nxrQA9SQHqRG9BA1poepCT1CTelRakbNqQW1pFb0GLWmx6kNtaV29AS1pyepAz1FCfQ0daRnqBP9jTrTs9SFnqOu9Dx1o+7Ug16gnvQi9aLelEh9qC+9RP2oPw2ggTSIXqbB9AoNoVcpiYbSMHqNhtPrNILeoJE0ikbTmzSG3qKxNI7G0wRKpok0id6myfQOTaGpNI2mUwrNoJn0Ls2i2TSH3qO59D7No/m0gBZSKn1Ai2gxpdGHtIQ+onRaSstoOa2glbSKVtMaWkvraD1toI20iTbTFtpK22g77aCdtIs+pt30Ce2hvbSPPqX99BkdoM/pIH1Bh+hLyqCv6DB9TUfoGzpK3/re9B0dpxN0kr6nU/QDnaYzdJbO0Xn6kS7QT3SRPEGIoQhlqMIgjAlzhLFhzjBXeFWYO7w6zBNeE0bCa8O48Lowb3h9mC/MHxYIC4bxYaGwcKhDE9qQwjAsEhYNo+ENYbHwxrB4WCIsGZYKXVg6LBPeFJYNbw7LhbeE5cNbwwrhbWHFsFL4yH1VwtvDquEdYbXwzrB6eFdYI6wZ1gprh3eHdcJ7wrrhvWG98L6wXHh/2CB8IGwYPhg2Ch8KG4cPh03CR8Km4aNhs7B52CJsGbYKHwtbh4+HbcK2YbvwqrB9+GTYIXwqTAifDjuGz/zcf//irP4nftefGPYJ+4YvhS+F3t8rF0QXRlOjH0QXRRdH06IfRpdEP4qmR5dGl0WXR1dEV0ZXRVdH10TXRtdF10c3RDdGN0U3R72vnQMcOuGkUy5wMS6Hi3U5XS53lcvtrnZ53DUu4q51ce46l9dd7/K5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd4Mr5m50xV0JV9KVcs6VdmVcS9fKtXKt3eOujWvr2rkn3BPuSfeke8o95Z52Hd0zrpP7m+vsnnVd3HPuOfe86+a6ux7uBdfTTczzy2sy0fV1fV0/188NcAPcIDfIDXaD3RA3xCW5JDfMDXPD3XA3wo1wI91IN9qNdmPcGDfWjXXj3XiX7JLdJDfJTXaT3RQ3xU1z01yKS3Ez3Uw3y81yVWf/spV5bp5b4Ba4VJfqFrnMc8Y0t8Qtceku3S1zy9wKt8KtcqvcGrfGrXPr3Aa3wW1ym9wWt8Vtc9vcDrfD7XK73G632+3x1/wyqNvvDrgD7qA76A65L12G+8oddl+7I+4bd9R9646579xxd8KddN+7U+4Hd9qdcWfdOXfe/eguuJ/cReddcmRiZFLk7cjkyDuRKZGpkWmR6ZGUyIzIzMi7kVmR2ZE5kfcicyPvR+ZF5kcWRBZGUiMfRBZFFkfSIh9GlkQ+iqRHlkaWRZZHVkRWRrwvtC30RXxRH/U3+GL+Rl/cl/AlfSnvfGlfxt/ky/qbfTl/iy/vb/UV/G2+oq/kK/tHfTPf3LfwLX0r/5hv7R/3bXxb384/4dv7J30H/5RP8E/7jv4Z38n/zXf2z/ou/jnf1T/vu/nuvod/wff0L/pevrdP9H18X/+S7+f7+wF+oB/kX/aD/St+iH/VJ/mhfph/zQ/3r/sR/g0/0o/yo2Pe9GOyLpFhgk/2E/0k/7af7N/xU/xUP81P9yl+hp/p3/Wz/Gw/x7/n5/r3/Tw/3y/wC32q/8Av8ot9mv/QL/Ef+XS/NOumsV/lV/s1fq1f59f7DX6j3+Q3+y1+q9/mt/sdfqff5T/2u/0nfo/f6/f5T/1+/5k/4D/3B/0X/pD/0mf4r/xh/7U/4r/xR/23/pj/zh/3J/xJ/70/5X/wp/0Zf9af8+f9j/6C/8lf5L9ZY4wxxhj7l0y83BS/7fnldn6fP8gRv1q5LwBcvb1gxq/7M88oN+T7pd1fxLePAMDTvbs+lLXUqJGYmHhp3XQJQdH5AFmfBGX6+asHl+Kl0A6ehARoC2X/cP79Rffz9E/Gj94KkOtXObFwOb48/ucAmPgH4z/2xOhFFcKzcf+P8ecDFC96OScnXI6XQruf76+0hXL/YP75W/+T+ef8Ihmgza9ycsPl+PL8y8Dj8Awk/GZNxhhjjDHGGGPsF/1F5c5Z159Z3/j8o+vzeHU5Jwdcjv/Z9TljjDHGGGOMMcauvGe793jqsYSEtp3//Ua1/1LWv9xoCv9dI3PjDxveA2Q9ogDgPxwQILMh/8q92PqXbCvp0kvn77tWnPMB/M8o5Z/RuMIHJsYYY4wxxtif7vJJ/28fV1dqQowxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWDb0V/w7sSu9j4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxtiV9n8CAAD//7wUAB0=")
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f00000007c0)=ANY=[], 0x90)

1.230511504s ago: executing program 2 (id=14847):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x1f, 0x11, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000ffffffff00000000000000008500000050000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000000000000850000009400000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

1.186274804s ago: executing program 7 (id=14848):
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
r0 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000080))
ioctl$PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f0000000480)={0x60, 0x0, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x7, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x1})

1.07875597s ago: executing program 3 (id=14849):
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x0, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000180)={0x43, 0x2, 0x3}, 0x10)

1.003426532s ago: executing program 7 (id=14850):
r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x1, 0x0)
write$proc_mixer(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="494d495820274d617374657220436170747572652c651fab30303030303030303030303030"], 0x2b)
close(r0)

965.765252ms ago: executing program 2 (id=14851):
r0 = syz_io_uring_setup(0x186, &(0x7f0000000680)={0x0, 0x323a, 0x10000, 0x2, 0x400000}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f00000004c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_RECVMSG={0xa, 0x2, 0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2000, 0x1, {0x2}})
io_uring_enter(r0, 0x2def, 0x0, 0x0, 0x0, 0x0)

792.238557ms ago: executing program 3 (id=14852):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=@getchain={0x24, 0x66, 0xfcd66a900070b359, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r1, {0xa, 0x8}, {0xe}, {0xc, 0x1}}}, 0x24}}, 0x45020)

791.439145ms ago: executing program 4 (id=14853):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x400, &(0x7f0000000180), 0x2, 0x786, &(0x7f0000000f80)="$eJzs3c9rHGUfAPDvbLNJ37Tv27zwwms9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQkCLCF4EFQ+CXnq2Wm9e/XHVP8C7B2mpmhYjHiQym9102+ymmzSbbdnPByZ5npnZfOc7z8w8T3aG3QD61mj6IxNxOCI+SCIO1ecnEZGtlQYiTq6vt7qyXEinJNbWXvstqa1ze2W5EE2vSR2oVx6LiO/ejTiS2Ry3srg0ky+VivP1+nh19sJ4ZXHp6PnZ/HRxujh3fGJy8tiJZ08c371c//hx6eCND19+6suTf73z/2vvf5/EyThYX9acx24ZjdH6Psmmu/AuL8Vbux2up5JebwA7kp6a+9bP8jicpOWBXm8SANBl6Sh0DQDoM4n+HwD6TON9gNsry4XG1Nt3JPbWzRcjYv96/o37m+tLBur37PbX7oMO307uujOSRMTILsQfjYjPvn7jajpFl+5DArTy9uWIODsyuvn6n2x6ZmG7nu5gndF76hvxf8o+YHTgfr5Jxz/PtRr/ZTbGP9Fi/DPU4tzdibbn/4bM9V0I01Y6/nuh6dm21ab860b21Wv/ro35ssm586Viem37T0SMRXYorU9sEWPs1t+32i1rHv/9/tGbn6fx09931shcHxi6+zVT+Wr+QXJudvNyxOMDrfJPNto/aTP+Pd1hjFeef+/TdsvS/NN8G9Pm/Ltr7UrEky3b/84TbcmWzyeO1w6H8cZB0cJXP38y3C5+c/un0+rK8loScXX3M20tbf/hrfMfSZqf16xsP8YPVw59225Zi/wLjf+F1rU+/geT12vlwfq8S/lqdX4iYjB5dfP8Y3de26g31k/zH3ui9fm/1fGfjk7Odpj/wI1fv9h5/t2V5j+1rfbffuHa6sy+dvE7a//JWmmsPqeT61+nG/gg+w4AAAAAAAAAAAAAAAAAAAAAAAAAOpWJiIORZHIb5Uwml1v/Du//xXCmVK5Uj5wrL8xNRe27skcim2l81OWhps9Dnah/Hn6jfuye+jMR8d+I+HjoX7V6rlAuTfU6eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACoO9Dm+/9Tvwz1eusAgK7Z3+sNAAD2nP4fAPqP/h8A+o/+HwD6j/4fAPqP/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAuO33qVDqt/bmyXEjrUxcXF2bKF49OFSszudmFQq5Qnr+Qmy6Xp0vFXKE8e7+/VyqXL0zG3MKl8WqxUh2vLC6dmS0vzFXPnJ/NTxfPFLN7khUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbE9lcWkmXyoV5xUegcJAvdUelu3ZUSHTSGKvgg52K4uHYGd2r9DDixIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI+SfAAAA///WoyFe")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)

750.907696ms ago: executing program 7 (id=14854):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x400448ca, 0x0)
bind$bt_hci(r0, &(0x7f0000000000), 0x6)

728.542261ms ago: executing program 8 (id=14855):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a40)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f00000001c0)=@framed={{}, [@printk={@s, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x9}}, @snprintf={{}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x6a}}]}, &(0x7f0000000600)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r1}, 0xc)

692.503215ms ago: executing program 2 (id=14856):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000840), r0)
sendmsg$IEEE802154_LLSEC_GETPARAMS(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000040)={0x30, r1, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0xc080}, 0x4)

560.249675ms ago: executing program 7 (id=14857):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x2, "fa02c80a3a1e38dd031dd7504fe580963900"})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000400)={0x2, "5660359c3245d1c42b17afad7d48ed5100000000000000010000000000000008"})

536.261121ms ago: executing program 3 (id=14858):
r0 = syz_usbip_server_init(0x1)
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100006325a640402000207265970000010902240001000000000904"], 0x0)
write$usbip_server(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="0000000300000001"], 0x35)

398.872247ms ago: executing program 8 (id=14859):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000015c0)={0x40, r1, 0x1, 0xffffff80, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0x1c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5, 0x3, 0x80}, {0x5, 0x3, 0x5}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}]}, 0x40}}, 0x0)

398.669287ms ago: executing program 2 (id=14860):
r0 = memfd_create(&(0x7f0000000240)='prodM\xb0\xea\a\x06\xbe\xaen/\xce4C\x80\x00\x00\x00\x00\x00\xa9t\xa24>X@\rq@\xf2\xe9[\x05N\xb1\x84\xea\x91^%A\xf5\x9e\x13TdT\xc6^p\xcc#P\x04\x06\xae\xeb\x7f;Y\xeb\x8f\xec\xb4\xf9\x17\xb7\x04\xc2\xc0\xc6\xb4\v\xff\xfc\x88\x90\xabC\a`\xf0\xc728\xfc\xfc\x1c1?\x86\xac\xd4\f\x00\x00\x00\x00\x00\x80\f\xed{u[\xbd\x9d^\xffj\xa0\x14\xb7\xb6\x8b\x1d*1\xe8\xb0\x00\x00\x00\x00\x00\x00\t\x00\x003F\xf1 \x17-\x964C?]\xdfe;\xc0w\xad\xef\xa3r\x8c\xb4Y\xcf\x80\x85\xd6\x036\xc8~\xa8\x8c\xcd\b\xb5U\xec\x85\x9b\xe4Q>\xed\xdf\xdf\a\xd0lg\x13\r\x8c:s3\xd7s\xef\xb3\x9f#\x15$\x97I\xf0LC\xfc\xe7\xdf\x86\x9d\xd3[i\x1b|{4)\xd8\xa2\xb8\x8f\xa2\x84_k\xe5\xf0\x05a2)\x8d\xec\xf0(!\xf0\xb5<k\xa8\x88\x01\x7fw9j\xdcy<nG3\x94\x99\xb8\x89\x9b\x8f\xd5\xe6\x02\xb5C\xad\"x\xf4>-e+><\xc8X\xdaNz,u\x8f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf5\x1a5\x8c\xa6\xfbq\xa9\x87\x9f\xe1\xfa\xb5\x92\xb1\x00\x00\x00\x00\xd6\xce\xab\x1d%\xb0\xaa\xed\x10\xe9Z\"\x7f\xb2\xde\x00\x00\x00\x00\x00y\xd8\xdf\xc8R\x8b0Bs\x95N\xfa\x02\xe9\xf6\xa20\f1L\v\xdf8W{P\xab\x82\x84\xf0w\x9c\t\xf8\x85\x98S)M*\x88\xf8\xbaC\xa2\xf8\xc3\xe0\xb2)\xf8\x9da%\xd7\x8c\x03\xa9\xb6\x15\x8c\xdd\xaf\xeb\xfa\x1bV\x1c\fJ\xe6n\x19\x94\xea\xb7\xcc\x12q\x06\xbab\xda\xfa\xf7\xe4\x85U:\x1e\xeaC\x9b\xa5\xbb:\xe8\x04\xd9\xb2|\x85\a\x93\xa1a\r\xf0R\x8f\xac\xbc]\xc6\x1a\x86RK\xb3\x95\xbaz\xb7I\a\xd6j,pI\xb07\xc4\x82G\xd2u\x8a\xfc\x10\xffs5\xfd\x99\xdc\x9e\xdf\x86\x11~0+\xa7\x11\x13\xbb5\xc8\x8aW\xfd{\xe1QN\xef\xce~k7\xd9\x02\xac#n\xc3\xdd\x9a\xdaeJ7\x9f5\xae4\x9aoJ\xdcZf\xd4\x7f<v\x8d2\xb0\n\xf6\x88\xa8\xf7\x98\x8a33q\xfcI%\x888\b\xd0\xc5\xd5; Y\xc4\xb4\x93\x8f\x12\xa7m $5FL>\x01}\'\x1f\x8e\xee_Q\xb4\xad@\x1a(>\x88\xd2F\x14r\x8c\x1aq@n6~1WP\xc8\xb5\x82\x02*\xcf\x95I\xc01\"\x8c_\x8d\xcb-X\x1f:bOmgTC\xe16\xef\xed\x87\xe42\b\xe5)\x99\x1dt\x17\x8d\xdc\xc2\aL\xb9\x90\xdc~\xf4\x12eXR\x89\x14E\x06\xeb<\x1b-\x955\xb4U\xceN\xf4\xb4l\xd5\xd0\xbfc\xa0\xb4{\xa9\\JL@tW\xa8\xf5\x8b\x9a\x9cF\xf5\xe0\xf4\xeeR#\x16r\x80\x91]c\x99\xd0o\x81b.\x82\xcf4\x01j\xe8\xaf[\xc1\b\xc5@n\x8a(qC\x16\x9e\xf8\x11l\xdbLM\xf9\xb7\xd1\xd5\xa1^\xcb=X\xe56\xc4FW\x0f\xe3\xe0\xa0\xb5JBE\xb5F(\t\xd8\x87\xf7\x92id\x8b\xcf\x846Z\x00\x80\x94\x999\xc2\xc7_\xb0\x02\xcb\xa2k\nB\x8a\'s95\x93Z\xf0\xf1\x9d\n\xf1$N\x03\f\x04Z\xfeX6\xf1\xe0\x95\x80(AV\x91\xd8\xa3\xc4?\xebhh|\xe0\xad2#\xcdF\xd8\x89akF\x05\xb5r6Ueh\x03\x82\x91@\xba\x84\xf5\x84\xaa\x1fZ\x11\n\xb9Y\xba;\xf27\xb9\xd3e1\xe5\xf9\xb3\xeb\x82V\x12\xebO\x02\x81\xd0\xfc1\xf5\x9c|\xfc\x1e_\x00\xa7\x89\x9e\xbe@\xcd\a\x82\xa8`\xa4e\xb7\xb8d\xb45>\xd5o\x1a[d\x04t\xb9\xc2Q T]j~\xa5\x12Lo\xfbP\x1fH*\xe5\a|\x1c/\xc3\x84\x01.F6\xba+\x90/\xc5\xc7\x95Tu\xacH\xbd\xb8\xe9\x04\xe6\xaf\xe7\xa6\x10\xb6\xde', 0x7)
fcntl$addseals(r0, 0x409, 0x8)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1000003, 0x11, r0, 0x0)

233.78295ms ago: executing program 7 (id=14861):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='setgroups\x00')
exit(0xf)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')

201.343566ms ago: executing program 8 (id=14862):
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x183601)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0x541b, 0x0)

121.854546ms ago: executing program 2 (id=14863):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(r0, 0x6, 0x1f, &(0x7f0000000600)="bb", 0x1)
setsockopt$inet6_int(r0, 0x29, 0x43, &(0x7f0000000240)=0x1, 0x4)

56.122065ms ago: executing program 8 (id=14864):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x10, {{@in=@multicast1=0xe0000002, @in=@rand_addr=0x64010102, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x80, 0x6}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffb}, {}, 0x0, 0x6e6bb8, 0x0, 0x0, 0x0, 0x1}}, 0xb8}, 0x1, 0x0, 0x0, 0x4008011}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in=@rand_addr=0x64010102, 0x0, 0x0, 0x0, 0x0, 0xa, 0x10}, {0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, 0x0, 0x6e6bb5}}, 0xb8}}, 0x0)

0s ago: executing program 4 (id=14865):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r0, &(0x7f0000000280), &(0x7f0000000000)=""/3, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r0, &(0x7f0000000140), &(0x7f0000000000)=""/6, 0x2}, 0x20)

kernel console output (not intermixed with test programs):

336:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23134 comm="syz.0.14001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f678f99c799 code=0x7ffc0000
[ 1204.434080][T23085] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.13992 (23085)
[ 1204.501991][   T30] audit: type=1326 audit(2000000105.336:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23134 comm="syz.0.14001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f678f99c799 code=0x7ffc0000
[ 1204.553920][T23085] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1204.587689][T23085] BTRFS info (device loop3): using sha256 checksum algorithm
[ 1204.623490][   T30] audit: type=1326 audit(2000000105.336:879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23134 comm="syz.0.14001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f678f99c799 code=0x7ffc0000
[ 1204.759818][T23159] loop0: detected capacity change from 0 to 4096
[ 1204.778453][   T30] audit: type=1326 audit(2000000105.336:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23134 comm="syz.0.14001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=296 compat=0 ip=0x7f678f99c799 code=0x7ffc0000
[ 1204.888997][   T30] audit: type=1326 audit(2000000105.336:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23134 comm="syz.0.14001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f678f99c799 code=0x7ffc0000
[ 1204.894637][T23182] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1204.914257][   T30] audit: type=1326 audit(2000000105.336:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23134 comm="syz.0.14001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f678f99c799 code=0x7ffc0000
[ 1205.006545][T23190] loop4: detected capacity change from 0 to 1024
[ 1205.023701][T23085] BTRFS info (device loop3): enabling ssd optimizations
[ 1205.033726][T23190] hfsplus: b-tree write err: -5, ino 2
[ 1205.056725][T23085] BTRFS info (device loop3): turning on async discard
[ 1205.078808][T23186] netlink: 128 bytes leftover after parsing attributes in process `syz.6.14015'.
[ 1205.078818][T23085] BTRFS info (device loop3): enabling free space tree
[ 1205.222476][T24961] hfsplus: b-tree write err: -5, ino 25
[ 1205.253343][T24961] hfsplus: b-tree write err: -5, ino 4
[ 1205.293926][T24961] hfsplus: b-tree write err: -5, ino 2
[ 1205.300307][T24961] hfsplus: b-tree write err: -5, ino 26
[ 1205.451694][T23203] loop2: detected capacity change from 0 to 256
[ 1205.517317][T23203] exfat: Deprecated parameter 'utf8'
[ 1205.547486][T23213] loop4: detected capacity change from 0 to 256
[ 1205.601096][T23203] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x3e6496f2, utbl_chksum : 0xe619d30d)
[ 1205.665074][T23217] loop5: detected capacity change from 0 to 512
[ 1205.762267][T23213] FAT-fs (loop4): Directory bread(block 64) failed
[ 1205.768861][T23213] FAT-fs (loop4): Directory bread(block 65) failed
[ 1205.827263][T23217] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1205.847002][T23213] FAT-fs (loop4): Directory bread(block 66) failed
[ 1205.940845][T23213] FAT-fs (loop4): Directory bread(block 67) failed
[ 1205.949554][T23217] ext4 filesystem being mounted at /2314/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1206.007014][T23213] FAT-fs (loop4): Directory bread(block 68) failed
[ 1206.070377][T23213] FAT-fs (loop4): Directory bread(block 69) failed
[ 1206.086619][T23213] FAT-fs (loop4): Directory bread(block 70) failed
[ 1206.093174][T23213] FAT-fs (loop4): Directory bread(block 71) failed
[ 1206.142351][ T5844] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1206.153640][T23213] FAT-fs (loop4): Directory bread(block 72) failed
[ 1206.160184][T23213] FAT-fs (loop4): Directory bread(block 73) failed
[ 1206.226759][T23242] loop0: detected capacity change from 0 to 256
[ 1206.235121][ T5858] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[ 1206.277137][T23242] exfat: Deprecated parameter 'utf8'
[ 1206.331384][ T5846] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1206.346442][T23242] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d)
[ 1206.419972][ T5858] usb 7-1: Using ep0 maxpacket: 16
[ 1206.467037][ T5858] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1206.467086][ T5858] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1206.472481][ T5858] usb 7-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00
[ 1206.472519][ T5858] usb 7-1: New USB device strings: Mfr=34, Product=0, SerialNumber=0
[ 1206.472544][ T5858] usb 7-1: Manufacturer: syz
[ 1206.497097][ T5858] usb 7-1: config 0 descriptor??
[ 1206.981639][ T5858] creative-sb0540 0003:041E:3100.000B: hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.6-1/input0
[ 1207.060792][T23277] Invalid ELF header len 4
[ 1207.094854][  T833] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[ 1207.107641][T23284] loop0: detected capacity change from 0 to 512
[ 1207.141444][ T5858] usb 7-1: USB disconnect, device number 4
[ 1207.310761][T23285] fido_id[23285]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory
[ 1207.318208][T23284] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1207.339516][  T833] usb 5-1: Using ep0 maxpacket: 32
[ 1207.412978][  T833] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1207.451748][T23284] ext4 filesystem being mounted at /2294/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1207.491426][  T833] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1207.569071][  T833] usb 5-1: New USB device found, idVendor=0ac8, idProduct=c301, bcdDevice=82.d5
[ 1207.587886][T23284] EXT4-fs error (device loop0): ext4_empty_dir:3075: inode #12: comm syz.0.14035: invalid size
[ 1207.618977][  T833] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1207.638445][  T833] usb 5-1: Product: syz
[ 1207.645014][  T833] usb 5-1: Manufacturer: syz
[ 1207.654760][T23284] EXT4-fs (loop0): Remounting filesystem read-only
[ 1207.662896][  T833] usb 5-1: SerialNumber: syz
[ 1207.695873][  T833] usb 5-1: config 0 descriptor??
[ 1207.842083][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1207.869663][T24961] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[ 1207.934064][T24961] Quota error (device loop0): write_blk: dquota write failed
[ 1207.972025][  T833] usb 5-1: USB disconnect, device number 3
[ 1207.978587][T24961] Quota error (device loop0): free_dqentry: Can't write quota data block 5
[ 1209.162273][T23393] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14061'.
[ 1209.198169][T23395] loop2: detected capacity change from 0 to 1024
[ 1209.286220][T23345] loop5: detected capacity change from 0 to 32768
[ 1209.340639][T23395] hfsplus: b-tree write err: -5, ino 2
[ 1209.365663][T23403] loop4: detected capacity change from 0 to 128
[ 1209.391936][T23345] XFS (loop5): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[ 1209.487706][T24262] hfsplus: b-tree write err: -5, ino 25
[ 1209.524965][T24262] hfsplus: b-tree write err: -5, ino 4
[ 1209.558791][T23360] loop6: detected capacity change from 0 to 32768
[ 1209.565976][T24262] hfsplus: b-tree write err: -5, ino 2
[ 1209.585188][T24262] hfsplus: b-tree write err: -5, ino 26
[ 1209.639319][T23345] XFS (loop5): Ending clean mount
[ 1209.671349][T23360] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1209.861856][T23360] XFS (loop6): Ending clean mount
[ 1209.910711][T23360] XFS (loop6): Quotacheck needed: Please wait.
[ 1210.003837][ T5846] XFS (loop5): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[ 1210.107348][T23360] XFS (loop6): Quotacheck: Done.
[ 1210.340276][T20927] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1210.425140][T23455] loop2: detected capacity change from 0 to 4096
[ 1210.487105][ T5858] usb 1-1: new high-speed USB device number 125 using dummy_hcd
[ 1210.578177][T23455] NILFS error (device loop2): nilfs_bmap_lookup_at_level: broken bmap (inode number=6)
[ 1210.580682][T23467] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1210.642372][ T5858] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1210.694359][ T5858] usb 1-1: config 1 has an invalid descriptor of length 56, skipping remainder of the config
[ 1210.695183][T23455] NILFS (loop2): mounting fs with errors
[ 1210.743296][ T5858] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1210.824560][ T5858] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1210.859337][ T5858] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1210.869792][ T5858] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1210.882982][ T5858] usb 1-1: Product: syz
[ 1210.893101][ T5858] usb 1-1: Manufacturer: syz
[ 1210.925492][ T5858] cdc_wdm 1-1:1.0: skipping garbage
[ 1210.966104][ T5858] cdc_wdm 1-1:1.0: skipping garbage
[ 1210.981804][ T5858] cdc_wdm 1-1:1.0: probe with driver cdc_wdm failed with error -22
[ 1211.171953][T23450] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14072'.
[ 1211.202629][ T5858] usb 1-1: USB disconnect, device number 125
[ 1211.301130][   T30] audit: type=1326 audit(2000000112.675:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23494 comm="syz.5.14080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6efd99c799 code=0x7ffc0000
[ 1211.389767][   T30] audit: type=1326 audit(2000000112.675:884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23494 comm="syz.5.14080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6efd99c799 code=0x7ffc0000
[ 1211.416637][T23483] loop4: detected capacity change from 0 to 4096
[ 1211.457010][   T30] audit: type=1326 audit(2000000112.717:885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23494 comm="syz.5.14080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f6efd99c799 code=0x7ffc0000
[ 1211.519615][T23504] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1211.533164][T23505] netlink: 'syz.3.14081': attribute type 1 has an invalid length.
[ 1211.553038][   T30] audit: type=1326 audit(2000000112.717:886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23494 comm="syz.5.14080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6efd99c799 code=0x7ffc0000
[ 1211.625058][   T30] audit: type=1326 audit(2000000112.717:887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23494 comm="syz.5.14080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6efd99c799 code=0x7ffc0000
[ 1211.691868][T23509] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1211.784235][   T30] audit: type=1326 audit(2000000112.717:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23494 comm="syz.5.14080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=166 compat=0 ip=0x7f6efd99c799 code=0x7ffc0000
[ 1211.870794][   T30] audit: type=1326 audit(2000000112.727:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23494 comm="syz.5.14080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6efd99c799 code=0x7ffc0000
[ 1212.043999][T23522] loop5: detected capacity change from 0 to 2048
[ 1212.123209][T23522] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1212.525077][T23546] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1212.563089][T23550] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14095'.
[ 1212.597348][T23555] loop5: detected capacity change from 0 to 512
[ 1212.654300][T23555] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1212.727121][T23555] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1212.750564][T23555] EXT4-fs (loop5): 1 truncate cleaned up
[ 1212.756309][    C0] EXT4-fs (loop5): error count since last fsck: 1
[ 1212.756338][    C0] EXT4-fs (loop5): initial error at time 2000000114: ext4_mb_generate_buddy:1315
[ 1212.756375][    C0] EXT4-fs (loop5): last error at time 2000000114: ext4_mb_generate_buddy:1315
[ 1212.784794][T23555] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1212.808544][T23555] EXT4-fs error (device loop5): ext4_inlinedir_to_tree:1324: inode #12: block 7: comm syz.5.14096: path /2325/bus/file0: bad entry in directory: directory entry overrun - offset=80, inode=2147483648, rec_len=1024, size=60 fake=0
[ 1212.888288][T23568] loop2: detected capacity change from 0 to 512
[ 1212.907401][T23568] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 1212.936613][ T5846] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1212.963863][T23568] EXT4-fs (loop2): 1 truncate cleaned up
[ 1212.995063][T23568] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1213.097427][T23576] loop4: detected capacity change from 0 to 1024
[ 1213.244301][T23590] binder: 23589:23590 ioctl c0306201 200000000140 returned -14
[ 1213.261448][ T5839] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1213.876551][  T833] usb 1-1: new high-speed USB device number 126 using dummy_hcd
[ 1213.967965][T23624] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[ 1214.033830][T23624] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm syz.6.14112: bg 0: block 104: invalid block bitmap
[ 1214.038448][  T833] usb 1-1: Using ep0 maxpacket: 8
[ 1214.070509][  T833] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 1214.081997][  T833] usb 1-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 1214.091606][  T833] usb 1-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 1214.099762][  T833] usb 1-1: Product: syz
[ 1214.104097][  T833] usb 1-1: Manufacturer: syz
[ 1214.106281][T23624] loop6: lost filesystem error report for type 5 error -117
[ 1214.113575][  T833] usb 1-1: SerialNumber: syz
[ 1214.120269][T23624] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6685: Corrupt filesystem
[ 1214.125744][    C1] EXT4-fs (loop6): error count since last fsck: 1
[ 1214.125770][    C1] EXT4-fs (loop6): initial error at time 2000000115: ext4_validate_block_bitmap:432
[ 1214.125801][    C1] EXT4-fs (loop6): last error at time 2000000115: ext4_validate_block_bitmap:432
[ 1214.191714][T23624] loop6: lost filesystem error report for type 5 error -117
[ 1214.192260][T23624] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.14112: invalid indirect mapped block 1 (level 1)
[ 1214.226542][T23524] set_capacity_and_notify: 1 callbacks suppressed
[ 1214.226565][T23524] loop3: detected capacity change from 0 to 32768
[ 1214.274494][T23624] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[ 1214.279019][T23624] EXT4-fs (loop6): 1 truncate cleaned up
[ 1214.330308][  T833] usb 1-1: Handspring Visor / Palm OS: No valid connect info available
[ 1214.354100][  T833] usb 1-1: Handspring Visor / Palm OS: port 0, is for Debugger use
[ 1214.363468][  T833] usb 1-1: Handspring Visor / Palm OS: port 0, is for Generic use
[ 1214.364926][T23624] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1214.371722][  T833] usb 1-1: Handspring Visor / Palm OS: Number of ports: 2
[ 1214.489144][T23524] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1214.531581][  T833] usb 1-1: palm_os_3_probe - error -71 getting bytes available request
[ 1214.575818][  T833] visor 1-1:1.0: Handspring Visor / Palm OS converter detected
[ 1214.610416][  T833] usb 1-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[ 1214.639590][  T833] usb 1-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[ 1214.665778][  T833] usb 1-1: USB disconnect, device number 126
[ 1214.691172][  T833] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[ 1214.754876][  T833] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[ 1214.770592][T20927] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1214.786237][  T833] visor 1-1:1.0: device disconnected
[ 1214.815335][T23524] XFS (loop3): Ending clean mount
[ 1214.875196][T23524] XFS (loop3): Quotacheck needed: Please wait.
[ 1215.085703][T23524] XFS (loop3): Quotacheck: Done.
[ 1215.344024][ T5844] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1215.377924][T23711] dummy0: mtu less than device minimum
[ 1215.585028][T23717] loop6: detected capacity change from 0 to 4096
[ 1216.071734][T23743] loop2: detected capacity change from 0 to 128
[ 1216.153819][T23743] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[ 1216.210812][T23743] hpfs: filesystem error: improperly stopped
[ 1216.227746][T23743] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[ 1216.277953][T23743] hpfs: You really don't want any checks? You are crazy...
[ 1216.285325][T23743] hpfs: Code page index out of array
[ 1216.352196][T23743] hpfs: code page support is disabled
[ 1216.376172][T23743] hpfs: hpfs_map_4sectors(): unaligned read
[ 1216.389633][T23743] hpfs: hpfs_map_4sectors(): unaligned read
[ 1216.416230][T23743] hpfs: filesystem error: unable to find root dir
[ 1216.432068][T23709] loop4: detected capacity change from 0 to 32768
[ 1216.480167][T23743] hpfs: hpfs_map_4sectors(): unaligned read
[ 1216.562999][T23709] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1216.742751][T23709] XFS (loop4): Ending clean mount
[ 1216.972877][ T5840] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1217.032117][T23784] xt_hashlimit: size too large, truncated to 1048576
[ 1217.064358][T23787] netlink: 4 bytes leftover after parsing attributes in process `syz.6.14147'.
[ 1217.169937][T23793] loop5: detected capacity change from 0 to 256
[ 1217.287884][T23793] FAT-fs (loop5): Directory bread(block 64) failed
[ 1217.308894][T23793] FAT-fs (loop5): Directory bread(block 65) failed
[ 1217.372933][T23793] FAT-fs (loop5): Directory bread(block 66) failed
[ 1217.438525][T23793] FAT-fs (loop5): Directory bread(block 67) failed
[ 1217.478294][T23793] FAT-fs (loop5): Directory bread(block 68) failed
[ 1217.528167][T23793] FAT-fs (loop5): Directory bread(block 69) failed
[ 1217.544187][T23804] netlink: 'syz.3.14151': attribute type 10 has an invalid length.
[ 1217.573814][T23804] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1217.590795][T23793] FAT-fs (loop5): Directory bread(block 70) failed
[ 1217.622654][T23793] FAT-fs (loop5): Directory bread(block 71) failed
[ 1217.629321][T23793] FAT-fs (loop5): Directory bread(block 72) failed
[ 1217.652273][T23804] bond0: entered promiscuous mode
[ 1217.657444][T23804] bond_slave_0: entered promiscuous mode
[ 1217.671095][T23793] FAT-fs (loop5): Directory bread(block 73) failed
[ 1217.706540][T23804] bond_slave_1: entered promiscuous mode
[ 1217.724049][T23804] team0: Port device bond0 added
[ 1217.773811][T23811] netlink: 48 bytes leftover after parsing attributes in process `syz.4.14154'.
[ 1217.825610][T23817] sctp: [Deprecated]: syz.0.14155 (pid 23817) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1217.825610][T23817] Use struct sctp_sack_info instead
[ 1218.518182][T23850] netlink: 332 bytes leftover after parsing attributes in process `syz.5.14167'.
[ 1218.521320][T23848] loop6: detected capacity change from 0 to 512
[ 1218.543330][T23850] netlink: 'syz.5.14167': attribute type 9 has an invalid length.
[ 1218.560426][T23850] netlink: 108 bytes leftover after parsing attributes in process `syz.5.14167'.
[ 1218.600224][T23848] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 1218.606527][T23850] netlink: 32 bytes leftover after parsing attributes in process `syz.5.14167'.
[ 1218.653891][T23848] EXT4-fs (loop6): 1 truncate cleaned up
[ 1218.667661][T23848] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1218.782097][T23814] loop2: detected capacity change from 0 to 32768
[ 1218.856202][T23814] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.14156 (23814)
[ 1218.874711][T23868] tipc: Started in network mode
[ 1218.901418][T23863] loop3: detected capacity change from 0 to 4096
[ 1218.906059][T23868] tipc: Node identity 80, cluster identity 7
[ 1218.953855][T23868] tipc: Node number set to 128
[ 1218.956110][T23814] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1218.978231][T20927] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1219.020266][T23814] BTRFS info (device loop2): using sha256 checksum algorithm
[ 1219.172841][T23884] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1219.294398][T23814] BTRFS info (device loop2): enabling ssd optimizations
[ 1219.310437][T23814] BTRFS info (device loop2): turning on async discard
[ 1219.325581][T23814] BTRFS info (device loop2): enabling free space tree
[ 1219.419239][T23900] loop5: detected capacity change from 0 to 256
[ 1219.503764][T23900] exfat: Deprecated parameter 'utf8'
[ 1219.516611][T23904] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14176'.
[ 1219.534460][T23900] exfat: Deprecated parameter 'utf8'
[ 1219.563235][T23900] exfat: Deprecated parameter 'namecase'
[ 1219.584253][T23910] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14178'.
[ 1219.656657][T23900] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[ 1219.889979][T23921] netlink: 40 bytes leftover after parsing attributes in process `syz.4.14180'.
[ 1219.938594][T23923] hugetlbfs: Bad value '%' for mount option 'size'
[ 1219.938594][T23923] 
[ 1219.957913][T23927] netlink: 40 bytes leftover after parsing attributes in process `syz.4.14180'.
[ 1220.202606][ T5839] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1220.281884][T23943] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14187'.
[ 1220.636483][T23963] loop4: detected capacity change from 0 to 256
[ 1220.692514][T23963] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d)
[ 1220.801978][   T30] audit: type=1800 audit(2000000122.658:890): pid=23963 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.14194" name="file1" dev="loop4" ino=1048849 res=0 errno=0
[ 1221.165994][   T30] audit: type=1400 audit(2000000123.036:891): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=2626200D3A4BB284132960AB0EC7C873CFF3EB09BFFB78A08C1060ACEBD68C681F4EB06507909110374F83A9CA6CF1A22A152E4424641EA1201497E3A973866BE7F8659A0119BA2D92304E687C61DF4D960D941CFAB0AC10F5861C9B38D760E8B906A47E2CF457A255A8C061FE8E4C805DC7D3B0124BD25494ED2D54BE8AEF5615C6FD7C4FAC3CF7DA8F20AA026998926069FC3032289822655A10BB16E1E6C08002CC0435A6667F338D23DC07810124F374749CEB5F78713B7DAD2FE3044A243139A1B5170D5BCFDBCD8748AC706DDDCBBD0B1F20F52C143DA1E74B736AC64A66616EA3069133AC3A pid=23985 comm="syz.0.14200"
[ 1221.328250][T23991] program syz.3.14202 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1221.546303][T24007] team_slave_0: entered promiscuous mode
[ 1221.552612][T24007] team_slave_1: entered promiscuous mode
[ 1221.602556][T24007] macsec1: entered allmulticast mode
[ 1221.607909][T24007] team0: entered allmulticast mode
[ 1221.647535][T24007] team_slave_0: entered allmulticast mode
[ 1221.655474][T24007] team_slave_1: entered allmulticast mode
[ 1221.663618][T24007] team0: Device macsec1 is already an upper device of the team interface
[ 1221.703200][T24007] team0: left allmulticast mode
[ 1221.717722][T24007] team_slave_0: left allmulticast mode
[ 1221.743996][T24007] team_slave_1: left allmulticast mode
[ 1221.766402][T24007] team_slave_0: left promiscuous mode
[ 1221.772048][T24007] team_slave_1: left promiscuous mode
[ 1222.266054][T24047] netlink: 'syz.4.14216': attribute type 8 has an invalid length.
[ 1222.274478][ T5858] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[ 1222.333231][T24021] loop5: detected capacity change from 0 to 32768
[ 1222.356241][T24021] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.14210 (24021)
[ 1222.395613][T24021] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1222.430422][ T5858] usb 7-1: Using ep0 maxpacket: 8
[ 1222.437918][T24021] BTRFS info (device loop5): using sha256 checksum algorithm
[ 1222.453099][ T5858] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1222.470293][ T5858] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1222.482013][ T5858] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 8
[ 1222.498502][ T5858] usb 7-1: New USB device found, idVendor=056e, idProduct=00fe, bcdDevice= 0.00
[ 1222.508848][ T5858] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1222.538752][ T5858] usb 7-1: config 0 descriptor??
[ 1222.572779][T24021] BTRFS info (device loop5): rebuilding free space tree
[ 1222.671919][T24021] BTRFS info (device loop5): disabling free space tree
[ 1222.708138][T24021] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1222.739475][T24021] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1222.809329][T24021] BTRFS info (device loop5): setting nodatasum
[ 1222.830851][T24042] loop3: detected capacity change from 0 to 32768
[ 1222.831193][T24021] BTRFS info (device loop5): setting nodatacow
[ 1222.890311][T24042] OCFS2: ERROR (device loop3): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode 73: bits per cluster 32
[ 1222.905431][T24021] BTRFS info (device loop5): turning off barriers
[ 1222.905467][T24021] BTRFS info (device loop5): force clearing of disk cache
[ 1222.919689][T24042] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[ 1222.930193][T24042] OCFS2: File system is now read-only.
[ 1222.935941][T24042] (syz.3.14215,24042,0):ocfs2_read_locked_inode:599 ERROR: status = -30
[ 1222.944439][T24042] (syz.3.14215,24042,0):_ocfs2_get_system_file_inode:144 ERROR: status = -30
[ 1222.957069][ T5858] elecom 0003:056E:00FE.000C: unknown main item tag 0x4
[ 1222.970652][ T5858] elecom 0003:056E:00FE.000C: unknown main item tag 0x6
[ 1222.981169][T24042] (syz.3.14215,24042,0):ocfs2_init_local_system_inodes:496 ERROR: status=-30, sysfile=8, slot=0
[ 1222.992038][ T5858] elecom 0003:056E:00FE.000C: unknown main item tag 0x5
[ 1222.999337][ T5858] elecom 0003:056E:00FE.000C: unknown main item tag 0x0
[ 1223.006623][T24042] (syz.3.14215,24042,0):ocfs2_init_local_system_inodes:505 ERROR: status = -30
[ 1223.015809][ T5858] elecom 0003:056E:00FE.000C: unknown main item tag 0x0
[ 1223.027086][ T5858] elecom 0003:056E:00FE.000C: unknown main item tag 0x0
[ 1223.050293][T24042] (syz.3.14215,24042,0):ocfs2_mount_volume:1758 ERROR: status = -30
[ 1223.064176][ T5858] elecom 0003:056E:00FE.000C: unknown main item tag 0x0
[ 1223.091218][T24042] (syz.3.14215,24042,0):ocfs2_fill_super:1177 ERROR: status = -30
[ 1223.099294][ T5858] elecom 0003:056E:00FE.000C: unknown main item tag 0x0
[ 1223.137854][ T5858] elecom 0003:056E:00FE.000C: unknown main item tag 0x0
[ 1223.172947][ T5858] elecom 0003:056E:00FE.000C: unknown main item tag 0x0
[ 1223.202239][T24042] CIFS mount error: No usable UNC path provided in device string!
[ 1223.202239][T24042] 
[ 1223.240254][ T5858] elecom 0003:056E:00FE.000C: hidraw0: USB HID v0.00 Device [HID 056e:00fe] on usb-dummy_hcd.6-1/input0
[ 1223.262138][T24042] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1223.300557][ T5846] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1223.344440][ T5858] usb 7-1: USB disconnect, device number 5
[ 1223.352399][   T30] audit: type=1326 audit(2000000125.346:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24102 comm="syz.0.14223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f678f99c799 code=0x7ffc0000
[ 1223.501074][   T30] audit: type=1326 audit(2000000125.377:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24102 comm="syz.0.14223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f678f99c799 code=0x7ffc0000
[ 1223.576731][T24096] fido_id[24096]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory
[ 1223.630260][   T30] audit: type=1326 audit(2000000125.388:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24102 comm="syz.0.14223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f678f99c799 code=0x7ffc0000
[ 1223.664340][T24115] loop2: detected capacity change from 0 to 1024
[ 1223.751926][T24123] netlink: 28 bytes leftover after parsing attributes in process `syz.4.14227'.
[ 1223.772256][   T30] audit: type=1326 audit(2000000125.398:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24102 comm="syz.0.14223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f678f99c799 code=0x7ffc0000
[ 1223.897942][   T30] audit: type=1326 audit(2000000125.398:896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24102 comm="syz.0.14223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f678f99c799 code=0x7ffc0000
[ 1224.002516][T24262] hfsplus: b-tree write err: -5, ino 25
[ 1224.008774][T24262] hfsplus: b-tree write err: -5, ino 4
[ 1224.031198][T24262] hfsplus: b-tree write err: -5, ino 2
[ 1224.045788][   T30] audit: type=1326 audit(2000000125.398:897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24102 comm="syz.0.14223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f678f99c799 code=0x7ffc0000
[ 1224.077836][T24262] hfsplus: b-tree write err: -5, ino 17
[ 1224.183462][   T30] audit: type=1326 audit(2000000125.398:898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24102 comm="syz.0.14223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f678f99c799 code=0x7ffc0000
[ 1224.293245][   T30] audit: type=1326 audit(2000000125.398:899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24102 comm="syz.0.14223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f678f99c799 code=0x7ffc0000
[ 1224.332642][T24149] loop6: detected capacity change from 0 to 164
[ 1224.359467][ T5947] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[ 1224.417586][T24149] rock: directory entry would overflow storage
[ 1224.441707][T24149] rock: sig=0x66, size=4, remaining=3
[ 1224.507605][T24149] rock: directory entry would overflow storage
[ 1224.513917][T24149] rock: sig=0x66, size=4, remaining=3
[ 1224.594406][ T5947] usb 4-1: config 1 has an invalid interface number: 7 but max is 0
[ 1224.618214][ T5947] usb 4-1: config 1 has no interface number 0
[ 1224.652571][ T5947] usb 4-1: config 1 interface 7 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1224.688100][ T5947] usb 4-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0x24, changing to 0x4
[ 1224.730000][ T5947] usb 4-1: config 1 interface 7 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 608
[ 1224.778046][T24164] netlink: 'syz.0.14238': attribute type 11 has an invalid length.
[ 1224.806701][ T5947] usb 4-1: config 1 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1224.862145][ T5947] usb 4-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[ 1224.894116][ T5947] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1224.939510][ T5947] usb 4-1: Product: syz
[ 1224.943774][ T5947] usb 4-1: Manufacturer: syz
[ 1224.975669][ T5947] usb 4-1: SerialNumber: syz
[ 1225.008638][T24133] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1225.023144][T24133] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1225.039020][ T5947] usb 4-1: Expected 3 endpoints, found: 2
[ 1225.312450][ T5947] usb 4-1: USB disconnect, device number 4
[ 1225.452797][T24198] netlink: 'syz.2.14247': attribute type 29 has an invalid length.
[ 1225.490657][T24198] netlink: 'syz.2.14247': attribute type 29 has an invalid length.
[ 1225.715369][T24210] loop4: detected capacity change from 0 to 128
[ 1226.170865][T24240] use of bytesused == 0 is deprecated and will be removed in the future,
[ 1226.211710][T24240] use the actual size instead.
[ 1226.250377][T24183] loop6: detected capacity change from 0 to 32768
[ 1226.282246][T24183] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.14242 (24183)
[ 1226.419059][T24183] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1226.481518][T24183] BTRFS info (device loop6): using sha256 checksum algorithm
[ 1226.494976][T24254] loop3: detected capacity change from 0 to 2048
[ 1226.524665][T24254] EXT4-fs: Ignoring removed bh option
[ 1226.575398][T24254] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a842c028, mo2=0003]
[ 1226.599426][T24254] System zones: 0-7
[ 1226.647416][T24254] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1226.679479][T24183] BTRFS info (device loop6): enabling ssd optimizations
[ 1226.706727][T24183] BTRFS info (device loop6): turning on async discard
[ 1226.736609][T24183] BTRFS info (device loop6): enabling free space tree
[ 1226.815213][T24254] EXT4-fs error (device loop3): ext4_ext_precache:631: inode #2: comm syz.3.14260: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5)
[ 1226.908458][T24254] EXT4-fs (loop3): Remounting filesystem read-only
[ 1226.939792][T24301] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14267'.
[ 1226.958075][T24301] netlink: 12 bytes leftover after parsing attributes in process `syz.5.14267'.
[ 1227.122997][ T5844] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1227.359881][T24315] xt_hashlimit: size too large, truncated to 1048576
[ 1227.642867][T20927] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1228.142895][T24344] vivid-001: disconnect
[ 1228.194163][T24339] vivid-001: reconnect
[ 1228.608985][T24359] program syz.4.14285 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1228.701396][T24365] loop6: detected capacity change from 0 to 64
[ 1228.769932][T24365] syz.6.14277: attempt to access beyond end of device
[ 1228.769932][T24365] loop6: rw=8388608, sector=412, nr_sectors = 2 limit=64
[ 1228.857492][T24365] Trying to free block not in datazone
[ 1228.882053][T24319] loop3: detected capacity change from 0 to 32768
[ 1228.917148][T24368] syz.6.14277: attempt to access beyond end of device
[ 1228.917148][T24368] loop6: rw=8388608, sector=412, nr_sectors = 2 limit=64
[ 1228.964761][T24368] buffer_io_error: 2 callbacks suppressed
[ 1228.964783][T24368] Buffer I/O error on dev loop6, logical block 206, async page read
[ 1228.980538][T24319] jfs_lookup: dtSearch returned -5
[ 1228.985772][T24378] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[ 1229.016951][   T30] kauditd_printk_skb: 7 callbacks suppressed
[ 1229.016972][   T30] audit: type=1800 audit(2000000131.287:907): pid=24368 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.14277" name="file1" dev="loop6" ino=5 res=0 errno=0
[ 1229.227775][T24389] loop5: detected capacity change from 0 to 128
[ 1229.276666][T24396] loop4: detected capacity change from 0 to 164
[ 1229.358764][T24389] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1229.411997][T24396] iso9660: Corrupted directory entry in block 4 of inode 1792
[ 1229.480635][T24389] ext4 filesystem being mounted at /2363/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1229.580851][T24389] EXT4-fs error (device loop5): __ext4_new_inode:1073: comm syz.5.14293: reserved inode found cleared - inode=2
[ 1229.773764][T24422] loop4: detected capacity change from 0 to 128
[ 1229.825307][ T5846] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1229.848562][T24422] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1229.873552][T24424] loop2: detected capacity change from 0 to 512
[ 1229.890746][T24424] EXT4-fs: Ignoring removed nobh option
[ 1229.976607][T24422] ext4 filesystem being mounted at /2415/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1230.028080][T24424] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13
[ 1230.094685][T24424] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #13: comm syz.2.14303: attempt to clear invalid blocks 1 len 1
[ 1230.109327][T24424] loop2: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[ 1230.117785][    C1] EXT4-fs (loop2): error count since last fsck: 1
[ 1230.133444][    C1] EXT4-fs (loop2): initial error at time 2000000132: ext4_clear_blocks:876: inode 13
[ 1230.136888][T24424] EXT4-fs (loop2): Remounting filesystem read-only
[ 1230.142981][    C1] EXT4-fs (loop2): last error at time 2000000132: ext4_clear_blocks:876: inode 13
[ 1230.186990][ T5840] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1230.191021][T24424] EXT4-fs (loop2): 1 truncate cleaned up
[ 1230.206809][T24424] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1230.270231][T24424] EXT4-fs (loop2): shut down requested (0)
[ 1230.311919][T24437] loop3: detected capacity change from 0 to 4096
[ 1230.361080][T24437] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[ 1230.509952][T24437] ntfs3(loop3): Failed to initialize $Extend/$Reparse.
[ 1230.543193][ T5839] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1230.712884][T24468] netlink: 'syz.6.14315': attribute type 10 has an invalid length.
[ 1230.818821][T24475] netlink: 'syz.6.14315': attribute type 10 has an invalid length.
[ 1230.849639][T24468] team0: Port device dummy0 added
[ 1230.862948][T24477] loop3: detected capacity change from 0 to 256
[ 1230.897257][T24475] team0: Port device dummy0 removed
[ 1230.949426][T24475] bond0: (slave dummy0): Enslaving as an active interface with an up link
[ 1230.997769][T24483] loop2: detected capacity change from 0 to 64
[ 1231.124221][T24483] hfs: request for non-existent node 31232 in B*Tree
[ 1231.195027][T24483] hfs: request for non-existent node 31232 in B*Tree
[ 1231.220845][T24483] hfs: request for non-existent node 31232 in B*Tree
[ 1231.251517][T24483] hfs: request for non-existent node 31232 in B*Tree
[ 1231.323889][  T156] kworker/u8:7: attempt to access beyond end of device
[ 1231.323889][  T156] loop2: rw=8388609, sector=65, nr_sectors = 1 limit=64
[ 1231.379754][  T156] Buffer I/O error on dev loop2, logical block 65, lost async page write
[ 1231.417105][  T156] kworker/u8:7: attempt to access beyond end of device
[ 1231.417105][  T156] loop2: rw=8388609, sector=66, nr_sectors = 1 limit=64
[ 1231.468690][  T156] Buffer I/O error on dev loop2, logical block 66, lost async page write
[ 1231.498686][  T156] kworker/u8:7: attempt to access beyond end of device
[ 1231.498686][  T156] loop2: rw=8388609, sector=67, nr_sectors = 1 limit=64
[ 1231.540508][  T156] Buffer I/O error on dev loop2, logical block 67, lost async page write
[ 1231.574862][  T156] kworker/u8:7: attempt to access beyond end of device
[ 1231.574862][  T156] loop2: rw=8388609, sector=68, nr_sectors = 1 limit=64
[ 1231.604320][  T156] Buffer I/O error on dev loop2, logical block 68, lost async page write
[ 1231.612802][  T156] kworker/u8:7: attempt to access beyond end of device
[ 1231.612802][  T156] loop2: rw=8388609, sector=72, nr_sectors = 1 limit=64
[ 1231.659515][  T156] Buffer I/O error on dev loop2, logical block 72, lost async page write
[ 1231.677493][  T156] kworker/u8:7: attempt to access beyond end of device
[ 1231.677493][  T156] loop2: rw=8388609, sector=73, nr_sectors = 1 limit=64
[ 1231.693165][ T5858] usb 6-1: new high-speed USB device number 116 using dummy_hcd
[ 1231.704827][  T156] Buffer I/O error on dev loop2, logical block 73, lost async page write
[ 1231.714714][  T156] kworker/u8:7: attempt to access beyond end of device
[ 1231.714714][  T156] loop2: rw=8388609, sector=76, nr_sectors = 1 limit=64
[ 1231.729301][  T156] Buffer I/O error on dev loop2, logical block 76, lost async page write
[ 1231.739298][  T156] kworker/u8:7: attempt to access beyond end of device
[ 1231.739298][  T156] loop2: rw=8388609, sector=77, nr_sectors = 1 limit=64
[ 1231.767778][  T156] Buffer I/O error on dev loop2, logical block 77, lost async page write
[ 1231.785749][  T156] hfs: request for non-existent node 31232 in B*Tree
[ 1231.801388][  T156] hfs: request for non-existent node 31232 in B*Tree
[ 1231.862194][ T5858] usb 6-1: Using ep0 maxpacket: 32
[ 1231.869851][ T5858] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1231.892603][ T5858] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1231.927245][ T5858] usb 6-1: New USB device found, idVendor=046d, idProduct=c513, bcdDevice= 0.00
[ 1231.946791][ T5858] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1231.963563][ T5858] usb 6-1: config 0 descriptor??
[ 1232.021750][T24535] netlink: 48 bytes leftover after parsing attributes in process `syz.0.14333'.
[ 1232.287630][T24544] netlink: 36 bytes leftover after parsing attributes in process `syz.4.14337'.
[ 1232.333718][T24545] loop2: detected capacity change from 0 to 1024
[ 1232.355424][T24545] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only.
[ 1232.374865][ T5858] hid_parser_main: 47 callbacks suppressed
[ 1232.387745][T24545] hfsplus: catalog name length corrupted
[ 1232.389243][ T5858] logitech-djreceiver 0003:046D:C513.000D: unknown main item tag 0x0
[ 1232.435993][ T5858] logitech-djreceiver 0003:046D:C513.000D: unknown main item tag 0x0
[ 1232.505007][ T5858] logitech-djreceiver 0003:046D:C513.000D: unknown main item tag 0x0
[ 1232.555780][ T5858] logitech-djreceiver 0003:046D:C513.000D: unknown main item tag 0x0
[ 1232.591785][ T5858] logitech-djreceiver 0003:046D:C513.000D: unknown main item tag 0x0
[ 1232.643181][ T5858] logitech-djreceiver 0003:046D:C513.000D: unknown main item tag 0x0
[ 1232.651340][ T5858] logitech-djreceiver 0003:046D:C513.000D: unknown main item tag 0x0
[ 1232.694844][ T5858] logitech-djreceiver 0003:046D:C513.000D: unknown main item tag 0x0
[ 1232.721726][ T5858] logitech-djreceiver 0003:046D:C513.000D: unknown main item tag 0x0
[ 1232.744329][ T5858] logitech-djreceiver 0003:046D:C513.000D: unknown main item tag 0x0
[ 1232.782096][ T5858] usb 6-1: USB disconnect, device number 116
[ 1232.999199][T24587] loop6: detected capacity change from 0 to 4096
[ 1233.011426][T24587] ntfs3: Bad value for 'gid'
[ 1233.035765][T24587] ntfs3: Bad value for 'gid'
[ 1234.059415][T24644] loop2: detected capacity change from 0 to 512
[ 1234.098202][T24644] EXT4-fs: Ignoring removed orlov option
[ 1234.129941][T24644] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1234.211063][T24644] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1234.272549][T24644] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.14365: bg 0: block 248: padding at end of block bitmap is not set
[ 1234.319582][T24644] loop2: lost filesystem error report for type 5 error -117
[ 1234.330140][T24644] Quota error (device loop2): write_blk: dquota write failed
[ 1234.337693][    C1] EXT4-fs (loop2): error count since last fsck: 1
[ 1234.337719][    C1] EXT4-fs (loop2): last error at time 2000000136: ext4_validate_block_bitmap:441
[ 1234.395228][T24644] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[ 1234.447621][T24644] EXT4-fs error (device loop2): ext4_acquire_dquot:7001: comm syz.2.14365: Failed to acquire dquot type 1
[ 1234.525099][T24644] loop2: lost filesystem error report for type 5 error -117
[ 1234.531049][T24644] EXT4-fs (loop2): 1 truncate cleaned up
[ 1234.578471][T24644] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1234.602373][   T30] audit: type=1326 audit(2000000137.145:908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24666 comm="syz.6.14372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a64b9c799 code=0x7ffc0000
[ 1234.632286][T24667] loop6: detected capacity change from 0 to 512
[ 1234.669203][   T30] audit: type=1326 audit(2000000137.145:909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24666 comm="syz.6.14372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a64b9c799 code=0x7ffc0000
[ 1234.699566][T24667] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 1234.710580][T24644] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[ 1234.757694][   T30] audit: type=1326 audit(2000000137.187:910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24666 comm="syz.6.14372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f3a64b9c799 code=0x7ffc0000
[ 1234.800710][T24667] EXT4-fs (loop6): 1 truncate cleaned up
[ 1234.814753][T24644] EXT4-fs error (device loop2): __ext4_remount:6804: comm syz.2.14365: Abort forced by user
[ 1234.836430][   T30] audit: type=1326 audit(2000000137.187:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24666 comm="syz.6.14372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f3a64b9c502 code=0x7ffc0000
[ 1234.861112][   T30] audit: type=1326 audit(2000000137.187:912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24666 comm="syz.6.14372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3a64b5cfce code=0x7ffc0000
[ 1234.877278][T24667] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1234.886168][   T30] audit: type=1326 audit(2000000137.187:913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24666 comm="syz.6.14372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f3a64b9c5c7 code=0x7ffc0000
[ 1234.933742][T24644] EXT4-fs (loop2): Remounting filesystem read-only
[ 1234.947687][T24644] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[ 1234.966080][   T30] audit: type=1326 audit(2000000137.187:914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24666 comm="syz.6.14372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3a64b5cfce code=0x7ffc0000
[ 1234.995023][T24644] ext4 filesystem being remounted at /2381/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1235.052015][   T30] audit: type=1326 audit(2000000137.187:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24666 comm="syz.6.14372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a64b9c42b code=0x7ffc0000
[ 1235.106877][ T5839] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1235.145537][T20927] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1235.332923][T24695] loop2: detected capacity change from 0 to 1024
[ 1235.385714][  T833] usb 1-1: new high-speed USB device number 127 using dummy_hcd
[ 1235.528707][  T156] hfsplus: b-tree write err: -5, ino 25
[ 1235.534568][  T156] hfsplus: b-tree write err: -5, ino 4
[ 1235.558271][  T833] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1235.589693][  T833] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1235.601929][  T156] hfsplus: b-tree write err: -5, ino 2
[ 1235.617024][  T156] hfsplus: b-tree write err: -5, ino 20
[ 1235.622904][  T833] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1235.663908][  T833] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1235.701653][T24683] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1235.756927][  T833] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 1235.817249][T24664] loop3: detected capacity change from 0 to 40427
[ 1235.853291][T24718] loop2: detected capacity change from 0 to 512
[ 1235.873408][T24664] F2FS-fs (loop3): invalid crc value
[ 1236.067656][  T833] usb 1-1: USB disconnect, device number 127
[ 1236.315617][T24664] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1236.357414][T24664] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1236.861928][  T833] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[ 1237.037323][  T833] usb 3-1: Using ep0 maxpacket: 32
[ 1237.056927][  T833] usb 3-1: config 0 has an invalid interface number: 6 but max is 0
[ 1237.093535][  T833] usb 3-1: config 0 has no interface number 0
[ 1237.099799][  T833] usb 3-1: config 0 interface 6 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1237.155934][  T833] usb 3-1: config 0 interface 6 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1237.204709][  T833] usb 3-1: config 0 interface 6 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1237.255035][  T833] usb 3-1: config 0 interface 6 has no altsetting 0
[ 1237.274389][  T833] usb 3-1: New USB device found, idVendor=28bd, idProduct=0933, bcdDevice= 0.00
[ 1237.307024][T24821] netlink: 'syz.5.14404': attribute type 1 has an invalid length.
[ 1237.316229][  T833] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1237.334432][T24821] netlink: 228 bytes leftover after parsing attributes in process `syz.5.14404'.
[ 1237.354701][  T833] usb 3-1: config 0 descriptor??
[ 1237.360561][T24821] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14404'.
[ 1237.721179][ T5935] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 1237.794208][  T833] uclogic 0003:28BD:0933.000E: interface is invalid, ignoring
[ 1237.869026][ T6348] hid_parser_main: 28 callbacks suppressed
[ 1237.869059][ T6348] hid-generic 0006:79D90A04:10000.000F: unknown main item tag 0x0
[ 1237.894885][ T5935] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1237.928813][ T5935] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1237.938559][T24861] loop6: detected capacity change from 0 to 512
[ 1237.951357][ T5935] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1237.959985][ T6348] hid-generic 0006:79D90A04:10000.000F: hidraw0: VIRTUAL HID v7f.ff Device [syz0] on syz1
[ 1237.971089][ T5935] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1237.995465][T24861] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1238.009557][  T833] usb 3-1: USB disconnect, device number 6
[ 1238.031096][ T5935] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1238.063640][ T5935] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1238.096424][T24861] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 1238.104756][ T5935] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1238.157237][ T5935] usb 1-1: Product: syz
[ 1238.172166][T24861] EXT4-fs error (device loop6): ext4_orphan_get:1417: comm syz.6.14413: bad orphan inode 131083
[ 1238.182978][ T5935] usb 1-1: Manufacturer: syz
[ 1238.200131][T24861] loop6: lost filesystem error report for type 5 error -117
[ 1238.204576][    C0] EXT4-fs (loop6): error count since last fsck: 1
[ 1238.218325][    C0] EXT4-fs (loop6): initial error at time 2000000140: ext4_orphan_get:1417
[ 1238.226914][    C0] EXT4-fs (loop6): last error at time 2000000140: ext4_orphan_get:1417
[ 1238.239783][T24861] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1238.256701][ T5935] cdc_wdm 1-1:1.0: skipping garbage
[ 1238.272642][ T5935] cdc_wdm 1-1:1.0: skipping garbage
[ 1238.294894][ T5935] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[ 1238.308550][T24879] fido_id[24879]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1238.322406][ T5935] cdc_wdm 1-1:1.0: Unknown control protocol
[ 1238.363279][T24861] overlayfs: upper fs needs to support d_type.
[ 1238.447374][T24900] netlink: 116 bytes leftover after parsing attributes in process `syz.3.14420'.
[ 1238.507890][T20927] EXT4-fs error (device loop6): ext4_readdir:265: inode #2: block 13: comm syz-executor: path /101/bus: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[ 1238.729228][ T5935] usb 1-1: USB disconnect, device number 2
[ 1238.981171][T24936] netlink: 9 bytes leftover after parsing attributes in process `syz.2.14428'.
[ 1239.087028][T24936] vlan0: entered allmulticast mode
[ 1239.096842][T24936] team0: entered allmulticast mode
[ 1239.124707][T20927] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1239.457166][T24262] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1239.630249][T24903] loop4: detected capacity change from 0 to 40427
[ 1239.671594][T24903] F2FS-fs (loop4): invalid crc value
[ 1239.754910][T24262] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1239.847247][T24931] loop3: detected capacity change from 0 to 32768
[ 1239.876981][T24958] Dead loop on virtual device ip6_vti0, fix it urgently!
[ 1239.934539][T24964] netlink: 196 bytes leftover after parsing attributes in process `syz.5.14436'.
[ 1240.010266][T24903] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[ 1240.042075][T24903] F2FS-fs (loop4): Start checkpoint disabled!
[ 1240.091512][T24903] F2FS-fs (loop4): f2fs_disable_checkpoint() finish, err:0
[ 1240.119511][T24903] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[ 1240.206801][T24966] loop2: detected capacity change from 0 to 4096
[ 1240.230881][T24262] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1240.253373][T24966] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512).
[ 1240.278927][   T30] kauditd_printk_skb: 12 callbacks suppressed
[ 1240.278958][   T30] audit: type=1800 audit(2000000143.098:928): pid=24903 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.14419" name="file1" dev="loop4" ino=10 res=0 errno=0
[ 1240.356247][T24966] ntfs3(loop2): ino=3, mi_enum_attr
[ 1240.364808][ T5851] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1240.378957][ T5851] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1240.395706][ T5851] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1240.406003][ T5851] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1240.419628][ T5851] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1240.515152][  T156] bio_check_eod: 1 callbacks suppressed
[ 1240.515177][  T156] kworker/u8:7: attempt to access beyond end of device
[ 1240.515177][  T156] loop4: rw=1, sector=45096, nr_sectors = 16 limit=40427
[ 1240.593071][T24982] loop3: detected capacity change from 0 to 128
[ 1240.618053][  T156] kworker/u8:7: attempt to access beyond end of device
[ 1240.618053][  T156] loop4: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[ 1240.671310][T24982] qnx6: block size(2066842817) > page size(4096) not supported by filesystem
[ 1240.673560][T24966] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[ 1240.694048][  T156] CPU: 1 UID: 0 PID: 156 Comm: kworker/u8:7 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1240.694095][  T156] Tainted: [L]=SOFTLOCKUP
[ 1240.694105][  T156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[ 1240.694123][  T156] Workqueue: writeback wb_workfn (flush-7:4)
[ 1240.694163][  T156] Call Trace:
[ 1240.694174][  T156]  <TASK>
[ 1240.694186][  T156]  dump_stack_lvl+0xe8/0x150
[ 1240.694227][  T156]  f2fs_handle_critical_error+0x37c/0x540
[ 1240.694267][  T156]  f2fs_write_end_io+0xcdb/0xff0
[ 1240.694330][  T156]  __submit_merged_bio+0x256/0x700
[ 1240.694373][  T156]  __submit_merged_write_cond+0x3c9/0x4e0
[ 1240.694417][  T156]  ? __pfx___submit_merged_write_cond+0x10/0x10
[ 1240.694468][  T156]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1240.694513][  T156]  f2fs_write_data_pages+0x2975/0x35e0
[ 1240.694549][  T156]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1240.694631][  T156]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1240.694686][  T156]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[ 1240.694774][  T156]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[ 1240.694839][  T156]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1240.694869][  T156]  ? __lock_acquire+0x6b5/0x2cf0
[ 1240.694930][  T156]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1240.694968][  T156]  do_writepages+0x32e/0x550
[ 1240.695017][  T156]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1240.695053][  T156]  ? reacquire_held_locks+0x104/0x190
[ 1240.695093][  T156]  ? writeback_sb_inodes+0x477/0x1a20
[ 1240.695138][  T156]  __writeback_single_inode+0x133/0x11a0
[ 1240.695178][  T156]  ? do_raw_spin_unlock+0xf5/0x210
[ 1240.695214][  T156]  writeback_sb_inodes+0x992/0x1a20
[ 1240.695293][  T156]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1240.695327][  T156]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1240.695413][  T156]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1240.695445][  T156]  ? rcu_is_watching+0x15/0xb0
[ 1240.695482][  T156]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1240.695525][  T156]  wb_writeback+0x456/0xb70
[ 1240.695567][  T156]  ? queue_io+0x1d1/0x4a0
[ 1240.695614][  T156]  ? __pfx_wb_writeback+0x10/0x10
[ 1240.695647][  T156]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1240.695699][  T156]  wb_workfn+0x414/0xf50
[ 1240.695733][  T156]  ? look_up_lock_class+0x57/0x110
[ 1240.695795][  T156]  ? __pfx_wb_workfn+0x10/0x10
[ 1240.695830][  T156]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1240.695861][  T156]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1240.695893][  T156]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1240.695920][  T156]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1240.695961][  T156]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1240.695997][  T156]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1240.696031][  T156]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1240.696072][  T156]  ? process_scheduled_works+0xa25/0x1830
[ 1240.696108][  T156]  ? process_scheduled_works+0xa25/0x1830
[ 1240.696147][  T156]  process_scheduled_works+0xb02/0x1830
[ 1240.696225][  T156]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1240.696270][  T156]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1240.696300][  T156]  ? assign_work+0x3d5/0x5e0
[ 1240.696343][  T156]  worker_thread+0xa50/0xfc0
[ 1240.696405][  T156]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1240.696449][  T156]  kthread+0x388/0x470
[ 1240.696477][  T156]  ? __pfx_worker_thread+0x10/0x10
[ 1240.696511][  T156]  ? __pfx_kthread+0x10/0x10
[ 1240.696539][  T156]  ret_from_fork+0x51e/0xb90
[ 1240.696576][  T156]  ? __pfx_ret_from_fork+0x10/0x10
[ 1240.696608][  T156]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1240.696639][  T156]  ? __switch_to+0xc7d/0x1450
[ 1240.696676][  T156]  ? __pfx_kthread+0x10/0x10
[ 1240.696705][  T156]  ret_from_fork_asm+0x1a/0x30
[ 1240.696771][  T156]  </TASK>
[ 1240.696782][  T156] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[ 1240.709983][T24982] qnx6: unable to set blocksize
[ 1240.748136][T24966] ntfs3(loop2): Failed to load $Extend (-22).
[ 1241.091081][T24966] ntfs3(loop2): Failed to initialize $Extend.
[ 1241.122148][T24262] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1241.278681][T24972] wlan0 speed is unknown, defaulting to 1000
[ 1241.873297][T25027] loop3: detected capacity change from 0 to 1024
[ 1241.892355][T24262] bridge_slave_1: left allmulticast mode
[ 1241.899537][T24262] bridge_slave_1: left promiscuous mode
[ 1241.932037][T24262] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1242.021361][T25042] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14450'.
[ 1242.062388][T25027] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[ 1242.111864][T24262] bridge_slave_0: left allmulticast mode
[ 1242.150177][T24262] bridge_slave_0: left promiscuous mode
[ 1242.154031][T25027] ext4 filesystem being mounted at /2454/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1242.173705][T24262] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1242.338344][ T5844] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[ 1242.412581][ T5935] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[ 1242.422456][ T9565] Bluetooth: hci3: command tx timeout
[ 1242.588299][ T5935] usb 3-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[ 1242.619092][ T5935] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1242.664864][ T5935] usb 3-1: config 0 descriptor??
[ 1242.712887][ T5935] gspca_main: spca508-2.14.0 probing 8086:0110
[ 1242.884225][ T5935] gspca_spca508: reg_read err -32
[ 1243.090984][ T5935] gspca_spca508: reg_read err -71
[ 1243.108467][ T5935] gspca_spca508: reg_read err -71
[ 1243.128514][ T5935] gspca_spca508: reg_read err -71
[ 1243.134208][ T5935] gspca_spca508: reg write: error -71
[ 1243.148978][ T5935] spca508 3-1:0.0: probe with driver spca508 failed with error -71
[ 1243.174798][ T5935] usb 3-1: USB disconnect, device number 7
[ 1243.389086][T24262] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1243.431211][T24262] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1243.449139][T24262] bond0 (unregistering): (slave dummy0): Releasing backup interface
[ 1243.454890][T25097] loop3: detected capacity change from 0 to 256
[ 1243.486263][T24262] bond0 (unregistering): Released all slaves
[ 1243.542197][T25097] FAT-fs (loop3): Directory bread(block 64) failed
[ 1243.559486][T24972] lo speed is unknown, defaulting to 1000
[ 1243.591285][T25097] FAT-fs (loop3): Directory bread(block 65) failed
[ 1243.661112][T25097] FAT-fs (loop3): Directory bread(block 66) failed
[ 1243.723944][T25097] FAT-fs (loop3): Directory bread(block 67) failed
[ 1243.760294][T25097] FAT-fs (loop3): Directory bread(block 68) failed
[ 1243.766927][T25097] FAT-fs (loop3): Directory bread(block 69) failed
[ 1243.847364][T25097] FAT-fs (loop3): Directory bread(block 70) failed
[ 1243.894090][T25097] FAT-fs (loop3): Directory bread(block 71) failed
[ 1243.900763][T25097] FAT-fs (loop3): Directory bread(block 72) failed
[ 1243.995666][T25097] FAT-fs (loop3): Directory bread(block 73) failed
[ 1244.177872][ T5947] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[ 1244.373371][ T5947] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1244.396826][ T9565] Bluetooth: hci3: command tx timeout
[ 1244.397525][  T833] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[ 1244.434857][ T5947] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1244.446839][ T5947] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1244.457262][ T5947] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1244.568108][  T833] usb 3-1: Using ep0 maxpacket: 16
[ 1244.587931][  T833] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7
[ 1244.608135][T25144] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1244.620393][  T833] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1244.637400][ T5947] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 1244.683834][ T5935] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[ 1244.704574][  T833] usb 3-1: New USB device found, idVendor=0d46, idProduct=2011, bcdDevice=82.8f
[ 1244.727673][  T833] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1244.742561][  T833] usb 3-1: Product: syz
[ 1244.762126][  T833] usb 3-1: Manufacturer: syz
[ 1244.772610][  T833] usb 3-1: SerialNumber: syz
[ 1244.807212][  T833] usb 3-1: config 0 descriptor??
[ 1244.844678][ T5935] usb 4-1: Using ep0 maxpacket: 32
[ 1244.851845][ T5935] usb 4-1: config 0 has an invalid interface number: 132 but max is 0
[ 1244.874949][  T833] kobil_sct 3-1:0.0: KOBIL USB smart card terminal converter detected
[ 1244.887701][ T5935] usb 4-1: config 0 has no interface number 0
[ 1244.916766][ T5935] usb 4-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1244.952571][  T833] usb 3-1: KOBIL USB smart card terminal converter now attached to ttyUSB0
[ 1244.974820][ T5935] usb 4-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[ 1244.997052][ T5935] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1245.028377][ T5935] usb 4-1: Product: syz
[ 1245.032053][ T5947] usb 1-1: USB disconnect, device number 3
[ 1245.042283][ T5935] usb 4-1: Manufacturer: syz
[ 1245.172843][T12660] usb 3-1: USB disconnect, device number 8
[ 1245.262918][ T7374] udevd[7374]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1245.318553][T12660] kobil ttyUSB0: KOBIL USB smart card terminal converter now disconnected from ttyUSB0
[ 1245.359182][T25182] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1245.387337][T25182] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[ 1245.431839][T12660] kobil_sct 3-1:0.0: device disconnected
[ 1246.005214][ T5935] usb 4-1: SerialNumber: syz
[ 1246.017516][ T5935] usb 4-1: config 0 descriptor??
[ 1246.031598][ T5935] em28xx 4-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[ 1246.041701][ T5935] em28xx 4-1:0.132: Video interface 132 found:
[ 1246.122290][T25269] loop5: detected capacity change from 0 to 131072
[ 1246.138591][T25269] F2FS-fs (loop5): QUOTA feature is enabled, so ignore qf_name
[ 1246.161586][T25269] F2FS-fs (loop5): invalid crc value
[ 1246.178411][T25269] F2FS-fs (loop5): invalid crc value
[ 1246.183825][T25269] F2FS-fs (loop5): Failed to get valid F2FS checkpoint
[ 1246.436709][T24972] chnl_net:caif_netlink_parms(): no params data found
[ 1246.702217][T25360] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14481'.
[ 1246.711912][ T5935] em28xx 4-1:0.132: chip ID is em2884
[ 1247.014873][ T5935] em28xx 4-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5)
[ 1247.052846][ T5935] em28xx 4-1:0.132: board has no eeprom
[ 1247.130161][ T5935] em28xx 4-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[ 1247.138721][ T5935] em28xx 4-1:0.132: analog set to bulk mode.
[ 1247.145273][ T6027] em28xx 4-1:0.132: Registering V4L2 extension
[ 1247.231875][ T6027] em28xx 4-1:0.132: failed to trigger read from i2c address 0x4a (error=-5)
[ 1247.258166][ T6027] em28xx 4-1:0.132: failed to trigger read from i2c address 0x48 (error=-5)
[ 1247.280495][ T6027] em28xx 4-1:0.132: failed to trigger read from i2c address 0x42 (error=-5)
[ 1247.303458][ T5935] usb 4-1: USB disconnect, device number 5
[ 1247.326520][ T5935] em28xx 4-1:0.132: Disconnecting em28xx
[ 1247.818227][ T6027] em28xx 4-1:0.132: Config register raw data: 0xffffffed
[ 1247.851009][ T6027] em28xx 4-1:0.132: AC97 chip type couldn't be determined
[ 1247.885549][ T6027] em28xx 4-1:0.132: No AC97 audio processor
[ 1247.915450][T24972] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1247.976416][ T6027] usb 4-1: Decoder not found
[ 1247.990333][T24972] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1248.007381][ T6027] em28xx 4-1:0.132: failed to create media graph
[ 1248.017339][T24972] bridge_slave_0: entered allmulticast mode
[ 1248.041431][ T6027] em28xx 4-1:0.132: V4L2 device video103 deregistered
[ 1248.124271][T24972] bridge_slave_0: entered promiscuous mode
[ 1248.146353][ T6027] em28xx 4-1:0.132: Remote control support is not available for this card.
[ 1248.147452][T24972] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1248.170304][T25418] loop2: detected capacity change from 0 to 40427
[ 1248.186126][ T5935] em28xx 4-1:0.132: Closing input extension
[ 1248.194715][T25418] F2FS-fs (loop2): build fault injection rate: 771
[ 1248.221903][T24972] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1248.240669][T25418] F2FS-fs (loop2): invalid crc value
[ 1248.272532][T24972] bridge_slave_1: entered allmulticast mode
[ 1248.275189][ T5935] em28xx 4-1:0.132: Freeing device
[ 1248.340971][ T6027] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[ 1248.342884][T24972] bridge_slave_1: entered promiscuous mode
[ 1248.524048][ T6027] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1248.597977][ T6027] usb 1-1: New USB device found, idVendor=5e0a, idProduct=a055, bcdDevice= 0.00
[ 1248.628105][ T6027] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1248.687863][T25418] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1248.698711][ T6027] usb 1-1: config 0 descriptor??
[ 1248.769385][T25418] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1248.777582][T24262] hsr_slave_0: left promiscuous mode
[ 1248.815396][T24262] hsr_slave_1: left promiscuous mode
[ 1248.847259][T24262] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1248.884863][T24262] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1248.919888][T24262] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1248.951453][T25531] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14498'.
[ 1248.961684][T24262] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1248.984238][   T30] audit: type=1800 audit(2000000152.252:929): pid=25418 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.14487" name="file1" dev="loop2" ino=10 res=0 errno=0
[ 1249.010975][T25531] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14498'.
[ 1249.046696][T24262] veth1_macvtap: left promiscuous mode
[ 1249.081251][T24262] veth0_macvtap: left promiscuous mode
[ 1249.100781][T24262] veth1_vlan: left promiscuous mode
[ 1249.133370][T24262] veth0_vlan: left promiscuous mode
[ 1249.147916][ T6027] hid-generic 0003:5E0A:A055.0010: unbalanced collection at end of report description
[ 1249.161007][ T6027] hid-generic 0003:5E0A:A055.0010: probe with driver hid-generic failed with error -22
[ 1249.180352][ T5839] syz-executor: attempt to access beyond end of device
[ 1249.180352][ T5839] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1249.224541][ T5839] CPU: 1 UID: 0 PID: 5839 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1249.224592][ T5839] Tainted: [L]=SOFTLOCKUP
[ 1249.224602][ T5839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[ 1249.224619][ T5839] Call Trace:
[ 1249.224630][ T5839]  <TASK>
[ 1249.224640][ T5839]  dump_stack_lvl+0xe8/0x150
[ 1249.224683][ T5839]  f2fs_handle_critical_error+0x37c/0x540
[ 1249.224721][ T5839]  f2fs_write_end_io+0xcdb/0xff0
[ 1249.224778][ T5839]  __submit_merged_bio+0x256/0x700
[ 1249.224816][ T5839]  __submit_merged_write_cond+0x3c9/0x4e0
[ 1249.224856][ T5839]  ? __pfx___submit_merged_write_cond+0x10/0x10
[ 1249.224901][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1249.224941][ T5839]  f2fs_write_data_pages+0x2975/0x35e0
[ 1249.225017][ T5839]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1249.225068][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1249.225096][ T5839]  ? css_rstat_updated+0x23a/0x530
[ 1249.225153][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1249.225182][ T5839]  ? rcu_is_watching+0x15/0xb0
[ 1249.225218][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1249.225248][ T5839]  ? mod_memcg_lruvec_state+0x1a7/0x360
[ 1249.225290][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1249.225319][ T5839]  ? __lock_acquire+0x6b5/0x2cf0
[ 1249.225363][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1249.225402][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1249.225432][ T5839]  ? __lock_acquire+0x6b5/0x2cf0
[ 1249.225470][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1249.225499][ T5839]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1249.225532][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1249.225574][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1249.225604][ T5839]  ? do_raw_spin_unlock+0xf5/0x210
[ 1249.225632][ T5839]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1249.225669][ T5839]  do_writepages+0x32e/0x550
[ 1249.225709][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1249.225742][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1249.225777][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1249.225807][ T5839]  ? do_raw_spin_unlock+0xf5/0x210
[ 1249.225839][ T5839]  filemap_fdatawrite+0x1e9/0x2f0
[ 1249.225884][ T5839]  ? __pfx_filemap_fdatawrite+0x10/0x10
[ 1249.225968][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1249.225999][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1249.226036][ T5839]  ? do_raw_spin_unlock+0xf5/0x210
[ 1249.226068][ T5839]  f2fs_sync_dirty_inodes+0x30e/0x860
[ 1249.226128][ T5839]  f2fs_write_checkpoint+0x9df/0x26a0
[ 1249.226205][ T5839]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[ 1249.226286][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1249.226317][ T5839]  ? kfree+0x1c1/0x630
[ 1249.226344][ T5839]  ? f2fs_stop_gc_thread+0x7f/0xb0
[ 1249.226391][ T5839]  kill_f2fs_super+0x314/0x720
[ 1249.226432][ T5839]  ? __pfx_kill_f2fs_super+0x10/0x10
[ 1249.226479][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1249.226509][ T5839]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1249.226549][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1249.226602][ T5839]  deactivate_locked_super+0xbc/0x130
[ 1249.226645][ T5839]  cleanup_mnt+0x437/0x4d0
[ 1249.226672][ T5839]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1249.226713][ T5839]  task_work_run+0x1d9/0x270
[ 1249.226745][ T5839]  ? __pfx_task_work_run+0x10/0x10
[ 1249.226785][ T5839]  exit_to_user_mode_loop+0xed/0x480
[ 1249.226814][ T5839]  ? rcu_is_watching+0x15/0xb0
[ 1249.226857][ T5839]  do_syscall_64+0x32d/0xf80
[ 1249.226879][ T5839]  ? trace_irq_disable+0x3b/0x150
[ 1249.226916][ T5839]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1249.226949][ T5839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1249.226975][ T5839] RIP: 0033:0x7f8e5839d9d7
[ 1249.226998][ T5839] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[ 1249.227019][ T5839] RSP: 002b:00007ffe02902258 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 1249.227047][ T5839] RAX: 0000000000000000 RBX: 00007f8e58432050 RCX: 00007f8e5839d9d7
[ 1249.227064][ T5839] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe02902310
[ 1249.227080][ T5839] RBP: 00007ffe02902310 R08: 00007ffe02903310 R09: 00000000ffffffff
[ 1249.227099][ T5839] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe029033a0
[ 1249.227116][ T5839] R13: 00007f8e58432050 R14: 000000000013e13f R15: 00007ffe029033e0
[ 1249.227155][ T5839]  </TASK>
[ 1249.711653][ T6027] usb 1-1: USB disconnect, device number 4
[ 1249.720616][ T5839] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[ 1250.127873][T25565] loop4: detected capacity change from 0 to 32768
[ 1250.141698][T25565] (syz.4.14506,25565,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1250.175307][T25565] (syz.4.14506,25565,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1250.231799][T25565] JBD2: Ignoring recovery information on journal
[ 1250.359084][T25565] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[ 1250.663722][ T5840] ocfs2: Unmounting device (7,4) on (node local)
[ 1250.847400][T25597] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14501'.
[ 1250.978797][T12660] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[ 1251.061473][T24262] team0 (unregistering): Port device team_slave_1 removed
[ 1251.134579][T24262] team0 (unregistering): Port device team_slave_0 removed
[ 1251.150516][T12660] usb 1-1: Using ep0 maxpacket: 32
[ 1251.160829][T12660] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1251.181434][T12660] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1251.203509][T12660] usb 1-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[ 1251.228683][T12660] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1251.272025][T12660] usb 1-1: config 0 descriptor??
[ 1251.323751][T25617] loop5: detected capacity change from 0 to 512
[ 1251.338389][T25617] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1251.353827][T25617] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1251.375933][T25617] EXT4-fs error (device loop5): ext4_orphan_get:1417: comm syz.5.14519: bad orphan inode 131083
[ 1251.388858][T25617] loop5: lost filesystem error report for type 5 error -117
[ 1251.397037][T25617] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1251.455909][T25617] overlayfs: upper fs needs to support d_type.
[ 1251.551694][T24972] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1251.574923][T25573] netlink: 24 bytes leftover after parsing attributes in process `syz.3.14509'.
[ 1251.644187][T24972] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1251.726212][T12660] ft260 0003:0403:6030.0011: unknown main item tag 0x0
[ 1251.742189][T12660] ft260 0003:0403:6030.0011: unknown main item tag 0x0
[ 1251.828444][T25641] [U] k43�{}_�hM|ڙT6��ݬ�e�S���� �+��,�s�/ʑ��q%{��q
[ 1251.914742][T12660] ft260 0003:0403:6030.0011: failed to retrieve chip version
[ 1251.972292][T12660] ft260 0003:0403:6030.0011: probe with driver ft260 failed with error -71
[ 1252.105676][T12660] usb 1-1: USB disconnect, device number 5
[ 1252.217409][ T5935] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[ 1252.309590][T24972] team0: Port device team_slave_0 added
[ 1252.319512][ T5846] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1252.323047][T25679] loop3: detected capacity change from 0 to 512
[ 1252.374303][T24972] team0: Port device team_slave_1 added
[ 1252.399757][ T5935] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1252.420353][T25679] EXT4-fs: Ignoring removed oldalloc option
[ 1252.438464][T25679] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1252.451600][ T5935] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1252.505552][ T5935] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1252.530419][T24972] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1252.534359][T25679] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.14528: bad orphan inode 131083
[ 1252.549108][ T5935] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1252.569995][ T5935] usb 5-1: SerialNumber: syz
[ 1252.579554][T25679] loop3: lost filesystem error report for type 5 error -117
[ 1252.580986][T24972] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1252.621187][T25679] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1252.748012][T24972] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1252.796468][T25679] EXT4-fs error (device loop3): ext4_inlinedir_to_tree:1324: inode #12: block 7: comm syz.3.14528: path /2468/bus/file0: bad entry in directory: directory entry overrun - offset=80, inode=1560281102, rec_len=1024, size=60 fake=0
[ 1252.824774][T24972] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1252.862719][ T5935] usb 5-1: 0:2 : does not exist
[ 1252.865677][T24972] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1252.888421][ T5935] usb 5-1: 0:0: failed to get current value for ch 0 (-22)
[ 1252.913500][T24972] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1253.012606][ T5844] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1253.087935][T24972] hsr_slave_0: entered promiscuous mode
[ 1253.159083][T24972] hsr_slave_1: entered promiscuous mode
[ 1253.163660][ T5935] usb 5-1: USB disconnect, device number 4
[ 1253.193656][T24972] debugfs: 'hsr0' already exists in 'hsr'
[ 1253.207720][T24972] Cannot create hsr debugfs directory
[ 1253.276137][ T6288] udevd[6288]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1253.807665][T25836] loop3: detected capacity change from 0 to 1024
[ 1253.875647][T25836] EXT4-fs: Ignoring removed orlov option
[ 1253.881352][T25836] EXT4-fs: inline encryption not supported
[ 1253.903012][ T5851] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1253.927508][ T5851] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1253.941457][ T5851] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1253.950268][ T5851] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1253.959022][ T5851] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1254.021550][T25836] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1254.050106][ T9565] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1254.074885][ T9565] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1254.085163][ T9565] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1254.099961][ T9565] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1254.117713][ T9565] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1254.323425][ T5844] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1254.368024][T25850] wlan0 speed is unknown, defaulting to 1000
[ 1254.403133][T25932] loop2: detected capacity change from 0 to 256
[ 1254.498906][T25932] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011e5d, chksum : 0x63a11b78, utbl_chksum : 0xe619d30d)
[ 1254.754019][T24972] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1254.809571][T24972] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1254.869799][T24972] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1254.963292][T24972] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1255.335146][T25992] loop4: detected capacity change from 0 to 64
[ 1255.389302][ T5935] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[ 1255.416444][T24972] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1255.507540][T24972] 8021q: adding VLAN 0 to HW filter on device team0
[ 1255.562772][T30236] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1255.570046][T30236] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1255.578093][ T5935] usb 4-1: Using ep0 maxpacket: 16
[ 1255.604207][   T24] kworker/1:0 (24) used greatest stack depth: 14920 bytes left
[ 1255.614694][T25850] lo speed is unknown, defaulting to 1000
[ 1255.619157][ T5935] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[ 1255.651154][ T1139] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1255.658377][ T1139] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1255.666079][ T5935] usb 4-1: config 0 has no interface number 0
[ 1255.726795][ T5935] usb 4-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[ 1255.736177][ T5935] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1255.773042][ T5935] usb 4-1: Product: syz
[ 1255.795360][ T5935] usb 4-1: Manufacturer: syz
[ 1255.814989][ T5935] usb 4-1: SerialNumber: syz
[ 1255.848858][ T5935] usb 4-1: config 0 descriptor??
[ 1255.882928][ T5935] gspca_main: spca1528-2.14.0 probing 04fc:1528
[ 1256.060589][T24972] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1256.135605][ T9565] Bluetooth: hci4: command tx timeout
[ 1256.339626][   T30] audit: type=1326 audit(2000000159.968:930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26029 comm="syz.4.14563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9713b9c799 code=0x7ffc0000
[ 1256.440757][   T30] audit: type=1326 audit(2000000159.979:931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26029 comm="syz.4.14563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9713b9c799 code=0x7ffc0000
[ 1256.464300][ T5935] gspca_spca1528: reg_w err -71
[ 1256.487724][ T5935] spca1528 4-1:0.1: probe with driver spca1528 failed with error -71
[ 1256.535613][ T5935] usb 4-1: USB disconnect, device number 6
[ 1256.608365][   T30] audit: type=1326 audit(2000000159.979:932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26029 comm="syz.4.14563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9713b9c799 code=0x7ffc0000
[ 1256.691993][T26045] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14565'.
[ 1256.704927][   T30] audit: type=1326 audit(2000000159.979:933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26029 comm="syz.4.14563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9713b9c799 code=0x7ffc0000
[ 1256.766646][   T30] audit: type=1326 audit(2000000159.979:934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26029 comm="syz.4.14563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9713b9c799 code=0x7ffc0000
[ 1256.875358][   T30] audit: type=1326 audit(2000000160.000:935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26029 comm="syz.4.14563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7f9713b9c799 code=0x7ffc0000
[ 1256.980146][   T30] audit: type=1326 audit(2000000160.000:936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26029 comm="syz.4.14563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9713b9c799 code=0x7ffc0000
[ 1257.113495][   T30] audit: type=1326 audit(2000000160.000:937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26029 comm="syz.4.14563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9713b9c799 code=0x7ffc0000
[ 1257.183717][T26065] loop4: detected capacity change from 0 to 2048
[ 1257.190481][T26005] loop2: detected capacity change from 0 to 32768
[ 1257.323645][T24972] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1257.334496][T26065] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1257.549784][T26087] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap2
[ 1257.577124][ T5840] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1257.618717][T26087] batman_adv: batadv0: Adding interface: gretap2
[ 1257.635794][T26087] batman_adv: batadv0: The MTU of interface gretap2 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1257.681398][T26087] batman_adv: batadv0: Interface activated: gretap2
[ 1258.060455][T25850] chnl_net:caif_netlink_parms(): no params data found
[ 1258.116443][ T9565] Bluetooth: hci4: command tx timeout
[ 1258.307589][T26148] mkiss: ax0: crc mode is auto.
[ 1258.657815][T25850] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1258.665377][T25850] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1258.674339][T25850] bridge_slave_0: entered allmulticast mode
[ 1258.683218][T25850] bridge_slave_0: entered promiscuous mode
[ 1258.739012][T25850] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1258.761887][T25850] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1258.787538][T25850] bridge_slave_1: entered allmulticast mode
[ 1258.813926][T25850] bridge_slave_1: entered promiscuous mode
[ 1258.870057][T24972] veth0_vlan: entered promiscuous mode
[ 1258.958103][T25850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1258.987551][T25850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1259.041077][T24972] veth1_vlan: entered promiscuous mode
[ 1259.084916][ T5858] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[ 1259.119877][T25850] team0: Port device team_slave_0 added
[ 1259.153712][T25850] team0: Port device team_slave_1 added
[ 1259.247391][ T5858] usb 5-1: Using ep0 maxpacket: 16
[ 1259.278317][ T5858] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1259.307466][T25850] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1259.314438][ T5858] usb 5-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[ 1259.324355][ T5858] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1259.337502][ T5858] usb 5-1: config 0 descriptor??
[ 1259.344830][T25850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1259.418994][T25850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1259.435207][T25850] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1259.471625][T25850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1259.548197][T25850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1259.612221][T24972] veth0_macvtap: entered promiscuous mode
[ 1259.644657][T24972] veth1_macvtap: entered promiscuous mode
[ 1259.740730][ T5858] sony 0003:054C:024B.0012: unknown main item tag 0x0
[ 1259.745158][T24972] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1259.758808][ T5858] sony 0003:054C:024B.0012: unknown main item tag 0x0
[ 1259.771563][ T5858] sony 0003:054C:024B.0012: unknown main item tag 0x0
[ 1259.796040][ T5858] sony 0003:054C:024B.0012: unknown main item tag 0x0
[ 1259.817283][ T5858] sony 0003:054C:024B.0012: unknown main item tag 0x0
[ 1259.833353][ T5858] sony 0003:054C:024B.0012: unknown main item tag 0x0
[ 1259.844227][ T5858] sony 0003:054C:024B.0012: unknown main item tag 0x0
[ 1259.853367][T26316] loop2: detected capacity change from 0 to 512
[ 1259.870214][ T5858] sony 0003:054C:024B.0012: unknown main item tag 0x0
[ 1259.871881][T26316] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1259.879343][ T5858] sony 0003:054C:024B.0012: unknown main item tag 0x0
[ 1259.897522][T26316] ext4 filesystem being mounted at /2415/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1259.918851][T25850] hsr_slave_0: entered promiscuous mode
[ 1259.948555][T25850] hsr_slave_1: entered promiscuous mode
[ 1259.990714][ T5858] sony 0003:054C:024B.0012: unknown main item tag 0x0
[ 1260.010564][T25850] debugfs: 'hsr0' already exists in 'hsr'
[ 1260.042643][T25850] Cannot create hsr debugfs directory
[ 1260.062121][ T5858] sony 0003:054C:024B.0012: hiddev0,hidraw0: USB HID v0.08 Device [HID 054c:024b] on usb-dummy_hcd.4-1/input0
[ 1260.071865][T26333] loop3: detected capacity change from 0 to 4096
[ 1260.076602][ T5858] sony 0003:054C:024B.0012: failed to claim input
[ 1260.084851][T24972] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1260.095442][ T9565] Bluetooth: hci4: command tx timeout
[ 1260.123676][T26333] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[ 1260.155989][ T5839] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1260.207307][ T5858] usb 5-1: USB disconnect, device number 5
[ 1260.274814][T26333] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[ 1260.278749][T26338] fido_id[26338]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[ 1260.360028][   T30] audit: type=1800 audit(2000000164.188:938): pid=26333 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.14585" name="bus" dev="loop3" ino=33 res=0 errno=0
[ 1260.455782][  T135] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1260.472581][  T135] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1260.573744][  T135] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1260.594159][  T135] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1261.052891][T26437] loop3: detected capacity change from 0 to 256
[ 1261.118014][T26452] loop2: detected capacity change from 0 to 128
[ 1261.148066][T26437] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[ 1261.202604][  T156] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1261.245917][  T156] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1261.269786][   T30] audit: type=1800 audit(2000000165.144:939): pid=26452 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.14595" name="file1" dev="loop2" ino=1048874 res=0 errno=0
[ 1261.423465][T26472] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1261.423465][T26472]    program syz.0.14597 not setting count and/or reply_len properly
[ 1261.496289][T26477] loop3: detected capacity change from 0 to 256
[ 1261.527824][T26477] exfat: Deprecated parameter 'utf8'
[ 1261.592309][T26477] exfat: Deprecated parameter 'utf8'
[ 1261.603623][T26477] exfat: Deprecated parameter 'namecase'
[ 1261.604090][T25850] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1261.627959][T26477] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[ 1261.640666][ T5858] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[ 1261.669483][  T135] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1261.680665][T25850] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1261.685896][  T135] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1261.730240][T25850] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1261.782287][T25850] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1261.818715][ T5858] usb 5-1: Using ep0 maxpacket: 32
[ 1261.832221][ T5858] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[ 1261.851615][ T5858] usb 5-1: config 0 has no interface number 0
[ 1261.873213][ T5858] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1261.894084][ T5858] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1261.934950][ T5858] usb 5-1: Product: syz
[ 1261.942373][ T5858] usb 5-1: Manufacturer: syz
[ 1261.949737][ T5858] usb 5-1: SerialNumber: syz
[ 1262.013876][ T5858] usb 5-1: config 0 descriptor??
[ 1262.048062][ T5858] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1262.076895][ T9565] Bluetooth: hci4: command tx timeout
[ 1262.254583][ T5858] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1262.289854][T25850] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1262.319981][T26525] bpf: Bad value for 'gid'
[ 1262.324282][ T5858] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1262.417832][T25850] 8021q: adding VLAN 0 to HW filter on device team0
[ 1262.500215][  T135] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1262.507444][  T135] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1262.570589][  T156] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1262.577945][  T156] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1262.717798][    C0] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1262.721585][T25850] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1262.737258][ T5858] usb 5-1: USB disconnect, device number 6
[ 1262.781421][  T833] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[ 1262.782669][T26547] loop7: detected capacity change from 0 to 4096
[ 1262.789484][ T5858] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1262.853790][ T5858] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1262.909575][T26562] IPVS: sync thread started: state = BACKUP, mcast_ifn = batadv0, syncid = 0, id = 0
[ 1262.921322][ T5858] quatech2 5-1:0.51: device disconnected
[ 1262.961944][  T833] usb 3-1: Using ep0 maxpacket: 16
[ 1262.968494][T26568] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1263.005045][  T833] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1263.037653][  T833] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1263.074613][  T833] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1263.094304][  T833] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1263.127032][  T833] usb 3-1: config 0 descriptor??
[ 1263.178856][T26580] netlink: 5204 bytes leftover after parsing attributes in process `syz.3.14616'.
[ 1263.498211][T26598] netlink: 12 bytes leftover after parsing attributes in process `syz.4.14619'.
[ 1263.591286][  T833] microsoft 0003:045E:07DA.0013: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[ 1263.596415][T25850] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1263.639964][  T833] microsoft 0003:045E:07DA.0013: no inputs found
[ 1263.667807][  T833] microsoft 0003:045E:07DA.0013: could not initialize ff, continuing anyway
[ 1263.755216][T26607] netlink: 24 bytes leftover after parsing attributes in process `syz.0.14622'.
[ 1263.762701][T12660] usb 3-1: USB disconnect, device number 9
[ 1263.788091][T26607] smc: ib device syz2 ibport 1 applied user defined pnetid S
[ 1263.799850][T26613] loop3: detected capacity change from 0 to 512
[ 1263.839431][T26613] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[ 1263.878215][T26604] fido_id[26604]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[ 1263.921312][T26613] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.14623: bg 0: block 104: invalid block bitmap
[ 1264.003581][T26613] loop3: lost filesystem error report for type 5 error -117
[ 1264.004125][T26613] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6685: Corrupt filesystem
[ 1264.011544][    C0] EXT4-fs (loop3): error count since last fsck: 1
[ 1264.011570][    C0] EXT4-fs (loop3): initial error at time 2000000168: ext4_validate_block_bitmap:432
[ 1264.011608][    C0] EXT4-fs (loop3): last error at time 2000000168: ext4_validate_block_bitmap:432
[ 1264.110169][T26613] loop3: lost filesystem error report for type 5 error -117
[ 1264.115252][T26613] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.14623: invalid indirect mapped block 1 (level 1)
[ 1264.183850][T26613] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[ 1264.190806][T26613] EXT4-fs (loop3): 1 truncate cleaned up
[ 1264.250817][T26613] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1264.507308][ T5844] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1264.584963][T25850] veth0_vlan: entered promiscuous mode
[ 1264.668960][T25850] veth1_vlan: entered promiscuous mode
[ 1264.725111][T26665] netlink: 8 bytes leftover after parsing attributes in process `syz.3.14631'.
[ 1264.799140][T25850] veth0_macvtap: entered promiscuous mode
[ 1264.879928][T25850] veth1_macvtap: entered promiscuous mode
[ 1264.942797][T25850] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1264.979928][T26603] loop7: detected capacity change from 0 to 32768
[ 1265.008350][T25850] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1265.036216][T26603] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.14621 (26603)
[ 1265.091482][T26603] BTRFS info (device loop7): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1265.116671][T26603] BTRFS info (device loop7): using sha256 checksum algorithm
[ 1265.172734][T24262] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1265.201798][T24262] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1265.253858][T24262] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1265.277685][ T5935] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[ 1265.296313][T24262] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1265.317217][T26603] BTRFS info (device loop7): enabling ssd optimizations
[ 1265.324245][T26603] BTRFS info (device loop7): turning on async discard
[ 1265.361643][T26603] BTRFS info (device loop7): enabling free space tree
[ 1265.446516][T26603] BTRFS info (device loop7): enabling auto defrag
[ 1265.479659][ T5935] usb 4-1: config 0 has too many interfaces: 129, using maximum allowed: 32
[ 1265.508699][T26603] BTRFS info (device loop7): max_inline set to 4096
[ 1265.510204][ T5935] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 129
[ 1265.587982][ T5935] usb 4-1: New USB device found, idVendor=0856, idProduct=ac31, bcdDevice=93.1e
[ 1265.636235][ T5935] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1265.664907][ T5935] usb 4-1: Product: syz
[ 1265.682673][ T5935] usb 4-1: Manufacturer: syz
[ 1265.713918][ T5935] usb 4-1: SerialNumber: syz
[ 1265.765611][ T5935] usb 4-1: config 0 descriptor??
[ 1265.853511][T24262] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1265.909921][T24262] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1265.986624][T24972] BTRFS info (device loop7): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1266.155899][  T135] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1266.180534][ T5935] mos7840 4-1:0.0: required endpoints missing
[ 1266.194753][  T135] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1266.248212][ T5935] usb 4-1: USB disconnect, device number 7
[ 1266.715765][ T6348] IPVS: starting estimator thread 0...
[ 1266.848912][T26761] IPVS: using max 24 ests per chain, 57600 per kthread
[ 1266.968512][T26773] netlink: 24 bytes leftover after parsing attributes in process `syz.0.14651'.
[ 1267.278573][T26782] loop8: detected capacity change from 0 to 256
[ 1267.320226][T26782] exfat: Deprecated parameter 'namecase'
[ 1267.429335][T26782] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x36bd6320, utbl_chksum : 0xe619d30d)
[ 1267.583163][   T30] audit: type=1400 audit(2000000171.778:940): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6DAB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36FD3578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C6851551514C1413C54571515294144E3891201244195146941565453971AB282F6E13154445D1C649515954116D5D5571A7A826AA89EAA286A8296A895AA2B6A82DEA883AA2AEA82BEA897AA2BE78403410BDB13F3E24B22AD3580CC12662283615CD84BCF80ED64A0CC7D6A28D682B9E10237104B617AD5CA2785A741063B0A3F88B188BCF8ACE623C7611CF8BAEA29BE82E5E103D446BD753F41293B1B7E82
[ 1267.602866][T26805] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl812)
[ 1267.659727][T26803] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[ 1268.002268][T26824] loop2: detected capacity change from 0 to 256
[ 1268.246996][T26837] netlink: 12 bytes leftover after parsing attributes in process `syz.4.14670'.
[ 1268.721785][T26867] loop2: detected capacity change from 0 to 512
[ 1268.785168][T26865] team_slave_0: entered promiscuous mode
[ 1268.790933][T26865] 
: entered promiscuous mode
[ 1268.799315][T26867] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1268.840939][T26859] loop8: detected capacity change from 0 to 4096
[ 1268.852537][T26865] team0: Device macsec2 is already an upper device of the team interface
[ 1268.862895][T26867] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[ 1268.875021][T26867] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.14680: Corrupt directory, running e2fsck is recommended
[ 1268.908201][T26859] ntfs3(loop8): Different NTFS sector size (4096) and media sector size (512).
[ 1268.926027][T26865] team_slave_0: left promiscuous mode
[ 1268.931667][T26865] 
: left promiscuous mode
[ 1268.935434][T26867] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117
[ 1268.984639][T26867] EXT4-fs error (device loop2): ext4_iget_extra_inode:5025: inode #15: comm syz.2.14680: corrupted in-inode xattr: e_name out of bounds
[ 1269.062377][T26859] ntfs3(loop8): ino=1a, mi_enum_attr
[ 1269.080389][T26859] ntfs3(loop8): Mark volume as dirty due to NTFS errors
[ 1269.095047][T26867] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1269.096583][    C0] EXT4-fs (loop2): error count since last fsck: 1
[ 1269.112367][    C0] EXT4-fs (loop2): initial error at time 2000000173: ext4_iget_extra_inode:5025: inode 15
[ 1269.122564][    C0] EXT4-fs (loop2): last error at time 2000000173: ext4_iget_extra_inode:5025: inode 15
[ 1269.145367][T26859] ntfs3(loop8): ino=1a, mi_enum_attr
[ 1269.151379][T26867] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.14680: couldn't read orphan inode 15 (err -117)
[ 1269.182825][T26867] loop2: lost filesystem error report for type 5 error -117
[ 1269.186313][T26859] ntfs3(loop8): Failed to initialize $Extend/$Reparse.
[ 1269.214860][T26867] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1269.334879][T26867] EXT4-fs error (device loop2): ext4_xattr_set_entry:1670: inode #2: comm syz.2.14680: corrupted xattr entries
[ 1269.363177][  T833] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[ 1269.408269][T26904] loop4: detected capacity change from 0 to 512
[ 1269.491934][T26904] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[ 1269.528848][ T5839] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1269.548277][T26910] loop7: detected capacity change from 0 to 256
[ 1269.577144][  T833] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1269.607644][T26910] exfat: Deprecated parameter 'utf8'
[ 1269.620244][  T833] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1269.621374][T26904] UDF-fs: error (device loop4): udf_verify_fi: directory (ino 21) has entry past directory size at pos 128
[ 1269.663023][T26859] ntfs3: Cannot use different iocharset when remounting!
[ 1269.673177][  T833] usb 4-1: New USB device found, idVendor=05ab, idProduct=0060, bcdDevice=11.06
[ 1269.678030][T26910] exfat: Deprecated parameter 'utf8'
[ 1269.722603][  T833] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1269.730096][T26910] exfat: Deprecated parameter 'utf8'
[ 1269.775023][  T833] usb 4-1: config 0 descriptor??
[ 1269.784913][T26910] exFAT-fs (loop7): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d)
[ 1269.982849][T26891] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1270.059705][T26891] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1270.119017][  T833] usb 4-1: string descriptor 0 read error: -71
[ 1270.176933][  T833] usb 4-1: USB disconnect, device number 8
[ 1270.193676][T26942] loop2: detected capacity change from 0 to 256
[ 1270.250188][T26942] exfat: Deprecated parameter 'utf8'
[ 1270.287385][T26942] exfat: Deprecated parameter 'namecase'
[ 1270.293145][T26942] exfat: Deprecated parameter 'namecase'
[ 1270.378394][T26942] exFAT-fs (loop2): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d)
[ 1270.503600][T26931] loop4: detected capacity change from 0 to 8192
[ 1271.243897][T26983] netlink: 'syz.4.14703': attribute type 2 has an invalid length.
[ 1271.689951][T26941] loop8: detected capacity change from 0 to 40427
[ 1271.733800][T26941] F2FS-fs (loop8): invalid crc value
[ 1271.997554][T27007] loop2: detected capacity change from 0 to 4096
[ 1272.026813][T26941] F2FS-fs (loop8): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[ 1272.058816][T27007] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512).
[ 1272.072366][T26941] F2FS-fs (loop8): Start checkpoint disabled!
[ 1272.126237][T26941] F2FS-fs (loop8): f2fs_disable_checkpoint() finish, err:0
[ 1272.175971][T26941] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[ 1272.239407][T27007] ntfs3(loop2): Failed to initialize $Extend/$ObjId.
[ 1272.342539][T27035] loop7: detected capacity change from 0 to 64
[ 1272.351494][   T30] audit: type=1800 audit(2000000176.786:941): pid=26941 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.14692" name="bus" dev="loop8" ino=10 res=0 errno=0
[ 1272.438097][T27007] ntfs3(loop2): ino=1e, "file1" The size of extended attributes must not exceed 64KiB
[ 1272.461613][T27040] ptrace attach of "./syz-executor exec"[5844] was attempted by "��u+�O'U�l$WB�iv�Q��Ȱ&*\x07� -�:Ma{Mr�ϰ��Z��T!k�W�_~��{&�T�vf�<��{t�����V\x0d7�1��%�^~����y���\x5c>�qX\x09a��E�x��~$�R��~��sۄ9!�+��làv�s\x22~U�x�a�*�f��Py�w.����6��i���B֡O���� ���^�$ ��w��*�����? �;�-�b�?3�A���S�ѭ�Kk��r\x0a���ؙ:�y>s�y\x1b�SD8\x1b�u�\x0a��2��.�bf�h���������ݹ�5�cM�+�w�k���|�(Hn�'cC��j<,ᨊ�r.u�(ln�vN���F�Q+&i���Ёk���&ȍ��Ĥ>貥�f�bRs�󷖾\x0c~1����%^�?�\x1b�Y��\x1b�g���-3˩VO|\x0a᳷���[.��'3����D��A���zrcO� ��,����;��j��!p�o��Ue{����s%@�O�tnZ�b��B�&+4�?p��RN����!YˑNj��g�iq���[�6��h���vN|��ՠxi��Po54(%*� ������ħl�LU����D�䧥7`z�8�h�“�����=����-e��i����}�\x5c\x09��v:-ם�\x09��9.��V����E�&�����\x09   b&hΚ�A��`�R��&��֕�A��O �ݛ/\x1bL�\x07��&��D�u�oO���^C�'S1 @������#^^�V1���56r詴tU�\x0c����0鴲���>��Ū���M����V�j�\x07�=��}]M��XUt��Y[%>p�����*��j�s;��x�9K��4�m{y��Wp5p\x0cV�\x0c�\x0a(Uη�X��8'C}�ħ��J=�����6Ww�&�u�]��8?���+���3
[ 1272.569598][  T135] kworker/u8:5: attempt to access beyond end of device
[ 1272.569598][  T135] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1272.984321][  T135] CPU: 0 UID: 0 PID: 135 Comm: kworker/u8:5 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1272.984362][  T135] Tainted: [L]=SOFTLOCKUP
[ 1272.984373][  T135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[ 1272.984390][  T135] Workqueue: writeback wb_workfn (flush-7:8)
[ 1272.984430][  T135] Call Trace:
[ 1272.984441][  T135]  <TASK>
[ 1272.984453][  T135]  dump_stack_lvl+0xe8/0x150
[ 1272.984495][  T135]  f2fs_handle_critical_error+0x37c/0x540
[ 1272.984537][  T135]  f2fs_write_end_io+0xcdb/0xff0
[ 1272.984600][  T135]  __submit_merged_bio+0x256/0x700
[ 1272.984643][  T135]  __submit_merged_write_cond+0x3c9/0x4e0
[ 1272.984688][  T135]  ? __pfx___submit_merged_write_cond+0x10/0x10
[ 1272.984744][  T135]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1272.984789][  T135]  f2fs_write_data_pages+0x2975/0x35e0
[ 1272.984880][  T135]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1272.984935][  T135]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[ 1272.985025][  T135]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[ 1272.985099][  T135]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1272.985131][  T135]  ? __lock_acquire+0x6b5/0x2cf0
[ 1272.985192][  T135]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1272.985230][  T135]  do_writepages+0x32e/0x550
[ 1272.985281][  T135]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1272.985312][  T135]  ? reacquire_held_locks+0x104/0x190
[ 1272.985352][  T135]  ? writeback_sb_inodes+0x477/0x1a20
[ 1272.985399][  T135]  __writeback_single_inode+0x133/0x11a0
[ 1272.985439][  T135]  ? do_raw_spin_unlock+0xf5/0x210
[ 1272.985474][  T135]  writeback_sb_inodes+0x992/0x1a20
[ 1272.985541][  T135]  ? __lock_acquire+0x6b5/0x2cf0
[ 1272.985586][  T135]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1272.985620][  T135]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1272.985709][  T135]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1272.985740][  T135]  ? rcu_is_watching+0x15/0xb0
[ 1272.985777][  T135]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1272.985821][  T135]  wb_writeback+0x456/0xb70
[ 1272.985863][  T135]  ? queue_io+0x1d1/0x4a0
[ 1272.985910][  T135]  ? __pfx_wb_writeback+0x10/0x10
[ 1272.985942][  T135]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1272.985993][  T135]  wb_workfn+0x414/0xf50
[ 1272.986026][  T135]  ? look_up_lock_class+0x57/0x110
[ 1272.986099][  T135]  ? __pfx_wb_workfn+0x10/0x10
[ 1272.986134][  T135]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1272.986165][  T135]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1272.986198][  T135]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1272.986227][  T135]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1272.986268][  T135]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1272.986304][  T135]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1272.986337][  T135]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1272.986373][  T135]  ? process_scheduled_works+0xa25/0x1830
[ 1272.986409][  T135]  ? process_scheduled_works+0xa25/0x1830
[ 1272.986447][  T135]  process_scheduled_works+0xb02/0x1830
[ 1272.986526][  T135]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1272.986572][  T135]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1272.986602][  T135]  ? assign_work+0x3d5/0x5e0
[ 1272.986646][  T135]  worker_thread+0xa50/0xfc0
[ 1272.986710][  T135]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1272.986755][  T135]  kthread+0x388/0x470
[ 1272.986784][  T135]  ? __pfx_worker_thread+0x10/0x10
[ 1272.986818][  T135]  ? __pfx_kthread+0x10/0x10
[ 1272.986847][  T135]  ret_from_fork+0x51e/0xb90
[ 1272.986889][  T135]  ? __pfx_ret_from_fork+0x10/0x10
[ 1272.986922][  T135]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1272.986952][  T135]  ? __switch_to+0xc7d/0x1450
[ 1272.986989][  T135]  ? __pfx_kthread+0x10/0x10
[ 1272.987019][  T135]  ret_from_fork_asm+0x1a/0x30
[ 1272.987092][  T135]  </TASK>
[ 1273.359140][T27066] loop3: detected capacity change from 0 to 256
[ 1273.361979][  T135] F2FS-fs (loop8): Stopped filesystem due to reason: 3
[ 1273.367093][T27066] exfat: Deprecated parameter 'utf8'
[ 1273.507251][T27066] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 1273.910450][T27092] IPv6: addrconf: prefix option has invalid lifetime
[ 1273.953388][T27092] IPv6: addrconf: prefix option has invalid lifetime
[ 1273.958735][T27094] loop3: detected capacity change from 0 to 256
[ 1274.030205][T27094] exfat: Deprecated parameter 'namecase'
[ 1274.115401][T27094] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x544194fd, utbl_chksum : 0xe619d30d)
[ 1275.291786][T27153] tracefs: Bad value for 'uid'
[ 1275.296653][T27153] tracefs: Bad value for 'uid'
[ 1275.853790][T27168] loop3: detected capacity change from 0 to 4096
[ 1276.152067][T27134] loop8: detected capacity change from 0 to 32768
[ 1276.215877][T27185] netlink: 8 bytes leftover after parsing attributes in process `syz.7.14756'.
[ 1276.242710][T27134] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.14720 (27134)
[ 1276.364274][T27134] BTRFS info (device loop8): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1276.431253][T27134] BTRFS info (device loop8): using crc32c checksum algorithm
[ 1276.549006][T27202] netlink: 1 bytes leftover after parsing attributes in process `syz.0.14760'.
[ 1276.687525][T27134] BTRFS info (device loop8): allowing degraded mounts
[ 1276.752082][T27134] BTRFS info (device loop8): enabling ssd optimizations
[ 1276.782870][T27134] BTRFS info (device loop8): turning on async discard
[ 1276.828501][T27134] BTRFS info (device loop8): enabling free space tree
[ 1276.857823][T27134] BTRFS info (device loop8): enabling auto defrag
[ 1277.129771][T25850] BTRFS info (device loop8): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1277.255246][T27252] loop4: detected capacity change from 0 to 1024
[ 1277.352114][T27252] hfsplus: b-tree write err: -5, ino 2
[ 1277.544200][T30236] hfsplus: b-tree write err: -5, ino 25
[ 1277.579999][T30236] hfsplus: b-tree write err: -5, ino 4
[ 1277.628966][T30236] hfsplus: b-tree write err: -5, ino 2
[ 1277.645936][T30236] hfsplus: b-tree write err: -5, ino 26
[ 1278.064988][T27293] rdma_op ffff88803371f9f0 conn xmit_rdma 0000000000000000
[ 1278.428776][T27308] veth0_to_team: entered promiscuous mode
[ 1278.469457][T27312] loop4: detected capacity change from 0 to 512
[ 1278.486061][T27311] loop3: detected capacity change from 0 to 2048
[ 1278.536613][T27311] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1278.551431][T27312] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[ 1278.640723][T27312] EXT4-fs (loop4): orphan cleanup on readonly fs
[ 1278.691461][T27312] EXT4-fs error (device loop4): ext4_orphan_get:1417: comm syz.4.14791: bad orphan inode 15
[ 1278.788247][T27312] loop4: lost filesystem error report for type 5 error -117
[ 1278.788770][T27312] ext4_test_bit(bit=14, block=18) = 1
[ 1278.796211][    C1] EXT4-fs (loop4): error count since last fsck: 1
[ 1278.796241][    C1] EXT4-fs (loop4): initial error at time 2000000183: ext4_orphan_get:1417
[ 1278.796273][    C1] EXT4-fs (loop4): last error at time 2000000183: ext4_orphan_get:1417
[ 1278.882975][T27312] is_bad_inode(inode)=0
[ 1278.887225][T27312] NEXT_ORPHAN(inode)=1023
[ 1278.892871][T27312] max_ino=32
[ 1278.896075][T27312] i_nlink=0
[ 1278.903779][T27312] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.14791: bg 0: block 161: padding at end of block bitmap is not set
[ 1278.927145][T27330] bridge_slave_1: entered promiscuous mode
[ 1278.933611][T27312] loop4: lost filesystem error report for type 5 error -117
[ 1278.943208][T27312] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6685: Corrupt filesystem
[ 1278.975064][T27312] loop4: lost filesystem error report for type 5 error -117
[ 1278.984909][T27312] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[ 1279.128866][T27343] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1279.146594][T27343] cramfs: block size(16384) > page size(4096) not supported by filesystem
[ 1279.188713][T27343] cramfs: wrong magic
[ 1279.193683][ T5858] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[ 1279.237781][ T5840] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1279.388951][ T5858] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1279.400013][ T5858] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1279.418089][ T5858] usb 4-1: config 0 descriptor??
[ 1279.581922][T27370] Bluetooth: MGMT ver 1.23
[ 1279.714276][T27381] option changes via remount are deprecated (pid=27379 comm=syz.8.14808)
[ 1279.819884][ T5858] ath6kl: Unsupported hardware version: 0x0
[ 1279.852810][ T5858] ath6kl: Failed to init ath6kl core: -22
[ 1279.891408][ T5858] ath6kl_usb 4-1:0.0: probe with driver ath6kl_usb failed with error -22
[ 1279.899963][ T5947] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[ 1280.039204][ T5858] usb 4-1: USB disconnect, device number 9
[ 1280.093387][ T5947] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[ 1280.122346][ T5947] usb 3-1: config 0 has no interface number 0
[ 1280.122416][ T5947] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1280.122457][ T5947] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1280.122485][ T5947] usb 3-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1280.136834][ T5947] usb 3-1: New USB device found, idVendor=04f2, idProduct=1421, bcdDevice= 0.00
[ 1280.136876][ T5947] usb 3-1: New USB device strings: Mfr=0, Product=64, SerialNumber=0
[ 1280.136903][ T5947] usb 3-1: Product: syz
[ 1280.144720][ T5947] usb 3-1: config 0 descriptor??
[ 1280.550304][ T5947] chicony 0003:04F2:1421.0014: collection stack underflow
[ 1280.578350][ T5947] chicony 0003:04F2:1421.0014: item 0 1 0 12 parsing failed
[ 1280.604419][ T5947] chicony 0003:04F2:1421.0014: Chicony hid parse failed: -22
[ 1280.636528][ T5947] chicony 0003:04F2:1421.0014: probe with driver chicony failed with error -22
[ 1280.748537][ T6348] usb 3-1: USB disconnect, device number 10
[ 1280.833226][   T30] audit: type=1326 audit(2000000185.688:942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27456 comm="syz.8.14826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdddbb9c799 code=0x7ffc0000
[ 1280.931209][   T30] audit: type=1326 audit(2000000185.741:943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27456 comm="syz.8.14826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fdddbb9c799 code=0x7ffc0000
[ 1281.032187][   T30] audit: type=1326 audit(2000000185.741:944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27456 comm="syz.8.14826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdddbb9c799 code=0x7ffc0000
[ 1281.099827][   T30] audit: type=1326 audit(2000000185.741:945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27456 comm="syz.8.14826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdddbb9c799 code=0x7ffc0000
[ 1281.189724][   T30] audit: type=1326 audit(2000000185.741:946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27456 comm="syz.8.14826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7fdddbb9c799 code=0x7ffc0000
[ 1281.251610][   T30] audit: type=1326 audit(2000000185.741:947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27456 comm="syz.8.14826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdddbb9c799 code=0x7ffc0000
[ 1281.304076][T27475] loop4: detected capacity change from 0 to 1024
[ 1281.324340][T27475] EXT4-fs: inline encryption not supported
[ 1281.340810][   T30] audit: type=1326 audit(2000000185.741:948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27456 comm="syz.8.14826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdddbb9c799 code=0x7ffc0000
[ 1281.429629][T27472] loop7: detected capacity change from 0 to 4096
[ 1281.501523][T27475] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1281.527665][T27472] ntfs3(loop7): Different NTFS sector size (1024) and media sector size (512).
[ 1281.659634][T27472] ntfs3(loop7): ino=1a, mi_enum_attr
[ 1281.691177][T27472] ntfs3(loop7): Mark volume as dirty due to NTFS errors
[ 1281.770288][ T5840] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1281.795766][   T30] audit: type=1800 audit(2000000186.675:949): pid=27472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.14831" name="file1" dev="loop7" ino=30 res=0 errno=0
[ 1281.900196][T27472] ntfs3(loop7): ino=1e, "file1" ntfs3_write_inode failed, -22.
[ 1282.056136][T30243] ntfs3(loop7): ino=1e, ntfs3_write_inode failed, -22.
[ 1282.513551][T27531] loop8: detected capacity change from 0 to 256
[ 1282.578772][T27531] exfat: Deprecated parameter 'utf8'
[ 1282.647333][T27531] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[ 1283.021937][T27558] loop4: detected capacity change from 0 to 2048
[ 1283.223921][T27558] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1283.242095][T27577] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[ 1283.248675][T27577] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1283.298841][T27577] vhci_hcd vhci_hcd.0: Device attached
[ 1283.537542][ T5947] usb 39-1: new low-speed USB device number 3 using vhci_hcd
[ 1283.545544][ T6348] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[ 1283.571199][T27575] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[ 1283.607606][ T1139] 
[ 1283.609992][ T1139] ======================================================
[ 1283.611127][T27603] netlink: 104 bytes leftover after parsing attributes in process `syz.8.14864'.
[ 1283.617005][ T1139] WARNING: possible circular locking dependency detected
[ 1283.617028][ T1139] syzkaller #0 Tainted: G             L     
[ 1283.617043][ T1139] ------------------------------------------------------
[ 1283.617055][ T1139] kworker/u8:8/1139 is trying to acquire lock:
[ 1283.617069][ T1139] ffff8880236bea50 (&ei->xattr_sem){++++}-{4:4}, at: ext4_destroy_inline_data+0x28/0xe0
[ 1283.617149][ T1139] 
[ 1283.617149][ T1139] but task is already holding lock:
[ 1283.617159][ T1139] ffff888032ce8b98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x205/0x3b0
[ 1283.617231][ T1139] 
[ 1283.617231][ T1139] which lock already depends on the new lock.
[ 1283.617231][ T1139] 
[ 1283.617241][ T1139] 
[ 1283.617241][ T1139] the existing dependency chain (in reverse order) is:
[ 1283.617251][ T1139] 
[ 1283.617251][ T1139] -> #1 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[ 1283.617293][ T1139]        percpu_down_read_internal+0x48/0x1c0
[ 1283.617328][ T1139]        ext4_writepages+0x205/0x3b0
[ 1283.617362][ T1139]        do_writepages+0x32e/0x550
[ 1283.724058][ T1139]        __writeback_single_inode+0x133/0x11a0
[ 1283.730249][ T1139]        writeback_single_inode+0x4ac/0xdc0
[ 1283.736156][ T1139]        write_inode_now+0x1c2/0x290
[ 1283.741444][ T1139]        iput+0x8c1/0xe80
[ 1283.745780][ T1139]        ext4_xattr_block_set+0x1fd4/0x2ad0
[ 1283.751672][ T1139]        ext4_expand_extra_isize_ea+0x12cf/0x1ea0
[ 1283.758099][ T1139]        __ext4_expand_extra_isize+0x30d/0x400
[ 1283.764255][ T1139]        __ext4_mark_inode_dirty+0x45c/0x730
[ 1283.770244][ T1139]        ext4_evict_inode+0x7a1/0xeb0
[ 1283.775807][ T1139]        evict+0x61e/0xb10
[ 1283.780315][ T1139]        ext4_orphan_cleanup+0xc38/0x1470
[ 1283.786044][ T1139]        ext4_fill_super+0x59ff/0x6320
[ 1283.791514][ T1139]        get_tree_bdev_flags+0x431/0x4f0
[ 1283.797146][ T1139]        vfs_get_tree+0x92/0x2a0
[ 1283.802077][ T1139]        do_new_mount+0x341/0xd30
[ 1283.807106][ T1139]        __se_sys_mount+0x31d/0x420
[ 1283.812320][ T1139]        do_syscall_64+0x14d/0xf80
[ 1283.817442][ T1139]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1283.823865][ T1139] 
[ 1283.823865][ T1139] -> #0 (&ei->xattr_sem){++++}-{4:4}:
[ 1283.831451][ T1139]        __lock_acquire+0x15a5/0x2cf0
[ 1283.836861][ T1139]        lock_acquire+0xf0/0x2e0
[ 1283.841811][ T1139]        down_write+0x96/0x200
[ 1283.846582][ T1139]        ext4_destroy_inline_data+0x28/0xe0
[ 1283.852554][ T1139]        ext4_do_writepages+0x51e/0x46e0
[ 1283.858212][ T1139]        ext4_writepages+0x241/0x3b0
[ 1283.863518][ T1139]        do_writepages+0x32e/0x550
[ 1283.868691][ T1139]        __writeback_single_inode+0x133/0x11a0
[ 1283.874898][ T1139]        writeback_sb_inodes+0x992/0x1a20
[ 1283.880639][ T1139]        wb_writeback+0x456/0xb70
[ 1283.885686][ T1139]        wb_workfn+0x414/0xf50
[ 1283.890462][ T1139]        process_scheduled_works+0xb02/0x1830
[ 1283.896552][ T1139]        worker_thread+0xa50/0xfc0
[ 1283.901675][ T1139]        kthread+0x388/0x470
[ 1283.906359][ T1139]        ret_from_fork+0x51e/0xb90
[ 1283.911475][ T1139]        ret_from_fork_asm+0x1a/0x30
[ 1283.916776][ T1139] 
[ 1283.916776][ T1139] other info that might help us debug this:
[ 1283.916776][ T1139] 
[ 1283.926998][ T1139]  Possible unsafe locking scenario:
[ 1283.926998][ T1139] 
[ 1283.934445][ T1139]        CPU0                    CPU1
[ 1283.939804][ T1139]        ----                    ----
[ 1283.945165][ T1139]   rlock(&sbi->s_writepages_rwsem);
[ 1283.950456][ T1139]                                lock(&ei->xattr_sem);
[ 1283.957315][ T1139]                                lock(&sbi->s_writepages_rwsem);
[ 1283.965071][ T1139]   lock(&ei->xattr_sem);
[ 1283.969402][ T1139] 
[ 1283.969402][ T1139]  *** DEADLOCK ***
[ 1283.969402][ T1139] 
[ 1283.977537][ T1139] 3 locks held by kworker/u8:8/1139:
[ 1283.982978][ T1139]  #0: ffff88801faf0948 ((wq_completion)writeback){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[ 1283.994419][ T1139]  #1: ffffc900053bfc40 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[ 1284.006910][ T1139]  #2: ffff888032ce8b98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x205/0x3b0
[ 1284.017435][ T1139] 
[ 1284.017435][ T1139] stack backtrace:
[ 1284.023330][ T1139] CPU: 0 UID: 0 PID: 1139 Comm: kworker/u8:8 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1284.023362][ T1139] Tainted: [L]=SOFTLOCKUP
[ 1284.023371][ T1139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[ 1284.023388][ T1139] Workqueue: writeback wb_workfn (flush-7:4)
[ 1284.023424][ T1139] Call Trace:
[ 1284.023435][ T1139]  <TASK>
[ 1284.023446][ T1139]  dump_stack_lvl+0xe8/0x150
[ 1284.023480][ T1139]  print_circular_bug+0x2e1/0x300
[ 1284.023519][ T1139]  check_noncircular+0x12e/0x150
[ 1284.023558][ T1139]  __lock_acquire+0x15a5/0x2cf0
[ 1284.023590][ T1139]  ? stack_depot_save_flags+0x33/0x810
[ 1284.023625][ T1139]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1284.023652][ T1139]  ? kasan_save_track+0x4f/0x80
[ 1284.023676][ T1139]  ? kasan_save_track+0x3e/0x80
[ 1284.023699][ T1139]  ? kasan_save_free_info+0x46/0x50
[ 1284.023732][ T1139]  ? __kasan_slab_free+0x5c/0x80
[ 1284.023757][ T1139]  ? kfree+0x1c1/0x630
[ 1284.023776][ T1139]  ? ieee80211_inform_bss+0xc75/0x1160
[ 1284.023803][ T1139]  ? cfg80211_inform_single_bss_data+0xd08/0x1b70
[ 1284.023829][ T1139]  ? cfg80211_inform_bss_data+0x266/0x3c40
[ 1284.023853][ T1139]  ? cfg80211_inform_bss_frame_data+0x3c7/0x760
[ 1284.023883][ T1139]  ? ieee80211_bss_info_update+0x794/0xa40
[ 1284.023908][ T1139]  ? ieee80211_ibss_rx_queued_mgmt+0x1901/0x2cd0
[ 1284.023938][ T1139]  lock_acquire+0xf0/0x2e0
[ 1284.023966][ T1139]  ? ext4_destroy_inline_data+0x28/0xe0
[ 1284.024004][ T1139]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1284.024036][ T1139]  down_write+0x96/0x200
[ 1284.024060][ T1139]  ? ext4_destroy_inline_data+0x28/0xe0
[ 1284.024095][ T1139]  ? __pfx_down_write+0x10/0x10
[ 1284.024121][ T1139]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1284.024152][ T1139]  ext4_destroy_inline_data+0x28/0xe0
[ 1284.024189][ T1139]  ext4_do_writepages+0x51e/0x46e0
[ 1284.024219][ T1139]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1284.024245][ T1139]  ? __lock_acquire+0x6b5/0x2cf0
[ 1284.024282][ T1139]  ? unwind_next_frame+0xa5/0x23c0
[ 1284.024317][ T1139]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1284.024346][ T1139]  ? unwind_next_frame+0xa5/0x23c0
[ 1284.024383][ T1139]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1284.024410][ T1139]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1284.024437][ T1139]  ? look_up_lock_class+0x57/0x110
[ 1284.024473][ T1139]  ? __pfx_ext4_do_writepages+0x10/0x10
[ 1284.024499][ T1139]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1284.024526][ T1139]  ? __lock_acquire+0x6b5/0x2cf0
[ 1284.024565][ T1139]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1284.024591][ T1139]  ? __lock_acquire+0x6b5/0x2cf0
[ 1284.024622][ T1139]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1284.024653][ T1139]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1284.024681][ T1139]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1284.024711][ T1139]  ext4_writepages+0x241/0x3b0
[ 1284.024744][ T1139]  ? __pfx_ext4_writepages+0x10/0x10
[ 1284.024782][ T1139]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1284.024811][ T1139]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1284.024837][ T1139]  ? do_raw_spin_unlock+0xf5/0x210
[ 1284.024860][ T1139]  ? __pfx_ext4_writepages+0x10/0x10
[ 1284.024898][ T1139]  do_writepages+0x32e/0x550
[ 1284.024935][ T1139]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1284.024962][ T1139]  ? reacquire_held_locks+0x104/0x190
[ 1284.024995][ T1139]  ? writeback_sb_inodes+0x477/0x1a20
[ 1284.025029][ T1139]  __writeback_single_inode+0x133/0x11a0
[ 1284.025061][ T1139]  ? do_raw_spin_unlock+0xf5/0x210
[ 1284.025087][ T1139]  writeback_sb_inodes+0x992/0x1a20
[ 1284.025133][ T1139]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1284.025163][ T1139]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1284.025206][ T1139]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1284.025232][ T1139]  ? rcu_is_watching+0x15/0xb0
[ 1284.025264][ T1139]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1284.025296][ T1139]  wb_writeback+0x456/0xb70
[ 1284.025327][ T1139]  ? queue_io+0x1d1/0x4a0
[ 1284.025360][ T1139]  ? __pfx_wb_writeback+0x10/0x10
[ 1284.025389][ T1139]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1284.025420][ T1139]  wb_workfn+0x414/0xf50
[ 1284.025446][ T1139]  ? look_up_lock_class+0x57/0x110
[ 1284.025489][ T1139]  ? __pfx_wb_workfn+0x10/0x10
[ 1284.025515][ T1139]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1284.025541][ T1139]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1284.025565][ T1139]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1284.025588][ T1139]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1284.025618][ T1139]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1284.025647][ T1139]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1284.025674][ T1139]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1284.025702][ T1139]  ? process_scheduled_works+0xa25/0x1830
[ 1284.025732][ T1139]  ? process_scheduled_works+0xa25/0x1830
[ 1284.025762][ T1139]  process_scheduled_works+0xb02/0x1830
[ 1284.025807][ T1139]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1284.025840][ T1139]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1284.025866][ T1139]  ? assign_work+0x3d5/0x5e0
[ 1284.025964][ T1139]  worker_thread+0xa50/0xfc0
[ 1284.026008][ T1139]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1284.026041][ T1139]  kthread+0x388/0x470
[ 1284.026064][ T1139]  ? __pfx_worker_thread+0x10/0x10
[ 1284.026094][ T1139]  ? __pfx_kthread+0x10/0x10
[ 1284.026116][ T1139]  ret_from_fork+0x51e/0xb90
[ 1284.026148][ T1139]  ? __pfx_ret_from_fork+0x10/0x10
[ 1284.026178][ T1139]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1284.026205][ T1139]  ? __switch_to+0xc7d/0x1450
[ 1284.026234][ T1139]  ? __pfx_kthread+0x10/0x10
[ 1284.026256][ T1139]  ret_from_fork_asm+0x1a/0x30
[ 1284.026301][ T1139]  </TASK>
[ 1284.581508][ T1139] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[ 1284.594786][ T1139] EXT4-fs (loop4): This should not happen!! Data will be lost
[ 1284.594786][ T1139] 
[ 1284.606182][ T1139] EXT4-fs (loop4): Total free blocks count 0
[ 1284.612509][ T1139] EXT4-fs (loop4): Free/Dirty block details
[ 1284.618431][ T1139] EXT4-fs (loop4): free_blocks=4096
[ 1284.623989][ T1139] EXT4-fs (loop4): dirty_blocks=512
[ 1284.629439][ T1139] EXT4-fs (loop4): Block reservation details
[ 1284.635495][ T1139] EXT4-fs (loop4): i_reserved_data_blocks=32
[ 1284.645385][ T1139] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 480 with error 28
[ 1284.663732][ T6348] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1284.676852][ T6348] usb 4-1: New USB device found, idVendor=2040, idProduct=2000, bcdDevice=65.72
[ 1284.723589][ T6348] usb 4-1: New USB device strings: Mfr=151, Product=0, SerialNumber=0
[ 1284.737956][ T6348] usb 4-1: Manufacturer: syz
[ 1284.749528][ T6348] usb 4-1: config 0 descriptor??
[ 1284.774885][ T6348] smsusb:smsusb_probe: board id=9, interface number 0
[ 1284.783247][ T6348] smsusb:smsusb_probe: Device initialized with return code -19
[ 1284.969325][ T6348] usb 4-1: USB disconnect, device number 10
[ 1284.981293][T27580] usb 39-1: recv xbuf, 0
[ 1284.988716][T30243] vhci_hcd vhci_hcd.3: stop threads
[ 1284.993969][T30243] vhci_hcd vhci_hcd.3: release socket
[ 1284.999727][T30243] vhci_hcd vhci_hcd.3: disconnect device
[ 1285.051726][ T5947] vhci_hcd vhci_hcd.3: vhci_device speed not set